UCBrowser hinterläßt Souren - System läßt sich nicht ganz säubern

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Klaus (Administrator) auf KLAUS-PC (18-01-2017 07:08:18)
Gestartet von C:\Users\Klaus\Downloads
Geladene Profile: Klaus (Verfügbare Profile: Klaus & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Alcohol Soft Development Team) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(StarWind Software) C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(VIA Technologies, Inc.) C:\Program Files\VIA XHCI UASP Utility\usb3Monitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Telegram Messenger LLP) C:\Users\Klaus\AppData\Roaming\Telegram Desktop\Telegram.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AppWork GmbH) C:\Users\Klaus\AppData\Local\JDownloader v2.0\JDownloader2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [VIAxHCUtl] => C:\Program Files\VIA XHCI UASP Utility\usb3Monitor
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-23] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-11-01] (Apple Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [384064 2014-03-19] (Acronis)
HKLM-x32\...\Run: [FUFAXRCV] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe [650496 2016-01-19] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [FUFAXSTM] => C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe [863488 2016-01-19] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1087184 2016-01-20] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [115048 2011-09-16] (Renesas Electronics Corporation)
HKLM\...\Policies\Explorer: [TaskbarNoNotification] 0
HKLM\...\Policies\Explorer: [HideSCAHealth] 0
HKLM\...\Policies\Explorer: [DisableThumbsDBOnNetworkFolders] 1
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Run: [AlcoholAutomount] => C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Run: [DAEMON Tools Ultra Agent] => C:\Program Files\DAEMON Tools Ultra\DTAgent.exe [4526424 2015-08-06] (Disc Soft Ltd)
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Run: [WAZPWNA0WB] => "C:\Program Files\JVQNZCTGG9\JVQNZCTGG.exe"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Run: [E21ZCY697U] => "C:\Program Files\Z2VMR9RVMX\Z2VMR9RVM.exe"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Policies\Explorer: [NoThumbnailCache] 1
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\MountPoints2: {4d4af7b6-d30d-11e6-9acd-002522d4b04c} - "G:\setup.exe" /autorun
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\MountPoints2: {fbd5b57f-5a35-11e6-99d3-002522d4b04c} - "F:\setup.exe" 
HKU\S-1-5-18\...\Run: [] => 0
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} =>  -> Keine Datei
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telegram.lnk [2016-10-03]
ShortcutTarget: Telegram.lnk -> C:\Users\Klaus\AppData\Roaming\Telegram Desktop\Telegram.exe (Telegram Messenger LLP)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5ecc38dd-75fd-462e-a8e4-3278545d01d7}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5ecc38dd-75fd-462e-a8e4-3278545d01d7}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{aa7eb822-2bd5-4f14-b88e-d82ac5d3879e}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{cb5b2749-4c70-4856-bbb0-f845a0b654d6}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{cb5b2749-4c70-4856-bbb0-f845a0b654d6}: [DhcpNameServer] 192.168.0.1 192.168.0.2
Tcpip\..\Interfaces\{f2d32520-817d-11e6-9f04-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{f51c0850-4337-4774-8242-936afa8a7d12}: [NameServer] 8.8.8.8
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-20] (Oracle Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> Keine Datei
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\jp2ssv.dll [2016-11-20] (Oracle Corporation)
Handler: gopher - {79eac9e4-baf9-11ce-8c82-00aa004ba90b} -  Keine Datei
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3767151760-3652987525-2816545776-1001 -> hxxp://go.gmx.net/tb/ie_startpage

