MPC Cleaner entfernen - bitte helft mir!

VVelte · 13.08.2016, 17:38

Hi,
ich habe schon alles Mögliche versucht, komme aber nicht weiter. (Bin kein Profi

)
Bei irgendeinem Download habe ich mir den MPC Cleaner eingefangen. Dieser nervt total mit seiner dauernden "Hilfe".
In der Systemsteuerung lässt er sich nicht deinstallieren und auch die Dateien im Ordner lassen sich nicht löschen.

Wie kann ich die Malware deinstallieren?

Schonmal vielen Dank im Vorraus
Vincent

cosinus · 13.08.2016, 19:03

Zitat:

ich habe schon alles Mögliche versucht

Was genau? Logs dazu vorhanden? Wenn ja, alles bisherige schon posten. Noch keine neuen Scans machen!

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

VVelte · 13.08.2016, 20:26

Ich habe nur mit Anti Virus und Anti Malware Programmen (AdwCleaner, CCleaner, Malewarebytes, McAfee und Avira) Scans durchgeführt und dann versucht die Malware zu löschen. Das hat mit keinem der Programme funktioniert. Auch in die Quarantäne konnte ich es nicht packen.
Außerdem habe ich probiert die Dateien im Programmordner zu löschen, was auch nicht möglich war (Nicht die nötigen Rechte, obwohl ich Admin bin).
Im Ordner gab es auch kein Uninstall.exe oder ähnliches.
Logs sind nicht vorhanden.

Schonmal vielen Dank für die schnelle Antwort
Vincent

cosinus · 13.08.2016, 20:28

Zitat:

Logs sind nicht vorhanden.

Das ist doch totaler Quatsch. Die von dir genannten Tools erstellen IMMER Logfiles.

VVelte · 13.08.2016, 20:31

Zitat:

Zitat von cosinus

Das ist doch totaler Quatsch. Die von dir genannten Tools erstellen IMMER Logfiles.

Oh, ok. Wie gesagt, ich hab nicht viel Ahnung.

cosinus · 13.08.2016, 20:34

Malwarebytes: Im Programm unter Verlauf => Anwendungsprotokolle. Von dort alle Scan-Protokolle posten. Und das bitte im TXT-Format.

adwCleaner: alle Logs sind in C:\AdwCleaner zu finden

VVelte · 13.08.2016, 20:40

Danke für die Erklärung. Hier die Protokolle:
Von Malwarebytes:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malware Protection, Starting, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malware Protection, Started, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Starting, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Started, 
Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Remediation Database, 2016.2.12.1, 2016.8.8.2, 
Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, IP Database, 2016.2.8.1, 2016.8.11.1, 
Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Rootkit Database, 2016.2.8.1, 2016.8.9.1, 
Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Domain Database, 2016.2.16.8, 2016.8.12.4, 
Update, 12.08.2016 22:38, SYSTEM, VINCENT, Manual, Malware Database, 2016.2.16.6, 2016.8.12.10, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Refresh, Starting, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Stopping, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Stopped, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Refresh, Success, 
Protection, 12.08.2016 22:38, SYSTEM, VINCENT, Protection, Malicious Website Protection, Starting, 
Protection, 12.08.2016 22:39, SYSTEM, VINCENT, Protection, Malicious Website Protection, Started, 
Detection, 12.08.2016 22:39, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:39, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:40, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:40, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:53, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:53, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:53, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:54, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:54, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:54, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 22:57, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 23:01, SYSTEM, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 23:01, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]
Detection, 12.08.2016 23:01, VincentV, VINCENT, Protection, Malware-Schutz, Datei, PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Quarantine Failed, 5, Zugriff verweigert  , [31094dfdb0ea2a0c98c0e4ae7a87d52b]

(end)

Und vom AdwCleaner:

Code:

ATTFilter

# AdwCleaner v6.000 - Logfile created 13/08/2016 at 10:10:06
# Updated on 12/08/2016 by ToolsLib
# Database : 2016-08-12.4 [Server]
# Operating System : Windows 8.1  (X64)
# Username : VincentV - VINCENT
# Running from : C:\Users\VincentV\AppData\Local\Microsoft\Windows\INetCache\IE\730NSLY7\adwcleaner_6.000.exe
# Mode: Scan
# Support : https://toolslib.net/forum



***** [ Services ] *****

Service Found:  mewumilyzbt
Service Found:  MPCProtectService
Service Found:  MPCKpt
Service Found:  UncheckitSvc
Service Found:  cktSvc


***** [ Folders ] *****

Folder Found:  C:\ProgramData\CwinpC
Folder Found:  C:\ProgramData\DwinpD
Folder Found:  C:\ProgramData\hwinph
Folder Found:  C:\ProgramData\jwinpj
Folder Found:  C:\ProgramData\zwinpz
Folder Found:  C:\Users\VincentV\AppData\Local\Nobean
Folder Found:  C:\Users\VincentV\AppData\Local\Toolrain
Folder Found:  C:\Users\VincentV\AppData\Roaming\eCyber
Folder Found:  C:\Users\VincentV\AppData\Roaming\FLV and Media Player
Folder Found:  C:\Users\VincentV\AppData\Roaming\qksee
Folder Found:  C:\Users\VincentV\AppData\Roaming\WinZiper
Folder Found:  C:\Users\VincentV\AppData\Roaming\MCorp
Folder Found:  C:\Users\VincentV\AppData\Roaming\Uncheckit
Folder Found:  C:\ProgramData\Uncheckit
Folder Found:  C:\ProgramData\Nobean
Folder Found:  C:\ProgramData\Toolrain
Folder Found:  C:\ProgramData\ChelfNotify
Folder Found:  C:\ProgramData\uckt
Folder Found:  C:\ProgramData\Application Data\Uncheckit
Folder Found:  C:\ProgramData\Application Data\Nobean
Folder Found:  C:\ProgramData\Application Data\Toolrain
Folder Found:  C:\ProgramData\Application Data\ChelfNotify
Folder Found:  C:\ProgramData\Application Data\uckt
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qksee
Folder Found:  C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uncheckit
Folder Found:  C:\Program Files (x86)\MPC Cleaner
Folder Found:  C:\Program Files (x86)\TXQQBrowser
Folder Found:  C:\Program Files (x86)\Toolrain
Folder Found:  C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Uncheckit
Folder Found:  C:\Users\VincentV\AppData\Roaming\MCorp


***** [ Files ] *****

File Found:  C:\Windows\SysNative\log\iSafeKrnlCall.log
File Found:  C:\Windows\SysNative\drivers\MPCKpt.sys


***** [ DLL ] *****

No malicious DLLs found.


***** [ WMI ] *****

No malicious keys found.


***** [ Shortcuts ] *****

No infected shortcut found.


