Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Win 8.1 MPC Cleaner lässt sich nicht entfernen (https://www.trojaner-board.de/177905-win-8-1-mpc-cleaner-laesst-entfernen.html)

Jan02 16.04.2016 16:43
Win 8.1 MPC Cleaner lässt sich nicht entfernen
 
Hallo, brauche Hilfe!

Habe mir den MPC Cleaner eingefangen und werde in mit adwcleaner nicht los!

Erstellung von Logfile mit frst 64-bit klappt nicht, gibt Fehlermeldung!

Jan02 16.04.2016 16:45
Logfile adwcleaner
 
Liste der Anhänge anzeigen (Anzahl: 1)
Code:
# AdwCleaner v5.111 - Bericht erstellt am 16/04/2016 um 17:20:01
# Aktualisiert am 14/04/2016 von Xplode
# Datenbank : 2016-04-15.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Jan - NOTEBOOK-JAN2
# Gestartet von : C:\Users\Jan\Downloads\adwcleaner_5.111.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****

[-] Dienst gelöscht : MPCProtectService
[-] Dienst gelöscht : MPCKpt

***** [ Ordner ] *****

[#] Ordner gelöscht : C:\Program Files (x86)\MPC Cleaner
[-] Ordner gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
[-] Ordner gelöscht : C:\Users\Jan\AppData\Local\csdi_monetize_120160408
[-] Ordner gelöscht : C:\Users\Jan\AppData\Local\csdi_monetize_220160408

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Public\Desktop\MPC Cleaner.lnk
[#] Datei gelöscht : C:\Windows\SysNative\drivers\MPCKpt.sys

***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\MPC

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [14503 Bytes] - [11/04/2016 18:33:16]
C:\AdwCleaner\AdwCleaner[C2].txt - [2030 Bytes] - [11/04/2016 18:42:38]
C:\AdwCleaner\AdwCleaner[C3].txt - [3310 Bytes] - [11/04/2016 18:47:47]
C:\AdwCleaner\AdwCleaner[C4].txt - [3334 Bytes] - [11/04/2016 18:53:31]
C:\AdwCleaner\AdwCleaner[C5].txt - [3672 Bytes] - [12/04/2016 20:39:46]
C:\AdwCleaner\AdwCleaner[C6].txt - [1773 Bytes] - [16/04/2016 17:20:01]
C:\AdwCleaner\AdwCleaner[S1].txt - [15330 Bytes] - [11/04/2016 18:29:51]
C:\AdwCleaner\AdwCleaner[S2].txt - [1794 Bytes] - [11/04/2016 18:37:07]
C:\AdwCleaner\AdwCleaner[S3].txt - [3029 Bytes] - [11/04/2016 18:45:55]
C:\AdwCleaner\AdwCleaner[S4].txt - [3058 Bytes] - [11/04/2016 18:51:53]
C:\AdwCleaner\AdwCleaner[S5].txt - [3204 Bytes] - [11/04/2016 20:03:09]
C:\AdwCleaner\AdwCleaner[S6].txt - [3391 Bytes] - [12/04/2016 20:37:52]
C:\AdwCleaner\AdwCleaner[S7].txt - [2095 Bytes] - [16/04/2016 17:18:51]

########## EOF - C:\AdwCleaner\AdwCleaner[C6].txt - [2358 Bytes] ##########

burningice 17.04.2016 23:27
:hallo:
Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen.

Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
  • Bitte lies meine Posts komplett durch bevor du sie abarbeitest
  • Wenn ein Problem auftauchen sollte oder dir etwas unklar ist, unterbreche deine Arbeit und beschreibe es so genau wie möglich.
  • Bitte kein Crossposting
  • Installiere oder Deinstalliere keine Software ohne Aufforderung
  • Bitte verwende nur die Tools, welche hier im Thread erwähnt werden und führe sie nur gemäß Anweisung aus
  • Bitte antworte innerhalb von 24h um eine sinnvolle Bereinigung zu ermöglichen
  • Poste die Logs immer in CODE-Tags (#-Button), zur Not die Logs einfach aufteilen
  • Wichtig: Nur weil dein Problem mit einem Schritt plötzlich behoben ist, bedeutet das nicht, dass dein PC auch sauber ist. Mache solange weiter, bis ich dir sage, dass dein PC "clean" ist
  • Wenn ich dir nicht binnen 36h antworte, sende mir bitte eine persönliche Nachricht!
Los geht's :abklatsch:

Sollte jetzt funktionieren.
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Jan02 18.04.2016 15:54
FRST.txt
 
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (18-04-2016 16:47:01)
Gestartet von C:\Users\Jan\Downloads
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray.exe
(DotC United Inc) C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Astonsoft) C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM\...\Run: [IDSCCOMQG8] => "C:\Program Files\Sound+\idsccom_QG8.exe"
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM-x32\...\Run: [sun21] => [X]
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2015-09-20]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Kein Name -> {E6E66045-E911-4C01-961D-42387CF12080} -> C:\Users\Jan\AppData\LocalLow\Browser-Security\safe_url.dll => Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "search.mpc.am"
CHR DefaultSearchURL: Default -> hxxp://www-searching.com/search.aspx?s=G4Azbwybl003,3d5c3fcf-4a9d-4532-8a26-aa6841790ff9,&prd=smw&q={searchTerms}
CHR DefaultSearchKeyword: Default -> www-searching.com
CHR DefaultSuggestURL: Default -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-09]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-09]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-27]
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-03-16]
CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Google Tabellen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-09]
CHR Extension: (Google Docs Offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-09]
CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-09]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MPCProtectService; C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe [350688 2016-04-10] (DotC United Inc)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] ()
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R1 MPCKpt; C:\Windows\System32\DRIVERS\MPCKpt.sys [60136 2016-04-10] (DotC United Inc)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 16:47 - 2016-04-18 16:47 - 00022509 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-18 16:47 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-18 16:38 - 2016-04-18 16:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:21 - 2016-04-18 16:38 - 00001705 _____ C:\Users\Public\Desktop\MPC Cleaner.lnk
2016-04-16 17:18 - 2016-04-16 17:18 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 19:00 - 2016-04-11 19:00 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:27 - 2016-04-10 16:46 - 00000000 ____D C:\Program Files (x86)\MPC Cleaner
2016-04-10 16:27 - 2016-04-10 16:27 - 00060136 ____N (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-04-10 16:26 - 2016-04-18 16:38 - 00000378 _____ C:\Windows\Tasks\FYJHMJXE1.job
2016-04-10 16:26 - 2016-04-18 16:38 - 00000366 ____H C:\Windows\Tasks\KHEIGTSHJRHYMLJD.job
2016-04-10 16:26 - 2016-04-10 16:26 - 00003370 _____ C:\Windows\System32\Tasks\KHEIGTSHJRHYMLJD
2016-04-10 16:26 - 2016-04-10 16:26 - 00002892 _____ C:\Windows\System32\Tasks\FYJHMJXE1
2016-04-10 16:26 - 2016-04-10 16:26 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2016-04-10 16:23 - 2016-04-10 16:23 - 00000000 ____D C:\Users\Jan\AppData\Local\brsrv
2016-04-10 16:22 - 2016-04-10 16:22 - 00003462 _____ C:\Windows\System32\Tasks\bvyvave
2016-04-10 16:20 - 2016-04-11 18:25 - 00000000 ____D C:\Program Files\Uboxva
2016-04-10 16:20 - 2016-04-11 18:24 - 00000000 ____D C:\Users\Jan\AppData\Roaming\DecfMegb
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Jaynew
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Itepe
2016-04-10 16:20 - 2016-04-10 16:20 - 00000000 ____D C:\Program Files\Common Files\Soobzo
2016-04-10 16:19 - 2016-04-11 18:25 - 00000000 ____D C:\Program Files\Uhhiwesoif
2016-04-10 16:19 - 2016-04-11 18:24 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NiryFepja
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00023164 _____ C:\Windows\System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F}
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\Users\Jan\AppData\LocalLow\Company
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00205502 _____ C:\Users\Jan\AppData\Roaming\inst.lat
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:17 - 2016-04-10 16:20 - 00016992 _____ C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml
2016-04-10 16:17 - 2016-04-10 16:17 - 00001994 _____ C:\Windows\System32\Tasks\kze3024
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-10 16:16 - 2016-03-04 16:13 - 00046352 _____ (zdengine) C:\Windows\system32\Drivers\zdwfp64.sys
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\AviraSpeedup
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 10:30 - 00000000 ____D C:\Users\Jan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer
2016-03-24 18:58 - 2016-03-24 18:58 - 06868672 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup516.exe
2016-03-23 11:36 - 2016-03-23 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-23 11:36 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-23 11:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:36 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:36 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-23 11:36 - 2016-01-31 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:36 - 2016-01-31 18:20 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-03-23 11:35 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-03-23 11:35 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-03-23 11:35 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-23 11:35 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-03-23 11:35 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-03-23 11:35 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-03-23 11:35 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-23 11:35 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-03-23 11:35 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-03-23 11:35 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-23 11:35 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-03-23 11:35 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-03-23 11:35 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-03-23 11:35 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-03-23 11:35 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-23 11:35 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-23 11:35 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:35 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-03-23 11:35 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-23 11:35 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-23 11:35 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:34 - 2016-02-11 22:17 - 07452504 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-03-23 11:34 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-03-23 11:34 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-03-23 11:34 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-03-23 11:34 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-03-23 11:34 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-03-23 11:34 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-03-23 11:34 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-03-23 11:34 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-23 11:34 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-03-23 11:34 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-23 11:34 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-03-23 11:34 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-23 11:34 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-23 11:34 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-23 11:34 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-03-23 11:34 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-03-22 18:08 - 2016-03-24 18:58 - 00000838 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 18:08 - 2016-03-22 18:08 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 18:05 - 2016-03-22 18:07 - 05600464 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup515_slim.exe
2016-03-22 16:58 - 2016-03-22 16:58 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iPod
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-22 12:36 - 2016-03-22 12:36 - 00036872 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-03-20 10:00 - 2016-03-20 10:00 - 00000000 ____D C:\Users\Jan\AppData\Local\ElevatedDiagnostics

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:45 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 16:43 - 2015-08-09 08:50 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:41 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 16:39 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-18 16:38 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-18 16:38 - 2015-06-17 21:46 - 06134554 _____ C:\Windows\system32\perfh007.dat
2016-04-18 16:38 - 2015-06-17 21:46 - 01767938 _____ C:\Windows\system32\perfc007.dat
2016-04-18 16:38 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-17 19:17 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:21 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-16 17:21 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-16 17:19 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-16 17:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-16 11:55 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-12 20:27 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-12 20:27 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-11 20:20 - 2015-01-12 16:02 - 00000000 ____D C:\ProgramData\Package Cache
2016-04-11 19:01 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-11 18:33 - 2015-07-15 18:58 - 00001007 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-10 21:14 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-10 16:03 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:41 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help
2016-03-27 19:03 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-03-23 13:08 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-03-23 11:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-23 10:48 - 2015-08-30 12:46 - 00000000 ____D C:\Users\Jan\Documents\SelfMV
2016-03-22 22:19 - 2015-07-15 18:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-22 16:58 - 2015-08-30 11:41 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0205502 _____ () C:\Users\Jan\AppData\Roaming\inst.lat
2016-04-10 16:17 - 2016-04-10 16:20 - 0016992 _____ () C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml
2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\avgnt.exe
C:\Users\Jan\AppData\Local\Temp\libeay32.dll
C:\Users\Jan\AppData\Local\Temp\msvcr120.dll
C:\Users\Jan\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:27

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-18 16:48:04)
Gestartet von C:\Users\Jan\Downloads
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.7.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.7.2 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {3E040F3E-D48C-4283-BB54-133925E85229} - System32\Tasks\bvyvave => C:\Users\Jan\AppData\Local\bvyvave\bvyvave.exe <==== ACHTUNG
Task: {3F1E436C-B12B-4114-A9C6-3A75DD201433} - \SMW_UpdateTask_Time_333133353639353036342d782d233257574a5a4145502a -> Keine Datei <==== ACHTUNG
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
Task: {5C7DEF6E-C255-47E8-A244-E16C497D9280} - System32\Tasks\KHEIGTSHJRHYMLJD => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG
Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2014-06-09] (Acer Incorporated)
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {781AD9BE-5F36-4DE3-A507-D1DAB84B88D1} - System32\Tasks\FYJHMJXE1 => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ACHTUNG
Task: {7B7A6F69-F46E-4842-9E46-B4D2EBBC0AEC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\Program Files\Uboxva\Karagir.bat [2016-04-10] () <==== ACHTUNG
Task: {8D0F8506-F40D-4D6E-B7F9-14627F7E88C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {B303C568-174D-4788-80EF-078CF1C15247} - System32\Tasks\kze3024 => C:\Program Files (x86)\QuickSearch\kze3024.exe <==== ACHTUNG
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {F2E799D9-458D-4D15-849A-AA3C3F58B1C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FYJHMJXE1.job => C:\ProgramData\TomorrowGames\TomorrowGames.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\KHEIGTSHJRHYMLJD.job => C:\ProgramData\Service1104\Service1104.exe <==== ACHTUNG

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{F24EE0AA-B72B-458C-BCB3-4E0CADF7D11A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{36A05272-949B-4C73-94FE-26F0E88A2BF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6952E90F-9621-4E14-93EF-320179FA7305}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9944506F-9840-4F2D-B081-3CE0D904C7B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D2FBCEE5-C32F-4A02-97CD-2B2A0D2ECFAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:18:29 Removed Microsoft Silverlight
16-04-2016 17:11:28 Removed QuickTime 7

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/18/2016 04:38:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 12:20:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1157

Error: (04/16/2016 12:20:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1157

Error: (04/16/2016 12:20:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/16/2016 11:52:38 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/17/2016 07:20:34 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/17/2016 07:20:34 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/16/2016 05:20:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3

Error: (04/16/2016 05:20:30 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Security" aufgrund folgenden Fehlers fehlgeschlagen:
%%5

Error: (04/16/2016 05:20:01 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "DeleteFlag" aufgrund folgenden Fehlers fehlgeschlagen:
%%5


CodeIntegrity:
===================================
  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:40.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5604.42 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 14405.8 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:141.66 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice 19.04.2016 00:33
Glückwunsch - hier gibt es was zu tun :blabla:

Schritt: 1
Lade dir folgendes Programm herunter und installiere es: http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung
  • Klicke auf die Einstellungen / Erkennung und Schutz und setze dabei den Haken bei "Nach Rootkits suchen"
  • Klicke im Anschluss auf Durchsuchen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Suchlaufprotokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt: 2
Download von https://sites.google.com/site/canned...b27e2-Zoek.png ZOEK (by Smeenk)
  • Speichere die zoek.exe auf dem Desktop.
  • Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
  • Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
  • Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:
    Code:
    iedefaults;
    FFdefaults;
    chrdefaults;
    emptyclsid;
    autoclean;
  • Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
  • Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
  • Bitte poste mir das zoek-results.log.

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Jan02 19.04.2016 14:12
mbam.txt
 
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 19.04.2016
Suchlaufzeit: 13:09
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.04.19.04
Rootkit-Datenbank: v2016.04.17.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Jan

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 358996
Abgelaufene Zeit: 25 Min., 44 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Deaktiviert
Rootkits: Aktiviert
Heuristik: Deaktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 3
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, 1220, Löschen bei Neustart, [f1bf7b355940a1950ff392642ad7a060]
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, 4020, Löschen bei Neustart, [8b25f2be0e8b3afcc43e0de944bdbf41]
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, 3152, Löschen bei Neustart, [2b85cce4a0f97eb891716d89d0312ad6]

Module: 36
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [a10f8f21306911256d95589e2cd5aa56],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [a10f8f21306911256d95589e2cd5aa56],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [8e229f111782d75f0af86591f70a9b65],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [e1cfa60a7821d5610af8e01681800bf5],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [e1cfa60a7821d5610af8e01681800bf5],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [446c7c34b7e2a59154aed125748d38c8],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [446c7c34b7e2a59154aed125748d38c8],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [b5fb4769a2f7f14518ea6e88bc45fd03],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [1898961a722774c29969af475ba621df],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [327eb5fb14856cca48ba03f3a160c43c],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [159b684827722a0ccc36de1826db06fa],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [f4bc0da39dfc70c6689ab93d847dc739],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [3e72763af3a6ce6841c1b83e3ec37c84],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [446c06aabfda86b06a982fc71de47987],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [416f555bf5a4e650c83a698d30d10df3],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [951b03ada7f2102619e938bee31e1de3],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [545cf1bf871288aea062cc2aad54e020],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [3a762888c0d968ce12f06690788916ea],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],

Registrierungsschlüssel: 23
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCProtectService, Löschen bei Neustart, [f1bf7b355940a1950ff392642ad7a060],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [9a169b157623d561fb9b04f06e94e818],
PUP.Optional.Wajam, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [8b257e32dabf0a2c4c4a569e8082da26],
PUP.Optional.Wajam, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\56BF5154-0B48-4ADB-902A-6C8B12E270D9, In Quarantäne, [dcd4f0c0920747ef8a0c24d027db3dc3],
PUP.Optional.YesSearches, HKU\S-1-5-18\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, In Quarantäne, [565ab9f74b4eb97d2053f3cc3ac823dd],
PUP.Optional.YesSearches, HKLM\SOFTWARE\{A16B1AF7-982D-40C3-B5C1-633E1A6A6678}, In Quarantäne, [4a66f3bd25749b9bf57e952a34cef709],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, In Quarantäne, [5759efc198013303430d4b424bb9f60a],
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\UBOXVA, In Quarantäne, [b2fec9e78e0bdf57574cecbf6b99f907],
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , In Quarantäne, [29877f312772c5716311b7962cd8cb35],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E040F3E-D48C-4283-BB54-133925E85229}, Löschen bei Neustart, [e5cbcfe14e4b1f17b57afdad887c60a0],
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3F1E436C-B12B-4114-A9C6-3A75DD201433}, Löschen bei Neustart, [f7b96c4490095cda007b772a36ce06fa],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{781AD9BE-5F36-4DE3-A507-D1DAB84B88D1}, Löschen bei Neustart, [8828b8f858416bcb07dac1e951b3827e],
PUP.Optional.Komodia.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B303C568-174D-4788-80EF-078CF1C15247}, Löschen bei Neustart, [f2be426e475292a41576e0cb11f30bf5],
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\bvyvave, Löschen bei Neustart, [d6da7e323b5e8aac210fa00a956fc13f],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\FYJHMJXE1, Löschen bei Neustart, [2e82a50bf3a6ff371dc5b0fa28dc659b],
PUP.Optional.Komodia.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\kze3024, Löschen bei Neustart, [d2de9e129108de58bad255561be9bc44],
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_UpdateTask_Time_333133353639353036342d782d233257574a5a4145502a, Löschen bei Neustart, [98182b85e9b0aa8ce54c261be02340c0],
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [842c416f9009290d7843122611f26a96],
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\WOW6432NODE\{9E6892AE-EDB8-490A-9FDD-5A9770E7909E}, In Quarantäne, [3e72f3bdb8e13105c789147931d306fa],
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\UBOXVA, In Quarantäne, [cbe5d3ddc7d22214c1e25952c2425da3],
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC, Löschen bei Neustart, [4a66feb28811b086c2362f73ff059b65],
PUP.Optional.PCSpeedUp, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\PCSUUCDRV, In Quarantäne, [456b80305445d2640f279d9f81837090],
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT, Löschen bei Neustart, [a10fbdf398010e28a5544d55b153b64a],