FireFox:
========
FF DefaultProfile: 9mp86hi8.default
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\9mp86hi8.default [2017-01-17]
FF DefaultSearchEngine: Mozilla\Firefox\Profiles\9mp86hi8.default -> trotux
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\9mp86hi8.default -> trotux
FF Homepage: Mozilla\Firefox\Profiles\9mp86hi8.default -> hxxps://www.malwarebytes.org/restorebrowser/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_24_0_0_186.dll [2016-12-25] ()
FF Plugin: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [Keine Datei]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_186.dll [2016-12-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-12-21] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\dtplugin\npDeployJava1.dll [2016-11-20] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.112.2 -> C:\Program Files (x86)\Java\jre1.8.0_112\bin\plugin2\npjp2.dll [2016-11-20] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-28] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxp://google.de/"
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-01-17] <==== ACHTUNG
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-01-18]
CHR Extension: (Google Präsentationen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-16]
CHR Extension: (Google Docs) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-16]
CHR Extension: (Google Drive) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-16]
CHR Extension: (YouTube) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-16]
CHR Extension: (Google Tabellen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-01-16]
CHR Extension: (Google Docs Offline) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-17]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-16]
CHR Extension: (Google Mail) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-16]
CHR Extension: (Chrome Media Router) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-04-19] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-09-22] (Apple Inc.)
S2 AxAutoMntSrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAutoMntSrv.exe [39376 2015-03-12] (Alcohol Soft Development Team)
R2 AxVirtualAHCISrv; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\AxAHCIServiceEx.exe [99712 2015-12-04] (Alcohol Soft Development Team)
S4 BcmBtRSupport; C:\WINDOWS\system32\BtwRSupportService.exe [2305816 2016-04-13] (Broadcom Corporation.)
S4 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [Datei ist nicht signiert]
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-28] (Digital Wave Ltd.)
R3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1345880 2015-08-06] (Disc Soft Ltd)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-16] (Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON CORPORATION)
S4 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [359200 2016-09-28] (IObit)
S4 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
S4 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-02-19] ()
S4 ProtexisLicensing; C:\WINDOWS\SysWOW64\PSIService.exe [177704 2007-06-05] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 StarWindServiceAE; C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [370688 2009-12-23] (StarWind Software) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
S4 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [41952 2016-12-11] (VIA Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [227144 2016-04-13] (Broadcom Corporation.)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-08-02] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-08-02] (Disc Soft Ltd)
R3 dtultrascsibus; C:\WINDOWS\System32\drivers\dtultrascsibus.sys [30264 2016-02-01] (Disc Soft Ltd)
R3 dtultrausbbus; C:\WINDOWS\System32\drivers\dtultrausbbus.sys [47160 2016-02-01] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [17480 2013-03-07] () [Datei ist nicht signiert]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14920 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [9800 2013-03-07] () [Datei ist nicht signiert]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [9160 2013-03-07] () [Datei ist nicht signiert]
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-06-30] (REALiX(tm))
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
S4 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvlddmkm.sys [14200880 2016-12-25] (NVIDIA Corporation)
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [56336 2013-09-03] (Corel Corporation)
S3 RimUsb; C:\WINDOWS\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 RimVSerPort; C:\WINDOWS\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [418784 2016-10-30] (Realsil Semiconductor Corporation)
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [11616 2001-08-16] () [Datei ist nicht signiert]
S3 smhwser; C:\WINDOWS\system32\DRIVERS\smhwser.sys [122624 2010-02-04] (QUALCOMM Incorporated)
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [196152 2016-12-15] (Duplex Secure Ltd)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2016-10-03] ()
R1 ucdrv; C:\Program Files (x86)\UCBrowser\Security:ucdrv-x64.sys [23652 ] (UC Web Inc.) <==== ACHTUNG
S3 VUSB3HUB; C:\WINDOWS\System32\drivers\ViaHub3.sys [227840 2013-12-11] (VIA Technologies, Inc.) [Datei ist nicht signiert]
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 xhcdrv; C:\WINDOWS\System32\drivers\xhcdrv.sys [297984 2013-12-11] (VIA Technologies, Inc.) [Datei ist nicht signiert]
U3 idsvc; kein ImagePath
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-18 07:08 - 2017-01-18 07:08 - 00020068 _____ C:\Users\Klaus\Downloads\FRST.txt
2017-01-17 13:04 - 2017-01-17 23:54 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Bioshock
2017-01-17 13:04 - 2017-01-17 13:12 - 00000000 ____D C:\Users\Klaus\Documents\Bioshock
2017-01-17 12:55 - 2017-01-17 12:55 - 00001451 _____ C:\Users\Public\Desktop\BioShock.lnk
2017-01-17 12:55 - 2017-01-17 12:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BioShock
2017-01-17 12:49 - 2017-01-17 12:55 - 00000000 ____D C:\Program Files (x86)\BioShock
2017-01-17 12:43 - 2017-01-17 12:43 - 00000028 _____ C:\WINDOWS\OutLog.txt
2017-01-17 12:43 - 2017-01-17 12:43 - 00000000 _____ C:\WINDOWS\BcdLog.txt
2017-01-17 12:39 - 2017-01-17 12:39 - 00000161 _____ C:\WINDOWS\system32\autopart.opt
2017-01-17 12:39 - 2017-01-17 12:39 - 00000000 ____D C:\WINDOWS\Acronis
2017-01-17 12:39 - 2014-03-19 22:40 - 15031616 _____ (Acronis) C:\WINDOWS\system32\autopart.exe
2017-01-17 08:52 - 2017-01-17 08:52 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-17 08:51 - 2017-01-17 08:51 - 02870984 _____ (ESET) C:\Users\Klaus\Downloads\esetsmartinstaller_deu.exe
2017-01-17 08:46 - 2017-01-17 08:48 - 00082514 _____ C:\TDSSKiller.3.1.0.12_17.01.2017_08.46.48_log.txt
2017-01-17 08:45 - 2017-01-17 12:10 - 00000000 ____D C:\TDSSKiller_Quarantine
2017-01-17 08:45 - 2017-01-17 08:45 - 00084538 _____ C:\TDSSKiller.3.1.0.12_17.01.2017_08.45.05_log.txt
2017-01-17 08:44 - 2017-01-17 08:45 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Klaus\Downloads\tdsskiller.exe
2017-01-17 08:34 - 2017-01-17 08:34 - 00590056 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-17 07:40 - 2017-01-18 07:08 - 00000000 ____D C:\FRST
2017-01-17 07:40 - 2017-01-17 07:40 - 02419200 _____ (Farbar) C:\Users\Klaus\Downloads\FRST64.exe
2017-01-17 07:36 - 2017-01-17 07:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2017-01-17 07:36 - 2017-01-17 07:36 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2017-01-17 07:36 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2017-01-17 07:36 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-01-17 07:36 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-01-17 07:35 - 2017-01-17 07:35 - 00000008 __RSH C:\Users\Klaus\ntuser.pol
2017-01-17 06:26 - 2017-01-17 06:26 - 22851472 _____ (Malwarebytes ) C:\Users\Klaus\Downloads\mbam-setup-2.2.1.1043.exe
2017-01-17 00:05 - 2017-01-17 12:41 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-17 00:05 - 2017-01-17 00:05 - 03988944 _____ C:\Users\Klaus\Downloads\adwcleaner_6.042.exe
2017-01-17 00:04 - 2017-01-17 00:04 - 00000000 ____D C:\Program Files\Malwarebytes
2017-01-16 23:44 - 2017-01-16 23:44 - 00000000 ____D C:\Users\Klaus\Downloads\Windows-Defender-Aktivieren-in-Windows-10.reg_
2017-01-16 23:36 - 2017-01-16 23:36 - 00000000 ____D C:\ProgramData\USOShared
2017-01-16 23:36 - 2017-01-16 23:36 - 00000000 ____D C:\ProgramData\USOPrivate
2017-01-16 23:34 - 2017-01-16 23:42 - 00000000 ____D C:\ProgramData\ProductData
2017-01-16 23:06 - 2017-01-16 23:06 - 00003272 _____ C:\WINDOWS\System32\Tasks\{E1F06918-E97A-4DB0-A704-7E6795236240}
2017-01-16 23:04 - 2017-01-16 23:04 - 00000000 ____D C:\Users\Klaus\AppData\Local\AdvinstAnalytics
2017-01-16 22:56 - 2017-01-16 23:39 - 00000474 _____ C:\WINDOWS\Tasks\UCBrowserUpdater.job
2017-01-16 22:56 - 2017-01-16 22:56 - 00003492 _____ C:\WINDOWS\System32\Tasks\UCBrowserUpdater
2017-01-16 22:56 - 2017-01-16 22:56 - 00003476 _____ C:\WINDOWS\System32\Tasks\UCBrowserSecureUpdater
2017-01-16 22:56 - 2017-01-16 22:56 - 00000000 ____D C:\Users\Klaus\AppData\Local\UCBrowser
2017-01-16 22:55 - 2017-01-17 00:12 - 00000000 ____D C:\Program Files (x86)\Phikaty Nodifier
2017-01-16 22:55 - 2017-01-16 23:28 - 00000000 ____D C:\Program Files\xxx
2017-01-16 22:55 - 2017-01-16 23:17 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-16 22:55 - 2017-01-16 23:05 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-01-16 22:55 - 2017-01-16 22:55 - 00000000 ____D C:\ProgramData\Avira
2017-01-16 22:55 - 2017-01-16 22:55 - 00000000 ____D C:\ProgramData\Avg
2017-01-16 22:55 - 2017-01-16 22:55 - 00000000 ____D C:\ProgramData\AVAST Software
2017-01-16 22:54 - 2017-01-17 08:46 - 00000000 ____D C:\Program Files\JVQNZCTGG9
2017-01-16 22:54 - 2017-01-17 00:12 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Clorertyckidering
2017-01-16 22:54 - 2017-01-16 22:55 - 00000000 ____D C:\Users\Klaus\AppData\Local\Reitssetsh
2017-01-16 22:54 - 2017-01-16 22:54 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-01-16 22:53 - 2017-01-16 22:53 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-01-16 22:53 - 2017-01-16 22:53 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-01-16 14:55 - 2017-01-16 14:55 - 00000000 ____D C:\Users\Klaus\Documents\BioshockHD