***** [ Scheduled Tasks ] *****

Task Found:  Browser Updater Task(Core)
Task Found:  UncheckitTaskMN
Task Found:  UncheckitUpdateTaskC
Task Found:  UncheckitUpdateTaskDB
Task Found:  ChelfNotify Task


***** [ Registry ] *****

Key Found:  HKLM\SOFTWARE\Classes\WinZippers.001
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.7z
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.arj
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.bz2
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.bzip2
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.cab
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.cpio
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.deb
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.dmg
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.fat
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.gz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.gzip
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.hfs
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.iso
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.lha
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.lzh
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.lzma
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.ntfs
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.rar
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.rpm
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.squashfs
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.swm
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.tar
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.taz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.tbz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.tbz2
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.tgz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.tpz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.txz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.vhd
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.wim
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.xar
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.xz
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.z
Key Found:  HKLM\SOFTWARE\Classes\WinZippers.zip
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\winzipersvc
Key Found:  HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\qkseeService
Key Found:  [x64] HKLM\SOFTWARE\Classes\CLSID\{98C066AB-D735-4339-9E52-A34875141B56}
Key Found:  [x64] HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found:  HKU\.DEFAULT\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found:  HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\OCS
Key Found:  HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Uncheckit
Key Found:  HKU\S-1-5-18\Software\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found:  HKCU\Software\OCS
Key Found:  HKCU\Software\Uncheckit
Key Found:  HKLM\SOFTWARE\hdcode
Key Found:  HKLM\SOFTWARE\MPC
Key Found:  HKLM\SOFTWARE\qkseeSvc
Key Found:  HKLM\SOFTWARE\qksee
Key Found:  HKLM\SOFTWARE\{8C4CE252-7DB2-4F8E-8E76-BAD0E5826A83}
Key Found:  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\qksee
Data Found:  HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
Data Found:  HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
Data Found:  HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] - hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\mpc.am
Key Found:  HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\search.mpc.am
Key Found:  HKLM\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\WinZipper
Key Found:  HKLM\SOFTWARE\Classes\Folder\shellex\ContextMenuHandlers\WinZipper
Key Found:  HKLM\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\WinZipper


***** [ Web browsers ] *****

No malicious Firefox based browser items found.
No malicious Chromium based browser items found.

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [4402 Bytes] - [29/04/2016 18:06:57]
C:\AdwCleaner\AdwCleaner[C2].txt - [5278 Bytes] - [16/06/2016 17:37:16]
C:\AdwCleaner\AdwCleaner[S1].txt - [6778 Bytes] - [29/04/2016 18:02:02]
C:\AdwCleaner\AdwCleaner[S2].txt - [6020 Bytes] - [16/06/2016 17:29:31]
C:\AdwCleaner\AdwCleaner[S3].txt - [7688 Bytes] - [13/08/2016 10:10:06]

########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [7761 Bytes] ##########

cosinus · 13.08.2016, 21:09

Du solltest die Scan-Protokolle von Malwarebytes posten, keine Schutz-Protokolle.

VVelte · 13.08.2016, 21:13

Es ist nur das Schutzprotokoll vorhanden. Obwohl ich Scans durchgeführt habe.

cosinus · 13.08.2016, 21:32

Versteh ich nicht, was ist denn immer bei euch mit Malwarebytes los

Ein anderer Hilfesuchender meinte auch, dass MBAM so ein Log nicht gespeichert habe. Ich hab eben selbst getestet in einer VM. Das Log ist vorhanden. Automatisch.

Schau mal bitte in diesem Ordner nach Logs => C:\ProgramData\Malwarebytes\ Malwarebytes Anti-Malware \Logs

VVelte · 13.08.2016, 21:40

Da ist leider auch nichts vorhanden.

cosinus · 14.08.2016, 13:01

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

VVelte · 14.08.2016, 15:58

Biddeschön

:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 11-08-2016 01
durchgeführt von VincentV (Administrator) auf VINCENT (14-08-2016 16:51:38)
Gestartet von C:\Users\VincentV\Desktop
Geladene Profile: VincentV &  (Verfügbare Profile: VincentV)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Visicom Media Inc.) C:\ProgramData\ManyCam\Service\ManyCamService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\systemcore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(McAfee, Inc.) C:\Program Files\mcafee\msc\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSmartGestureDetector64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\McCSPServiceHost.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\Adobe Installer.exe
() C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\platform\McUICnt.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\livecomm.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-13] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-07-20] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2380480 2016-07-18] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [67384 2016-07-05] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-06-02] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-07-25] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [831064 2016-07-18] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [Chromium] => "c:\users\vincentv\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session
HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [DelayShred] => c:\Program Files\mcafee\mqs\ShrCL.exe [300640 2016-05-04] (McAfee, Inc.) <===== ACHTUNG
HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-14] (BlueStack Systems, Inc.)
HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\Run: [GoogleChromeAutoLaunch_3725D6833F0C78E578CAEB3E6A038B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-03] (Google Inc.)
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chromium] => "c:\users\vincentv\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DelayShred] => c:\Program Files\mcafee\mqs\ShrCL.exe [300640 2016-05-04] (McAfee, Inc.) <===== ACHTUNG
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-14] (BlueStack Systems, Inc.)
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_3725D6833F0C78E578CAEB3E6A038B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-03] (Google Inc.)
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Chromium] => "c:\users\vincentv\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session --restore-last-session
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8721624 2016-05-13] (Piriform Ltd)
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [DelayShred] => c:\Program Files\mcafee\mqs\ShrCL.exe [300640 2016-05-04] (McAfee, Inc.) <===== ACHTUNG
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [974360 2016-07-14] (BlueStack Systems, Inc.)
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [GoogleChromeAutoLaunch_3725D6833F0C78E578CAEB3E6A038B6B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1152840 2016-08-03] (Google Inc.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-05-22] ()
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 172.16.254.254
Tcpip\..\Interfaces\{A2B1C5A6-2C88-4D9D-B6C9-1C9FBC8B873D}: [DhcpNameServer] 172.16.254.254

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.attirerpage.com/search/?type=ds&ts=1467117776&z=6c8bca499b301d690d044f2g5z6q9m4g1g6m5m2o3z&from=ihpm0627&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.nuesearch.com/search/?type=ds&ts=1469466400&z=21e223b3f0c97db3c281da1g7zccaefozzjcktmlma&from=ihpm0722&uid=KINGSTONXRBU-SC100S37240GE_50026B724B02A624&q={searchTerms}
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-24] (Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-24] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\msc\McSnIePl64.dll [2016-05-24] (McAfee, Inc.)
Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\msc\McSnIePl.dll [2016-05-24] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2016-05-24] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2016-04-24] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-07-18] (Adobe Systems)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2013-12-18] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-24] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-24] (Oracle Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [2016-05-24] ()
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2016-04-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-08-13] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-07-18] (Adobe Systems)
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-13]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2016-07-12] [ist nicht signiert]