Registrierungswerte: 16
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\Uboxva|installer_name, vbates_tfpcdeex-00-1_.exe, In Quarantäne, [b2fec9e78e0bdf57574cecbf6b99f907]
PUP.Optional.Trovi, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 131047717054696425, In Quarantäne, [29877f312772c5716311b7962cd8cb35]
PUP.Optional.SearchProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3E040F3E-D48C-4283-BB54-133925E85229}|Path, \bvyvave, Löschen bei Neustart, [e5cbcfe14e4b1f17b57afdad887c60a0]
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{3F1E436C-B12B-4114-A9C6-3A75DD201433}|Path, \SMW_UpdateTask_Time_333133353639353036342d782d233257574a5a4145502a, Löschen bei Neustart, [f7b96c4490095cda007b772a36ce06fa]
PUP.Optional.CouponMarvel, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{781AD9BE-5F36-4DE3-A507-D1DAB84B88D1}|Path, \FYJHMJXE1, Löschen bei Neustart, [8828b8f858416bcb07dac1e951b3827e]
PUP.Optional.Komodia.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B303C568-174D-4788-80EF-078CF1C15247}|Path, \kze3024, Löschen bei Neustart, [f2be426e475292a41576e0cb11f30bf5]
PUP.Optional.IDSCProduct, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IDSCCOMQG8, "C:\Program Files\Sound+\idsccom_QG8.exe", In Quarantäne, [baf6a10f5346b581bb478a210afa2bd5]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.yessearches.com/?ts=AHEqA34sC3MmAE..&v=20160405&uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&mode=ffsengext, In Quarantäne, [842c416f9009290d7843122611f26a96]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.yessearches.com/?ts=AHEqA34sC3MmAE..&v=20160405&uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&mode=ffsengext, In Quarantäne, [8729fcb431688aacc1fa3107768d07f9]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.yessearches.com/chrome.php?uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&q={searchTerms}&ts=AHEqA34sC3MmAE..&v=20160405&mode=ffsengext, In Quarantäne, [713faa06cdcca78fb00bf6427a890bf5]
PUP.Optional.YesSearches, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.yessearches.com/chrome.php?uid=A506813BB05C8D8E37AA5C12E79A62A2&ptid=wak&ts=AHEqA34sC3MmAE..&v=20160405&mode=ffexttoolbar&q=, In Quarantäne, [9e12397783167cbaf7c46ccc7192b749]
PUP.Optional.VBates.Gen, HKLM\SOFTWARE\WOW6432NODE\Uboxva|installer_name, vbates_tfpcdeex-00-1_.exe, In Quarantäne, [cbe5d3ddc7d22214c1e25952c2425da3]
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|sun21, In Quarantäne, [48686b455b3e8babc3ed059f8e76c43c],
PUP.Optional.MorePowerfulCleaner, HKLM\SOFTWARE\WOW6432NODE\MPC|Location, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [4a66feb28811b086c2362f73ff059b65]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCKPT|Description, MPC Driver, Löschen bei Neustart, [a10fbdf398010e28a5544d55b153b64a]
PUP.Optional.MorePowerfulCleaner, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MPCPROTECTSERVICE|ImagePath, "C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe", Löschen bei Neustart, [a60ab00031686ccae4f460435ba908f8]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 25
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product\1.0, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9],
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9],
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC, In Quarantäne, [bdf36c4425742610ec443269996bcf31],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.Goobzo, C:\Users\Jan\AppData\Local\brsrv, In Quarantäne, [07a9723ecbcef93db93540f2d82bc040],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\libraries, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],

Dateien: 218
PUP.Optional.MorePowerfulCleaner, C:\WINDOWS\SYSTEM32\drivers\MPCKpt.sys, Löschen bei Neustart, [b66a551d00e41d5416f4cb5497926238],
PUP.Optional.Komodia, C:\WINDOWS\SYSTEM32\drivers\zdwfp64.sys, Löschen bei Neustart, [a767ff3670b7349e961687c29ea9054e],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll.dll, Löschen bei Neustart, [02ae06aac1d8d363d230698d35cc4eb2],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCProtectService.exe, Löschen bei Neustart, [f1bf7b355940a1950ff392642ad7a060],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LpcManager.dll, Löschen bei Neustart, [a10f8f21306911256d95589e2cd5aa56],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\WinService.dll, Löschen bei Neustart, [8e229f111782d75f0af86591f70a9b65],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XProcessBus.dll, Löschen bei Neustart, [e1cfa60a7821d5610af8e01681800bf5],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Report.dll, Löschen bei Neustart, [446c7c34b7e2a59154aed125748d38c8],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray.exe, Löschen bei Neustart, [8b25f2be0e8b3afcc43e0de944bdbf41],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XBus.dll, Löschen bei Neustart, [b5fb4769a2f7f14518ea6e88bc45fd03],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\TrayFrame.dll, Löschen bei Neustart, [1898961a722774c29969af475ba621df],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Monitor.dll, Löschen bei Neustart, [327eb5fb14856cca48ba03f3a160c43c],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Database.dll, Löschen bei Neustart, [159b684827722a0ccc36de1826db06fa],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\LogReport.dll, Löschen bei Neustart, [f4bc0da39dfc70c6689ab93d847dc739],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\BrowserPlugIn.dll, Löschen bei Neustart, [3e72763af3a6ce6841c1b83e3ec37c84],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Cleaner.dll, Löschen bei Neustart, [446c06aabfda86b06a982fc71de47987],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeProtect.dll, Löschen bei Neustart, [416f555bf5a4e650c83a698d30d10df3],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Update.dll, Löschen bei Neustart, [951b03ada7f2102619e938bee31e1de3],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Web.dll, Löschen bei Neustart, [545cf1bf871288aea062cc2aad54e020],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi.dll, Löschen bei Neustart, [3a762888c0d968ce12f06690788916ea],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCTray64.exe, Löschen bei Neustart, [2b85cce4a0f97eb891716d89d0312ad6],
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Byidf.dll, In Quarantäne, [b4fccce4debbb185ad683add3cc6fa06],
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Byidf64.dll, In Quarantäne, [6c444e620495f343986c4dca1fe3c53b],
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Ezouhti64.dll, In Quarantäne, [5b558e227a1fe74f1ef8ef28c939639d],
Adware.PennyBee, C:\Program Files\Uboxva\nfregdrv64.exe, In Quarantäne, [dbd5921eb7e23501f41ff91e9b6705fb],
PUP.Optional.VBates, C:\Program Files\Uboxva\prc.exe, In Quarantäne, [a808ac04cecba690938468c93acb7789],
Adware.PennyBee.WnskRST, C:\Program Files\Uboxva\Wemved64.dll, In Quarantäne, [dfd18828e4b5ee488d758394b74bbf41],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MpcSafeDll64.dll, Löschen bei Neustart, [ac04397767323ff7768c7d79ca37b947],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MainFrame.dll, In Quarantäne, [763a1f91eeab0432a65ccb2be71ad927],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPC.exe, In Quarantäne, [941c04ac2e6b40f63bc7985e9a675da3],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCAutoClean.exe, In Quarantäne, [5858456b8217d06607fb9e58669b52ae],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCNews.exe, In Quarantäne, [1a96377944550630e51daf471de4f30d],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSecurity.exe, In Quarantäne, [8f21258b1f7a92a450b2e0165fa23cc4],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\MPCSetting.exe, In Quarantäne, [4769e2cee7b2d75fff03a74f24ddb947],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SafeNavi64.dll, Löschen bei Neustart, [852b47694b4ec571689ae1153dc4629e],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\SetupFrame.dll, In Quarantäne, [77392e8251489a9c52b05a9c0cf5bd43],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Uninstall.exe, In Quarantäne, [7a368e22bfdacf67b84a9264ea172cd4],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstallFrame.dll, In Quarantäne, [a70906aa1287d85e25dd50a619e8748c],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UninstDelete.exe, In Quarantäne, [2d838c24742541f5d72b50a6b849ac54],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\UpdateHost.exe, In Quarantäne, [fab6624e435646f0ee145b9b07fa19e7],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Upgrade.dll, In Quarantäne, [753bbdf3d8c15ed820e26f8748b92bd5],
PUP.Optional.StartSurf, C:\Users\Jan\AppData\Local\Temp\03b1a18b.a, In Quarantäne, [842cc3edd3c6e84e87dc766eac55d52b],
Adware.IStartSurf, C:\Users\Jan\AppData\Local\Temp\03b1ab00.a, In Quarantäne, [dbd5b3fda0f97abcc8c9e5203fc39f61],
Trojan.Graftor, C:\Users\Jan\AppData\Local\Temp\Install_31631\ins_PEEDGE.exe, In Quarantäne, [446c0da3b0e91125c437a9b2bd431de3],
PUP.Optional.PCSpeedUp, C:\Users\Jan\AppData\Local\Temp\LVE5XT251\LVE5XT251.exe, In Quarantäne, [7937d4dcd3c6de5872b46be635cc6e92],
PUP.Optional.Goobzo, C:\Users\Jan\AppData\Local\brsrv\brsrv.exe, In Quarantäne, [f0c0b2feb0e973c3aa0378b52fd607f9],
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_chrome.exe.cache, In Quarantäne, [cfe1d8d88a0fa096f492034050b458a8],
PUP.Optional.SearchModule, C:\Windows\Temp\SM_cache_iexplore.exe.cache, In Quarantäne, [f0c02c84227772c4a9dd40037c8841bf],
PUP.Optional.FakeIELaunch, C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet-Explorer Browser.lnk, In Quarantäne, [20904c64990041f58c8fc993b3514ab6],
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9],
PUP.Optional.VBates, C:\Users\Jan\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt, In Quarantäne, [b3fd7a366138c96d333e96c8e12307f9],
PUP.Optional.MorePowerfulCleaner, C:\Users\Public\Desktop\MPC Cleaner.lnk, In Quarantäne, [4967bdf3c8d1c5711a156b30e61ea35d],
PUP.Optional.MorePowerfulCleaner, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC\MPC Cleaner.lnk, In Quarantäne, [bdf36c4425742610ec443269996bcf31],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.yes, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\snh.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdbWinUsbApi.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AdcManager.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\AndriodServer.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CeBase.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\CrashReport.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\dbgkpt.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Decode.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT.manifest, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcm90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcp90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\msvcr90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Support.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\symsrv.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Utility.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\wfhxte.dat, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\xadb.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\XSkin.dll, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\ymlct, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCBase_32.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.inf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_32.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_vista_64.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Drivers\MPCKpt_xp_32.sys, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\Clean.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\PlugIn.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\as.db, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\cf.db, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\run.db, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Config\DB\st.db, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Exe\ADC_qd00000.exe, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_gray.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\ad_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\g9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\q9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\r9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_gray.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\sys_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y1.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y10.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y11.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y12.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y2.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y3.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y4.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y5.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y6.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y7.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y8.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\y9.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{08DA4B46-E0EB-4B4D-8C8B-558C967AF6C5}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{22A8D5A3-F368-4C6B-BF4D-3C901EBCF242}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{3F9A707D-2C36-4344-8621-B8E4ADC95C18}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{ADC520A9-B4B3-791E-B149-845C11673CB0}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{CDA529A9-B1B3-793E-B449-845C11673CB5}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{D8EC46AF-529F-4636-963B-C086429C73DA}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{DE37CD8C-DE7B-481F-A676-303ABAFBEE04}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{EDA029A1-B5BA-793E-B649-875C18673CC5}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{F154C596-75A9-4028-90E8-9752BD7CA05B}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\search_{FDA029A2-A5BA-797E-B689-875E18673FC2}.ico, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SearchIcon\toasts_waring.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcapp.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\adcweb.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\block.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\home.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\ie.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SgIcon\search.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\AR_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\Bp_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SpeedUp_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\SVC_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_green.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_org.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Image\SoIcon\TSK_red.png, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\Microsoft.VC90.CRT.manifest, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcm90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcp90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Microsoft.VC90.CRT\msvcr90.dll, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Cleaner\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\CrashReport\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\News\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Lang.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Tray\Skin.xf, Löschen bei Neustart, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Lang.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.MorePowerfulCleaner, C:\Program Files (x86)\MPC Cleaner\Skin\Uninstall\Skin.xf, In Quarantäne, [634d9b152e6b82b48ff19dfec24253ad],
PUP.Optional.Komodia, C:\Windows\Temp\zdengine.log, In Quarantäne, [852bbff17d1cf83ec6dfe9b6ad57619f],
PUP.Optional.Linkury, C:\Users\Jan\AppData\Roaming\inst.lat, In Quarantäne, [edc3bcf4e8b19b9bbf6d57536a9abc44],
PUP.Optional.SearchProtect, C:\Windows\System32\Tasks\bvyvave, In Quarantäne, [f0c0862a4851c2746bc2bded8e76cb35],
PUP.Optional.CouponMarvel, C:\Windows\System32\Tasks\FYJHMJXE1, In Quarantäne, [ecc48b255940c0769e41e4c622e2867a],
PUP.Optional.CouponMarvel, C:\Windows\Tasks\FYJHMJXE1.job, In Quarantäne, [1f91486805945cda11cf2189a65eed13],
PUP.Optional.Komodia.Gen, C:\Windows\System32\Tasks\kze3024, In Quarantäne, [931da20e8217ec4a0782a407927204fc],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\rlz_id.dll, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\sma.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\smci64.dll, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\smi32.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\smi64.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.Goobzo.Gen, C:\Program Files\Common Files\Soobzo\GDUpdate\SMUninstall.exe, In Quarantäne, [cce46b4579200432f65f1a19d52e41bf],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\tree.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Byidf.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Byidf64.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\config.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Ezouhti64.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Karagir.bat, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\nfregdrv64.exe, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\setup.ico, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Wemved.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\Wemved64.dll, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\wlist.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\libraries\DataExchangeScript.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\config.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\LocalScript.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\uninstall.html, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.VBates.BrwsrFlsh, C:\Program Files\Uboxva\resources\wlist.js, In Quarantäne, [cee2e8c8adecea4c9eb37bf08e77ff01],
PUP.Optional.Linkury.ACMB1, C:\Users\Jan\AppData\Roaming\InstallationConfiguration.xml, In Quarantäne, [0aa6a70982176ec8a08890db689d3bc5],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
Code:
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Jan on 19.04.2016 at 14:50:32,86.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jan\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

19.04.2016 14:51:58 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\McAfee deleted successfully
C:\Program Files\Uhhiwesoif deleted successfully
C:\PROGRA~3\WinZip deleted successfully
C:\Users\Jan\AppData\Roaming\DecfMegb deleted successfully
C:\Users\Jan\AppData\Roaming\NiryFepja deleted successfully
C:\Users\Jan\AppData\Roaming\Phase6 deleted successfully
C:\Users\Jan\AppData\Local\AviraSpeedup deleted successfully
C:\Users\Jan\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Jan\AppData\Local\EmieSiteList deleted successfully
C:\Users\Jan\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E6E66045-E911-4C01-961D-42387CF12080} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Classes\Software\Microsoft\Internet Explorer\Approved Extensions\{990999BC-8BF7-4726-9609-A3EBABF627A0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_USERS\S-1-5-21-489078762-871934448-399521353-1001\Software\Classes\Software\Microsoft\Internet Explorer\Approved Extensions\{D3CB5957-3359-4F29-aC50-E6C666F53059} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\prefs.js:

Added to C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\windows\SysNative\Tasks\KHEIGTSHJRHYMLJD deleted
C:\windows\SysNative\Tasks\Software Update Application deleted
C:\Windows\tasks\KHEIGTSHJRHYMLJD.job deleted
C:\PROGRA~3\19a87fa1ec024bbcbb41931263354405 deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Jan\AppData\Local\3810282D-6C19-47B0-8283-5C6C29A7E108 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Public\Documents\dmp deleted
C:\Users\Jan\AppData\LocalLow\Company deleted
C:\Users\Jan\Documents\Add-in Express deleted

==== Orphaned Tasks deleted from Registry ======================

Software Update Application deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
- Segurana do navegador Avira - %ProfilePath%\extensions\abs@avira.com.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[08.01.2016 11:47]

Skype - Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="https://search.avira.net/#web/result?source=art&q="
"Search Page"="https://search.avira.net/#web/result?source=art&q="
"Start Page"="https://search.avira.net/#web/result?source=art&q="
"Default_Page_URL"="https://search.avira.net/#web/result?source=art&q="
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{A3782EB2-C684-409E-A3C8-C932D426AFD5}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://search.avira.net/#web/result?source=art&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{A3782EB2-C684-409E-A3C8-C932D426AFD5}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{A3782EB2-C684-409E-A3C8-C932D426AFD5} - hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{A3782EB2-C684-409E-A3C8-C932D426AFD5}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\Wow6432Node\SearchScopes\{A3782EB2-C684-409E-A3C8-C932D426AFD5} - hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - hxxp://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{A3782EB2-C684-409E-A3C8-C932D426AFD5} - No_Url_Value

==== Reset Google Chrome ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Secure Preferencesgbak was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data.tmp was reset successfully
C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Datagbak was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Jan\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1445 folders=718 229193734 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jan\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jan\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on 19.04.2016 at 15:03:53,00 ======================
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (19-04-2016 15:10:00)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Astonsoft) C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2016-04-19]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1
ManualProxies:

Internet Explorer:
==================
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-03-15] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Avira Browserschutz) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-04-19]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2828016 2016-02-09] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] ()
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-19] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 15:10 - 2016-04-19 15:10 - 00019586 _____ C:\Users\Jan\Desktop\FRST.txt
2016-04-19 15:09 - 2016-04-19 15:09 - 00001271 _____ C:\Users\Jan\Downloads\FRST - Verknüpfung.lnk
2016-04-19 15:09 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
2016-04-19 15:01 - 2016-04-19 14:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-19 14:50 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Desktop\zoek - Verknüpfung.lnk
2016-04-19 14:49 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Downloads\zoek - Verknüpfung.lnk
2016-04-19 14:48 - 2016-04-19 15:01 - 00000000 ____D C:\zoek_backup
2016-04-19 14:48 - 2016-04-19 14:48 - 01309184 _____ C:\Users\Jan\Downloads\zoek.exe
2016-04-19 14:44 - 2016-04-19 14:44 - 00047545 _____ C:\Users\Jan\Desktop\mbam.txt
2016-04-19 14:39 - 2016-04-19 14:39 - 00001371 _____ C:\Users\Jan\Desktop\GeForce Experience.lnk
2016-04-19 13:07 - 2016-04-19 15:02 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 13:07 - 2016-04-19 14:35 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 13:05 - 2016-04-19 13:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 16:48 - 2016-04-18 16:50 - 00047979 _____ C:\Users\Jan\Downloads\Addition.txt
2016-04-18 16:47 - 2016-04-18 16:50 - 00048575 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-19 15:10 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:18 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 17:18 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-16 17:18 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 17:17 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 17:17 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 17:17 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 17:17 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 17:17 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-16 17:17 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-16 17:17 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 17:17 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-16 17:17 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 17:17 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-16 17:16 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-16 17:16 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 17:16 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 17:16 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 17:16 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 17:16 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 17:16 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 17:16 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-16 17:16 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 17:16 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-16 17:15 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 17:15 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 17:15 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-16 17:14 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-16 17:14 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 17:14 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-16 17:12 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-16 12:12 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 19:00 - 2016-04-11 19:00 - 00022704 _____ C:\Windows\system32\Drivers\EsgScanner.sys
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Jaynew
2016-04-10 16:20 - 2016-04-10 16:20 - 00003332 _____ C:\Windows\System32\Tasks\Itepe
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00023164 _____ C:\Windows\System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F}
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer
2016-03-24 18:58 - 2016-03-24 18:58 - 06868672 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup516.exe
2016-03-23 11:36 - 2016-03-23 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-23 11:36 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-23 11:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:36 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:36 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-23 11:36 - 2016-01-31 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:36 - 2016-01-31 18:20 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-03-23 11:35 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-03-23 11:35 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-03-23 11:35 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-23 11:35 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-03-23 11:35 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-03-23 11:35 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-03-23 11:35 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-23 11:35 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-03-23 11:35 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-03-23 11:35 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-23 11:35 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-03-23 11:35 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-03-23 11:35 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-03-23 11:35 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-03-23 11:35 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-23 11:35 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-23 11:35 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:35 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-03-23 11:35 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-23 11:35 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-23 11:35 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:34 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-23 11:34 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-03-23 11:34 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-23 11:34 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-03-23 11:34 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-23 11:34 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-23 11:34 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-23 11:34 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-03-23 11:34 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-03-22 18:08 - 2016-04-19 14:35 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 18:08 - 2016-03-22 18:08 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 18:05 - 2016-03-22 18:07 - 05600464 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup515_slim.exe
2016-03-22 16:58 - 2016-04-19 14:35 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iPod
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-22 12:36 - 2016-03-22 12:36 - 00036872 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys
2016-03-20 10:00 - 2016-03-20 10:00 - 00000000 ____D C:\Users\Jan\AppData\Local\ElevatedDiagnostics