2017-01-16 14:55 - 2017-01-16 14:55 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\BioshockHD
2017-01-14 18:25 - 2017-01-14 18:25 - 00000000 ____D C:\ProgramData\Acronis
2017-01-14 18:24 - 2017-01-14 18:24 - 00276256 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\snapman.sys
2017-01-14 18:24 - 2017-01-14 18:24 - 00118560 _____ (Acronis International GmbH) C:\WINDOWS\system32\Drivers\fltsrv.sys
2017-01-14 18:24 - 2017-01-14 18:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acronis
2017-01-14 18:24 - 2017-01-14 18:24 - 00000000 ____D C:\Program Files (x86)\Acronis
2017-01-14 18:14 - 2017-01-14 18:14 - 03901144 _____ (AVM GmbH) C:\Users\Klaus\Downloads\avm_fritz!wlan_usb_stick_x64_build_100906.exe
2017-01-14 12:54 - 2017-01-14 12:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 10.0
2017-01-14 12:54 - 2014-04-04 00:42 - 03382440 _____ C:\WINDOWS\system32\BootMan.exe
2017-01-14 12:54 - 2014-04-04 00:25 - 02499752 _____ C:\WINDOWS\SysWOW64\BootMan.exe
2017-01-14 12:54 - 2013-03-07 09:49 - 00100936 _____ C:\WINDOWS\system32\setupempdrvx64.exe
2017-01-14 12:54 - 2013-03-07 09:49 - 00087112 _____ C:\WINDOWS\SysWOW64\setupempdrv03.exe
2017-01-14 12:54 - 2013-03-07 09:49 - 00019840 _____ C:\WINDOWS\SysWOW64\EuEpmGdi.dll
2017-01-14 12:54 - 2013-03-07 09:49 - 00017480 _____ C:\WINDOWS\system32\epmntdrv.sys
2017-01-14 12:54 - 2013-03-07 09:49 - 00016256 _____ C:\WINDOWS\system32\EuEpmGdi.dll
2017-01-14 12:54 - 2013-03-07 09:49 - 00014920 _____ C:\WINDOWS\SysWOW64\epmntdrv.sys
2017-01-14 12:54 - 2013-03-07 09:49 - 00009800 _____ C:\WINDOWS\system32\EuGdiDrv.sys
2017-01-14 12:54 - 2013-03-07 09:49 - 00009160 _____ C:\WINDOWS\SysWOW64\EuGdiDrv.sys
2017-01-12 19:28 - 2017-01-12 19:28 - 02834619 _____ C:\WINDOWS\32e353b0a289955e4d2d0dbcc5632256.exe
2017-01-11 21:44 - 2017-01-11 21:45 - 00001996 _____ C:\Users\Klaus\Desktop\Neues Textdokument.txt
2017-01-11 21:40 - 2017-01-11 21:40 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2017-01-11 17:29 - 2017-01-16 22:54 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-11 17:29 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-11 17:29 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-11 17:29 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-11 17:29 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-11 17:29 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-11 17:29 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-11 17:29 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-11 17:29 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-11 17:29 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-11 17:29 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-11 17:29 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-11 17:29 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-11 17:29 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-11 17:29 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-11 17:29 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-11 17:29 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-11 17:29 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-11 17:29 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-11 17:29 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-11 17:29 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-11 17:29 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-11 17:29 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-11 17:29 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-11 17:29 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-11 17:29 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-11 17:29 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-11 17:29 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-11 17:29 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-11 17:29 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-11 17:29 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-11 17:29 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-11 17:29 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-11 17:29 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-11 17:29 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-11 17:29 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-11 17:29 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-11 17:29 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-11 17:29 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-11 17:29 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-11 17:29 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-11 17:29 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-11 17:29 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-11 17:29 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-11 17:29 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-11 17:29 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-11 17:29 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-11 17:29 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-11 17:29 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-11 17:29 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-11 17:29 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-11 17:29 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-11 17:29 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-11 17:29 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-11 17:29 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-11 17:29 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-11 17:29 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-11 17:29 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-11 17:29 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-11 17:29 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-11 17:29 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-11 17:29 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-11 17:29 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-11 17:29 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-11 17:29 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-11 17:29 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-11 17:29 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-11 17:29 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-11 17:29 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-11 17:29 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-11 17:29 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-11 17:29 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-11 17:29 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-11 17:29 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:29 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-11 17:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-11 17:28 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-11 17:28 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-11 17:28 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-11 17:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-11 17:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-11 17:28 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-11 17:28 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-11 17:28 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-11 17:28 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-11 17:28 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-11 17:28 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-11 17:28 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-11 17:28 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-11 17:28 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-11 17:28 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-11 17:28 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-11 17:28 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-11 17:28 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-11 17:28 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-11 17:28 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-11 17:28 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-11 17:28 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-11 17:28 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-11 17:28 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-11 17:28 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-11 17:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-11 17:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-11 17:28 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-11 17:28 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-11 17:28 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-11 17:28 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-11 17:28 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-11 17:28 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-11 17:28 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-11 17:28 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-11 17:28 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-11 17:28 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-11 17:28 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-11 17:28 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-11 17:28 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-11 17:28 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-11 17:28 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-11 17:28 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-11 17:28 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-11 17:28 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-11 17:28 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-11 17:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-11 17:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-11 17:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-11 17:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-11 17:28 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-11 17:28 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-11 17:28 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-11 17:28 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-11 17:28 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-11 17:28 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-11 17:28 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-11 17:28 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-11 17:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-11 17:28 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-11 17:28 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-11 17:28 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-11 17:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-11 17:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-11 17:28 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-11 17:28 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-11 17:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-11 17:28 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-11 17:28 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:28 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-11 17:28 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-11 17:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-11 17:28 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-11 17:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-11 17:28 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-11 17:28 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-11 17:28 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-11 17:28 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-11 17:28 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-11 17:28 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-11 17:28 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-11 17:28 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-11 17:28 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-11 17:28 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-11 17:28 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-11 17:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-11 17:28 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-11 17:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-11 17:28 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-11 17:28 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-11 17:28 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-11 17:28 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-09 22:15 - 2017-01-09 22:15 - 00000000 ____D C:\Users\Klaus\AppData\Local\Ndemic Creations
2017-01-09 22:04 - 2017-01-09 22:14 - 00000000 ____D C:\Program Files (x86)\Plague Inc Evolved
2017-01-09 22:04 - 2017-01-09 22:04 - 00001230 _____ C:\Users\Public\Desktop\Plague Inc Evolved.lnk
2017-01-09 22:04 - 2017-01-09 22:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plague Inc Evolved
2017-01-08 16:46 - 2017-01-08 16:46 - 00000000 ____D C:\Users\Klaus\Documents\CPY_SAVES
2017-01-07 00:09 - 2017-01-07 00:09 - 01065376 _____ (Google Inc.) C:\Users\Klaus\Downloads\ChromeSetup.exe
2017-01-06 04:49 - 2017-01-06 04:49 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\SmartSteamEmu
2017-01-05 22:29 - 2017-01-05 22:29 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft Games
2017-01-05 22:16 - 2017-01-05 22:22 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\DAEMON Tools Ultra
2017-01-05 22:16 - 2017-01-05 22:18 - 00000000 ____D C:\Program Files\DAEMON Tools Ultra
2017-01-05 22:16 - 2017-01-05 22:16 - 00001863 _____ C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk
2017-01-05 22:16 - 2017-01-05 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2017-01-05 22:15 - 2017-01-05 22:15 - 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2017-01-04 14:10 - 2003-04-19 00:29 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll
2017-01-04 14:09 - 2017-01-04 19:34 - 00000604 _____ C:\WINDOWS\Edofma.INI
2017-01-03 18:16 - 2017-01-03 18:16 - 53933348 _____ C:\Users\Klaus\Downloads\hv335t_flash_v2.3.zip
2017-01-03 17:52 - 2017-01-15 20:16 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\vlc
2017-01-03 17:49 - 2017-01-03 17:50 - 30533688 _____ C:\Users\Klaus\Downloads\vlc-2.2.4-win32.exe
2017-01-02 18:49 - 2017-01-02 18:49 - 00196497 _____ C:\Users\Klaus\Downloads\DHL_label_2017-1-2_18-49-7.pdf
2017-01-02 15:29 - 2017-01-02 15:29 - 00061314 _____ C:\Users\Klaus\Downloads\2530333_2016_Nr.012_Kontoauszug_vom_31.12.2016_20170102032955.pdf
2017-01-02 15:29 - 2017-01-02 15:29 - 00049871 _____ C:\Users\Klaus\Downloads\302530333_2016_Nr.012_Kontoauszug_vom_31.12.2016_20170102032951.pdf
2017-01-02 15:29 - 2017-01-02 15:29 - 00049643 _____ C:\Users\Klaus\Downloads\402530333_2016_Nr.004_Kontoauszug_vom_31.12.2016_20170102032942.pdf
2017-01-02 15:29 - 2017-01-02 15:29 - 00049388 _____ C:\Users\Klaus\Downloads\102530333_2016_Nr.010_Kontoauszug_vom_31.12.2016_20170102032946.pdf
2017-01-02 15:29 - 2017-01-02 15:29 - 00046885 _____ C:\Users\Klaus\Downloads\302530333_2016_Mitteilung_vom_31.10.2016_20170102032948.pdf
2016-12-31 11:10 - 2016-12-31 11:10 - 00196914 _____ C:\Users\Klaus\Downloads\DHL_label_2016-12-31_11-10-49.pdf
2016-12-25 06:39 - 2016-12-25 06:39 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 03934504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 03474392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-25 06:39 - 2016-12-25 06:39 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-01-18 07:05 - 2016-10-03 11:37 - 00000000 ____D C:\AdwCleaner
2017-01-18 06:51 - 2016-09-23 11:08 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-18 06:51 - 2016-05-03 11:08 - 00000000 ____D C:\Users\Klaus\AppData\Local\CrashDumps
2017-01-18 06:47 - 2015-10-24 17:52 - 00000000 ____D C:\Users\Klaus\AppData\Local\JDownloader v2.0
2017-01-18 06:05 - 2016-09-23 11:10 - 11742102 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-01-18 06:05 - 2016-07-16 23:51 - 05975044 _____ C:\WINDOWS\system32\perfh007.dat
2017-01-18 06:05 - 2016-07-16 23:51 - 01676696 _____ C:\WINDOWS\system32\perfc007.dat
2017-01-18 06:01 - 2016-09-23 11:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-18 06:01 - 2015-10-21 15:43 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Telegram Desktop
2017-01-18 00:03 - 2016-07-16 07:04 - 00262144 _____ C:\WINDOWS\system32\config\BBI
2017-01-18 00:01 - 2016-09-23 11:11 - 00000000 ____D C:\Users\Klaus
2017-01-17 23:58 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-01-17 19:51 - 2016-10-12 14:48 - 00000000 ____D C:\Users\Klaus\Downloads\Telegram Desktop
2017-01-17 15:33 - 2015-10-18 16:26 - 00000000 ____D C:\Users\Klaus\Desktop\ABLAGE
2017-01-17 08:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-17 08:32 - 2015-11-01 16:35 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Wise Disk Cleaner
2017-01-17 07:34 - 2016-10-03 11:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-17 07:27 - 2016-10-03 19:22 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-01-17 00:12 - 2016-09-23 18:06 - 00000000 ____D C:\ProgramData\Ashampoo
2017-01-17 00:12 - 2015-10-24 16:06 - 00002382 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-16 23:12 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Help
2017-01-16 23:12 - 2016-07-09 06:00 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Wise Euask
2017-01-16 23:11 - 2016-02-19 13:22 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Anvsoft
2017-01-16 23:11 - 2015-11-26 23:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAZ 3D
2017-01-16 22:55 - 2016-11-04 19:03 - 00000000 ____D C:\Program Files (x86)\Call of Duty
2017-01-16 22:55 - 2016-09-09 11:48 - 00000000 ____D C:\Program Files (x86)\Digiarty
2017-01-16 22:55 - 2016-03-21 17:13 - 00000000 ____D C:\Program Files (x86)\MSECache
2017-01-14 12:54 - 2016-06-01 21:17 - 00000000 ____D C:\Program Files (x86)\EaseUS
2017-01-14 11:37 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 07:16 - 2016-01-23 17:17 - 00000000 ____D C:\Users\Klaus\Documents\UseNeXT
2017-01-13 07:16 - 2015-10-24 17:48 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\UseNeXT
2017-01-12 22:21 - 2015-11-26 23:25 - 00000000 ____D C:\Program Files (x86)\DAZ 3D
2017-01-12 22:17 - 2016-01-16 00:34 - 00000000 ____D C:\Users\Klaus\Documents\My Games
2017-01-11 21:40 - 2016-09-23 11:11 - 00000000 ____D C:\Users\DefaultAppPool
2017-01-11 21:18 - 2015-11-11 07:12 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\dvdcss
2017-01-11 21:06 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-11 21:06 - 2016-02-13 18:32 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-11 21:04 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 21:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 21:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 21:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 21:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 21:04 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 19:28 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 19:22 - 2015-10-19 10:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 19:20 - 2015-10-19 10:00 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-07 08:47 - 2015-12-01 21:54 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2017-01-07 08:47 - 2015-10-24 13:53 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-01-07 00:20 - 2016-09-23 11:24 - 00004074 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-01-07 00:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-01-07 00:20 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-01-07 00:20 - 2015-10-24 10:11 - 00000000 ____D C:\Users\Klaus\AppData\Local\Adobe
2017-01-06 05:36 - 2015-10-24 09:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-06 05:34 - 2016-12-16 13:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Games
2017-01-05 11:59 - 2016-03-07 23:45 - 00000000 ____D C:\Users\Klaus\AppData\Local\ElevatedDiagnostics
2017-01-04 07:30 - 2016-04-23 23:34 - 00000000 ____D C:\Program Files (x86)\posterXXL Designer
2017-01-03 17:51 - 2015-10-24 19:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2016-12-29 18:07 - 2016-12-13 15:18 - 00000000 ____D C:\WINDOWS\Minidump
2016-12-25 06:39 - 2016-08-02 22:52 - 00042286 _____ C:\WINDOWS\system32\nvinfo.pb
2016-12-24 14:56 - 2015-10-24 09:43 - 00000000 ____D C:\Users\Klaus\AppData\Local\VirtualStore
2016-12-23 00:13 - 2016-10-13 17:53 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-10-13 17:53 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-21 12:14 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\drivers
2016-12-21 12:12 - 2016-07-16 12:47 - 00000000 __RSD C:\WINDOWS\Fonts
2016-12-21 10:54 - 2015-10-24 18:36 - 00389396 __RSH C:\bootmgr