Chrome: 
=======
CHR HomePage: ChromeDefaultData -> hxxps://www.google.de/
CHR StartupUrls: ChromeDefaultData -> "hxxp://websearch.thesearchpage.info/?pid=2457&r=2015/01/27&hid=16449104463697224960&lg=EN&cc=DE&unqvl=74","hxxp://www.bing.com/search?FORM=INCOH1&PC=IC02","hxxp://www.mystartsearch.com/?type=hp&ts=1438850670&z=81f9e3b06a606417e8c8eedgaz2c2bcb0wce7q2e3e&from=cvs&uid=ST500LM011XHM501II_S24QJ9FC613279","hxxp://d2ucfwpxlh3zh3.cloudfront.net/?ts=AHEqBHYtCHMkBE..&v=20160614&uid=C482625F2F8A9F5376FAF8350D9B0CDA&ptid=epf1&mode=loadm","search.mpc.am"
CHR Profile: C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
CHR Extension: (Google Präsentationen) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-04-24]
CHR Extension: (Google Docs) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-04-24]
CHR Extension: (Google Drive) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-24]
CHR Extension: (Adblock Plus) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-28]
CHR Extension: (Google Tabellen) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-04-24]
CHR Extension: (Avira Browserschutz) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-08-13]
CHR Extension: (Google Docs Offline) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-24]
CHR Extension: (McAfee SECURE Safe Browsing) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lkdiimaiohgpacfbgedcipmgigppaofn [2016-08-13]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-24]
CHR Extension: (Google Mail) - C:\Users\VincentV\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-24]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-07]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-07]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iigcbafcnfakaokfjaplokfbgmjldpfg] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [741568 2016-07-18] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2159832 2016-08-10] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [472112 2016-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [472112 2016-07-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1453696 2016-07-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [Datei ist nicht signiert]
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1097488 2016-07-20] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [319648 2016-07-25] (Avira Operations GmbH & Co. KG)
S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-07-14] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [421400 2016-07-14] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [458264 2016-07-14] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1037568 2014-09-18] (Intel Corporation)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HomeNetSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [344976 2014-12-15] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [158496 2015-01-06] (Intel Corporation)
R2 ManyCam Service; C:\ProgramData\ManyCam\Service\ManyCamService.exe [544984 2016-03-31] (Visicom Media Inc.)
R4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-07-29] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [989192 2016-05-24] (McAfee, Inc.)
S3 McAWFwk; c:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [332528 2014-03-12] (McAfee, Inc.)
R2 mcbootdelaystartsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.741.0\\McCSPServiceHost.exe [1903320 2016-04-18] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
S3 McODS; C:\Program Files\mcafee\VirusScan\mcods.exe [795528 2016-04-20] (McAfee, Inc.)
S4 McOobeSv2; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\McAfee\platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-03-07] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-04-01] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-03-07] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1424352 2016-04-21] (McAfee, Inc.)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-06-15] (DotC United Inc)
R2 MSK80Service; C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [599864 2016-04-23] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-13] (NVIDIA Corporation)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1029856 2016-04-21] (Intel Security, Inc.)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1072296 2016-08-11] (Enigma Software Group USA, LLC.)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-10-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-10-29] (Microsoft Corporation)
S2 0267091471075557mcinstcleanup; C:\Windows\TEMP\026709~1.EXE -cleanup -nolog [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [4221952 2014-09-09] (Qualcomm Atheros Communications, Inc.)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-09-19] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-07-18] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-07-18] (Avira Operations GmbH & Co. KG)
S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-07-14] (BlueStack Systems)
S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [270904 2016-07-14] (Bluestack System Inc. )
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [78632 2016-03-11] (McAfee, Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [38720 2014-09-18] (Intel Corporation)
R3 dptf_pch; C:\Windows\System32\drivers\dptf_pch.sys [38208 2014-09-18] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2016-08-11] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-08-11] ()
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [216360 2014-09-18] (Intel Corporation)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [207968 2016-02-24] (McAfee, Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79016 2014-08-26] (Intel Corporation)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [17280 2012-08-06] ( )
R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-08-14] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2015-01-06] (Intel Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [419624 2016-03-11] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [349480 2016-03-11] (McAfee, Inc.)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [83608 2016-03-11] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [493352 2016-03-11] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [842536 2016-03-11] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [543488 2016-02-10] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [109480 2016-02-10] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [243496 2016-03-11] (McAfee, Inc.)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-06-15] (DotC United Inc)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [35856 2014-10-29] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [257880 2014-10-29] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-10-29] (Microsoft Corporation)
U0 msahci; system32\drivers\msahci.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-14 16:51 - 2016-08-14 16:53 - 00037806 _____ C:\Users\VincentV\Desktop\FRST.txt
2016-08-14 16:51 - 2016-08-14 16:51 - 00000000 ____D C:\FRST
2016-08-14 16:50 - 2016-08-14 16:50 - 02393600 _____ (Farbar) C:\Users\VincentV\Desktop\FRST64.exe
2016-08-13 21:28 - 2016-08-13 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee
2016-08-13 14:41 - 2016-08-13 14:41 - 00002281 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-13 14:41 - 2016-08-13 14:41 - 00002269 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-13 14:40 - 2016-08-13 14:50 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-13 14:40 - 2016-08-13 14:45 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-13 10:59 - 2016-08-14 16:48 - 00000165 _____ C:\Users\VincentV\AppData\Roaming\sp_data.sys
2016-08-13 10:58 - 2016-08-13 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-08-13 10:09 - 2016-08-13 10:09 - 00000000 ____D C:\Users\VincentV\AppData\Local\GHISLER
2016-08-13 10:07 - 2016-08-13 10:08 - 00000000 ____D C:\totalcmd
2016-08-13 10:07 - 2016-08-13 10:07 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\GHISLER
2016-08-12 22:38 - 2016-08-14 13:26 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-08-12 22:37 - 2016-08-12 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-08-12 22:37 - 2016-08-12 22:37 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-12 22:37 - 2016-08-12 22:37 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-08-12 22:37 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-08-12 22:37 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-08-12 22:37 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-08-12 22:27 - 2016-08-12 22:27 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Avira