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-19 15:08 - 2015-08-09 08:50 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-19 15:05 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-19 15:04 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-19 15:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-19 15:02 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-19 15:01 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-19 14:53 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-19 14:43 - 2015-06-17 21:46 - 06150350 _____ C:\Windows\system32\perfh007.dat
2016-04-19 14:43 - 2015-06-17 21:46 - 01772674 _____ C:\Windows\system32\perfc007.dat
2016-04-19 14:43 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 14:36 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-19 14:35 - 2016-02-24 21:09 - 00000921 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-19 14:35 - 2016-02-24 21:09 - 00000916 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-19 14:35 - 2016-02-15 20:24 - 00000867 _____ C:\Users\Jan\Desktop\Steam.lnk
2016-04-19 14:35 - 2015-12-08 21:50 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-19 14:35 - 2015-11-03 19:57 - 00001772 _____ C:\Users\Jan\Desktop\Word 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002838 _____ C:\Users\Jan\Desktop\Excel 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002769 _____ C:\Users\Jan\Desktop\PowerPoint 2013.lnk
2016-04-19 14:35 - 2015-08-30 13:14 - 00001251 _____ C:\Users\Jan\Desktop\Landwirtschafts Simulator 15 .lnk
2016-04-19 14:35 - 2015-08-30 12:46 - 00001945 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002031 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:15 - 00001089 _____ C:\Users\Public\Desktop\phase-6 desktop.lnk
2016-04-19 14:35 - 2015-08-30 11:54 - 00001042 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-19 14:35 - 2015-08-30 11:43 - 00001027 _____ C:\Users\Public\Desktop\EssentialPIM.lnk
2016-04-19 14:35 - 2015-08-30 11:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-19 14:35 - 2015-08-30 11:40 - 00000990 _____ C:\Users\Jan\Desktop\IrfanView 64.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001272 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001051 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-04-19 14:35 - 2015-01-12 15:58 - 00001357 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
2016-04-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2016-04-19 13:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-19 13:02 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-18 18:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 17:09 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-18 17:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-18 17:05 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:14 - 2016-01-12 20:47 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 17:13 - 2016-03-09 15:46 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-11 19:01 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-10 21:14 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help
2016-03-23 13:08 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-03-23 11:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-23 10:48 - 2015-08-30 12:46 - 00000000 ____D C:\Users\Jan\Documents\SelfMV
2016-03-22 22:19 - 2015-07-15 18:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-22 16:58 - 2015-08-30 11:41 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-10 12:27

==================== Ende von FRST.txt ============================

Jan02 19.04.2016 14:21
addition.txt
 
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-19 15:10:40)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4805.1003 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4805.1003 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.112 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.7.2 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.7.2 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - \Software Update Application -> Keine Datei <==== ACHTUNG
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7B7A6F69-F46E-4842-9E46-B4D2EBBC0AEC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\PROGRA~1\Uboxva\Karagir.bat <==== ACHTUNG
Task: {8D0F8506-F40D-4D6E-B7F9-14627F7E88C6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {F2E799D9-458D-4D15-849A-AA3C3F58B1C2} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-09 19:47 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D2FBCEE5-C32F-4A02-97CD-2B2A0D2ECFAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E97F6DF-FD13-4727-BAF6-731AE03B15FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{979724F2-C816-41F9-A9E2-7045F60A9EFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9CDFBCE3-FFB8-4DA7-A972-41CF3194572E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9EFEA998-A4C0-495D-AE38-06AB1495F4BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:18:29 Removed Microsoft Silverlight
16-04-2016 17:11:28 Removed QuickTime 7
19-04-2016 14:51:43 zoek.exe restore point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/19/2016 02:43:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2016 02:43:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2016 02:43:44 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2016 01:27:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BackgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: efc

Startzeit: 01d19a2d6b60a551

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\BackgroundTaskHost.exe

Berichts-ID: b84b5497-0621-11e6-8332-206a8a9e0239

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.4.336_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports

Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/18/2016 04:38:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/18/2016 04:38:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/16/2016 05:02:08 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/19/2016 02:59:47 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:59:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (04/19/2016 02:51:09 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
Description: In der Dateisystemstruktur auf Volume "C:" wurde eine Beschädigung erkannt.

Die genaue Art der Beschädigung ist unbekannt. Die Dateisystemstrukturen müssen online überprüft werden.

Error: (04/18/2016 06:41:28 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/18/2016 06:41:28 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/18/2016 06:41:22 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (04/18/2016 06:41:22 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


CodeIntegrity:
===================================
  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:40.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.816
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5963.05 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 14676.27 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:218.01 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================
Hallo Rafael,
danke für die schnellen Antworten! Habe alles so gemacht wie geschrieben und die vier Logfiles die ich posten sollte gepostet, in der Reihenfolge wie in deiner Anleitung.
Der Mpc Cleaner ist jetzt auf jeden Fall schon mal nicht mehr sichtbar als Verknüpfung oder sonst wo aber ich werde die Schritte die du mir schreibst natürlich weiter durchführen.
Hoffen wir dass wir den MPC Cleaner endgültig von meinem Computer bekommen.

Mfg,
Jan

burningice 19.04.2016 23:36
Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
C:\PROGRA~1\UHHIWE~1

Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - \Software Update Application -> Keine Datei <==== ACHTUNG

Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG

Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\PROGRA~1\Uboxva\Karagir.bat <==== ACHTUNG
C:\PROGRA~1\Uboxva
cmd: dir %programdata% /a d
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] ()
C:\Windows\System32\DRIVERS\EsgScanner.sys
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"
cmd: sc start WinDefend Enable
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Hinweis: Dieser Scan kann schon einmal mehrere Stunden dauern...

Schritt: 3
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Jan02 21.04.2016 05:16
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-20 19:49:16) Run:1
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Task: {532DF1E6-08C9-41F7-9CE3-1C5B267AE955} - System32\Tasks\Itepe => C:\PROGRA~1\UHHIWE~1\Emons.bat <==== ACHTUNG
C:\PROGRA~1\UHHIWE~1

Task: {5D686CCA-1D50-47EE-AA36-D688A3A3BD9E} - \Software Update Application -> Keine Datei <==== ACHTUNG

Task: {6DEC51EF-808E-4A3B-AFEC-E2C2136E6200} - System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand OwA7ACAAIAAgACAAIAAgACAAIAA7ACAAOwAgACAAOwA7ACAAOwA7ACAAOwA7ADsAOwAkAEUAcgByAG8AcgBBAGMAdABpAG8AbgBQAHIAZQBmAGUAcgBlAG4AYwBlAD0AIgBzAHQAbwBwACIAOwAkAHMAYwA9ACIAUwBpAGwAZQBuAHQAbAB5AEMAbwBuAHQAaQBuAHUAZQAiADsAJABXAGEA (Der Dateneintrag hat 9424 mehr Zeichen). <==== ACHTUNG

Task: {8B9987FB-E254-4C6C-88F0-5AE0917C14A4} - System32\Tasks\Jaynew => C:\PROGRA~1\Uboxva\Karagir.bat <==== ACHTUNG
C:\PROGRA~1\Uboxva
cmd: dir %programdata% /a d
HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2016-04-11] ()
C:\Windows\System32\DRIVERS\EsgScanner.sys
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zdwfp => ""="Driver"
cmd: sc start WinDefend Enable
emptytemp:
       
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{532DF1E6-08C9-41F7-9CE3-1C5B267AE955}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{532DF1E6-08C9-41F7-9CE3-1C5B267AE955}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\Itepe => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Itepe" => Schlüssel erfolgreich entfernt
"C:\PROGRA~1\UHHIWE~1" => nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D686CCA-1D50-47EE-AA36-D688A3A3BD9E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D686CCA-1D50-47EE-AA36-D688A3A3BD9E}" => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Software Update Application => Schlüssel nicht gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6DEC51EF-808E-4A3B-AFEC-E2C2136E6200}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6DEC51EF-808E-4A3B-AFEC-E2C2136E6200}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\{0E057D47-7808-0A78-0C11-7E0A0A78117F} => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0E057D47-7808-0A78-0C11-7E0A0A78117F}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8B9987FB-E254-4C6C-88F0-5AE0917C14A4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B9987FB-E254-4C6C-88F0-5AE0917C14A4}" => Schlüssel erfolgreich entfernt
C:\Windows\System32\Tasks\Jaynew => erfolgreich verschoben
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Jaynew" => Schlüssel erfolgreich entfernt
"C:\PROGRA~1\Uboxva" => nicht gefunden.

=========  dir %programdata% /a d =========

 Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 2093-6EEC

 Verzeichnis von C:\ProgramData

19.04.2016  15:00    <DIR>          .
19.04.2016  15:00    <DIR>          ..
10.08.2015  08:35    <DIR>          .mono
09.08.2015  19:11    <DIR>          Acer
31.08.2015  09:23    <DIR>          Adobe
17.06.2015  13:54    <JUNCTION>    Anwendungsdaten [C:\ProgramData]
30.08.2015  11:41    <DIR>          Apple
30.08.2015  11:42    <DIR>          Apple Computer
22.08.2013  16:45    <JUNCTION>    Application Data [C:\ProgramData]
17.06.2015  13:09    <DIR>          Atheros
11.04.2016  20:20    <DIR>          Avira
09.08.2015  10:56    <DIR>          BlueStacks
30.08.2015  12:44    <DIR>          Brother
17.06.2015  13:21    <DIR>          CLSK
03.11.2015  22:40    <DIR>          Codemasters
30.08.2015  12:43    <DIR>          ControlCenter4
09.08.2015  19:20    <DIR>          CyberLink
22.08.2013  16:45    <JUNCTION>    Desktop [C:\Users\Public\Desktop]
22.08.2013  16:45    <JUNCTION>    Documents [C:\Users\Public\Documents]
17.06.2015  13:54    <JUNCTION>    Dokumente [C:\Users\Public\Documents]
17.06.2015  13:07                0 DP45977C.lfl
17.06.2015  13:21    <DIR>          install_clap
09.08.2015  08:48    <DIR>          Intel
17.06.2015  12:54    <DIR>          Intel(R) Update Manager
19.04.2016  13:07    <DIR>          Malwarebytes
10.08.2015  09:23    <DIR>          McAfee
10.04.2016  18:51    <DIR>          Microsoft
30.08.2015  13:20    <DIR>          Microsoft OneDrive
29.03.2016  11:31    <DIR>          NVIDIA
29.03.2016  11:31    <DIR>          NVIDIA Corporation
09.08.2015  19:18    <DIR>          OEM
17.06.2015  14:00    <DIR>          OEM_YAHOO
31.08.2015  09:13    <DIR>          Phase6
17.06.2015  12:57    <DIR>          Qualcomm Atheros
16.04.2016  17:07    <DIR>          Razer
20.04.2016  19:32    <DIR>          regid.1991-06.com.microsoft
01.09.2015  16:26    <DIR>          Samsung
19.04.2016  19:33    <DIR>          Skype
22.08.2013  16:45    <JUNCTION>    Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
17.06.2015  13:54    <JUNCTION>    Startmen� [C:\ProgramData\Microsoft\Windows\Start Menu]
28.12.2015  13:20    <DIR>          Sync App Settings
17.06.2015  13:21    <DIR>          Temp
22.08.2013  16:45    <JUNCTION>    Templates [C:\ProgramData\Microsoft\Windows\Templates]
17.06.2015  13:54    <JUNCTION>    Vorlagen [C:\ProgramData\Microsoft\Windows\Templates]
09.08.2015  19:24    <DIR>          WildTangent
              1 Datei(en),              0 Bytes

 Verzeichnis von C:\Users\Jan\Desktop

Datei nicht gefunden

========= Ende von CMD: =========

HKU\S-1-5-21-489078762-871934448-399521353-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Wert erfolgreich wiederhergestellt
EsgScanner => Dienst erfolgreich entfernt
C:\Windows\System32\DRIVERS\EsgScanner.sys => erfolgreich verschoben
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\zdwfp" => Schlüssel erfolgreich entfernt

=========  sc start WinDefend Enable =========

[SC] StartService FEHLER 577:

Die digitale Signatur dieser Datei kann nicht �berpr�ft werden. M�glicherweise wurde durch eine k�rzlich durchgef�hrte Hardware- oder Software�nderung eine falsch signierte oder besch�digte Datei oder eine Datei, bei der es sich um b�swillige Software aus einer unbekannten Quelle handelt, installiert.


========= Ende von CMD: =========

EmptyTemp: => 229.1 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:50:29 ====
Sorry Rafael heute folgt nur Schritt 1 innerhalb 24 Stunden . Nur dass du dich nicht wunderst. Denn der Scanner läuft noch werde den Rest dann morgen Posten .

Gruß Jan

Hoffe du kannst noch vor Freitag also am besten Donnerstagabend antworten.

MFG
Jan

Code:
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=37daa0a5e398c541b1c333d93e72a72b
# end=init
# utc_time=2016-04-20 05:56:02
# local_time=2016-04-20 07:56:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 29158
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=37daa0a5e398c541b1c333d93e72a72b
# end=updated
# utc_time=2016-04-20 05:58:07
# local_time=2016-04-20 07:58:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=37daa0a5e398c541b1c333d93e72a72b
# engine=29158
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-04-20 07:55:02
# local_time=2016-04-20 09:55:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 354580 24971672 0 0
# scanned=417824
# found=6
# cleaned=0
# scan_time=7014
sh=A6695378FF8D6DB79416B329472254C55476772F ft=1 fh=a5863f9f88fb0ec6 vn="MSIL/TrojanDownloader.Agent.BTI Trojaner" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files\Windows Screen Manager\Windows screen manage updater.exe.vir"
sh=3BDD88099579BAACD6B578A23EAB6CB203E4D5BB ft=1 fh=dfc6a020bb469f08 vn="Variante von Win32/Adware.ConvertAd.AHH Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\FE3A64E9-1460297796-4845-91F5-CEC510387103\vnsbB66C.tmp.vir"
sh=B3AFB4FF7ABE8F988353A646950DB5343CC79FB6 ft=1 fh=e67a3b79619c0c5f vn="Variante von Win32/ELEX.HT evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\FileQuarantine\C\Program Files (x86)\SearchesToYesbnd\ffuter.exe.vir"
sh=6247D12970410CC30F1511AE71359230C49F77D8 ft=1 fh=3953820c75e8be91 vn="möglicherweise unbekannter Virus NewHeur_PE Virus" ac=I fn="C:\OEM\Preload\APP\Personify\Preinstalled.Personify.2.5.4.15.-.Setup.exe"
sh=D08D9B0DA9EFD8247F0A7C2C15FF374AB41C74A2 ft=1 fh=f1dda25b5f028579 vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Documents\My Games\SimBin\Crash Dumps\minecraft.exe"
sh=D7755CF2133087E2EE709A590C719A22826F78B8 ft=1 fh=8c309ca2fd2bddd3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Downloads\WinZip 64 Bit - CHIP-Installer.exe"
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (21-04-2016 06:08:20)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan &  (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1003160 2016-04-06] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2016-04-19]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1
ManualProxies:

Internet Explorer:
==================
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-20] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-19]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-21] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-20 19:55 - 2016-04-20 19:55 - 02870984 _____ (ESET) C:\Users\Jan\Downloads\esetsmartinstaller_deu.exe
2016-04-20 19:55 - 2016-04-20 19:55 - 00000000 ____D C:\Program Files (x86)\ESET
2016-04-20 19:49 - 2016-04-20 19:50 - 00007349 _____ C:\Users\Jan\Desktop\Fixlog.txt
2016-04-19 19:07 - 2016-04-19 19:08 - 29872687 _____ C:\Users\Jan\Downloads\client_20810.zip
2016-04-19 15:10 - 2016-04-21 06:08 - 00020983 _____ C:\Users\Jan\Desktop\FRST.txt
2016-04-19 15:10 - 2016-04-19 15:11 - 00049036 _____ C:\Users\Jan\Desktop\Addition.txt
2016-04-19 15:09 - 2016-04-19 15:09 - 00001271 _____ C:\Users\Jan\Downloads\FRST - Verknüpfung.lnk
2016-04-19 15:09 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
2016-04-19 15:01 - 2016-04-19 14:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-19 14:50 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Desktop\zoek - Verknüpfung.lnk
2016-04-19 14:49 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Downloads\zoek - Verknüpfung.lnk
2016-04-19 14:48 - 2016-04-19 15:01 - 00000000 ____D C:\zoek_backup
2016-04-19 14:48 - 2016-04-19 14:48 - 01309184 _____ C:\Users\Jan\Downloads\zoek.exe
2016-04-19 14:44 - 2016-04-19 14:44 - 00047545 _____ C:\Users\Jan\Desktop\mbam.txt
2016-04-19 14:39 - 2016-04-19 14:39 - 00001371 _____ C:\Users\Jan\Desktop\GeForce Experience.lnk
2016-04-19 13:07 - 2016-04-21 06:03 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 13:07 - 2016-04-19 14:35 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 13:05 - 2016-04-19 13:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 16:48 - 2016-04-18 16:50 - 00047979 _____ C:\Users\Jan\Downloads\Addition.txt
2016-04-18 16:47 - 2016-04-18 16:50 - 00048575 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-21 06:08 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:18 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 17:18 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-16 17:18 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 17:17 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 17:17 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 17:17 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 17:17 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 17:17 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-16 17:17 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-16 17:17 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 17:17 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-16 17:17 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 17:17 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-16 17:16 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-16 17:16 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 17:16 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 17:16 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 17:16 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 17:16 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 17:16 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 17:16 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-16 17:16 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 17:16 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-16 17:15 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 17:15 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 17:15 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-16 17:14 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-16 17:14 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 17:14 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-16 17:12 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-16 12:12 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:27 - 2016-04-10 16:27 - 00060136 ____N (DotC United Inc) C:\Windows\system32\Drivers\MPCKpt.sys
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-10 16:16 - 2016-03-04 16:13 - 00046352 _____ C:\Windows\system32\Drivers\zdwfp64.sys
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer
2016-03-24 18:58 - 2016-03-24 18:58 - 06868672 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup516.exe
2016-03-23 11:36 - 2016-03-23 11:36 - 00000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2016-03-23 11:36 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys
2016-03-23 11:36 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2016-03-23 11:36 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2016-03-23 11:36 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2016-03-23 11:36 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2016-03-23 11:36 - 2016-01-31 18:24 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-03-23 11:36 - 2016-01-31 18:20 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-03-23 11:35 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-03-23 11:35 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe
2016-03-23 11:35 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-03-23 11:35 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-03-23 11:35 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-03-23 11:35 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-03-23 11:35 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-03-23 11:35 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-03-23 11:35 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-03-23 11:35 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-03-23 11:35 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2016-03-23 11:35 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-03-23 11:35 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-03-23 11:35 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll
2016-03-23 11:35 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2016-03-23 11:35 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2016-03-23 11:35 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2016-03-23 11:35 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2016-03-23 11:35 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-03-23 11:35 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe
2016-03-23 11:35 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll
2016-03-23 11:35 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys
2016-03-23 11:35 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2016-03-23 11:35 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2016-03-23 11:35 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2016-03-23 11:35 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2016-03-23 11:35 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll
2016-03-23 11:35 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2016-03-23 11:35 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2016-03-23 11:35 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2016-03-23 11:35 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys
2016-03-23 11:35 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll
2016-03-23 11:35 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll
2016-03-23 11:35 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2016-03-23 11:35 - 2016-01-21 00:40 - 00099672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
2016-03-23 11:34 - 2016-02-07 01:05 - 00551256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-03-23 11:34 - 2016-02-07 00:41 - 00316760 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2016-03-23 11:34 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2016-03-23 11:34 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2016-03-23 11:34 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2016-03-23 11:34 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-03-23 11:34 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-03-23 11:34 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2016-03-23 11:34 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe
2016-03-23 11:34 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe
2016-03-22 18:08 - 2016-04-19 14:35 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-03-22 18:08 - 2016-03-22 18:08 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-03-22 18:08 - 2016-03-22 18:08 - 00000000 ____D C:\Program Files\CCleaner
2016-03-22 18:05 - 2016-03-22 18:07 - 05600464 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup515_slim.exe
2016-03-22 16:58 - 2016-04-19 14:35 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iTunes
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files\iPod
2016-03-22 16:58 - 2016-03-22 16:58 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-03-22 12:36 - 2016-03-22 12:36 - 00036872 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-20 22:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-20 21:53 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-20 19:52 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-20 19:52 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-20 19:52 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-20 19:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-20 19:37 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-20 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-20 19:31 - 2015-08-30 13:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-20 19:30 - 2015-06-17 21:46 - 06197738 _____ C:\Windows\system32\perfh007.dat
2016-04-20 19:30 - 2015-06-17 21:46 - 01786882 _____ C:\Windows\system32\perfc007.dat
2016-04-20 19:30 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-19 20:55 - 2015-12-08 21:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2016-04-19 20:52 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-04-19 20:34 - 2016-02-10 14:20 - 00000000 ____D C:\Users\Jan\Documents\ETS2MP
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ____D C:\ProgramData\Skype
2016-04-19 19:32 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-19 19:17 - 2015-08-09 08:50 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-19 19:08 - 2016-02-24 21:09 - 00000877 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-19 19:08 - 2016-02-24 21:09 - 00000872 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETS2 + ATS Multiplayer
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\Program Files\TruckersMP
2016-04-19 14:35 - 2016-02-15 20:24 - 00000867 _____ C:\Users\Jan\Desktop\Steam.lnk
2016-04-19 14:35 - 2015-12-08 21:50 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-19 14:35 - 2015-11-03 19:57 - 00001772 _____ C:\Users\Jan\Desktop\Word 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002838 _____ C:\Users\Jan\Desktop\Excel 2013.lnk
2016-04-19 14:35 - 2015-08-31 16:42 - 00002769 _____ C:\Users\Jan\Desktop\PowerPoint 2013.lnk
2016-04-19 14:35 - 2015-08-30 13:14 - 00001251 _____ C:\Users\Jan\Desktop\Landwirtschafts Simulator 15 .lnk
2016-04-19 14:35 - 2015-08-30 12:46 - 00001945 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:28 - 00002031 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-19 14:35 - 2015-08-30 12:15 - 00001089 _____ C:\Users\Public\Desktop\phase-6 desktop.lnk
2016-04-19 14:35 - 2015-08-30 11:54 - 00001042 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-19 14:35 - 2015-08-30 11:43 - 00001027 _____ C:\Users\Public\Desktop\EssentialPIM.lnk
2016-04-19 14:35 - 2015-08-30 11:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-19 14:35 - 2015-08-30 11:40 - 00000990 _____ C:\Users\Jan\Desktop\IrfanView 64.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-19 14:35 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001272 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-19 14:35 - 2015-07-15 18:58 - 00001051 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-04-19 14:35 - 2015-07-15 18:57 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-04-19 14:35 - 2015-01-12 15:58 - 00001357 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
2016-04-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2016-04-19 13:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-19 13:02 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-18 18:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 17:09 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-18 17:07 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-18 17:05 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:14 - 2016-01-12 20:47 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 17:13 - 2016-03-09 15:46 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-11 19:01 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help
2016-03-23 11:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2016-03-23 10:48 - 2015-08-30 12:46 - 00000000 ____D C:\Users\Jan\Documents\SelfMV
2016-03-22 22:19 - 2015-07-15 18:56 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-03-22 16:58 - 2015-08-30 11:41 - 00000000 ____D C:\Program Files\Common Files\Apple

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 21:55

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-21 06:09:07)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.8.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.8.1 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7B7A6F69-F46E-4842-9E46-B4D2EBBC0AEC} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {91CFB104-0317-4B91-89F7-29EAFF0CD2B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {E84F1A29-38DE-4DC2-9BE7-407220559AE5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {E987A9FC-7172-4CFF-AC33-3F4B42D608F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 02140824 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libglesv2.dll
2016-04-12 20:27 - 2016-04-06 04:12 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\libegl.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-09 19:47 - 2015-09-25 01:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-489078762-871934448-399521353-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D2FBCEE5-C32F-4A02-97CD-2B2A0D2ECFAA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{4E97F6DF-FD13-4727-BAF6-731AE03B15FF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{979724F2-C816-41F9-A9E2-7045F60A9EFF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{9CDFBCE3-FFB8-4DA7-A972-41CF3194572E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9EFEA998-A4C0-495D-AE38-06AB1495F4BE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe

==================== Wiederherstellungspunkte =========================

11-04-2016 20:18:29 Removed Microsoft Silverlight
16-04-2016 17:11:28 Removed QuickTime 7
19-04-2016 14:51:43 zoek.exe restore point

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/21/2016 06:05:30 AM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/20/2016 07:55:56 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/20/2016 07:55:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_623f33d3ecbe86e8.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.18006_none_a9ec6aab013aafee.manifest.

Error: (04/20/2016 07:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/20/2016 07:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/20/2016 07:30:52 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/19/2016 07:13:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BackgroundTaskHost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3d8

Startzeit: 01d19a5e225e9b63

Endzeit: 4294967295

Anwendungspfad: C:\Windows\System32\BackgroundTaskHost.exe

Berichts-ID: 1733599e-0652-11e6-8335-206a8a9e0239

Vollständiger Name des fehlerhaften Pakets: Microsoft.BingSports_3.0.4.336_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AppexSports

Error: (04/19/2016 07:13:27 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: syncappw.exe, Version: 15.3.1.0, Zeitstempel: 0x5631c04d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18194, Zeitstempel: 0x569515fc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00048785
ID des fehlerhaften Prozesses: 0x16f8
Startzeit der fehlerhaften Anwendung: 0xsyncappw.exe0
Pfad der fehlerhaften Anwendung: syncappw.exe1
Pfad des fehlerhaften Moduls: syncappw.exe2
Berichtskennung: syncappw.exe3
Vollständiger Name des fehlerhaften Pakets: syncappw.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: syncappw.exe5

Error: (04/19/2016 06:57:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/19/2016 06:57:11 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/20/2016 09:56:14 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/20/2016 09:56:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246013 fehlgeschlagen: Update für Microsoft Visual C++ 2012 Update 4 Redistributable Package (KB3119142)

Error: (04/20/2016 09:55:44 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/20/2016 07:56:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (04/20/2016 07:56:41 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys

Error: (04/20/2016 07:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (04/20/2016 07:56:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys

Error: (04/20/2016 07:56:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275

Error: (04/20/2016 07:56:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Jan\AppData\Local\Temp\ehdrv.sys

Error: (04/20/2016 07:50:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577


CodeIntegrity:
===================================
  Date: 2016-04-20 19:50:08.821
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:40.989
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.193
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:55.101
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.730
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:54.649
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:19:02.906
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5464.3 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 13843.11 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:213.15 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice 21.04.2016 12:40
Schritt: 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt: 2
Downloade dir bitte Farbar Service Scanner Farbar Service Scanner
  • Starte das Tool mit Doppelklick auf die FSS.exe
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.

Poste bitte den Inhalt hier.