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-09-01 06:23 - 2016-09-01 06:28 - 0020520 _____ () C:\Program Files (x86)\init.dat
2016-09-23 18:08 - 2016-09-23 19:35 - 0003584 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-01-15 21:10 - 2016-09-10 17:47 - 0007627 _____ () C:\Users\Klaus\AppData\Local\resmon.resmoncfg

Einige Dateien in TEMP:
====================
C:\Users\Klaus\AppData\Local\Temp\proxy_vole3376839825597473793.dll
C:\Users\Klaus\AppData\Local\Temp\proxy_vole7267681989729089600.dll


==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-01-09 17:46

==================== Ende von FRST.txt ============================
         

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Klaus (18-01-2017 07:09:13)
Gestartet von C:\Users\Klaus\Downloads
Windows 10 Pro Version 1607 (X64) (2016-09-23 10:25:15)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3767151760-3652987525-2816545776-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3767151760-3652987525-2816545776-503 - Limited - Disabled)
Gast (S-1-5-21-3767151760-3652987525-2816545776-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3767151760-3652987525-2816545776-1009 - Limited - Enabled)
Klaus (S-1-5-21-3767151760-3652987525-2816545776-1001 - Administrator - Enabled) => C:\Users\Klaus

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACDSee (HKLM-x32\...\ACDSee) (Version:  - )
Acrobat.com (HKLM-x32\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
AcronisÂ*DiskÂ*DirectorÂ*12 (HKLM-x32\...\{AE372858-B1BD-49EF-8308-648322846008}) (Version: 12.0.3219 - Acronis)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.186 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{5ECE64C9-F5B3-4914-B1F2-23D46548B7E3}) (Version: 12.2.3.183 - Adobe Systems, Inc)
Amazon Drive (HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\Amazon Drive) (Version: 3.6.4.65 - Amazon.com, Inc.)
Any Video Converter 5.9.1 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (32-Bit) (HKLM-x32\...\{F2871C89-C8A5-42EE-8D45-0F02506385A6}) (Version: 5.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{9BC93467-75D1-4AA4-BD58-D9C51D88DFAB}) (Version: 5.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}) (Version: 10.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo WinOptimizer 2015 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.60 - Ashampoo GmbH & Co. KG)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{DF6C3726-7E53-4772-9763-E9F147769F51}) (Version: 3.1.9.0000 - Asmedia Technology)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version:  - ASRock Inc.)
ATI Catalyst Install Manager (HKLM\...\{4044201A-8576-2999-1166-96C5593F3CFF}) (Version: 3.0.825.0 - ATI Technologies, Inc.)
BioShock Version 1.1 (HKLM-x32\...\{4AA8D978-38C1-475B-936C-C79143624B61}_is1) (Version: 1.1 - 2K Games)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Call of Duty (HKLM-x32\...\Call of Duty) (Version:  - )
Call of Juarez - Bound in Blood (x32 Version: 1.01.0000 - Ubisoft) Hidden
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6282 - CDBurnerXP)
CorelDRAW 10 (x32 Version: 10 - Corel) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.0.0.0423 - Disc Soft Ltd)
Driver Booster 3.1 (HKLM-x32\...\Driver Booster_is1) (Version: 3.1 - IObit)
EaseUS Partition Master 10.0 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version:  - EaseUS)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 17.3.19290 - Landesfinanzdirektion Thüringen)
Epson Easy Photo Print 2 (HKLM-x32\...\{07AA1C7F-E8CA-4FDC-B975-BC9EBC22B6DE}) (Version: 2.7.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson FAX Utility (HKLM-x32\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.63.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM-x32\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 2.20.0000 - SEIKO EPSON Corp.)
EPSON Scan PDF Extensions (HKLM-x32\...\{F9956472-6E16-4F83-BF9A-F887EF4A45B7}) (Version: 1.03.0001 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{6DBD132B-7F42-4594-BBE7-0BB677EB2926}) (Version: 4.4.2 - SEIKO EPSON CORPORATION)
EPSON WF-2650 Series Printer Uninstall (HKLM\...\EPSON WF-2650 Series) (Version:  - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.78.328 - DVDVideoSoft Ltd.)
Free M4a to MP3 Converter 8.4 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 6.0.3.16 - IObit)
iTunes (HKLM\...\{554C62C7-E6BB-40F1-892B-F0AE02D3C135}) (Version: 12.5.3.17 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 112 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 92 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418092F0}) (Version: 8.0.920.14 - Oracle Corporation)
Java 8 Update 92 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218092F0}) (Version: 8.0.920.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
K-Lite Codec Pack 7.0.0 (Standard) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{328343FF-0466-4E8D-88EB-53CE3150AE11}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Designelemente) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Filmvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Filmvorlagen 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Filmvorlagen 4) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Filmvorlagen 5) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Filmvorlagen 6) (Version: 1.0.1.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Filmvorlagen) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Red Giant Chromatic Glow) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Red Giant Knoll Light Factory) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Red Giant Retrograde) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Designelemente) (HKLM\...\MX.{67025742-42D8-4E8D-92BF-3C001AA7C645}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Designelemente) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Individuelle Menüvorlagen) (HKLM\...\MX.{33AFBCF9-0338-494D-BAFD-1367B5BD5A30}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Individuelle Menüvorlagen) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Menüvorlagen 1) (HKLM\...\MX.{8BCE1A1B-3EB0-4DCB-8C9F-6D235CA493FC}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Menüvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Menüvorlagen 2) (HKLM\...\MX.{7D42CCF5-305C-49E7-9828-D89C05AEA82D}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Menüvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Ãœberblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH)
MAGIX Video deluxe 2016 Premium (Ãœberblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.102 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Medal of Honor Allied Assault (HKLM-x32\...\{0DEA94ED-915A-4834-A87E-388D012C8E02}) (Version:  - )
Microsoft .NET Framework 4.6.1 Hotfix Rollup (KB3120241) (HKLM\...\{46556DC7-EFC0-361E-832E-E0A9B0D2EFAB}) (Version: 4.6.01067 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Camera Codec Pack (HKLM\...\{F7930EE9-0929-439D-A57B-D40C2C69C890}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{4fd02573-5f12-4ae4-8027-c63f8e1115af}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version:  - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mp3tag v2.79 (HKLM-x32\...\Mp3tag) (Version: v2.79 - Florian Heidenreich)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - )
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Outils de vérification linguistique 2016 de Microsoft OfficeÂ*- Français (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
PixelNet - Meine Bilderwelt (HKLM-x32\...\PixelNet - Meine Bilderwelt) (Version: 5.1.1. - ORWO Net)