2016-08-12 22:22 - 2016-07-18 16:23 - 00154392 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-08-12 22:22 - 2016-07-18 16:23 - 00144664 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-08-12 22:22 - 2016-07-18 16:23 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2016-08-12 22:22 - 2016-07-18 16:23 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2016-08-12 22:04 - 2016-08-12 22:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-08-12 22:04 - 2016-08-12 22:22 - 00000000 ____D C:\ProgramData\Avira
2016-08-12 22:04 - 2016-08-12 22:22 - 00000000 ____D C:\Program Files (x86)\Avira
2016-08-12 22:04 - 2016-08-12 22:04 - 00001228 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-08-11 22:01 - 2016-08-11 22:01 - 00000000 _____ C:\autoexec.bat
2016-08-11 22:00 - 2016-08-11 22:00 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Enigma Software Group
2016-08-11 22:00 - 2016-08-11 22:00 - 00000000 ____D C:\sh4ldr
2016-08-11 21:59 - 2016-08-11 21:59 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-08-11 21:59 - 2016-08-11 21:59 - 00000000 ____D C:\Program Files\Enigma Software Group
2016-08-11 21:58 - 2016-08-11 21:58 - 03516080 _____ (Enigma Software Group USA, LLC.) C:\Users\VincentV\Downloads\SpyHunter-Installer.exe
2016-08-10 08:05 - 2016-08-10 08:05 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\dvdcss
2016-08-09 19:06 - 2016-08-09 19:06 - 00001254 _____ C:\Users\VincentV\AppData\Local\recently-used.xbel
2016-08-09 17:03 - 2016-08-09 17:11 - 00000000 ____D C:\Users\VincentV\AppData\Local\RawTherapee
2016-08-09 17:03 - 2016-08-09 17:03 - 00000000 ____D C:\Users\VincentV\AppData\Local\gtk-3.0
2016-08-09 17:02 - 2016-08-09 17:03 - 00000000 ____D C:\Program Files\RawTherapee-4.2.1074
2016-08-09 17:02 - 2016-08-09 17:02 - 00000000 ____D C:\Users\VincentV\Downloads\RawTherapee_WinVista_64_Gtk3_Release_4.2.1074
2016-08-09 16:58 - 2016-08-09 16:58 - 19690929 _____ C:\Users\VincentV\Downloads\RawTherapee_WinVista_64_Gtk3_Release_4.2.1074.zip
2016-08-09 16:57 - 2016-08-09 16:57 - 01474568 _____ C:\Users\VincentV\Downloads\RAW Therapee 64 Bit - CHIP-Installer.exe
2016-08-08 19:53 - 2016-08-08 19:53 - 00000000 ____D C:\Users\VincentV\AppData\Local\ManyCam
2016-08-08 19:53 - 2016-08-08 19:53 - 00000000 ____D C:\ProgramData\ManyCam
2016-08-08 19:52 - 2016-08-08 19:53 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\ManyCam
2016-08-08 19:52 - 2016-08-08 19:53 - 00000000 ____D C:\Program Files (x86)\ManyCam
2016-08-08 19:50 - 2016-08-08 19:50 - 00603640 _____ (Visicom Media inc.) C:\Users\VincentV\Downloads\ManyCamWebInstaller.exe
2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\iMobie
2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\Users\VincentV\AppData\Local\iMobie_Inc
2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMobie
2016-08-08 17:29 - 2016-08-08 17:29 - 00000000 ____D C:\Program Files (x86)\iMobie
2016-08-08 17:28 - 2016-08-08 17:28 - 01074592 _____ (iMobie Inc.) C:\Users\VincentV\Downloads\anytrans-setup.exe
2016-08-08 17:02 - 2016-08-08 17:02 - 00000000 ____D C:\Users\VincentV\AppData\Local\Apple Computer
2016-08-08 17:02 - 2016-08-08 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-08-08 17:01 - 2016-08-08 17:02 - 00000000 ____D C:\Program Files\iTunes
2016-08-08 17:01 - 2016-08-08 17:01 - 00000000 ____D C:\Program Files\iPod
2016-08-08 17:01 - 2016-08-08 17:01 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-08-08 17:00 - 2016-08-08 17:00 - 00000000 ____D C:\Program Files\Bonjour
2016-08-08 17:00 - 2016-08-08 17:00 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-08-08 17:00 - 2016-08-08 17:00 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2016-08-08 16:59 - 2016-08-08 17:01 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-08-08 16:29 - 2016-08-08 16:31 - 170493768 _____ (Apple Inc.) C:\Users\VincentV\Downloads\iTunes6464Setup.exe
2016-08-08 16:26 - 2016-08-08 16:26 - 00000000 ____D C:\Users\VincentV\Documents\Xilisoft
2016-08-08 16:26 - 2016-08-08 16:26 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Xilisoft
2016-08-08 16:25 - 2016-08-08 16:25 - 00000000 ____D C:\ProgramData\Xilisoft
2016-08-08 16:25 - 2016-08-08 16:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xilisoft
2016-08-08 16:25 - 2016-08-08 16:25 - 00000000 ____D C:\Program Files (x86)\Xilisoft
2016-08-08 16:21 - 2016-08-08 16:23 - 76829592 _____ C:\Users\VincentV\Downloads\x-ipad-magic-platinum-de.exe
2016-08-06 18:43 - 2016-08-06 18:43 - 00000000 ____D C:\Users\VincentV\Documents\LightZone
2016-08-06 18:43 - 2016-08-06 18:43 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\LightZone
2016-08-06 18:41 - 2016-08-06 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LightZone
2016-08-06 18:41 - 2016-08-06 18:41 - 00000000 ____D C:\Program Files (x86)\LightZone
2016-08-06 18:34 - 2016-08-06 18:34 - 01474568 _____ C:\Users\VincentV\Downloads\LightZone - CHIP-Installer.exe
2016-08-06 18:19 - 2016-08-06 18:19 - 00001231 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-08-06 18:18 - 2015-08-22 15:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2016-08-06 18:18 - 2015-08-22 15:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2016-08-06 18:10 - 2016-08-06 18:10 - 00000095 _____ C:\SILENT
2016-08-06 18:10 - 2016-08-06 18:10 - 00000000 ____D C:\Program Files (x86)\LottaDeals
2016-08-06 18:08 - 2016-08-06 18:09 - 00574328 _____ C:\Users\VincentV\Downloads\adobe-photoshop-lightroom-6-setup.exe
2016-07-29 09:42 - 2016-07-26 13:46 - 00011916 _____ C:\Users\VincentV\Documents\untitled_0.odt
2016-07-27 12:00 - 2016-07-27 12:00 - 01857449 _____ C:\Users\VincentV\Downloads\magiclantern-Nightly.2016Jul09.700D114.zip
2016-07-27 10:04 - 2016-07-27 10:04 - 00000000 ___HD C:\$Windows.~WS
2016-07-26 12:08 - 2016-08-13 09:42 - 00000000 ____D C:\ProgramData\jwinpj
2016-07-26 12:08 - 2016-07-26 12:08 - 00000000 ____D C:\Program Files (x86)\y6074zvd
2016-07-26 10:02 - 2016-07-26 10:02 - 00000017 _____ C:\Users\VincentV\AppData\Local\resmon.resmoncfg
2016-07-25 19:06 - 2016-08-13 09:44 - 00000000 ____D C:\Windows\SysWOW64\_SSpm
2016-07-25 14:50 - 2016-07-25 14:50 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-07-25 13:48 - 2016-07-25 13:48 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Samsung
2016-07-25 13:48 - 2016-07-25 13:48 - 00000000 ____D C:\Users\VincentV\AppData\Local\Samsung
2016-07-25 13:48 - 2016-07-25 13:48 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-07-25 13:47 - 2016-07-25 13:47 - 00000000 ____D C:\Users\VincentV\Documents\samsung
2016-07-25 13:40 - 2016-07-25 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-07-25 13:40 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2016-07-25 13:40 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2016-07-25 13:39 - 2016-07-25 13:46 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-07-25 13:39 - 2016-07-25 13:45 - 00000000 ____D C:\ProgramData\Samsung
2016-07-25 13:37 - 2016-07-25 13:42 - 190959600 _____ C:\Users\VincentV\Downloads\cm-11-20131210-UNOFFICIAL-i9100.zip
2016-07-25 13:37 - 2016-07-25 13:37 - 18351154 _____ C:\Users\VincentV\Downloads\11-7_GApps_Core_4.4_signed.zip
2016-07-25 13:37 - 2016-07-25 13:37 - 00000000 ____D C:\Users\VincentV\AppData\Local\Downloaded Installations
2016-07-25 13:35 - 2016-07-25 13:36 - 71346304 _____ (Samsung Electronics Co., Ltd.) C:\Users\VincentV\Downloads\KiesSetup.exe
2016-07-25 13:33 - 2016-07-25 13:33 - 01474568 _____ C:\Users\VincentV\Downloads\Samsung Kies - CHIP-Installer (1).exe
2016-07-25 13:28 - 2016-07-25 13:28 - 01474568 _____ C:\Users\VincentV\Downloads\Samsung Kies - CHIP-Installer.exe
2016-07-22 05:51 - 2016-07-22 05:51 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-07-22 05:51 - 2016-07-22 05:51 - 00716928 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-07-22 05:51 - 2016-07-22 05:51 - 00164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2016-07-22 05:51 - 2016-07-22 05:51 - 00130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys
2016-07-21 11:27 - 2016-07-21 11:27 - 00000000 ____D C:\Users\VincentV\Downloads\thin_king
2016-07-21 11:26 - 2016-07-21 11:26 - 00356878 _____ C:\Users\VincentV\Downloads\thin_king.zip
2016-07-21 10:24 - 2016-07-26 12:08 - 00003446 _____ C:\Windows\System32\Tasks\ChelfNotify Task
2016-07-21 10:24 - 2016-07-21 10:24 - 00000000 ____D C:\ProgramData\DwinpD
2016-07-21 10:24 - 2016-07-21 10:24 - 00000000 ____D C:\ProgramData\ChelfNotify
2016-07-16 17:18 - 2016-08-12 22:10 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Mozilla
2016-07-16 17:18 - 2016-07-16 17:18 - 00000000 ____D C:\Users\VincentV\AppData\Local\Macromedia