Jan02 21.04.2016 17:51
Code:
18:24:25.0801 0x0ee8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:24:25.0801 0x0ee8  UEFI system
18:24:31.0258 0x0ee8  ============================================================
18:24:31.0258 0x0ee8  Current date / time: 2016/04/21 18:24:31.0258
18:24:31.0258 0x0ee8  SystemInfo:
18:24:31.0258 0x0ee8 
18:24:31.0258 0x0ee8  OS Version: 6.3.9600 ServicePack: 0.0
18:24:31.0258 0x0ee8  Product type: Workstation
18:24:31.0258 0x0ee8  ComputerName: NOTEBOOK-JAN2
18:24:31.0258 0x0ee8  UserName: Jan
18:24:31.0258 0x0ee8  Windows directory: C:\Windows
18:24:31.0258 0x0ee8  System windows directory: C:\Windows
18:24:31.0258 0x0ee8  Running under WOW64
18:24:31.0258 0x0ee8  Processor architecture: Intel x64
18:24:31.0258 0x0ee8  Number of processors: 8
18:24:31.0258 0x0ee8  Page size: 0x1000
18:24:31.0258 0x0ee8  Boot type: Normal boot
18:24:31.0258 0x0ee8  ============================================================
18:24:31.0945 0x0ee8  KLMD registered as C:\Windows\system32\drivers\19455813.sys
18:24:32.0398 0x0ee8  System UUID: {1F5B7244-AE05-5BD4-D634-E300C7229C3E}
18:24:33.0196 0x0ee8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:24:33.0211 0x0ee8  ============================================================
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0:
18:24:33.0211 0x0ee8  GPT partitions:
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1BF8F16C-75A2-4A89-BB4A-948F9409272F}, Name: , StartLBA 0x800, BlocksNum 0x12C000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {67C2B5FA-AA21-4C37-A3E3-B666D89BE5CD}, Name: EFI system partition, StartLBA 0x12C800, BlocksNum 0x96000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {578FBE44-0829-4689-9F1E-9F0432FA369B}, Name: Microsoft reserved partition, StartLBA 0x1C2800, BlocksNum 0x40000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {5EB182A7-198E-4EC4-85DC-E13FBE465447}, Name: Basic data partition, StartLBA 0x202800, BlocksNum 0x38B89000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3EEF9BA2-84F5-4C8E-9459-286A1504BD63}, Name: Basic data partition, StartLBA 0x38D8B800, BlocksNum 0x38B89000
18:24:33.0211 0x0ee8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {304C9B52-36BD-4869-8C13-D2CB3E51819B}, Name: , StartLBA 0x71914800, BlocksNum 0x2DF2000
18:24:33.0211 0x0ee8  MBR partitions:
18:24:33.0211 0x0ee8  ============================================================
18:24:33.0211 0x0ee8  C: <-> \Device\Harddisk0\DR0\Partition4
18:24:33.0258 0x0ee8  D: <-> \Device\Harddisk0\DR0\Partition5
18:24:33.0258 0x0ee8  ============================================================
18:24:33.0258 0x0ee8  Initialize success
18:24:33.0258 0x0ee8  ============================================================
18:25:02.0726 0x1b84  ============================================================
18:25:02.0726 0x1b84  Scan started
18:25:02.0726 0x1b84  Mode: Manual; SigCheck; TDLFS;
18:25:02.0726 0x1b84  ============================================================
18:25:02.0726 0x1b84  KSN ping started
18:25:05.0086 0x1b84  KSN ping finished: true
18:25:14.0215 0x1b84  ================ Scan system memory ========================
18:25:14.0215 0x1b84  System memory - ok
18:25:14.0230 0x1b84  ================ Scan services =============================
18:25:14.0808 0x1b84  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
18:25:14.0980 0x1b84  1394ohci - ok
18:25:15.0058 0x1b84  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware          C:\Windows\system32\drivers\3ware.sys
18:25:15.0074 0x1b84  3ware - ok
18:25:15.0105 0x1b84  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:25:15.0136 0x1b84  ACPI - ok
18:25:15.0199 0x1b84  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
18:25:15.0215 0x1b84  acpiex - ok
18:25:15.0230 0x1b84  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
18:25:15.0277 0x1b84  acpipagr - ok
18:25:15.0355 0x1b84  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi        C:\Windows\System32\drivers\acpipmi.sys
18:25:15.0433 0x1b84  AcpiPmi - ok
18:25:15.0433 0x1b84  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
18:25:15.0480 0x1b84  acpitime - ok
18:25:15.0619 0x1b84  [ F2CEEE9ABBCEF207ACB103215AC28BC2, F8F8B8AF6317926D7AC0CA2CA23628B2C69327A2792D58D3328443C5ED9514E9 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:25:15.0657 0x1b84  AdobeARMservice - ok
18:25:16.0416 0x1b84  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:25:16.0447 0x1b84  AdobeFlashPlayerUpdateSvc - ok
18:25:16.0541 0x1b84  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX        C:\Windows\system32\drivers\ADP80XX.SYS
18:25:16.0635 0x1b84  ADP80XX - ok
18:25:16.0682 0x1b84  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
18:25:16.0775 0x1b84  AeLookupSvc - ok
18:25:16.0791 0x1b84  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD            C:\Windows\system32\drivers\afd.sys
18:25:16.0916 0x1b84  AFD - ok
18:25:16.0947 0x1b84  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
18:25:16.0963 0x1b84  agp440 - ok
18:25:16.0979 0x1b84  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache        C:\Windows\system32\DRIVERS\ahcache.sys
18:25:17.0041 0x1b84  ahcache - ok
18:25:17.0057 0x1b84  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG            C:\Windows\System32\alg.exe
18:25:17.0119 0x1b84  ALG - ok
18:25:17.0135 0x1b84  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8          C:\Windows\System32\drivers\amdk8.sys
18:25:17.0213 0x1b84  AmdK8 - ok
18:25:17.0229 0x1b84  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
18:25:17.0260 0x1b84  AmdPPM - ok
18:25:17.0275 0x1b84  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
18:25:17.0291 0x1b84  amdsata - ok
18:25:17.0307 0x1b84  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:25:17.0338 0x1b84  amdsbs - ok
18:25:17.0338 0x1b84  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata        C:\Windows\system32\drivers\amdxata.sys
18:25:17.0354 0x1b84  amdxata - ok
18:25:17.0369 0x1b84  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID          C:\Windows\system32\drivers\appid.sys
18:25:17.0385 0x1b84  AppID - ok
18:25:17.0400 0x1b84  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:25:17.0447 0x1b84  AppIDSvc - ok
18:25:17.0463 0x1b84  [ 734622FBA766DBD65B1803549B24A04A, 3B6872B87A60D4DA265D3B8AB0561A929CFE2C097419183E93D3843422363C89 ] Appinfo        C:\Windows\System32\appinfo.dll
18:25:17.0525 0x1b84  Appinfo - ok
18:25:17.0682 0x1b84  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:25:17.0697 0x1b84  Apple Mobile Device Service - ok
18:25:17.0791 0x1b84  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\Windows\system32\AppReadiness.dll
18:25:17.0854 0x1b84  AppReadiness - ok
18:25:17.0901 0x1b84  [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc        C:\Windows\system32\appxdeploymentserver.dll
18:25:18.0166 0x1b84  AppXSvc - ok
18:25:18.0182 0x1b84  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:25:18.0182 0x1b84  arcsas - ok
18:25:18.0213 0x1b84  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi          C:\Windows\system32\drivers\atapi.sys
18:25:18.0229 0x1b84  atapi - ok
18:25:18.0260 0x1b84  [ 8302D313DCC5536FE6BFB85165D9BB1E, CD9101D9CFE34F0D6CF5A6AD5C997CC5D32CCF5135B78604D0C3CD7252117C2D ] AthBTPort      C:\Windows\system32\DRIVERS\btath_flt.sys
18:25:18.0276 0x1b84  AthBTPort - ok
18:25:18.0416 0x1b84  [ FB9A914C346E74D66D454A9C46351A2D, 6EFA70BCB179802F9439C70BB413E653AF9B1E006881F69AD1F43FF3069FA797 ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
18:25:18.0447 0x1b84  AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:25:20.0743 0x0f9c  Object required for P2P: [ CEA5F4F27CFC08E3A44D576811B35F50 ] amdxata
18:25:20.0916 0x1b84  Detect skipped due to KSN trusted
18:25:20.0916 0x1b84  AtherosSvc - ok
18:25:21.0072 0x1b84  [ B2F1057E6EFF75A4A4B653AF4E04470D, 60D535D5DC84CF0B7BB29005181CBEB90F07037E97ECDBF1EC49C4B262BD93BB ] athr            C:\Windows\system32\DRIVERS\athwbx.sys
18:25:21.0260 0x1b84  athr - ok
18:25:21.0275 0x1b84  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
18:25:21.0322 0x1b84  AudioEndpointBuilder - ok
18:25:21.0338 0x1b84  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
18:25:21.0385 0x1b84  Audiosrv - ok
18:25:21.0416 0x1b84  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:25:21.0510 0x1b84  AxInstSV - ok
18:25:21.0572 0x1b84  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
18:25:21.0588 0x1b84  b06bdrv - ok
18:25:21.0619 0x1b84  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
18:25:21.0650 0x1b84  BasicDisplay - ok
18:25:21.0666 0x1b84  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender    C:\Windows\System32\drivers\BasicRender.sys
18:25:21.0713 0x1b84  BasicRender - ok
18:25:21.0744 0x1b84  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
18:25:21.0744 0x1b84  bcmfn2 - ok
18:25:21.0760 0x1b84  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:25:21.0791 0x1b84  BDESVC - ok
18:25:21.0791 0x1b84  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
18:25:21.0869 0x1b84  Beep - ok
18:25:22.0010 0x1b84  [ 5059D93764340D4EAEDF49C47133118F, 26C5779469E04BEAFD290B619CA355648F3911C66D41B22D2C3DCA909FCA0F6E ] BFE            C:\Windows\System32\bfe.dll
18:25:22.0088 0x1b84  BFE - ok
18:25:22.0150 0x1b84  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\Windows\System32\qmgr.dll
18:25:22.0291 0x1b84  BITS - ok
18:25:22.0322 0x1b84  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:25:22.0353 0x1b84  bowser - ok
18:25:22.0369 0x1b84  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
18:25:22.0400 0x1b84  BrokerInfrastructure - ok
18:25:22.0432 0x1b84  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser        C:\Windows\System32\browser.dll
18:25:22.0463 0x1b84  Browser - ok
18:25:22.0494 0x1b84  [ DB109DA005B6FE2A350C5DD7CA768DFD, 241A0BFAEFB1B165C00EE75E8CA382B5935F5DF447DAD5AE9022B2B78317668E ] BrYNSvc        C:\Program Files (x86)\Browny02\BrYNSvc.exe
18:25:22.0510 0x1b84  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
18:25:23.0541 0x0f9c  Object send P2P result: true
18:25:25.0479 0x1b84  Detect skipped due to KSN trusted
18:25:25.0479 0x1b84  BrYNSvc - ok
18:25:25.0526 0x1b84  [ EEFEE4EB812A4F8288424E823C042B9B, 237B44A1DAE11287895F730A65ED944758F9DC94B24B151665C698C279A570D7 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
18:25:25.0557 0x1b84  BTATH_A2DP - ok
18:25:25.0578 0x1b84  [ 5EA46680997EB8D819B199641BE83F79, F9DF92449CE6AF62BD59DAC7147294803340168D0BE0FE5AB5195D1E645BA1C6 ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
18:25:25.0587 0x1b84  btath_avdt - ok
18:25:25.0603 0x1b84  [ AF7DEA6A0E93AF8517A310D189B656BE, 008FE5102EE6B73A8D9AFC2B0E563C6A3567167380FCEDC538278240D2AE1FD4 ] BTATH_BUS      C:\Windows\system32\drivers\btath_bus.sys
18:25:25.0619 0x1b84  BTATH_BUS - ok
18:25:25.0619 0x1b84  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT    C:\Windows\system32\DRIVERS\btath_lwflt.sys
18:25:25.0619 0x1b84  BTATH_LWFLT - ok
18:25:25.0635 0x1b84  [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP      C:\Windows\System32\drivers\btath_rcp.sys
18:25:25.0641 0x1b84  BTATH_RCP - ok
18:25:25.0665 0x1b84  [ B589A15F887780F799019524776EC8A3, 58EC0D498AC318EAA8473B51051AEFFB478D71ABD7F25527A00442C78D4EEF8A ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
18:25:25.0684 0x1b84  BtFilter - ok
18:25:25.0690 0x1b84  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
18:25:25.0728 0x1b84  BthAvrcpTg - ok
18:25:25.0758 0x1b84  [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum        C:\Windows\System32\drivers\BthEnum.sys
18:25:25.0822 0x1b84  BthEnum - ok
18:25:25.0846 0x1b84  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum      C:\Windows\System32\drivers\bthhfenum.sys
18:25:25.0931 0x1b84  BthHFEnum - ok
18:25:25.0947 0x1b84  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
18:25:25.0962 0x1b84  bthhfhid - ok
18:25:26.0056 0x1b84  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\Windows\System32\BthHFSrv.dll
18:25:26.0102 0x1b84  BthHFSrv - ok
18:25:26.0134 0x1b84  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum      C:\Windows\system32\DRIVERS\BthLEEnum.sys
18:25:26.0227 0x1b84  BthLEEnum - ok
18:25:26.0274 0x1b84  [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
18:25:26.0306 0x1b84  BTHMODEM - ok
18:25:26.0337 0x1b84  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\Windows\System32\drivers\bthpan.sys
18:25:26.0368 0x1b84  BthPan - ok
18:25:26.0493 0x1b84  [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
18:25:26.0571 0x1b84  BTHPORT - ok
18:25:26.0571 0x1b84  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv        C:\Windows\system32\bthserv.dll
18:25:26.0603 0x1b84  bthserv - ok
18:25:26.0649 0x1b84  [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
18:25:26.0696 0x1b84  BTHUSB - ok
18:25:26.0868 0x1b84  [ 52AE2CDD37AB735FBDA52263EFD524AA, 844103913E6079CC1C49B05FFB1CDC9A68692A8EE5A05C9C28FD272DFE534913 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
18:25:26.0899 0x1b84  c2cautoupdatesvc - ok
18:25:27.0024 0x1b84  [ C35B91B6777E7C6DB67B8583D2AA66A7, CE3A004B560EB750442150FEEFEE074A11A17E66B3F2A489E8EF1DBCF8FE8390 ] c2cpnrsvc      C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
18:25:27.0071 0x1b84  c2cpnrsvc - ok
18:25:27.0103 0x1b84  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:25:27.0165 0x1b84  cdfs - ok
18:25:27.0196 0x1b84  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom          C:\Windows\System32\drivers\cdrom.sys
18:25:27.0227 0x1b84  cdrom - ok
18:25:27.0259 0x1b84  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc    C:\Windows\System32\certprop.dll
18:25:27.0290 0x1b84  CertPropSvc - ok
18:25:27.0321 0x1b84  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
18:25:27.0337 0x1b84  circlass - ok
18:25:27.0384 0x1b84  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
18:25:27.0399 0x1b84  CLFS - ok
18:25:27.0978 0x1b84  [ 4DDC45ACA9EEAB337F6D8E50C87CF1BF, F004079B1E6629E1112190D4F773134EDEC1E2EF17E7181BC1D02A570EB8F1CE ] ClickToRunSvc  C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
18:25:28.0165 0x1b84  ClickToRunSvc - ok
18:25:28.0196 0x1b84  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
18:25:28.0228 0x1b84  CmBatt - ok
18:25:28.0243 0x1b84  [ DD795DADD9366C13001E980B334C2ED4, 88B1A8B3D1A33CEDD42E0AB274E71A382C2FDA1176FE11021AFF686CB008A5D2 ] CNG            C:\Windows\system32\Drivers\cng.sys
18:25:28.0259 0x1b84  CNG - ok
18:25:28.0275 0x1b84  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
18:25:28.0290 0x1b84  CompositeBus - ok
18:25:28.0290 0x1b84  COMSysApp - ok
18:25:28.0306 0x1b84  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
18:25:28.0368 0x1b84  condrv - ok
18:25:29.0587 0x1b84  [ 306B31B977BC3477953B2A6277F4052B, 4DB1DEA0A782A85755347C1F42722336690C01E584E4E846FD2065F7DEBC9364 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
18:25:29.0665 0x1b84  cphs - ok
18:25:29.0775 0x1b84  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:25:29.0869 0x1b84  CryptSvc - ok
18:25:29.0900 0x1b84  [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam            C:\Windows\system32\drivers\dam.sys
18:25:29.0915 0x1b84  dam - ok
18:25:30.0197 0x1b84  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:25:30.0602 0x1b84  DcomLaunch - ok
18:25:30.0709 0x1b84  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc      C:\Windows\System32\defragsvc.dll
18:25:30.0916 0x1b84  defragsvc - ok
18:25:31.0040 0x1b84  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll
18:25:31.0181 0x1b84  DeviceAssociationService - ok
18:25:31.0228 0x1b84  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall  C:\Windows\system32\umpnpmgr.dll
18:25:31.0243 0x1b84  DeviceInstall - ok
18:25:31.0259 0x1b84  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
18:25:31.0353 0x1b84  Dfsc - ok
18:25:31.0399 0x1b84  [ 85137571AEC8AC757D497B9DD30D544D, 6E15C9FB4010B26A8E5AFD4E85F7362B2616EB8503ACCE28EC31AC1E7D18566F ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
18:25:31.0478 0x1b84  dg_ssudbus - ok
18:25:31.0556 0x1b84  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:25:31.0993 0x1b84  Dhcp - ok
18:25:32.0337 0x1b84  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack      C:\Windows\system32\diagtrack.dll
18:25:32.0478 0x1b84  DiagTrack - ok
18:25:32.0524 0x1b84  [ 8B1E62881D5AC68E673CD94B136B34AC, A0C50F17041E43AC07B67A74F2C408820316201439F47CDEA37A4F5891CC0E6F ] disk            C:\Windows\system32\drivers\disk.sys
18:25:32.0540 0x1b84  disk - ok
18:25:32.0556 0x1b84  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc          C:\Windows\System32\drivers\dmvsc.sys
18:25:32.0634 0x1b84  dmvsc - ok
18:25:32.0665 0x1b84  [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:25:32.0743 0x1b84  Dnscache - ok
18:25:32.0790 0x1b84  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc        C:\Windows\System32\dot3svc.dll
18:25:32.0868 0x1b84  dot3svc - ok
18:25:32.0915 0x1b84  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS            C:\Windows\system32\dps.dll
18:25:32.0993 0x1b84  DPS - ok
18:25:33.0212 0x1b84  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
18:25:33.0228 0x1b84  drmkaud - ok
18:25:33.0290 0x1b84  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
18:25:33.0337 0x1b84  DsmSvc - ok
18:25:33.0525 0x1b84  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
18:25:33.0634 0x1b84  DXGKrnl - ok
18:25:33.0681 0x1b84  [ CCED99682127E8582E5F716ECE775EF8, 3B0A51E1FC4D5BD3E7EC182799AD712AEEAF1DCD761D7E98BEC8A0A67F7334AF ] E1G60          C:\Windows\system32\DRIVERS\E1G6032E.sys
18:25:33.0712 0x1b84  E1G60 - ok
18:25:33.0728 0x1b84  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost        C:\Windows\System32\eapsvc.dll
18:25:33.0775 0x1b84  Eaphost - ok
18:25:33.0900 0x1b84  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
18:25:33.0978 0x1b84  ebdrv - ok
18:25:34.0025 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS            C:\Windows\System32\lsass.exe
18:25:34.0040 0x1b84  EFS - ok
18:25:34.0072 0x1b84  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass    C:\Windows\system32\drivers\EhStorClass.sys
18:25:34.0087 0x1b84  EhStorClass - ok
18:25:34.0103 0x1b84  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
18:25:34.0103 0x1b84  EhStorTcgDrv - ok
18:25:34.0290 0x1b84  [ 6066FDFF6E02A0F1F2584EBC9D4A1E63, 2CD1405C4664FBE2EB120EB9F56FCDC629F334AD6BA609A9B442FE594CB6A247 ] ePowerSvc      C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
18:25:34.0337 0x1b84  ePowerSvc - ok
18:25:34.0353 0x1b84  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
18:25:34.0400 0x1b84  ErrDev - ok
18:25:34.0540 0x1b84  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem    C:\Windows\system32\es.dll
18:25:34.0618 0x1b84  EventSystem - ok
18:25:34.0634 0x1b84  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat          C:\Windows\system32\drivers\exfat.sys
18:25:34.0712 0x1b84  exfat - ok
18:25:34.0728 0x1b84  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat        C:\Windows\system32\drivers\fastfat.sys
18:25:34.0806 0x1b84  fastfat - ok
18:25:34.0931 0x1b84  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax            C:\Windows\system32\fxssvc.exe
18:25:34.0993 0x1b84  Fax - ok
18:25:35.0009 0x1b84  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc            C:\Windows\System32\drivers\fdc.sys
18:25:35.0025 0x1b84  fdc - ok
18:25:35.0056 0x1b84  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost        C:\Windows\system32\fdPHost.dll
18:25:35.0118 0x1b84  fdPHost - ok
18:25:35.0150 0x1b84  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:25:35.0400 0x1b84  FDResPub - ok
18:25:35.0431 0x1b84  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc          C:\Windows\system32\fhsvc.dll
18:25:35.0509 0x1b84  fhsvc - ok
18:25:35.0525 0x1b84  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:25:35.0540 0x1b84  FileInfo - ok
18:25:35.0556 0x1b84  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
18:25:35.0604 0x1b84  Filetrace - ok
18:25:35.0607 0x1b84  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
18:25:35.0623 0x1b84  flpydisk - ok
18:25:35.0659 0x1b84  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:25:35.0675 0x1b84  FltMgr - ok
18:25:35.0821 0x1b84  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache      C:\Windows\system32\FntCache.dll
18:25:35.0925 0x1b84  FontCache - ok
18:25:36.0068 0x1b84  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:25:36.0084 0x1b84  FontCache3.0.0.0 - ok
18:25:36.0099 0x1b84  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
18:25:36.0115 0x1b84  FsDepends - ok
18:25:36.0130 0x1b84  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:25:36.0130 0x1b84  Fs_Rec - ok
18:25:36.0177 0x1b84  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:25:36.0193 0x1b84  fvevol - ok
18:25:36.0209 0x1b84  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM          C:\Windows\System32\drivers\fxppm.sys
18:25:36.0240 0x1b84  FxPPM - ok
18:25:36.0271 0x1b84  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:25:36.0271 0x1b84  gagp30kx - ok
18:25:36.0302 0x1b84  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
18:25:36.0318 0x1b84  gencounter - ok
18:25:36.0552 0x1b84  [ C5FA929A389F11330C780C1E97EF0740, A83EAD4A2F4DB236CC569CCAD619021C1E011CD70DEE249FE8594E8822640BBF ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
18:25:36.0615 0x1b84  GfExperienceService - ok
18:25:36.0646 0x1b84  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101    C:\Windows\system32\Drivers\msgpioclx.sys
18:25:36.0662 0x1b84  GPIOClx0101 - ok
18:25:36.0677 0x1b84  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc          C:\Windows\System32\gpsvc.dll
18:25:36.0740 0x1b84  gpsvc - ok
18:25:36.0943 0x1b84  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdate        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:25:36.0959 0x1b84  gupdate - ok
18:25:36.0959 0x1b84  [ 7814A8ED32D5186BA651008AFFB55080, 1116694AD45DC53B987910DFD16909B69DEF754034E4C535AEE6340229CE5697 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:25:36.0974 0x1b84  gupdatem - ok
18:25:37.0005 0x1b84  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:25:37.0037 0x1b84  HdAudAddService - ok
18:25:37.0068 0x1b84  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
18:25:37.0084 0x1b84  HDAudBus - ok
18:25:37.0115 0x1b84  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt        C:\Windows\System32\drivers\HidBatt.sys
18:25:37.0146 0x1b84  HidBatt - ok
18:25:37.0490 0x1b84  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
18:25:37.0568 0x1b84  HidBth - ok
18:25:37.0568 0x1b84  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
18:25:37.0584 0x1b84  hidi2c - ok
18:25:37.0599 0x1b84  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr          C:\Windows\System32\drivers\hidir.sys
18:25:37.0615 0x1b84  HidIr - ok
18:25:37.0630 0x1b84  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv        C:\Windows\system32\hidserv.dll
18:25:37.0662 0x1b84  hidserv - ok
18:25:37.0677 0x1b84  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
18:25:37.0755 0x1b84  HidUsb - ok
18:25:37.0771 0x1b84  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:25:37.0818 0x1b84  hkmsvc - ok
18:25:37.0834 0x1b84  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:25:37.0880 0x1b84  HomeGroupListener - ok
18:25:37.0927 0x1b84  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:25:37.0959 0x1b84  HomeGroupProvider - ok
18:25:37.0990 0x1b84  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:25:38.0005 0x1b84  HpSAMD - ok
18:25:38.0037 0x1b84  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:25:38.0068 0x1b84  HTTP - ok
18:25:38.0068 0x1b84  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:25:38.0068 0x1b84  hwpolicy - ok
18:25:38.0084 0x1b84  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
18:25:38.0115 0x1b84  hyperkbd - ok
18:25:38.0130 0x1b84  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
18:25:38.0162 0x1b84  HyperVideo - ok
18:25:38.0224 0x1b84  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
18:25:38.0412 0x1b84  i8042prt - ok
18:25:38.0443 0x1b84  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
18:25:38.0459 0x1b84  iaLPSSi_GPIO - ok
18:25:38.0459 0x1b84  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C    C:\Windows\System32\drivers\iaLPSSi_I2C.sys
18:25:38.0474 0x1b84  iaLPSSi_I2C - ok
18:25:38.0584 0x1b84  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
18:25:38.0615 0x1b84  iaStorAV - ok
18:25:38.0615 0x1b84  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
18:25:38.0630 0x1b84  iaStorV - ok
18:25:38.0630 0x1b84  IEEtwCollectorService - ok
18:25:38.0709 0x1b84  [ 712B795D0920264F2B166D2313FFC43D, 3B9CE043D170B6CFA43573916D293F5E6EE8A8372C72F48F428702D5E36BF0CA ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
18:25:39.0021 0x1b84  igfx - ok
18:25:39.0053 0x1b84  [ 201700DCB9CF3D72B9CCA09532774DD2, 45E4489C1703D6A324E46C8314211B2FD2C76C6EB44E8CAD868FF2BC202E7122 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
18:25:39.0068 0x1b84  igfxCUIService1.0.0.0 - ok
18:25:39.0146 0x1b84  [ 2530D33CE2F5F30D08A039EC33E91F17, DE1669A9F67C9CA3EEF6D0D0A56167318E4DB50965D87BF94A2795A21EBEE979 ] IKEEXT          C:\Windows\System32\ikeext.dll
18:25:39.0162 0x1b84  IKEEXT - ok
18:25:39.0193 0x1b84  [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
18:25:39.0209 0x1b84  intaud_WaveExtensible - ok
18:25:39.0303 0x1b84  [ C0A462BA7E9A07EFBD3571740F8D0145, 79AA2136EEBD07F5B66F177C64CA9B887A11DC777EDF5D1797C64611129FD32F ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:25:39.0615 0x1b84  IntcAzAudAddService - ok
18:25:39.0662 0x1b84  [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
18:25:39.0662 0x1b84  IntcDAud - ok
18:25:39.0818 0x1b84  [ 4C17F57E43645E75800E9E84787E34E5, 6A1531D97462BA3B3DBDAD472AF15B717C958AA8C5CE2373DE0B2A41C35BE33E ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:25:39.0850 0x1b84  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:25:40.0006 0x1b84  [ 2390C395882F7773AB7D6CC2547B41DE, 220EBA14BC4A686ED9879D27900AD66ACD937899759A4319297E0F15DFAB247C ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
18:25:40.0022 0x1b84  Intel(R) ME Service - ok