Plague Inc Evolved MULTi14 - ElAmigos Version 1.13.0 (HKLM-x32\...\{BDF7DD42-37BE-43A2-8F9C-44EE65466076}_is1) (Version: 1.13.0 - Ndemic Creations)
Platform (x32 Version: 1.34 - VIA Technologies, Inc.) Hidden
posterXXL Designer 5.3 (HKLM-x32\...\posterXXL Designer_is1) (Version:  - )
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31228 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.28.1 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.28.1 - Renesas Electronics Corporation) Hidden
Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Telegram Desktop version 1.0 (HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.0 - Telegram Messenger LLP)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version:  - Code Sector)
UseNeXT by Tangysoft (HKLM-x32\...\UseNeXT by Tangysoft_is1) (Version:  - Tangysoft Ltd.)
VIA Plattform-Geräte-Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinX DVD Author 6.3.7 (HKLM-x32\...\WinX DVD Author_is1) (Version:  - DigiartySoft, Inc.)
Wise Disk Cleaner 9.33 (HKLM-x32\...\Wise Disk Cleaner_is1) (Version: 9.33 - WiseCleaner.com, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03C207F9-0233-4110-BA44-AEFF503E8BE4} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {0968ECFD-0C3D-4AB4-AF1E-D7A5FF3574AA} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2011-02-28] ()
Task: {0CB631FF-F9FB-4806-913B-FE54BD7E5EA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {138FAEB9-0784-41CE-9A7B-878E7CA373C8} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {1DA697D9-89AD-440E-A3F6-FD7C86DDC35F} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-11-30] (IObit)
Task: {35AC1427-5FD0-485B-9625-9CB83B3359C1} - System32\Tasks\{7AEF934D-1A17-4F57-9438-37B70C108C66} => pcalua.exe -a C:\Users\Klaus\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones\SAMSUNG_USB_Driver_for_Mobile_Phones.exe -d C:\Users\Klaus\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones
Task: {35FC097A-789D-4CE9-8D09-82C25A48E151} - System32\Tasks\Uninstaller_SkipUac_Klaus => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2016-10-10] (IObit)
Task: {37DC5A61-C110-4E74-B4B0-D263F3684162} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {3B2ADB35-FB27-4BAE-86E4-BC21E4145521} - System32\Tasks\{E1F06918-E97A-4DB0-A704-7E6795236240} => pcalua.exe -a "C:\Program Files\Common Files\Noobzo\GNUpdate\smUninstall.exe"
Task: {447BF8BB-4F3C-4067-8F63-C3A6E29D4AAB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {4AEB58E8-9CB5-4BD6-81E2-113BD4331F65} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {57187ACC-7BB3-4107-83E1-7FDF5368CDDB} - System32\Tasks\Driver Booster SkipUAC (Klaus) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-12-22] (IObit)
Task: {58F35C51-A384-4FC8-9CC6-1CF4C78FB5D8} - System32\Tasks\EPSON WF-2650 Series Update {FABA556B-21FB-403E-BD42-FC2114FBE22C} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {6BDCDC22-8C69-47C1-87C7-6E860FA22301} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {76F28C59-93B6-4B5C-ADB1-3C3B2F5D2859} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-07] (Adobe Systems Incorporated)
Task: {7F8FEB6C-B918-4F6B-9F00-8C36B1212D96} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {81A36ACB-9807-4079-A598-809FD76EAE45} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {82E95715-2A71-468E-9B9A-EA9C77B6F9EE} - System32\Tasks\EPSON WF-2650 Series Update {C0112A23-007B-432D-8F6F-FA9503CCCA9F} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {8A4766DC-4F02-4991-A7B8-94EE466D391E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {8DF83C56-B2B3-4E6C-9984-AEED37A506E2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {8FF7DD45-60E6-4C0F-B94E-24A8B06A93CC} - System32\Tasks\EPSON WF-2650 Series Update {AC41C320-182E-4D3E-911E-AAF704407DDD} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {920CE08C-A63E-494B-961E-24BBFBB0BC02} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2016-07-16] (Microsoft Corporation)
Task: {96A99528-20FD-40E9-9C9A-08096A741B8C} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {A80FE49A-8B8E-43EC-AB39-5E7C56B67631} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {ABAE8372-07A9-4063-8CFD-17C97D045E80} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B7BD77F3-25B3-431E-BD0F-185BCAAD1947} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe [2017-01-07] (Adobe Systems Incorporated)
Task: {BEC69237-488D-43A6-884F-AB10CA1CAAE8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {C27FEDD3-26A3-49CB-9EAC-07164D89F29E} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {C35785DD-0B93-442F-82DD-9CBB21661F3D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {C7878158-87A8-4A5A-8F53-341276F6F97F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E1CD8A5F-15A3-42F0-A4BD-E88E43DC4D02} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {E40EA82D-9B0E-47B8-BAF5-F6B3B410419E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {FBE53766-6AA7-4260-8317-0D5BE43C1DC0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_186_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {AC41C320-182E-4D3E-911E-AAF704407DDD}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE :/EXE:{AC41C320-182E-4D3E-911E-AAF704407DDD} /F:Update  WORKGROUP\KLAUS-PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {C0112A23-007B-432D-8F6F-FA9503CCCA9F}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE :/EXE:{C0112A23-007B-432D-8F6F-FA9503CCCA9F} /F:Update  WORKGROUP\KLAUS-PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON WF-2650 Series Update {FABA556B-21FB-403E-BD42-FC2114FBE22C}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSMBE.EXE :/EXE:{FABA556B-21FB-403E-BD42-FC2114FBE22C} /F:Update  WORKGROUP\KLAUS-PC$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\UCBrowserUpdater.job => C:\Program Files (x86)\UCBrowser\Application\update_task.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Klaus.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Klaus\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-15 04:56 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-10-05 18:17 - 2016-10-05 18:17 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-12-15 04:56 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-23 11:27 - 2016-09-23 11:27 - 00959168 _____ () C:\Users\Klaus\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-09-23 12:03 - 2016-09-23 12:03 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-11 17:28 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-11 17:28 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-11 17:28 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-11 17:28 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-11 17:28 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-11 17:28 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-18 06:07 - 2017-01-18 06:07 - 00566439 _____ () C:\Users\Klaus\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2017-01-18 06:07 - 2017-01-18 06:07 - 04078962 _____ () C:\Users\Klaus\AppData\Local\JDownloader v2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2017-01-07 00:09 - 2016-12-08 09:03 - 02412888 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libglesv2.dll
2017-01-07 00:09 - 2016-12-08 09:03 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\55.0.2883.87\libegl.dll
2015-10-24 10:01 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\drivers:ucdrv-x64.sys [23652]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x64 [1479458]
AlternateDataStreams: C:\WINDOWS\system32\drivers:x86 [1205026]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\98752971.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\98752971.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)

HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\Software\Classes\.exe:  =>  <===== ACHTUNG

==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2016-05-20 08:20 - 2017-01-16 23:01 - 00003733 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD FUEL Service => 2
MSCONFIG\Services: BcmBtRSupport => 2
MSCONFIG\Services: Blackberry Device Manager => 3
MSCONFIG\Services: BrYNSvc => 3
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IObitUnSvr => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamNetworkSvc => 3
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: ProtexisLicensing => 2
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VIAKaraokeService => 2
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Corel Reminder => "C:\Program Files (x86)\Corel\Graphics10\Register\NAVBrowser.exe" /r /i "C:\Program Files (x86)\Corel\Graphics10\Register\NavLoad.ini"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: RIMBBLaunchAgent.exe => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
MSCONFIG\startupreg: ShadowPlay => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "Windows Mobile-based device management"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "BrStsMon00"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "VirtualCloneDrive"
HKLM\...\StartupApproved\Run32: => "XFastUsb"
HKLM\...\StartupApproved\Run32: => "CloneCDTray"
HKLM\...\StartupApproved\Run32: => "FUFAXSTM"
HKLM\...\StartupApproved\Run32: => "FUFAXRCV"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\StartupFolder: => "svchost.com.url"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "Amazon Cloud Drive"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "K6340MJR5Y"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "NBBI93937N"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "E21ZCY697U"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "WAZPWNA0WB"
HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\...\StartupApproved\Run: => "AlcoholAutomount"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [TCP Query User{7117C2F5-28E3-4682-8869-55FBDACB7FEC}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{977C23AA-7AB0-4B04-A70B-8C9C5B1997E5}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{25CE0E4C-24C7-4446-B66A-FAC5E1A2E201}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{43DFFE8B-4625-4704-A885-66A878F4E936}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{517C9FA1-579D-42B6-A784-15003BB15AAA}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{9789DE8E-68C2-476F-8D8C-92F231816F01}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => C:\program files (x86)\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{F661733F-5924-473D-9EA5-1B8E6626EA1B}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E4893C5B-B7B9-4173-A2A5-7A4871E17F05}C:\program files (x86)\google\chrome\application\chrome.exe] => C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{ACF42FD7-B18D-4269-8E85-CF80BBC9DDCC}C:\program files\itunes\itunes.exe] => C:\program files\itunes\itunes.exe
FirewallRules: [{D987DCBD-D3A9-4954-A87F-1BDAD283D061}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{586AF745-F22D-4FA0-BB0C-439D09EBAF34}] => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
FirewallRules: [{0F2563AF-3CE2-451B-A314-15725F423CBF}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{ED9F1030-E647-4688-9022-A940F34436AA}] => C:\Program Files (x86)\IObit\Driver Booster\DBDownloader.exe
FirewallRules: [{C7BB1319-7011-48C7-9231-B4F22656608D}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [{F4670494-2AF9-48B8-97F3-6938B9FD5502}] => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe
FirewallRules: [TCP Query User{9F924D5E-211D-4038-ABBE-5A2EB3C047F9}C:\program files (x86)\ea games\mohaa\mohaa.exe] => C:\program files (x86)\ea games\mohaa\mohaa.exe
FirewallRules: [UDP Query User{D0BF1CF8-FCF8-456A-B7EF-923913909B03}C:\program files (x86)\ea games\mohaa\mohaa.exe] => C:\program files (x86)\ea games\mohaa\mohaa.exe
FirewallRules: [{F0EE6EC3-D1F0-4354-83A0-0AB1C63F9D4E}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{514E4506-B6ED-40B4-B6AE-E8672CA018B4}] => C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{9594B8A3-E77B-4CB9-BB4A-B3CB11DC1342}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D2C02EC3-2F03-46A9-8B12-7EAA064BCB11}] => C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{8333ED40-B6D1-4B31-8610-ACD78A878248}] => C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{2AEC24B7-FCCB-4EAA-83A2-6A2F3DFF9F7A}] => C:\Windows\SysWOW64\dplaysvr.exe
FirewallRules: [{F6A1296C-63A2-4700-9137-A66A8E2AED6D}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

13-01-2017 13:24:56 Geplanter Prüfpunkt
14-01-2017 18:24:21 AcronisÂ*DiskÂ*DirectorÂ*12 wird installiert
16-01-2017 14:20:42 DirectX wurde installiert
16-01-2017 23:04:08 Removed Online.io Application
16-01-2017 23:07:42 Removed Online.io Application
16-01-2017 23:08:36 Removed Online.io Application

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (01/18/2017 06:39:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.14393.0, Zeitstempel: 0x57899082
Name des fehlerhaften Moduls: nvwgf2um.dll, Version: 21.21.13.7633, Zeitstempel: 0x584d974c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0016e1a1
ID des fehlerhaften Prozesses: 0xfb8
Startzeit der fehlerhaften Anwendung: 0x01d27148be6f14ed
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_3f929cc119e3b994\nvwgf2um.dll
Berichtskennung: 164240be-d0b2-42d8-8fe7-c5f636b289e7
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/18/2017 06:04:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (01/18/2017 06:01:39 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/01/18 06:01:39.164]: [00007100]: Initialize TwdsMain Class failed!