2016-07-16 17:17 - 2016-07-16 17:18 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-16 17:17 - 2016-07-16 17:17 - 00001840 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BlueStacks.lnk
2016-07-16 17:16 - 2016-07-16 17:17 - 00000000 ____D C:\Program Files (x86)\Bluestacks
2016-07-16 17:16 - 2016-07-16 17:16 - 00000000 ____D C:\ProgramData\Bluestacks
2016-07-16 17:13 - 2016-07-16 17:13 - 00000000 ____D C:\Users\VincentV\AppData\Local\Bluestacks
2016-07-16 17:07 - 2016-07-16 17:11 - 278906024 _____ (BlueStack Systems Inc.) C:\Users\VincentV\Downloads\BlueStacks2_native_58b7ba3fc66e5c6daf7eec0a561509ce.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-14 16:51 - 2016-04-24 12:04 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{1FF72558-AFAA-4D6F-9DD2-89CDCC764CF2}
2016-08-14 16:48 - 2016-04-24 13:04 - 00000000 ____D C:\Users\VincentV\AppData\Local\Adobe
2016-08-14 13:57 - 2016-04-25 18:57 - 00000935 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job
2016-08-14 13:57 - 2016-04-25 18:57 - 00000749 _____ C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job
2016-08-14 13:57 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp
2016-08-14 13:25 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-08-13 21:44 - 2016-04-24 12:03 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-547049573-1155005164-433595549-1001
2016-08-13 16:10 - 2016-05-10 14:10 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\MuseScore
2016-08-13 15:53 - 2016-04-24 13:53 - 00000000 ____D C:\Program Files\Common Files\Adobe
2016-08-13 15:53 - 2016-04-24 13:41 - 00000000 ____D C:\Program Files\Adobe
2016-08-13 15:53 - 2016-04-24 11:58 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Adobe
2016-08-13 15:52 - 2016-04-26 15:54 - 00000000 ___RD C:\Users\VincentV\Creative Cloud Files
2016-08-13 15:52 - 2016-04-24 13:41 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-08-13 15:10 - 2016-04-24 13:31 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-08-13 14:45 - 2016-04-24 12:06 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-08-13 14:45 - 2016-04-24 12:06 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-08-13 14:41 - 2016-04-24 12:06 - 00000000 ____D C:\Program Files (x86)\Google
2016-08-13 14:35 - 2016-04-24 12:19 - 00003480 _____ C:\Windows\System32\Tasks\ASUS Live Update1
2016-08-13 14:35 - 2016-04-24 12:19 - 00003470 _____ C:\Windows\System32\Tasks\ASUS Live Update2
2016-08-13 11:05 - 2014-10-29 14:02 - 00767018 _____ C:\Windows\system32\perfh007.dat
2016-08-13 11:05 - 2014-10-29 14:02 - 00159786 _____ C:\Windows\system32\perfc007.dat
2016-08-13 11:05 - 2014-03-18 17:26 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2016-08-13 10:59 - 2016-04-24 15:44 - 00000000 ___RD C:\Users\VincentV\OneDrive
2016-08-13 10:59 - 2016-04-24 12:04 - 00001539 _____ C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AsusSmartGestureDetector.lnk
2016-08-13 10:57 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-08-13 10:10 - 2016-04-29 17:59 - 00000000 ____D C:\AdwCleaner
2016-08-13 09:42 - 2016-07-04 14:39 - 00000000 ____D C:\ProgramData\hwinph
2016-08-13 09:42 - 2016-06-29 13:11 - 00000000 ____D C:\ProgramData\zwinpz
2016-08-12 22:39 - 2016-04-26 18:41 - 00000000 ____D C:\Users\VincentV\AppData\Local\CrashDumps
2016-08-12 22:39 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\ModemLogs
2016-08-12 22:29 - 2016-06-21 14:56 - 00000170 _____ C:\Users\Public\Documents\report.dat
2016-08-12 22:27 - 2016-04-24 11:58 - 00000000 ____D C:\Users\VincentV
2016-08-12 22:27 - 2013-08-22 16:44 - 05296920 _____ C:\Windows\system32\FNTCACHE.DAT
2016-08-12 22:27 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2016-08-12 22:10 - 2016-06-15 16:07 - 00000000 ____D C:\Program Files (x86)\Arerack
2016-08-12 22:03 - 2014-10-29 08:25 - 00000000 ____D C:\ProgramData\Package Cache
2016-08-10 10:17 - 2016-05-01 21:30 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\vlc
2016-08-08 17:12 - 2016-04-29 20:14 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Apple Computer
2016-08-08 17:01 - 2016-04-26 16:16 - 00000000 ____D C:\ProgramData\Apple Computer
2016-08-08 17:00 - 2016-04-26 16:16 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-08-08 17:00 - 2016-04-26 16:16 - 00000000 ____D C:\ProgramData\Apple
2016-08-07 15:39 - 2016-05-18 07:28 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\FLV and Media Player
2016-08-07 14:48 - 2015-03-24 18:08 - 00000000 ____D C:\ProgramData\McAfee
2016-08-06 19:38 - 2016-05-10 16:55 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-06 18:43 - 2016-04-30 20:15 - 00000000 ____D C:\Users\VincentV\.oracle_jre_usage
2016-08-06 18:19 - 2016-04-24 13:33 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-08-06 18:18 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-08-06 18:16 - 2016-04-24 12:48 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-06 18:15 - 2016-04-24 12:51 - 00000000 ____D C:\Users\VincentV\AppData\Local\AvgSetupLog
2016-08-06 18:09 - 2016-04-24 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-07-28 12:54 - 2016-07-04 13:33 - 00002602 _____ C:\Users\VincentV\Downloads\Nein_ - Doch_ - Ohh__mp4.HDP
2016-07-27 16:53 - 2016-04-24 12:22 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2016-07-27 16:53 - 2016-04-24 12:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-07-27 16:50 - 2016-07-03 17:56 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Audacity
2016-07-27 16:47 - 2016-04-24 12:29 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\.minecraft
2016-07-27 10:15 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-27 10:05 - 2014-10-29 15:02 - 00000000 ____D C:\Windows\Panther
2016-07-27 10:02 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-07-27 10:01 - 2016-04-24 21:47 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-07-26 21:43 - 2013-08-22 17:36 - 00000000 ___HD C:\PerfLogs
2016-07-25 13:39 - 2015-03-24 17:45 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-21 13:59 - 2016-04-24 22:02 - 00000000 ____D C:\Users\VincentV\AppData\Roaming\Skype
2016-07-21 11:13 - 2014-10-29 08:25 - 00000000 ____D C:\ProgramData\Skype
2016-07-16 17:17 - 2013-08-22 17:36 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-15 12:09 - 2016-06-28 14:42 - 00000000 ____D C:\Windows\SysWOW64\_TSpm
2016-07-15 11:05 - 2016-05-10 16:55 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-24 13:55 - 2016-05-08 21:06 - 0000033 _____ () C:\Users\VincentV\AppData\Roaming\AdobeWLCMCache.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 6867968 _____ () C:\Users\VincentV\AppData\Roaming\agent.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 0054272 _____ () C:\Users\VincentV\AppData\Roaming\ApplicationHosting.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 0069072 _____ () C:\Users\VincentV\AppData\Roaming\Config.xml
2016-04-24 12:46 - 2016-04-24 12:46 - 0249211 _____ () C:\Users\VincentV\AppData\Roaming\inst.lat
2016-04-24 12:46 - 2016-06-15 17:23 - 0018288 _____ () C:\Users\VincentV\AppData\Roaming\InstallationConfiguration.xml
2016-04-24 12:46 - 2016-06-15 17:23 - 0128512 _____ () C:\Users\VincentV\AppData\Roaming\Installer.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 0072704 _____ () C:\Users\VincentV\AppData\Roaming\Itlex.tst
2016-06-15 17:23 - 2016-06-15 17:23 - 0126464 _____ () C:\Users\VincentV\AppData\Roaming\lobby.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 0018432 _____ () C:\Users\VincentV\AppData\Roaming\Main.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 0005568 _____ () C:\Users\VincentV\AppData\Roaming\md.xml
2016-06-15 17:23 - 2016-06-15 17:23 - 0126464 _____ () C:\Users\VincentV\AppData\Roaming\noah.dat
2016-06-15 17:23 - 2016-06-15 17:23 - 1760384 _____ () C:\Users\VincentV\AppData\Roaming\Roundity.tst
2016-08-13 10:59 - 2016-08-14 16:48 - 0000165 _____ () C:\Users\VincentV\AppData\Roaming\sp_data.sys
2016-05-12 15:49 - 2016-06-11 11:50 - 0000165 _____ () C:\Users\VincentV\AppData\Roaming\WB.CFG
2016-05-26 09:10 - 2016-05-26 09:10 - 0003584 _____ () C:\Users\VincentV\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-08-09 19:06 - 2016-08-09 19:06 - 0001254 _____ () C:\Users\VincentV\AppData\Local\recently-used.xbel
2016-07-26 10:02 - 2016-07-26 10:02 - 0000017 _____ () C:\Users\VincentV\AppData\Local\resmon.resmoncfg
2015-03-24 17:54 - 2015-03-24 17:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2014-10-29 08:25 - 2012-09-07 13:40 - 0000256 _____ () C:\ProgramData\SetStretch.cmd
2014-10-29 08:25 - 2009-07-22 12:04 - 0024576 _____ () C:\ProgramData\SetStretch.exe
2014-10-29 08:25 - 2012-09-07 13:37 - 0000103 _____ () C:\ProgramData\SetStretch.VBS