18:25:40.0053 0x1b84  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:25:40.0068 0x1b84  intelide - ok
18:25:40.0115 0x1b84  [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep        C:\Windows\system32\drivers\intelpep.sys
18:25:40.0131 0x1b84  intelpep - ok
18:25:40.0147 0x1b84  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
18:25:40.0193 0x1b84  intelppm - ok
18:25:40.0225 0x1b84  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:25:40.0287 0x1b84  IpFilterDriver - ok
18:25:40.0506 0x1b84  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:25:40.0553 0x1b84  iphlpsvc - ok
18:25:40.0584 0x1b84  [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV        C:\Windows\System32\drivers\IPMIDrv.sys
18:25:40.0645 0x1b84  IPMIDRV - ok
18:25:40.0678 0x1b84  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
18:25:40.0734 0x1b84  IPNAT - ok
18:25:40.0771 0x1b84  [ F96B9EDC032E61EB87652896E92ED526, F9E3CD2FA2D963C56034A4F606869467FDC6647B916CF457249270E6C337A8A5 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:25:40.0788 0x1b84  iPod Service - ok
18:25:40.0792 0x1b84  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:25:40.0804 0x1b84  IRENUM - ok
18:25:40.0820 0x1b84  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:25:40.0851 0x1b84  isapnp - ok
18:25:40.0885 0x1b84  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
18:25:40.0943 0x1b84  iScsiPrt - ok
18:25:40.0945 0x1b84  [ 16B5B394028D8ED80A569123A38DC4F7, 19839364B7A48584615F0ED56D94AB6E6F8159EAD826605F74C73845CE2C5C12 ] iumsvc          C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
18:25:40.0961 0x1b84  iumsvc - ok
18:25:40.0961 0x1b84  [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus          C:\Windows\System32\drivers\iwdbus.sys
18:25:40.0961 0x1b84  iwdbus - ok
18:25:40.0977 0x1b84  [ BDC9C7931DB723CB1AF9F7075EA06645, EEBD5DC9C4656F14F8F0A0A5E84657B6B2BA35283E0E571119DA82F131D5C21B ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:25:40.0992 0x1b84  jhi_service - ok
18:25:41.0008 0x1b84  [ 779010324CCB6B974C4D737DDAABB2D5, 3D8591069D02F0888517C54A4C52E3174771EE86D3DA272C14FCE1B27DCB8613 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
18:25:41.0035 0x1b84  k57nd60a - ok
18:25:41.0047 0x1b84  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
18:25:41.0054 0x1b84  kbdclass - ok
18:25:41.0054 0x1b84  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
18:25:41.0069 0x1b84  kbdhid - ok
18:25:41.0101 0x1b84  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic          C:\Windows\system32\DRIVERS\kdnic.sys
18:25:41.0148 0x1b84  kdnic - ok
18:25:41.0148 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\Windows\system32\lsass.exe
18:25:41.0163 0x1b84  KeyIso - ok
18:25:41.0194 0x1b84  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:25:41.0210 0x1b84  KSecDD - ok
18:25:41.0257 0x1b84  [ A950AB512ED2BD847789FAAD3E967AFA, 005340965B30C5A14E4E081E2CDF7214D2C00BAF05C62DA9ED63EA3026E70C8A ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
18:25:41.0273 0x1b84  KSecPkg - ok
18:25:41.0319 0x1b84  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
18:25:41.0335 0x1b84  ksthunk - ok
18:25:41.0398 0x1b84  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm          C:\Windows\system32\msdtckrm.dll
18:25:41.0429 0x1b84  KtmRm - ok
18:25:41.0476 0x1b84  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:25:41.0476 0x1b84  LanmanServer - ok
18:25:41.0569 0x1b84  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:25:41.0601 0x1b84  LanmanWorkstation - ok
18:25:41.0632 0x1b84  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc          C:\Windows\System32\GeofenceMonitorService.dll
18:25:41.0694 0x1b84  lfsvc - ok
18:25:41.0710 0x1b84  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum      C:\Windows\system32\drivers\LGBusEnum.sys
18:25:41.0726 0x1b84  LGBusEnum - ok
18:25:41.0741 0x1b84  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore    C:\Windows\system32\drivers\LGJoyXlCore.sys
18:25:41.0741 0x1b84  LGJoyXlCore - ok
18:25:41.0757 0x1b84  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
18:25:41.0773 0x1b84  LGVirHid - ok
18:25:41.0773 0x1b84  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:25:41.0788 0x1b84  lltdio - ok
18:25:41.0804 0x1b84  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc        C:\Windows\System32\lltdsvc.dll
18:25:41.0835 0x1b84  lltdsvc - ok
18:25:41.0851 0x1b84  [ 4ACC60B4CBC911F3F34A1D66213BBBF5, C09A87ACAE0D41FD425BAF076FFE9B601DB89BB66199E5BD72FC59C6A8E449DB ] LMDriver        C:\Windows\System32\drivers\LMDriver.sys
18:25:41.0866 0x1b84  LMDriver - ok
18:25:41.0898 0x1b84  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts        C:\Windows\System32\lmhsvc.dll
18:25:41.0976 0x1b84  lmhosts - ok
18:25:42.0085 0x1b84  [ A7D2A96187E5C5F4F7650900A15788AA, F131C3E8206A89A9244ECF2507F4FC1A8550E594A58F75338939A54C973078AF ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:25:42.0101 0x1b84  LMS - ok
18:25:42.0132 0x1b84  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
18:25:42.0148 0x1b84  LSI_SAS - ok
18:25:42.0163 0x1b84  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:25:42.0163 0x1b84  LSI_SAS2 - ok
18:25:42.0179 0x1b84  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
18:25:42.0179 0x1b84  LSI_SAS3 - ok
18:25:42.0194 0x1b84  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS        C:\Windows\system32\drivers\lsi_sss.sys
18:25:42.0194 0x1b84  LSI_SSS - ok
18:25:42.0273 0x1b84  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM            C:\Windows\System32\lsm.dll
18:25:42.0319 0x1b84  LSM - ok
18:25:42.0335 0x1b84  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv          C:\Windows\system32\drivers\luafv.sys
18:25:42.0366 0x1b84  luafv - ok
18:25:42.0398 0x1b84  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector  C:\Windows\system32\drivers\mbam.sys
18:25:42.0413 0x1b84  MBAMProtector - ok
18:25:42.0569 0x1b84  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler  C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
18:25:42.0726 0x1b84  MBAMScheduler - ok
18:25:43.0023 0x1b84  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService    C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
18:25:43.0070 0x1b84  MBAMService - ok
18:25:43.0085 0x1b84  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy  C:\Windows\system32\drivers\MBAMSwissArmy.sys
18:25:43.0101 0x1b84  MBAMSwissArmy - ok
18:25:43.0116 0x1b84  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
18:25:43.0116 0x1b84  MBAMWebAccessControl - ok
18:25:43.0132 0x1b84  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas        C:\Windows\system32\drivers\megasas.sys
18:25:43.0148 0x1b84  megasas - ok
18:25:43.0163 0x1b84  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
18:25:43.0179 0x1b84  megasr - ok
18:25:43.0195 0x1b84  [ AFEA4FAABCE6F0C299E9231FF4F466BE, BCF0C50F02C4AC2784139935F3756F5C4D24FCAF07ACD9567B87991A9D1F16DB ] MEIx64          C:\Windows\system32\DRIVERS\TeeDriverx64.sys
18:25:43.0210 0x1b84  MEIx64 - ok
18:25:43.0226 0x1b84  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS          C:\Windows\system32\mmcss.dll
18:25:43.0241 0x1b84  MMCSS - ok
18:25:43.0257 0x1b84  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem          C:\Windows\system32\drivers\modem.sys
18:25:43.0288 0x1b84  Modem - ok
18:25:43.0304 0x1b84  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor        C:\Windows\System32\drivers\monitor.sys
18:25:43.0320 0x1b84  monitor - ok
18:25:43.0335 0x1b84  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
18:25:43.0335 0x1b84  mouclass - ok
18:25:43.0351 0x1b84  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\Windows\System32\drivers\mouhid.sys
18:25:43.0382 0x1b84  mouhid - ok
18:25:43.0413 0x1b84  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:25:43.0413 0x1b84  mountmgr - ok
18:25:43.0460 0x1b84  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:25:43.0476 0x1b84  mpsdrv - ok
18:25:43.0570 0x1b84  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:25:43.0616 0x1b84  MpsSvc - ok
18:25:43.0648 0x1b84  [ D2AC8F07995CE6CD18848C129435B481, 839B04116B49A757950E049150F6AADE41335914CC699ED73BE886BECAC39D36 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:25:43.0695 0x1b84  MRxDAV - ok
18:25:43.0726 0x1b84  [ 5F2BB54E0223E46646789E90BB4CCD81, 44D5983512688D3C36D66C1D9EFFEED91A2CA5FDB3B106E313015082C72E344D ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:25:43.0773 0x1b84  mrxsmb - ok
18:25:43.0804 0x1b84  [ C83AF14432DF58324FBC2E80A5E42AB5, 63281C114CD9F4BDC80ED5DEE0578C0084DBE10D34DD2103F3BDEB2AF9AB757E ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:25:43.0851 0x1b84  mrxsmb10 - ok
18:25:43.0913 0x1b84  [ 9EFBEC37E87DB6C9E791075987AAB413, 9533F54C494FBD8868A2A973EA956C22E3C1AD9FA79C4F6A2C43F2CAB14DB9D4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:25:44.0054 0x1b84  mrxsmb20 - ok
18:25:44.0157 0x1b84  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
18:25:44.0182 0x1b84  MsBridge - ok
18:25:44.0214 0x1b84  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC          C:\Windows\System32\msdtc.exe
18:25:44.0229 0x1b84  MSDTC - ok
18:25:44.0245 0x1b84  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:25:44.0245 0x1b84  Msfs - ok
18:25:44.0260 0x1b84  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32    C:\Windows\System32\drivers\msgpiowin32.sys
18:25:44.0276 0x1b84  msgpiowin32 - ok
18:25:44.0292 0x1b84  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
18:25:44.0292 0x1b84  mshidkmdf - ok
18:25:44.0307 0x1b84  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf      C:\Windows\System32\drivers\mshidumdf.sys
18:25:44.0339 0x1b84  mshidumdf - ok
18:25:44.0339 0x1b84  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:25:44.0370 0x1b84  msisadrv - ok
18:25:44.0386 0x1b84  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
18:25:44.0401 0x1b84  MSiSCSI - ok
18:25:44.0417 0x1b84  msiserver - ok
18:25:44.0417 0x1b84  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
18:25:44.0464 0x1b84  MSKSSRV - ok
18:25:44.0479 0x1b84  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
18:25:44.0526 0x1b84  MsLldp - ok
18:25:44.0557 0x1b84  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:25:44.0589 0x1b84  MSPCLOCK - ok
18:25:44.0604 0x1b84  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
18:25:44.0651 0x1b84  MSPQM - ok
18:25:44.0682 0x1b84  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
18:25:44.0698 0x1b84  MsRPC - ok
18:25:44.0714 0x1b84  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
18:25:44.0714 0x1b84  mssmbios - ok
18:25:44.0714 0x1b84  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
18:25:44.0729 0x1b84  MSTEE - ok
18:25:44.0729 0x1b84  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
18:25:44.0745 0x1b84  MTConfig - ok
18:25:44.0776 0x1b84  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup            C:\Windows\system32\Drivers\mup.sys
18:25:44.0776 0x1b84  Mup - ok
18:25:44.0792 0x1b84  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
18:25:44.0792 0x1b84  mvumis - ok
18:25:44.0854 0x1b84  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\Windows\system32\qagentRT.dll
18:25:44.0885 0x1b84  napagent - ok
18:25:44.0917 0x1b84  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
18:25:44.0932 0x1b84  NativeWifiP - ok
18:25:44.0964 0x1b84  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\Windows\System32\ncasvc.dll
18:25:44.0979 0x1b84  NcaSvc - ok
18:25:45.0011 0x1b84  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\Windows\System32\ncbservice.dll
18:25:45.0042 0x1b84  NcbService - ok
18:25:45.0073 0x1b84  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
18:25:45.0120 0x1b84  NcdAutoSetup - ok
18:25:45.0151 0x1b84  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:25:45.0182 0x1b84  NDIS - ok
18:25:45.0198 0x1b84  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
18:25:45.0229 0x1b84  NdisCap - ok
18:25:45.0245 0x1b84  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
18:25:45.0276 0x1b84  NdisImPlatform - ok
18:25:45.0307 0x1b84  [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:25:45.0354 0x1b84  NdisTapi - ok
18:25:45.0370 0x1b84  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
18:25:45.0432 0x1b84  Ndisuio - ok
18:25:45.0448 0x1b84  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
18:25:45.0495 0x1b84  NdisVirtualBus - ok
18:25:45.0557 0x1b84  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
18:25:45.0589 0x1b84  NdisWan - ok
18:25:45.0604 0x1b84  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy  C:\Windows\system32\DRIVERS\ndiswan.sys
18:25:45.0632 0x1b84  NdisWanLegacy - ok
18:25:45.0650 0x1b84  [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
18:25:45.0683 0x1b84  NDProxy - ok
18:25:45.0712 0x1b84  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu            C:\Windows\system32\drivers\Ndu.sys
18:25:45.0963 0x1b84  Ndu - ok
18:25:45.0994 0x1b84  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
18:25:46.0041 0x1b84  NetBIOS - ok
18:25:46.0056 0x1b84  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
18:25:46.0103 0x1b84  NetBT - ok
18:25:46.0134 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\Windows\system32\lsass.exe
18:25:46.0150 0x1b84  Netlogon - ok
18:25:46.0197 0x1b84  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\Windows\System32\netman.dll
18:25:46.0212 0x1b84  Netman - ok
18:25:46.0244 0x1b84  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\Windows\System32\netprofmsvc.dll
18:25:46.0259 0x1b84  netprofm - ok
18:25:46.0416 0x1b84  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:25:46.0494 0x1b84  NetTcpPortSharing - ok
18:25:46.0525 0x1b84  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\Windows\System32\drivers\netvsc63.sys
18:25:46.0556 0x1b84  netvsc - ok
18:25:46.0587 0x1b84  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:25:46.0603 0x1b84  NlaSvc - ok
18:25:46.0619 0x1b84  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:25:46.0634 0x1b84  Npfs - ok
18:25:46.0650 0x1b84  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig      C:\Windows\System32\drivers\npsvctrig.sys
18:25:46.0744 0x1b84  npsvctrig - ok
18:25:46.0806 0x1b84  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi            C:\Windows\system32\nsisvc.dll
18:25:46.0884 0x1b84  nsi - ok
18:25:46.0916 0x1b84  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:25:46.0947 0x1b84  nsiproxy - ok
18:25:47.0166 0x1b84  [ 9980B262DBE439AE6BDC91AA985F19EE, E998E4CAE9CD103ADA9CA3C737C4DAD017D056828BFA42A41C7B4E4E108FB13C ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:25:47.0244 0x1b84  Ntfs - ok
18:25:47.0244 0x1b84  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
18:25:47.0259 0x1b84  Null - ok
18:25:48.0213 0x1b84  [ 616D9A6F59FA604612E4B25AAF36BFCA, 6634F3091A07E2BE0E38622C604BE7589020D9FA47A0A15A3161CA0BBAECB33D ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:25:48.0541 0x1b84  nvlddmkm - ok
18:25:48.0760 0x1b84  [ 3D596244C1B93A506292DA07CC2B123F, 1604F8B4B89D599C1944E6FF9A0D35DDB1E34BAEC0315E23070180959644DCF2 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:25:48.0822 0x1b84  NvNetworkService - ok
18:25:48.0853 0x1b84  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:25:48.0853 0x1b84  nvraid - ok
18:25:48.0869 0x1b84  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:25:48.0885 0x1b84  nvstor - ok
18:25:48.0900 0x1b84  [ 27DF221148B9C1A3EA8900D87ABC30F5, 904B4C99EB039C6D2474E30A0E03B700486BED61D226A1A5095BFF729B91C3F2 ] NvStreamKms    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:25:48.0916 0x1b84  NvStreamKms - ok
18:25:49.0291 0x1b84  [ 4B8F9A38BBE8ACCA6D48E253FFE2393A, 11D9ED3E3C5C3D544E83284E24A93632B9B5FF277639DF18046C0564FB838155 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
18:25:49.0713 0x1b84  NvStreamNetworkSvc - ok
18:25:49.0963 0x1b84  [ 2035827FCA3BDF5F37A3B64C8D284176, B3CCCF3AEBBF1D5BC756EEA433CD06A7650294CA4FF09FBCD985085B4692B846 ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
18:25:50.0103 0x1b84  NvStreamSvc - ok
18:25:50.0150 0x1b84  [ 4DFABFC1A31FDE2BDB0AB577CD313D70, 1A517D4FED4B0B8BA1365EF6839BB006EF5E7C4CCC630470B8E239753FC5394F ] nvsvc          C:\Windows\system32\nvvsvc.exe
18:25:50.0166 0x1b84  nvsvc - ok
18:25:50.0229 0x1b84  [ 64E8275CEAD43D3CA8E3A311B2F4B64A, 99E683890B9AF3243100B387317760B5F91745EF9F7FF2ABA2DC7B6551A6EAB6 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:25:50.0244 0x1b84  nvvad_WaveExtensible - ok
18:25:50.0260 0x1b84  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:25:50.0291 0x1b84  nv_agp - ok
18:25:50.0338 0x1b84  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:25:50.0354 0x1b84  ose - ok
18:25:50.0385 0x1b84  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:25:50.0416 0x1b84  p2pimsvc - ok
18:25:50.0494 0x1b84  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\Windows\system32\p2psvc.dll
18:25:50.0604 0x1b84  p2psvc - ok
18:25:50.0650 0x1b84  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport        C:\Windows\System32\drivers\parport.sys
18:25:50.0681 0x1b84  Parport - ok
18:25:50.0697 0x1b84  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr        C:\Windows\system32\drivers\partmgr.sys
18:25:50.0713 0x1b84  partmgr - ok
18:25:50.0797 0x1b84  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:25:50.0820 0x1b84  PcaSvc - ok
18:25:50.0852 0x1b84  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci            C:\Windows\system32\drivers\pci.sys
18:25:50.0852 0x1b84  pci - ok
18:25:50.0915 0x1b84  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:25:50.0931 0x1b84  pciide - ok
18:25:50.0993 0x1b84  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:25:51.0024 0x1b84  pcmcia - ok
18:25:51.0054 0x1b84  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw            C:\Windows\system32\drivers\pcw.sys
18:25:51.0066 0x1b84  pcw - ok
18:25:51.0102 0x1b84  [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc            C:\Windows\system32\drivers\pdc.sys
18:25:51.0118 0x1b84  pdc - ok
18:25:51.0180 0x1b84  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:25:51.0258 0x1b84  PEAUTH - ok
18:25:52.0055 0x1b84  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:25:52.0258 0x1b84  PerfHost - ok
18:25:52.0430 0x1b84  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla            C:\Windows\system32\pla.dll
18:25:52.0493 0x1b84  pla - ok
18:25:52.0539 0x1b84  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:25:52.0571 0x1b84  PlugPlay - ok
18:25:52.0633 0x1b84  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
18:25:52.0664 0x1b84  PNRPAutoReg - ok
18:25:52.0727 0x1b84  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
18:25:52.0743 0x1b84  PNRPsvc - ok
18:25:52.0790 0x1b84  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
18:25:52.0821 0x1b84  PolicyAgent - ok
18:25:52.0852 0x1b84  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power          C:\Windows\system32\umpo.dll
18:25:53.0149 0x1b84  Power - ok
18:25:53.0587 0x1b84  [ 346F352E17EA5793C726D3F6582BA855, 5CD830CDCC73335EDC58D26D1BC8B8830DA885CA6D1E21BB7EE763354B5C35EA ] PrintNotify    C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
18:25:53.0868 0x1b84  PrintNotify - ok
18:25:53.0899 0x1b84  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor      C:\Windows\System32\drivers\processr.sys
18:25:53.0930 0x1b84  Processor - ok
18:25:53.0946 0x1b84  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc        C:\Windows\system32\profsvc.dll
18:25:53.0977 0x1b84  ProfSvc - ok
18:25:54.0008 0x1b84  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:25:54.0040 0x1b84  Psched - ok
18:25:54.0071 0x1b84  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE          C:\Windows\system32\qwave.dll
18:25:54.0118 0x1b84  QWAVE - ok
18:25:54.0149 0x1b84  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:25:54.0165 0x1b84  QWAVEdrv - ok
18:25:54.0196 0x1b84  [ 6A52182919E25FB56D253D389F92CE98, AE6497D5CF324CB813248ADECB0F53E5CB3D6C326774E2257319E4CE7782C591 ] RadioShim      C:\Windows\System32\drivers\RadioShim.sys
18:25:54.0212 0x1b84  RadioShim - ok
18:25:54.0227 0x1b84  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:25:54.0258 0x1b84  RasAcd - ok
18:25:54.0290 0x1b84  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto        C:\Windows\System32\rasauto.dll
18:25:54.0321 0x1b84  RasAuto - ok
18:25:54.0383 0x1b84  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\Windows\System32\rasmans.dll
18:25:54.0415 0x1b84  RasMan - ok
18:25:54.0446 0x1b84  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:25:54.0477 0x1b84  RasPppoe - ok
18:25:54.0493 0x1b84  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
18:25:54.0571 0x1b84  rdbss - ok
18:25:54.0587 0x1b84  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
18:25:54.0649 0x1b84  rdpbus - ok
18:25:54.0665 0x1b84  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
18:25:54.0758 0x1b84  RDPDR - ok
18:25:54.0790 0x1b84  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:25:54.0806 0x1b84  RdpVideoMiniport - ok
18:25:54.0993 0x1b84  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:25:55.0024 0x1b84  rdyboost - ok
18:25:55.0321 0x1b84  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
18:25:55.0384 0x1b84  ReFS - ok
18:25:55.0477 0x1b84  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:25:55.0670 0x1b84  RemoteAccess - ok
18:25:55.0716 0x1b84  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:25:55.0757 0x1b84  RemoteRegistry - ok
18:25:55.0796 0x1b84  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\Windows\System32\drivers\rfcomm.sys
18:25:55.0807 0x1b84  RFCOMM - ok
18:25:56.0180 0x1b84  [ 41DDCF1ADD1FB7DE23DCF671740DDBE6, 87ECB5C883CEFF76D126A5B4D92E069C9298FA5B62CC981870F9ECCA13C074F1 ] RichVideo      C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
18:25:56.0258 0x1b84  RichVideo - ok
18:25:56.0336 0x1b84  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:25:56.0414 0x1b84  RpcEptMapper - ok
18:25:56.0461 0x1b84  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\Windows\system32\locator.exe
18:25:56.0492 0x1b84  RpcLocator - ok
18:25:56.0571 0x1b84  [ E4220FD9C7F1579D9C5F9DFB00427841, 77740122A01A08F18CC82A4BB3F00EC59F29EE10779092F872572C264F6728D0 ] RpcSs          C:\Windows\system32\rpcss.dll
18:25:56.0602 0x1b84  RpcSs - ok
18:25:56.0617 0x1b84  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:25:56.0696 0x1b84  rspndr - ok
18:25:56.0711 0x1b84  [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR      C:\Windows\System32\Drivers\RtsUVStor.sys
18:25:56.0727 0x1b84  RSUSBVSTOR - ok
18:25:56.0742 0x1b84  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap          C:\Windows\System32\drivers\vms3cap.sys
18:25:56.0790 0x1b84  s3cap - ok
18:25:56.0806 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs          C:\Windows\system32\lsass.exe
18:25:56.0806 0x1b84  SamSs - ok
18:25:56.0821 0x1b84  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:25:56.0821 0x1b84  sbp2port - ok
18:25:56.0868 0x1b84  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:25:56.0899 0x1b84  SCardSvr - ok
18:25:56.0931 0x1b84  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
18:25:56.0962 0x1b84  ScDeviceEnum - ok
18:25:56.0978 0x1b84  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:25:56.0978 0x1b84  scfilter - ok
18:25:57.0024 0x1b84  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\Windows\system32\schedsvc.dll
18:25:57.0103 0x1b84  Schedule - ok
18:25:57.0134 0x1b84  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc    C:\Windows\System32\certprop.dll
18:25:57.0149 0x1b84  SCPolicySvc - ok
18:25:57.0149 0x1b84  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus          C:\Windows\System32\drivers\sdbus.sys
18:25:57.0165 0x1b84  sdbus - ok
18:25:57.0196 0x1b84  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
18:25:57.0196 0x1b84  sdstor - ok
18:25:57.0212 0x1b84  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:25:57.0243 0x1b84  secdrv - ok
18:25:57.0400 0x1b84  [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon        C:\Windows\system32\seclogon.dll
18:25:57.0509 0x1b84  seclogon - ok
18:25:57.0525 0x1b84  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\Windows\System32\sens.dll
18:25:57.0540 0x1b84  SENS - ok
18:25:57.0587 0x1b84  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:25:57.0681 0x1b84  SensrSvc - ok
18:25:57.0743 0x1b84  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx          C:\Windows\system32\drivers\SerCx.sys
18:25:57.0759 0x1b84  SerCx - ok
18:25:57.0775 0x1b84  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
18:25:57.0790 0x1b84  SerCx2 - ok
18:25:57.0806 0x1b84  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum        C:\Windows\System32\drivers\serenum.sys
18:25:57.0821 0x1b84  Serenum - ok
18:25:57.0837 0x1b84  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
18:25:57.0868 0x1b84  Serial - ok
18:25:57.0868 0x1b84  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\Windows\System32\drivers\sermouse.sys
18:25:57.0884 0x1b84  sermouse - ok
18:25:57.0915 0x1b84  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\Windows\system32\sessenv.dll
18:25:57.0931 0x1b84  SessionEnv - ok
18:25:57.0946 0x1b84  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy        C:\Windows\System32\drivers\sfloppy.sys
18:25:57.0978 0x1b84  sfloppy - ok
18:25:58.0024 0x1b84  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:25:58.0056 0x1b84  SharedAccess - ok
18:25:58.0150 0x1b84  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:25:58.0181 0x1b84  ShellHWDetection - ok
18:25:58.0181 0x1b84  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:25:58.0196 0x1b84  SiSRaid2 - ok
18:25:58.0196 0x1b84  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:25:58.0196 0x1b84  SiSRaid4 - ok
18:25:58.0228 0x1b84  [ 3E98CE04689597C76B3EF4D3D0323836, F7FFF675066281190C236F2995EB003A1779231E5164EEE6BEE334A4240B1DF9 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
18:25:58.0243 0x1b84  SkypeUpdate - ok
18:25:58.0275 0x1b84  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost        C:\Windows\System32\smphost.dll
18:25:58.0321 0x1b84  smphost - ok