Error: (01/18/2017 06:01:39 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/01/18 06:01:39.163]: [00007100]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (01/18/2017 06:01:39 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/01/18 06:01:39.163]: [00007100]: GetDeviceList Failed! pStiInfo = 0x0..

Error: (01/18/2017 12:03:05 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/01/18 00:03:05.463]: [00007080]: Initialize TwdsMain Class failed!

Error: (01/18/2017 12:03:05 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/01/18 00:03:05.463]: [00007080]: ##### Fatal ERROR!! Create STI-device failed! #####

Error: (01/18/2017 12:03:05 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: TWN BrtTWN: [2017/01/18 00:03:05.462]: [00007080]: GetDeviceList Failed! pStiInfo = 0x0..

Error: (01/17/2017 11:54:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Bioshock.exe, Version: 1.0.0.0, Zeitstempel: 0x49baa642
Name des fehlerhaften Moduls: Bioshock.exe, Version: 1.0.0.0, Zeitstempel: 0x49baa642
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0055f825
ID des fehlerhaften Prozesses: 0x294
Startzeit der fehlerhaften Anwendung: 0x01d2710abbc3156d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\BioShock\Builds\Release\Bioshock.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\BioShock\Builds\Release\Bioshock.exe
Berichtskennung: 735e23c5-160d-47ab-9d28-b0162d646e0e
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (01/17/2017 07:49:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Bioshock.exe, Version: 1.0.0.0, Zeitstempel: 0x49baa642
Name des fehlerhaften Moduls: Bioshock.exe, Version: 1.0.0.0, Zeitstempel: 0x49baa642
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0055f825
ID des fehlerhaften Prozesses: 0xc34
Startzeit der fehlerhaften Anwendung: 0x01d270da47d96af0
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\BioShock\Builds\Release\Bioshock.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\BioShock\Builds\Release\Bioshock.exe
Berichtskennung: 47bc2fcf-2990-4b77-9cc6-f2cc37b599b3
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (01/18/2017 06:01:22 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (01/18/2017 06:01:09 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (01/18/2017 12:02:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Ultra Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "StarWind AE Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Message Queuing" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (01/18/2017 12:01:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "EPSON V3 Service4(06)" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2017-01-18 06:04:18.842
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-18 06:04:18.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\winhttp.dll because the set of per-page image hashes could not be found on the system.

  Date: 2017-01-17 19:57:17.925
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:29.597
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:29.592
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:29.554
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:29.548
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:29.536
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:29.531
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-17 08:57:25.788
  Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: AMD Phenom(tm) II X4 840 Processor
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8191.3 MB
Verfügbarer physikalischer RAM: 6018.98 MB
Summe virtueller Speicher: 24191.3 MB
Verfügbarer virtueller Speicher: 21286.04 MB

==================== Laufwerke ================================

Drive c: (SYSTEM) (Fixed) (Total:111.35 GB) (Free:42.41 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive e: (PRIVAT) (Fixed) (Total:931.51 GB) (Free:336.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 6A6D4800)
Partition 1: (Active) - (Size=111.4 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 1E364A96)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

# AdwCleaner v6.042 - Bericht erstellt am 18/01/2017 um 07:11:05
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-17.2 [Lokal]
# Betriebssystem : Windows 10 Pro  (X64)
# Benutzername : Klaus - KLAUS-PC
# Gestartet von : C:\Users\Klaus\Downloads\adwcleaner_6.042.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Dienst Gefunden: ucdrv


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden: HKU\S-1-5-21-3767151760-3652987525-2816545776-1001\Software\UCBrowser
Schlüssel Gefunden: HKCU\Software\UCBrowser
Schlüssel Gefunden: [x64] HKCU\Software\UCBrowser


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [7684 Bytes] - [03/10/2016 11:39:28]
C:\AdwCleaner\AdwCleaner[C2].txt - [37105 Bytes] - [17/01/2017 00:16:01]
C:\AdwCleaner\AdwCleaner[C3].txt - [2509 Bytes] - [17/01/2017 07:02:40]
C:\AdwCleaner\AdwCleaner[C4].txt - [1928 Bytes] - [17/01/2017 07:35:44]
C:\AdwCleaner\AdwCleaner[C5].txt - [2045 Bytes] - [17/01/2017 08:09:40]
C:\AdwCleaner\AdwCleaner[C6].txt - [1989 Bytes] - [17/01/2017 08:14:26]
C:\AdwCleaner\AdwCleaner[C7].txt - [2656 Bytes] - [17/01/2017 12:38:22]
C:\AdwCleaner\AdwCleaner[C8].txt - [2775 Bytes] - [18/01/2017 00:01:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [7114 Bytes] - [03/10/2016 11:38:44]
C:\AdwCleaner\AdwCleaner[S10].txt - [2618 Bytes] - [17/01/2017 12:15:29]
C:\AdwCleaner\AdwCleaner[S11].txt - [2691 Bytes] - [17/01/2017 12:37:47]
C:\AdwCleaner\AdwCleaner[S12].txt - [2853 Bytes] - [18/01/2017 00:01:38]
C:\AdwCleaner\AdwCleaner[S13].txt - [2985 Bytes] - [18/01/2017 07:05:09]
C:\AdwCleaner\AdwCleaner[S14].txt - [2243 Bytes] - [18/01/2017 07:11:05]
C:\AdwCleaner\AdwCleaner[S1].txt - [30181 Bytes] - [17/01/2017 00:13:01]
C:\AdwCleaner\AdwCleaner[S2].txt - [2438 Bytes] - [17/01/2017 07:02:24]
C:\AdwCleaner\AdwCleaner[S3].txt - [1783 Bytes] - [17/01/2017 07:20:38]
C:\AdwCleaner\AdwCleaner[S4].txt - [1962 Bytes] - [17/01/2017 07:34:13]
C:\AdwCleaner\AdwCleaner[S5].txt - [2122 Bytes] - [17/01/2017 08:08:51]
C:\AdwCleaner\AdwCleaner[S6].txt - [2134 Bytes] - [17/01/2017 08:12:22]
C:\AdwCleaner\AdwCleaner[S7].txt - [2414 Bytes] - [17/01/2017 08:16:50]
C:\AdwCleaner\AdwCleaner[S8].txt - [2367 Bytes] - [17/01/2017 08:31:44]
C:\AdwCleaner\AdwCleaner[S9].txt - [2546 Bytes] - [17/01/2017 08:36:29]

########## EOF - C:\AdwCleaner\AdwCleaner[S14].txt - [2975 Bytes] ##########