Dateien, die verschoben oder gelöscht werden sollten:
====================
c:\Program Files\mcafee\mqs\ShrCL.exe


Einige Dateien in TEMP:
====================
C:\Users\VincentV\AppData\Local\Temp\avgnt.exe
C:\Users\VincentV\AppData\Local\Temp\libeay32.dll
C:\Users\VincentV\AppData\Local\Temp\msvcr120.dll
C:\Users\VincentV\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-08-09 14:44

==================== Ende von FRST.txt ============================

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 11-08-2016 01
durchgeführt von VincentV (2016-08-14 16:53:52)
Gestartet von C:\Users\VincentV\Desktop
Windows 8.1 (Update) (X64) (2016-04-24 09:58:35)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-547049573-1155005164-433595549-500 - Administrator - Disabled)
Gast (S-1-5-21-547049573-1155005164-433595549-501 - Limited - Disabled)
VincentV (S-1-5-21-547049573-1155005164-433595549-1001 - Administrator - Enabled) => C:\Users\VincentV

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: McAfee Anti-Virus und Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: McAfee Firewall (Disabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.7.5.291 - Adobe Systems Incorporated)
Adobe Flash Player 21 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 21.0.0.242 - Adobe Systems Incorporated)
Adobe Media Encoder CC 2015 (HKLM-x32\...\{0FAC7130-BEC5-47A5-8813-1D339B8326ED}) (Version: 9.2.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7.1 64-bit (HKLM\...\{BC86B82C-8C0E-4408-9AC1-6B0F2D636963}) (Version: 5.7.1 - Adobe Systems Incorporated)
AnyTrans (HKLM-x32\...\AnyTrans) (Version: 4.9.6.0 - iMobie Inc.)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.1 - ASUS)
ASUS Screen Saver (HKLM-x32\...\{0FBEEDF8-30FA-4FA3-B31F-C9C7E7E8DFA2}) (Version: 2.0.8 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 3.0.8 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.05.0001 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.0.2 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0037 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.42 - ICEpower a/s)
AVG (HKLM\...\AvgZen) (Version: 1.82.2.30772 - AVG Technologies)
AVG Zen (Version: 1.82.2 - AVG Technologies) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.18.354 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{05f7f410-0274-45d0-91dc-712a62aadd96}) (Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.2.68.19138 - Avira Operations GmbH & Co. KG) Hidden
Blender (HKLM\...\{47A0EA10-D506-4473-AE99-5E07DD1062DE}) (Version: 2.77.1 - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.3.40.6019 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.10.0 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.10.0 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.10.0 - Canon Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.18 - Piriform)
DaVinci Resolve (HKLM\...\{6C60C7F5-DE14-4EEA-AA1D-650B9DC13E29}) (Version: 12.2.0013 - Blackmagic Design)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.18 - ASUSTek Computer Inc.)
EPSON XP-312 313 315 Series Printer Uninstall (HKLM\...\EPSON XP-312 313 315 Series) (Version:  - SEIKO EPSON Corporation)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FMW 1 (Version: 1.112.3 - AVG Technologies) Hidden
Foxit PhantomPDF (HKLM-x32\...\{FC76E6BB-7CBB-4CD6-8178-3BCADC0526C3}) (Version: 6.0.62.801 - Foxit Corporation)
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.1.3.2 - )
GameMaker-Studio 1.4 (HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
GameMaker-Studio 1.4 (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\GameMaker-Studio14) (Version:  - YoYo Games Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1017 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.0.10100.71 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.38.1036 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4062 - Intel Corporation)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
LightZone 4.1.6 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.1.6 - LightZone Project)
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{328343FF-0466-4E8D-88EB-53CE3150AE11}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2014 Premium (HKLM-x32\...\MX.{FBCA50BE-C022-45DA-9261-10230EC1012E}) (Version: 13.0.2.8 - MAGIX AG)
MAGIX Video deluxe 2014 Premium (Version: 13.0.2.8 - MAGIX AG) Hidden
ManyCam 5.3.0 (HKLM-x32\...\ManyCam) (Version: 5.3.0 - Visicom Media Inc.)
McAfee LiveSafe   (HKLM-x32\...\MSC) (Version: 14.0.9042 - McAfee, Inc.)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.233 - McAfee, Inc.)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-547049573-1155005164-433595549-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MuseScore 2 (HKLM-x32\...\{4F0E15EA-F64C-11E5-9992-E717EA7DB0C8}) (Version: 2.0.3 - Werner Schweer and Others)
NVIDIA Graphics Driver 345.05 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 345.05 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
qksee (HKLM-x32\...\qksee) (Version:  - Taiwan Shui Mu Chih Ching Technology Limited) <==== ACHTUNG
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.39048 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7417 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.105 - Skype Technologies S.A.)
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.23.2.4686 - Enigma Software Group, LLC)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.2 - VideoLAN)
WavePad Audio-Editor (HKLM-x32\...\WavePad) (Version: 6.53 - NCH Software)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.14 - WildTangent)
Windows Driver Package - ASUS (ATP) Mouse  (07/02/2014 6.0.0.39) (HKLM\...\51B9B97722559D76D6429B83B71A86106A35BFCE) (Version: 07/02/2014 6.0.0.39 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinZip (HKLM-x32\...\WinZip) (Version: 2.2.41 - Winzipper Pvt Ltd.) <==== ACHTUNG
Xilisoft iPad Magic Platinum (HKLM-x32\...\Xilisoft iPad Magic Platinum) (Version: 5.7.12.20160322 - Xilisoft)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-547049573-1155005164-433595549-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-547049573-1155005164-433595549-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-547049573-1155005164-433595549-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {006EDC74-1591-4A09-B08C-77D56ADCFE33} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2014-11-05] (ASUS)
Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent [Argument = /increment]
Task: {1DCCDA14-ADD1-4857-9C4C-5D7C48C8F24B} - \UncheckitUpdateTaskC -> Keine Datei <==== ACHTUNG
Task: {28DB60A4-16B4-4382-AEFB-DC2A42B89933} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-547049573-1155005164-433595549-1001 => C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-05-17] (Microsoft Corporation)
Task: {2B9DCE6B-54B7-44B0-88DF-23E128D92EBF} - System32\Tasks\ToolrainUpdateTaskMachineUA => C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe <==== ACHTUNG
Task: {32210371-12ED-4DDE-B9CA-8BFEF04CF181} - System32\Tasks\ToolrainUpdateTaskMachineCore => C:\Program Files (x86)\Toolrain\Update\ToolrainUpdate.exe <==== ACHTUNG
Task: {329E3861-8E55-42D4-B031-CA3B2DF8C209} - \LefttoeUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {331268C8-821F-43F4-8724-4F318E665F38} - \LefttoeUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {36E27157-D0DB-4D2D-A708-3BCE4417161E} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2014-09-02] (ASUSTek Computer Inc.)
Task: {3E9BEE46-385C-4D3B-B96B-6295D13A514C} - \NobeanUpdateTaskMachineUA -> Keine Datei <==== ACHTUNG
Task: {43F3E34A-03FD-47CE-A93D-ACC2DD26F5EE} - \UncheckitUpdateTaskDB -> Keine Datei <==== ACHTUNG
Task: {655C7265-BC42-4E62-99E3-DA311CF8307C} - System32\Tasks\Arerack Server => C:\Program Files (x86)\Arerack\ArerackServerTask.exe <==== ACHTUNG
Task: {66FFF67E-37FD-411E-ADF3-45E4AE95C02E} - System32\Tasks\EPSON XP-312 313 315 Series Invitation {807E12CB-D5B7-42B7-9387-5F09D395E7F9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [Argument = /EXE:"{807E12CB-D5B7-42B7-9387-5F09D395E7F9}" /F:"Invitation"]
Task: {69747406-13B0-4A9A-B8AA-0899751AEE14} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13] (Google Inc.)
Task: {6E891298-1DDB-4C73-88C8-8F0C208C564F} - \McAfeeLogon -> Keine Datei <==== ACHTUNG
Task: {727EED26-2599-40A0-B175-F36A6B0EB330} - System32\Tasks\EPSON XP-312 313 315 Series Update {807E12CB-D5B7-42B7-9387-5F09D395E7F9} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE [Argument = /EXE:"{807E12CB-D5B7-42B7-9387-5F09D395E7F9}" /F:"Update"]
Task: {731C16E7-238A-4488-89EE-5D762DAC0387} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {7C37C38E-2148-4B8E-A4A2-0721F76843D3} - System32\Tasks\McAfee\McAfee Idle Detection Task
Task: {8FAA9B88-0C52-423D-ABE3-D6BE1814C312} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {915DC55F-D1A7-4C94-9E62-DADD28424522} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-05-13] (Piriform Ltd)
Task: {A0A72EDB-C3E7-4D68-83AC-6B059AEFF234} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {A12383E0-405F-480B-B506-6FA9687E804A} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-vincent.velte@outlook.de => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {AAF5CAB7-20DA-4F36-9231-0247B5044C20} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-12-26] (Realtek Semiconductor)
Task: {B1E97502-E58F-4DD7-9272-F8D6D0B91276} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-13] (Google Inc.)
Task: {B33CE882-1819-4BDD-B627-9CAF242D6E5B} - System32\Tasks\VincentVGummingJawbreakersV2 => Rundll32.exe GrogginessWaterworks.dll,main 7 1 <==== ACHTUNG
Task: {B7494EEA-7277-4838-8F39-06C4A31466BD} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {BBD1D99B-46AF-4890-B212-F84D8E254261} - \NobeanUpdateTaskMachineCore -> Keine Datei <==== ACHTUNG
Task: {C8EC855A-0CD6-40CD-A923-CABDC36F7735} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2014-09-19] (AsusTek)
Task: {CA44E3DD-FD57-4C35-BCA2-8F5C502E55E0} - System32\Tasks\UncheckitTaskMN => C:\Program Files (x86)\Uncheckit\cktSvc.exe <==== ACHTUNG
Task: {CB4B0EB0-0219-4274-8CF5-1A10EC64C7F4} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent
Task: {D55F92AE-29B9-4258-BE1D-C0FE0938A069} - System32\Tasks\Browser Updater Task(Core) => C:\Program Files (x86)\TXQQBrowser\Update\C482625F2F8A9F5376FAF8350D9B0CDA\Update\BrowserUpdate.exe [2016-04-25] (Tencent) <==== ACHTUNG
Task: {DC2EABE9-EAE5-48B9-B442-86AC6A224EBF} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2014-09-11] (ASUSTek Computer Inc.)
Task: {DDB19898-AE13-4B03-9BD9-CB2A640E6C5E} - System32\Tasks\AdobeAAMUpdater-1.0-Vincent-VincentV => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {E041C72A-BB6F-4213-8859-B37F5135BB4C} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2014-06-11] (ASUSTek Computer Inc.)
Task: {EC7EA58C-6751-4F65-9490-F65FEAAA5D50} - System32\Tasks\ChelfNotify Task => C:\ProgramData\ChelfNotify\BrowserUpdate.exe [2016-06-30] (Tencent)
Task: {EC8C2D05-AFC8-4A36-9F43-2AF3BAC2B4FA} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-06-03] ()
Task: {F8BFDD34-F13D-491E-99A7-F69086B9CD61} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Invitation {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE
Task: C:\Windows\Tasks\EPSON XP-312 313 315 Series Update {807E12CB-D5B7-42B7-9387-5F09D395E7F9}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLFE.EXE:/EXE:{807E12CB-D5B7-42B7-9387-5F09D395E7F9} /F:Update WORKGROUP\VINCENT$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\VincentV\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nch.com.au/de/index.html