18:25:58.0337 0x1b84  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:25:58.0368 0x1b84  SNMPTRAP - ok
18:25:58.0399 0x1b84  [ B45AE0970B2D66CCE756DE6989E23EEC, 8393CF2DC4F65CD48D4D7B3C8C2D29E26728593B652D6CEAB65B50AEDA0884B7 ] spaceport      C:\Windows\system32\drivers\spaceport.sys
18:25:58.0415 0x1b84  spaceport - ok
18:25:58.0431 0x1b84  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx          C:\Windows\system32\drivers\SpbCx.sys
18:25:58.0431 0x1b84  SpbCx - ok
18:25:58.0462 0x1b84  [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler        C:\Windows\System32\spoolsv.exe
18:25:58.0524 0x1b84  Spooler - ok
18:25:58.0774 0x1b84  [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc          C:\Windows\system32\sppsvc.exe
18:25:58.0900 0x1b84  sppsvc - ok
18:25:59.0025 0x1b84  [ 8003E034E3EA0E29DA54215A770FC27C, 28AB1FDEA372D33540A26DAE413A10336409D33B91F51DC0AE144D451022A2A7 ] srv            C:\Windows\system32\DRIVERS\srv.sys
18:25:59.0165 0x1b84  srv - ok
18:25:59.0243 0x1b84  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:25:59.0306 0x1b84  srv2 - ok
18:25:59.0322 0x1b84  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:25:59.0353 0x1b84  srvnet - ok
18:25:59.0384 0x1b84  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
18:25:59.0415 0x1b84  SSDPSRV - ok
18:25:59.0462 0x1b84  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc        C:\Windows\system32\sstpsvc.dll
18:25:59.0509 0x1b84  SstpSvc - ok
18:25:59.0556 0x1b84  [ 9B74226E10CD57E965F87014841016F9, 95C76049DBBF3B31A9B01CFD0EDAAC47DE9A1F096B61D05C47FB85E1AFC07288 ] ssudmdm        C:\Windows\system32\DRIVERS\ssudmdm.sys
18:25:59.0572 0x1b84  ssudmdm - ok
18:25:59.0634 0x1b84  [ D27C8C88CEB69075465B41DA6ECF3374, B1A70A30787080474E901E4743996EEE4FCD09BEDBBA89CE57ACAE05A67907AB ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:25:59.0665 0x1b84  Steam Client Service - ok
18:25:59.0697 0x1b84  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:25:59.0697 0x1b84  stexstor - ok
18:25:59.0728 0x1b84  [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:25:59.0775 0x1b84  StillCam - ok
18:25:59.0806 0x1b84  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\Windows\System32\wiaservc.dll
18:25:59.0869 0x1b84  stisvc - ok
18:25:59.0884 0x1b84  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
18:25:59.0884 0x1b84  storahci - ok
18:25:59.0900 0x1b84  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
18:25:59.0900 0x1b84  storflt - ok
18:25:59.0915 0x1b84  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
18:25:59.0915 0x1b84  stornvme - ok
18:25:59.0962 0x1b84  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc        C:\Windows\system32\storsvc.dll
18:26:00.0009 0x1b84  StorSvc - ok
18:26:00.0025 0x1b84  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc        C:\Windows\system32\drivers\storvsc.sys
18:26:00.0040 0x1b84  storvsc - ok
18:26:00.0040 0x1b84  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc          C:\Windows\system32\svsvc.dll
18:26:00.0072 0x1b84  svsvc - ok
18:26:00.0087 0x1b84  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\Windows\System32\drivers\swenum.sys
18:26:00.0087 0x1b84  swenum - ok
18:26:00.0134 0x1b84  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv          C:\Windows\System32\swprv.dll
18:26:00.0150 0x1b84  swprv - ok
18:26:00.0165 0x1b84  [ B5E2DD0C1EEB5A6089F846E714283610, C3135E4587BD17B8371C9DFF1803BA8774549C5F02C9399EC1D49BC1853BEED0 ] SynRMIHID      C:\Windows\system32\DRIVERS\SynRMIHID.sys
18:26:00.0181 0x1b84  SynRMIHID - ok
18:26:00.0212 0x1b84  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain        C:\Windows\system32\sysmain.dll
18:26:00.0275 0x1b84  SysMain - ok
18:26:00.0353 0x1b84  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
18:26:00.0384 0x1b84  SystemEventsBroker - ok
18:26:00.0462 0x1b84  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:26:00.0556 0x1b84  TabletInputService - ok
18:26:00.0587 0x1b84  [ FEB710154EDF9B2A15E863E262B5BEE1, F05126CBC5688AB48086DB85CD50A84150EAFFCA779B662E21F2E395BD0E5466 ] tap0901        C:\Windows\system32\DRIVERS\tap0901.sys
18:26:00.0603 0x1b84  tap0901 - ok
18:26:00.0657 0x1b84  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv        C:\Windows\System32\tapisrv.dll
18:26:00.0696 0x1b84  TapiSrv - ok
18:26:00.0868 0x1b84  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
18:26:01.0009 0x1b84  Tcpip - ok
18:26:01.0164 0x1b84  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:26:01.0227 0x1b84  TCPIP6 - ok
18:26:01.0242 0x1b84  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:26:01.0273 0x1b84  tcpipreg - ok
18:26:01.0273 0x1b84  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
18:26:01.0305 0x1b84  tdx - ok
18:26:01.0320 0x1b84  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
18:26:01.0336 0x1b84  terminpt - ok
18:26:01.0367 0x1b84  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService    C:\Windows\System32\termsrv.dll
18:26:01.0539 0x1b84  TermService - ok
18:26:01.0570 0x1b84  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\Windows\system32\themeservice.dll
18:26:01.0602 0x1b84  Themes - ok
18:26:01.0664 0x1b84  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER    C:\Windows\system32\mmcss.dll
18:26:01.0680 0x1b84  THREADORDER - ok
18:26:01.0773 0x1b84  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
18:26:01.0914 0x1b84  TimeBroker - ok
18:26:01.0945 0x1b84  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM            C:\Windows\system32\drivers\tpm.sys
18:26:01.0961 0x1854  Object required for P2P: [ C35B91B6777E7C6DB67B8583D2AA66A7 ] c2cpnrsvc
18:26:01.0977 0x1b84  TPM - ok
18:26:02.0008 0x1b84  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\Windows\System32\trkwks.dll
18:26:02.0039 0x1b84  TrkWks - ok
18:26:02.0055 0x1b84  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:26:02.0117 0x1b84  TrustedInstaller - ok
18:26:02.0133 0x1b84  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:26:02.0211 0x1b84  TsUsbFlt - ok
18:26:02.0227 0x1b84  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD        C:\Windows\System32\drivers\TsUsbGD.sys
18:26:02.0242 0x1b84  TsUsbGD - ok
18:26:02.0258 0x1b84  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:26:02.0492 0x1b84  tunnel - ok
18:26:02.0492 0x1b84  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:26:02.0523 0x1b84  uagp35 - ok
18:26:02.0523 0x1b84  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
18:26:02.0539 0x1b84  UASPStor - ok
18:26:02.0570 0x1b84  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
18:26:02.0570 0x1b84  UCX01000 - ok
18:26:02.0602 0x1b84  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:26:02.0633 0x1b84  udfs - ok
18:26:02.0664 0x1b84  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
18:26:02.0664 0x1b84  UEFI - ok
18:26:02.0695 0x1b84  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect      C:\Windows\system32\UI0Detect.exe
18:26:02.0742 0x1b84  UI0Detect - ok
18:26:02.0758 0x1b84  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:26:02.0773 0x1b84  uliagpkx - ok
18:26:02.0773 0x1b84  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus          C:\Windows\System32\drivers\umbus.sys
18:26:02.0805 0x1b84  umbus - ok
18:26:02.0821 0x1b84  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
18:26:02.0867 0x1b84  UmPass - ok
18:26:02.0899 0x1b84  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\Windows\System32\umrdp.dll
18:26:02.0945 0x1b84  UmRdpService - ok
18:26:02.0961 0x1b84  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\Windows\System32\upnphost.dll
18:26:02.0992 0x1b84  upnphost - ok
18:26:03.0024 0x1b84  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64      C:\Windows\System32\Drivers\usbaapl64.sys
18:26:03.0102 0x1b84  USBAAPL64 - ok
18:26:03.0149 0x1b84  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp        C:\Windows\System32\drivers\usbccgp.sys
18:26:03.0180 0x1b84  usbccgp - ok
18:26:03.0180 0x1b84  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
18:26:03.0195 0x1b84  usbcir - ok
18:26:03.0242 0x1b84  [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci        C:\Windows\System32\drivers\usbehci.sys
18:26:03.0258 0x1b84  usbehci - ok
18:26:03.0352 0x1b84  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
18:26:03.0399 0x1b84  usbhub - ok
18:26:03.0445 0x1b84  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3        C:\Windows\System32\drivers\UsbHub3.sys
18:26:03.0586 0x1b84  USBHUB3 - ok
18:26:03.0617 0x1b84  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci        C:\Windows\System32\drivers\usbohci.sys
18:26:03.0946 0x1b84  usbohci - ok
18:26:03.0977 0x1b84  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
18:26:04.0024 0x1b84  usbprint - ok
18:26:04.0055 0x1b84  [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR        C:\Windows\System32\drivers\USBSTOR.SYS
18:26:04.0086 0x1b84  USBSTOR - ok
18:26:04.0086 0x1b84  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci        C:\Windows\System32\drivers\usbuhci.sys
18:26:04.0117 0x1b84  usbuhci - ok
18:26:04.0133 0x1b84  [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
18:26:04.0180 0x1b84  usbvideo - ok
18:26:04.0195 0x1b84  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI        C:\Windows\System32\drivers\USBXHCI.SYS
18:26:04.0211 0x1b84  USBXHCI - ok
18:26:04.0227 0x1b84  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\Windows\system32\lsass.exe
18:26:04.0227 0x1b84  VaultSvc - ok
18:26:04.0227 0x1b84  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:26:04.0242 0x1b84  vdrvroot - ok
18:26:04.0367 0x1b84  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds            C:\Windows\System32\vds.exe
18:26:04.0430 0x1854  Object send P2P result: true
18:26:04.0430 0x1854  Object required for P2P: [ 4DDC45ACA9EEAB337F6D8E50C87CF1BF ] ClickToRunSvc
18:26:04.0524 0x1b84  vds - ok
18:26:04.0539 0x1b84  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt    C:\Windows\system32\drivers\VerifierExt.sys
18:26:04.0555 0x1b84  VerifierExt - ok
18:26:04.0586 0x1b84  [ 34CAF69BF4166AB40BFF0ED068FF6F91, BF5DA4F85A2C537DD76A3271956EC5BDB9ABC495FAA9371037F608152BE2725D ] vhdmp          C:\Windows\System32\drivers\vhdmp.sys
18:26:04.0602 0x1b84  vhdmp - ok
18:26:04.0617 0x1b84  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:26:04.0617 0x1b84  viaide - ok
18:26:04.0649 0x1b84  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
18:26:04.0680 0x1b84  vmbus - ok
18:26:04.0696 0x1b84  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
18:26:04.0711 0x1b84  VMBusHID - ok
18:26:04.0742 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
18:26:04.0774 0x1b84  vmicguestinterface - ok
18:26:04.0789 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat  C:\Windows\System32\ICSvc.dll
18:26:04.0806 0x1b84  vmicheartbeat - ok
18:26:04.0821 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
18:26:04.0821 0x1b84  vmickvpexchange - ok
18:26:04.0837 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv        C:\Windows\System32\ICSvc.dll
18:26:04.0852 0x1b84  vmicrdv - ok
18:26:04.0868 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
18:26:04.0884 0x1b84  vmicshutdown - ok
18:26:04.0946 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\Windows\System32\ICSvc.dll
18:26:04.0977 0x1b84  vmictimesync - ok
18:26:04.0977 0x1b84  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss        C:\Windows\System32\ICSvc.dll
18:26:04.0993 0x1b84  vmicvss - ok
18:26:05.0024 0x1b84  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:26:05.0024 0x1b84  volmgr - ok
18:26:05.0040 0x1b84  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
18:26:05.0056 0x1b84  volmgrx - ok
18:26:05.0102 0x1b84  [ D537962695CAFEC1301F3EB7C8C3A1D2, 76FBEE866C4191E43B232B7ED34CB1FC1603C15F930EBBC5EFC6EA4B4500E1E8 ] volsnap        C:\Windows\system32\drivers\volsnap.sys
18:26:05.0134 0x1b84  volsnap - ok
18:26:05.0462 0x1b84  [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci            C:\Windows\System32\drivers\vpci.sys
18:26:05.0524 0x1b84  vpci - ok
18:26:05.0540 0x1b84  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
18:26:05.0571 0x1b84  vsmraid - ok
18:26:05.0711 0x1b84  [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS            C:\Windows\system32\vssvc.exe
18:26:05.0851 0x1b84  VSS - ok
18:26:05.0868 0x1b84  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
18:26:05.0899 0x1b84  VSTXRAID - ok
18:26:05.0899 0x1b84  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:26:05.0987 0x1b84  vwifibus - ok
18:26:06.0009 0x1b84  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
18:26:06.0040 0x1b84  vwififlt - ok
18:26:06.0040 0x1b84  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp        C:\Windows\system32\DRIVERS\vwifimp.sys
18:26:06.0056 0x1b84  vwifimp - ok
18:26:06.0118 0x1b84  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time        C:\Windows\system32\w32time.dll
18:26:06.0149 0x1b84  W32Time - ok
18:26:06.0149 0x1b84  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
18:26:06.0165 0x1b84  WacomPen - ok
18:26:06.0243 0x1b84  [ 139D842E5FB75A1E2F0212FBD7B0E457, F29F73B56865C5EBBE89B8F92AEFE2DB19E5C29A94D2E006A23243C23A41AE79 ] wbengine        C:\Windows\system32\wbengine.exe
18:26:06.0289 0x1b84  wbengine - ok
18:26:06.0305 0x1b84  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:26:06.0321 0x1b84  WbioSrvc - ok
18:26:06.0368 0x1b84  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
18:26:06.0415 0x1b84  Wcmsvc - ok
18:26:06.0743 0x1b84  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
18:26:06.0774 0x1b84  wcncsvc - ok
18:26:06.0805 0x1b84  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:26:06.0821 0x1b84  WcsPlugInService - ok
18:26:06.0836 0x1b84  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
18:26:06.0852 0x1b84  WdBoot - ok
18:26:06.0883 0x1b84  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:26:06.0883 0x1854  Object send P2P result: true
18:26:06.0883 0x1854  Object required for P2P: [ 6066FDFF6E02A0F1F2584EBC9D4A1E63 ] ePowerSvc
18:26:06.0899 0x1b84  Wdf01000 - ok
18:26:07.0008 0x1b84  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
18:26:07.0040 0x1b84  WdFilter - ok
18:26:07.0086 0x1b84  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:26:07.0118 0x1b84  WdiServiceHost - ok
18:26:07.0118 0x1b84  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost  C:\Windows\system32\wdi.dll
18:26:07.0133 0x1b84  WdiSystemHost - ok
18:26:07.0165 0x1b84  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
18:26:07.0180 0x1b84  WdNisDrv - ok
18:26:07.0180 0x1b84  WdNisSvc - ok
18:26:07.0211 0x1b84  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient      C:\Windows\System32\webclnt.dll
18:26:07.0243 0x1b84  WebClient - ok
18:26:07.0274 0x1b84  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:26:07.0305 0x1b84  Wecsvc - ok
18:26:07.0321 0x1b84  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
18:26:07.0336 0x1b84  WEPHOSTSVC - ok
18:26:07.0352 0x1b84  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
18:26:07.0399 0x1b84  wercplsupport - ok
18:26:07.0430 0x1b84  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\Windows\System32\WerSvc.dll
18:26:07.0461 0x1b84  WerSvc - ok
18:26:07.0493 0x1b84  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS        C:\Windows\system32\DRIVERS\wfplwfs.sys
18:26:07.0508 0x1b84  WFPLWFS - ok
18:26:07.0540 0x1b84  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\Windows\System32\wiarpc.dll
18:26:07.0571 0x1b84  WiaRpc - ok
18:26:07.0618 0x1b84  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:26:07.0618 0x1b84  WIMMount - ok
18:26:07.0618 0x1b84  WinDefend - ok
18:26:07.0680 0x1b84  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
18:26:07.0711 0x1b84  WinHttpAutoProxySvc - ok
18:26:07.0805 0x1b84  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
18:26:07.0899 0x1b84  Winmgmt - ok
18:26:08.0290 0x1b84  [ 427873F889F2F508BE8BE982219CE578, CA8DCFB774BF0F747295A7A0CB46A6177DE12AD6BD58266182206C41A3C9001E ] WinRM          C:\Windows\system32\WsmSvc.dll
18:26:08.0415 0x1b84  WinRM - ok
18:26:08.0430 0x1b84  [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUsb          C:\Windows\System32\drivers\WinUsb.sys
18:26:08.0446 0x1b84  WinUsb - ok
18:26:08.0680 0x1b84  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc        C:\Windows\System32\wlansvc.dll
18:26:08.0727 0x1b84  WlanSvc - ok
18:26:08.0789 0x1b84  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc        C:\Windows\system32\wlidsvc.dll
18:26:08.0852 0x1b84  wlidsvc - ok
18:26:08.0884 0x1b84  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum        C:\Windows\system32\drivers\WmBEnum.sys
18:26:08.0884 0x1b84  WmBEnum - ok
18:26:08.0899 0x1b84  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
18:26:08.0899 0x1b84  WmFilter - ok
18:26:08.0915 0x1b84  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo        C:\Windows\system32\drivers\WmHidLo.sys
18:26:08.0915 0x1b84  WmHidLo - ok
18:26:08.0946 0x1b84  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi        C:\Windows\System32\drivers\wmiacpi.sys
18:26:08.0977 0x1b84  WmiAcpi - ok
18:26:08.0977 0x1b84  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:26:08.0993 0x1b84  wmiApSrv - ok
18:26:09.0024 0x1b84  WMPNetworkSvc - ok
18:26:09.0024 0x1b84  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
18:26:09.0040 0x1b84  WmVirHid - ok
18:26:09.0040 0x1b84  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
18:26:09.0055 0x1b84  WmXlCore - ok
18:26:09.0071 0x1b84  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof            C:\Windows\system32\drivers\Wof.sys
18:26:09.0071 0x1b84  Wof - ok
18:26:09.0149 0x1b84  [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
18:26:09.0227 0x1b84  workfolderssvc - ok
18:26:09.0259 0x1b84  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr        C:\Windows\system32\DRIVERS\wpcfltr.sys
18:26:09.0259 0x1b84  wpcfltr - ok
18:26:09.0274 0x1b84  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:26:09.0290 0x1b84  WPCSvc - ok
18:26:09.0290 0x1b84  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:26:09.0321 0x1b84  WPDBusEnum - ok
18:26:09.0337 0x1854  Object send P2P result: true
18:26:09.0337 0x1b84  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr      C:\Windows\system32\drivers\WpdUpFltr.sys
18:26:09.0352 0x1854  Object required for P2P: [ 51B3AC0560848CD6D65AC2033E293113 ] MsLldp
18:26:09.0352 0x1b84  WpdUpFltr - ok
18:26:09.0352 0x1b84  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
18:26:09.0368 0x1b84  ws2ifsl - ok
18:26:09.0399 0x1b84  [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc          C:\Windows\System32\wscsvc.dll
18:26:09.0430 0x1b84  wscsvc - ok
18:26:09.0477 0x1b84  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\Windows\System32\drivers\WSDPrint.sys
18:26:09.0493 0x1b84  WSDPrintDevice - ok
18:26:09.0493 0x1b84  WSearch - ok
18:26:09.0712 0x1b84  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService      C:\Windows\System32\WSService.dll
18:26:09.0774 0x1b84  WSService - ok
18:26:10.0133 0x1b84  [ 020F47C655ED1F63BBA834AA53575D5C, 7E36BB83B937CEA8B5D1EAF1DF63D32D64CA8045DA377DF5237D2F4DC16574CC ] wuauserv        C:\Windows\system32\wuaueng.dll
18:26:10.0290 0x1b84  wuauserv - ok
18:26:10.0337 0x1b84  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:26:10.0399 0x1b84  WudfPf - ok
18:26:10.0477 0x1b84  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
18:26:10.0540 0x1b84  WUDFRd - ok
18:26:10.0587 0x1b84  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
18:26:10.0602 0x1b84  wudfsvc - ok
18:26:10.0634 0x1b84  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs      C:\Windows\System32\drivers\WUDFRd.sys
18:26:10.0649 0x1b84  WUDFWpdFs - ok
18:26:10.0665 0x1b84  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\Windows\System32\drivers\WUDFRd.sys
18:26:10.0665 0x1b84  WUDFWpdMtp - ok
18:26:10.0758 0x1b84  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc        C:\Windows\System32\wwansvc.dll
18:26:10.0799 0x1b84  WwanSvc - ok
18:26:10.0799 0x1b84  ================ Scan global ===============================
18:26:10.0867 0x1b84  [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll
18:26:10.0914 0x1b84  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll
18:26:11.0087 0x1b84  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll
18:26:11.0148 0x1b84  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe
18:26:11.0180 0x1b84  [ Global ] - ok
18:26:11.0180 0x1b84  ================ Scan MBR ==================================
18:26:11.0195 0x1b84  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:26:11.0445 0x1b84  \Device\Harddisk0\DR0 - ok
18:26:11.0445 0x1b84  ================ Scan VBR ==================================
18:26:11.0445 0x1b84  [ EC45974F7801DD450ADB2449DB229B2D ] \Device\Harddisk0\DR0\Partition1
18:26:11.0492 0x1b84  \Device\Harddisk0\DR0\Partition1 - ok
18:26:11.0508 0x1b84  [ 52B239203A6D092EFD073045923B7AF3 ] \Device\Harddisk0\DR0\Partition2
18:26:11.0523 0x1b84  \Device\Harddisk0\DR0\Partition2 - ok
18:26:11.0539 0x1b84  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
18:26:11.0539 0x1b84  \Device\Harddisk0\DR0\Partition3 - ok
18:26:11.0555 0x1b84  [ EFB17E60D26D59F529D4934C1FB4393F ] \Device\Harddisk0\DR0\Partition4
18:26:11.0570 0x1b84  \Device\Harddisk0\DR0\Partition4 - ok
18:26:11.0570 0x1b84  [ 882DD736F3834B90EDD049D407F8A76B ] \Device\Harddisk0\DR0\Partition5
18:26:11.0602 0x1b84  \Device\Harddisk0\DR0\Partition5 - ok
18:26:11.0602 0x1b84  [ 434963123BC6663D837861F892CA8063 ] \Device\Harddisk0\DR0\Partition6
18:26:11.0617 0x1b84  \Device\Harddisk0\DR0\Partition6 - ok
18:26:11.0617 0x1b84  ================ Scan generic autorun ======================
18:26:11.0695 0x1b84  [ BC293F3C9621D40E1924A5715417F77C, 3EB1B0040566CE0DBA3FC65C5005B0F1E79BE9AB39CAD1398A45AAC3AB7AD733 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:26:11.0742 0x1b84  NvBackend - ok
18:26:11.0789 0x1b84  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
18:26:11.0805 0x1854  Object send P2P result: true
18:26:11.0805 0x1854  Object required for P2P: [ 4DFABFC1A31FDE2BDB0AB577CD313D70 ] nvsvc
18:26:11.0852 0x1b84  ShadowPlay - ok
18:26:12.0180 0x1b84  [ 92894CE1B4DBBB9BB55EA0A1E6E7DF99, 06E575611BEF01D75789DD92AFE33A6CE9BA18831AD97E7C096BE6C2B0BFE64A ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:26:12.0523 0x1b84  RtHDVCpl - ok
18:26:12.0680 0x1b84  [ 01F0FC06366F80BF8964708042E0D9F5, 7DEA61576AC17C902B6041EE168BEF2AF2A43401829D2FF7E19747ED8D43B16D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
18:26:12.0711 0x1b84  RtHDVBg_Dolby - ok
18:26:12.0727 0x1b84  [ 0104F4CA73154C23FFB449501F6D2D53, 0610AC01C06CC15D67F11C0EE00097A4D0A56B9EED16489FD3306EC2E1E6F301 ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe
18:26:12.0727 0x1b84  Start WingMan Profiler - ok
18:26:12.0742 0x1b84  [ CC9823AA6E3F6229CD6DA193551314A5, 76BCD2BCA391C2114BF9D28FA290D9B39D16379C410070E0E3A6376FDEE51CE1 ] C:\Program Files\iTunes\iTunesHelper.exe
18:26:12.0742 0x1b84  iTunesHelper - ok
18:26:12.0945 0x1b84  [ BB6D5374E353F1D5056AAD013BA93E45, 1915E6AB43C6110B46E4C9C8AF1DE2C26AE9255C8D3294D5D2B829D3025E6AD1 ] C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
18:26:13.0211 0x1b84  Intel Privacy Notification Tool - ok
18:26:13.0289 0x1b84  [ 5D666FC778E7754CC7103402D814809B, 7E9B205B74440D455155014EE8D6FD0D1C647B016D72A28F16709F50BC005D3F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
18:26:13.0320 0x1b84  ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
18:26:14.0258 0x1854  Object send P2P result: true
18:26:14.0274 0x1854  Object required for P2P: [ 3E98CE04689597C76B3EF4D3D0323836 ] SkypeUpdate
18:26:15.0760 0x1b84  Detect skipped due to KSN trusted
18:26:15.0760 0x1b84  ControlCenter4 - ok
18:26:15.0899 0x1b84  [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
18:26:16.0025 0x1b84  BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
18:26:16.0728 0x1854  Object send P2P result: true
18:26:20.0269 0x1b84  Detect skipped due to KSN trusted
18:26:20.0269 0x1b84  BrStsMon00 - ok
18:26:20.0322 0x1b84  RazerCortex - ok
18:26:20.0400 0x1b84  [ 2CD5F1053AB2BC2ED35EF1B253B9E44A, 28A0A3785797D9DDD0A0D0D07B291E24E68B3523F55DE223C60EF59F5FD3361C ] C:\Program Files (x86)\Steam\steam.exe
18:26:20.0447 0x1b84  Steam - ok
18:26:20.0509 0x1b84  [ C29061010881C9174CD45C24E33C56D2, D54BD088047CEE35CEDCDFC330321B84AA0583680C6814C8ECB91B8B75965E90 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:26:20.0541 0x1b84  GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5 - ok
18:26:20.0541 0x1b84  [ EF39E08738EEED7D7BE6AE6442DCAD5B, 5A7AEEDFE5084FBE155EAC6A4BFD3CCF7C69FB9BE0BCA76C5141F71243D74610 ] C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
18:26:20.0556 0x1b84  Allway Sync - ok
18:26:20.0763 0x1b84  [ C224456660839CFCAD2CD8DFB293F38B, D99B862217BBF99BF26B78615B3FDC1484607BA0A34E61C445345CD8D49501D4 ] C:\Program Files\CCleaner\CCleaner64.exe
18:26:20.0899 0x1b84  CCleaner Monitoring - ok
18:26:20.0899 0x1b84  Waiting for KSN requests completion. In queue: 144
18:26:21.0914 0x1b84  Waiting for KSN requests completion. In queue: 144
18:26:22.0070 0x1858  Object required for P2P: [ BF8F54CA37E9C9D6582C31C5761F8C93 ] TsUsbFlt
18:26:22.0914 0x1b84  Waiting for KSN requests completion. In queue: 112
18:26:23.0446 0x1608  Object required for P2P: [ C29061010881C9174CD45C24E33C56D2 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
18:26:23.0930 0x1b84  Waiting for KSN requests completion. In queue: 111
18:26:24.0618 0x1858  Object send P2P result: true
18:26:24.0946 0x1b84  Waiting for KSN requests completion. In queue: 3
18:26:25.0946 0x1b84  Waiting for KSN requests completion. In queue: 3
18:26:26.0040 0x1608  Object send P2P result: true
18:26:26.0993 0x1b84  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
18:26:27.0009 0x1b84  Win FW state via NFP2: enabled ( trusted )
18:26:29.0415 0x1b84  ============================================================
18:26:29.0415 0x1b84  Scan finished
18:26:29.0415 0x1b84  ============================================================
18:26:29.0415 0x041c  Detected object count: 0
18:26:29.0415 0x041c  Actual detected object count: 0
18:26:44.0959 0x1bf8  Deinitialize success