ShortcutWithArgument: C:\Users\VincentV\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\2e13e29bcf26a9f0\Lefttoe.lnk -> C:\Program Files (x86)\Lefttoe\Application\chrome.exe (Google Inc.) -> --profile-directory=ChromeDefaultData

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-03-24 17:52 - 2014-12-24 12:38 - 00115912 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 15:23 - 2016-07-05 15:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-24 21:47 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-01-14 04:24 - 2014-12-15 07:26 - 00392592 _____ () C:\Windows\system32\igfxTray.exe
2016-05-22 19:33 - 2016-05-22 19:33 - 00491184 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-08-13 14:41 - 2016-08-03 01:41 - 02366280 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-13 14:41 - 2016-08-03 01:40 - 00107848 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2015-01-14 04:24 - 2014-12-15 07:24 - 17752056 _____ () C:\Windows\SYSTEM32\igd11dxva64.dll
2016-05-22 19:32 - 2016-05-22 19:32 - 31680176 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-04-01 15:23 - 2016-04-01 15:23 - 27089303 _____ () C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe
2014-10-29 08:36 - 2014-10-29 08:36 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20573_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00037424 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2014-11-05 14:44 - 2014-11-05 14:44 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-01-06 17:40 - 2015-01-06 17:40 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-04-27 10:24 - 2013-04-27 10:24 - 00071680 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\checkmetro.dll
2016-07-18 08:55 - 2016-07-18 08:55 - 40523456 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2014-10-23 12:27 - 2014-10-23 12:27 - 00119822 _____ () C:\Program Files (x86)\MuseScore 2\bin\libgcc_s_dw2-1.dll
2014-10-23 12:27 - 2014-10-23 12:27 - 01026574 _____ () C:\Program Files (x86)\MuseScore 2\bin\libstdc++-6.dll
2009-03-19 16:45 - 2009-03-19 16:45 - 00567487 _____ () C:\Program Files (x86)\MuseScore 2\bin\portaudio.dll
2009-03-19 16:45 - 2009-03-19 16:45 - 01743360 _____ () C:\Program Files (x86)\MuseScore 2\bin\libsndfile-1.dll
2008-03-23 15:49 - 2008-03-23 15:49 - 00106496 _____ () C:\Program Files (x86)\MuseScore 2\bin\libvorbisfile.dll
2014-10-16 12:34 - 2014-10-16 12:34 - 03758809 _____ () C:\Program Files (x86)\MuseScore 2\bin\icuin53.dll
2014-10-16 12:33 - 2014-10-16 12:33 - 02093901 _____ () C:\Program Files (x86)\MuseScore 2\bin\icuuc53.dll
2008-03-23 15:48 - 2008-03-23 15:48 - 00061440 _____ () C:\Program Files (x86)\MuseScore 2\bin\libogg.dll
2008-03-23 15:49 - 2008-03-23 15:49 - 01233408 _____ () C:\Program Files (x86)\MuseScore 2\bin\libvorbis.dll
2014-10-16 12:34 - 2014-10-16 12:34 - 21565880 _____ () C:\Program Files (x86)\MuseScore 2\bin\icudt53.dll
2015-03-24 17:54 - 2007-11-29 08:41 - 00086016 _____ () c:\program files (x86)\realtek\audio\asio\rthdasio.dll
2015-10-21 15:50 - 2015-10-21 15:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
2015-10-21 15:49 - 2015-10-21 15:49 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcapexe => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McNaiAnn => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-08-12 22:27 - 00002206 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       down.baidu2016.com
127.0.0.1       123.sogou.com
127.0.0.1       www.czzsyzgm.com
127.0.0.1       www.czzsyzxl.com
127.0.0.1       union.baidu2019.com0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
0.0.0.0 media.opencandy.com
0.0.0.0 cdn.opencandy.com
0.0.0.0 tracking.opencandy.com
0.0.0.0 api.opencandy.com
0.0.0.0 api.recommendedsw.com
0.0.0.0 installer.betterinstaller.com
0.0.0.0 installer.filebulldog.com
0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net
0.0.0.0 inno.bisrv.com
0.0.0.0 nsis.bisrv.com
0.0.0.0 cdn.file2desktop.com
0.0.0.0 cdn.goateastcach.us
0.0.0.0 cdn.guttastatdk.us
0.0.0.0 cdn.inskinmedia.com
0.0.0.0 cdn.insta.oibundles2.com
0.0.0.0 cdn.insta.playbryte.com
0.0.0.0 cdn.llogetfastcach.us
0.0.0.0 cdn.montiera.com
0.0.0.0 cdn.msdwnld.com
0.0.0.0 cdn.mypcbackup.com
0.0.0.0 cdn.ppdownload.com
0.0.0.0 cdn.riceateastcach.us
0.0.0.0 cdn.shyapotato.us
0.0.0.0 cdn.solimba.com

Da befinden sich 8 zusätzliche Einträge.


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-547049573-1155005164-433595549-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-547049573-1155005164-433595549-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Users\VincentV\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 172.16.254.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeUpdateService => 2

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{D48F6F7F-BD46-41F0-BD6B-37F58504FF32}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{7B6414CD-4A9E-4F6D-9EA7-0A269E9B53AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{015A28FA-38F6-423F-B50A-A5E11A531929}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{438411C4-F95B-4097-8AA0-9BCA7E9DF3A8}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{BEB111DC-55E6-42DE-951B-DCB6E9E85BAE}] => (Allow) C:\Users\VincentV\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{C0468B99-6F57-40CB-ACA2-796C55ED2614}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\Resolve.exe
FirewallRules: [{7011919F-50E0-49BE-8D55-B505AADF4BAE}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\bmdpaneld.exe
FirewallRules: [{AA5E597A-E8CC-49CC-88A8-96096129A69D}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\JLCooperPanelDaemon.exe
FirewallRules: [{655DDBC4-8DFD-401F-8A36-214DC4FA12F5}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\EuphonixPanelDaemon.exe
FirewallRules: [{D979AF5C-21F7-4D46-B305-AD3598E6B6C6}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\TangentPanelDaemon.exe
FirewallRules: [{945705F3-6234-422B-9EEB-4D9CE5B92389}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\ElementsPanelDaemon.exe
FirewallRules: [{A816ADAE-23BB-411C-8936-6891690E5062}] => (Allow) C:\Program Files\Blackmagic Design\DaVinci Resolve\DPDecoder.exe
FirewallRules: [{3034CAE4-122B-4E00-B943-B2A219E7E87B}] => (Allow) C:\ProgramData\Blackmagic Design\DaVinci Resolve\Support\QtDecoder\QTDecoder.exe
FirewallRules: [{8B63B4C5-5FB6-48F0-BA2F-31E6E1EA9F27}] => (Allow) C:\Program Files (x86)\Lefttoe\Update\LefttoeUpdate.exe
FirewallRules: [{D6857EDF-F2F6-429A-9B39-4CA0FBF34320}] => (Allow) C:\Program Files (x86)\Lefttoe\Application\chrome.exe
FirewallRules: [{990FDC14-0FE7-4D51-B80C-DA6102EF976F}] => (Allow) C:\ProgramData\Lefttoe\Lefttoe.exe
FirewallRules: [{958D433E-5565-4B7E-B227-144BFD8ADE06}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5B5F69BC-5C56-4F4F-ACA7-3550E9948896}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8717AA32-7D5D-43C4-8FB4-2FDFA4484E0B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8D87B76C-BCC4-4CD5-85CB-1168C8DC4FA4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{1D204B6C-02CA-44B6-AA0A-D9F16CD5A7F3}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [TCP Query User{05A98E20-826B-4DDD-B66F-5F9E01B65E13}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [UDP Query User{AB4FF260-EEBD-4142-864E-0B659D1B110D}C:\program files\blackmagic design\davinci resolve\dpdecoder.exe] => (Block) C:\program files\blackmagic design\davinci resolve\dpdecoder.exe
FirewallRules: [{8F938ACC-9484-423A-A37F-961E6E85B604}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/14/2016 02:21:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3140

Error: (08/14/2016 02:21:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3140

Error: (08/14/2016 02:21:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/14/2016 02:21:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1234

Error: (08/14/2016 02:21:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1234

Error: (08/14/2016 02:21:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/14/2016 10:25:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2375

Error: (08/14/2016 10:25:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2375

Error: (08/14/2016 10:25:41 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (08/14/2016 10:25:40 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125


Systemfehler:
=============
Error: (08/13/2016 09:26:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet: 
%%1 = Unzulässige Funktion.

Error: (08/13/2016 10:57:48 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎13.‎08.‎2016 um 09:57:04 unerwartet heruntergefahren.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Volumeschattenkopie" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application Local Management Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "GamesAppIntegrationService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "FABS - Helping agent for MAGIX media database" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 3000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/13/2016 10:11:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-06-26 22:32:55.253
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-26 22:21:39.052
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-24 13:36:20.450
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-24 07:06:53.877
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-24 05:52:45.947
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-23 16:56:16.137
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-23 16:08:35.585
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-22 10:37:10.470
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-22 03:36:02.167
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.

  Date: 2016-06-22 03:36:02.162
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Elex-tech\YAC\iSafeSrvMon64.dll that did not meet the Windows signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 12190.84 MB
Verfügbarer physikalischer RAM: 7989.83 MB
Summe virtueller Speicher: 14046.84 MB
Verfügbarer virtueller Speicher: 8786.21 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:89.43 GB) (Free:7.11 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:104.26 GB) (Free:31.05 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: 712C0698)

Partition: GPT.

==================== Ende von Addition.txt ============================

cosinus · 14.08.2016, 16:03

Code:

ATTFilter

AV: McAfee Anti-Virus und Anti-Spyware (Disabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}

Beide bitte umgehend deinstallieren. Nervt nur und empfehlen wir nicht.
Ich seh da auch noch Schrott von AVG, das auch bitte wegschmeißen.

VVelte · 14.08.2016, 18:54

Ok. Sind alle drei deinstalliert.

13.08.2016, 20:34	#6
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MPC Cleaner entfernen - bitte helft mir! Malwarebytes: Im Programm unter Verlauf => Anwendungsprotokolle. Von dort alle Scan-Protokolle posten. Und das bitte im TXT-Format. adwCleaner: alle Logs sind in C:\AdwCleaner zu finden __________________ --> MPC Cleaner entfernen - bitte helft mir!

13.08.2016, 21:09	#8
cosinus /// Winkelfunktion /// TB-Süch-Tiger™	MPC Cleaner entfernen - bitte helft mir! Du solltest die Scan-Protokolle von Malwarebytes posten, keine Schutz-Protokolle. __________________ Logfiles bitte immer in CODE-Tags posten

MPC Cleaner entfernen - bitte helft mir!

Log-Analyse und Auswertung: MPC Cleaner entfernen - bitte helft mir!