Jan02 21.04.2016 17:53
Code:
Farbar Service Scanner Version: 27-01-2016
Ran by Jan (administrator) on 21-04-2016 at 18:52:45
Running from "C:\Users\Jan\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============

Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

burningice 22.04.2016 15:57
Öffne wieder FRST und kopiere das folgende in das weiße Feld:
Code:
MsMpEng.exe
Drücke dann auf dem Button "Dateisuche".

Es wird eine Search.txt erstellt werden, bitte poste diese wieder hier.

Jan02 22.04.2016 16:20
Search.txt
 
Code:
Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-22 17:15:13)
Gestartet von C:\Users\Jan\Desktop
Start-Modus: Normal

================== Datei-Suche: "MsMpEng.exe" =============

C:\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_6.3.9600.17927_none_b6a857db2a904750\MsMpEng.exe
[2015-08-11 21:04][2015-07-07 11:39] 0023824 ____A (Microsoft Corporation) 039F53336CBC3350C07020857E179878 [Datei ist digital signiert]

C:\Program Files\Windows Defender\MsMpEng.exe
[2015-08-11 21:04][2015-07-07 11:39] 0023824 ____A (Microsoft Corporation) 039F53336CBC3350C07020857E179878 [Datei ist digital signiert]

====== Ende von Suche ======

burningice 24.04.2016 22:56
Schritt: 1
Bitte lade dir folgende Datei, speichere sie auf deinem Desktop und führe sie aus. Bestätige dabei alle auftretenden Sicherheitswarnungen:
http://download.bleepingcomputer.com.../WinDefend.reg

Schritt: 2
Starte deinen PC neu.

Schritt: 3
Starte bitte wieder Farbar's Service Scanner
  • Gehe sicher, dass folgende Optionen angehakt sind.
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center/Action Center
    • Windows Update
    • Windows Defender
    • Other Services
  • Klicke auf Scan.
  • Wenn das Tool fertig ist, wird es eine FSS.txt in dem Verzeichnis erstellen, wo das Tool gelaufen ist.
Poste bitte den Inhalt hier.

Jan02 25.04.2016 09:20
Code:
Farbar Service Scanner Version: 27-01-2016
Ran by Jan (administrator) on 25-04-2016 at 10:18:38
Running from "C:\Users\Jan\Downloads"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.


Windows Firewall:
=============

Firewall Disabled Policy:
==================


System Restore:
============

System Restore Policy:
========================


Action Center:
============


Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.


Windows Autoupdate Disabled Policy:
============================


Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is OK.
The ImagePath of WinDefend service is OK.


Windows Defender Disabled Policy:
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\System32\mpssvc.dll => File is digitally signed
C:\Windows\System32\bfe.dll => File is digitally signed
C:\Windows\System32\drivers\mpsdrv.sys => File is digitally signed
C:\Windows\System32\wscsvc.dll => File is digitally signed
C:\Windows\System32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\System32\wuaueng.dll => File is digitally signed
C:\Windows\System32\qmgr.dll => File is digitally signed
C:\Windows\System32\es.dll => File is digitally signed
C:\Windows\System32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MsMpEng.exe => File is digitally signed
C:\Windows\System32\ipnathlp.dll => File is digitally signed
C:\Windows\System32\iphlpsvc.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****
Hallo Rafael,
der Windows Defender lässt sich übrigens nicht mehr aktivieren! Schon seit dem Mpc Cleaner.

Mfg, Jan

burningice 25.04.2016 17:51
Ja darum geht es grade ;)

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
cmd: sc config wuauserv start= auto
reg: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 0x0 /f
cmd: sc start wuauserv
cmd: sc start WinDefend
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Schritt: 2
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Jan02 25.04.2016 18:17
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-25 19:05:00) Run:2
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
cmd: sc config wuauserv start= auto
reg: reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 0x0 /f
cmd: sc start wuauserv
cmd: sc start WinDefend
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
emptytemp:
       
*****************


=========  sc config wuauserv start= auto =========

[SC] ChangeServiceConfig ERFOLG

========= Ende von CMD: =========


========= reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender" /v DisableAntiSpyware /t REG_DWORD /d 0x0 /f =========

Der Vorgang wurde erfolgreich beendet.



========= Ende von Reg: =========


=========  sc start wuauserv =========


SERVICE_NAME: wuauserv
        TYPE              : 20  WIN32_SHARE_PROCESS 
        STATE              : 2  START_PENDING
                                (NOT_STOPPABLE, NOT_PAUSABLE, IGNORES_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT        : 0x0
        WAIT_HINT          : 0x7d0
        PID                : 552
        FLAGS              :

========= Ende von CMD: =========


=========  sc start WinDefend =========

[SC] StartService FEHLER 577:

Die digitale Signatur dieser Datei kann nicht �berpr�ft werden. M�glicherweise wurde durch eine k�rzlich durchgef�hrte Hardware- oder Software�nderung eine falsch signierte oder besch�digte Datei oder eine Datei, bei der es sich um b�swillige Software aus einer unbekannten Quelle handelt, installiert.


========= Ende von CMD: =========

"HKLM\System\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc" => Schlüssel erfolgreich entfernt
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => Schlüssel erfolgreich entfernt
EmptyTemp: => 530.1 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 19:05:19 ====
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (25-04-2016 19:14:25)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Qualcomm Atheros) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Astonsoft) C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-04-21] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2016-04-22]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1
ManualProxies:

Internet Explorer:
==================
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-20] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-19]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
R3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-25] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-25 16:21 - 2016-04-25 16:21 - 00000000 ____D C:\Users\Jan\AppData\Local\TempTaskUpdateDetection4822F7AE-F8AC-457E-8AF6-112DFE867E18
2016-04-25 15:48 - 2016-04-25 15:48 - 00000000 ____D C:\Users\Jan\AppData\Local\Microsoft Help
2016-04-25 10:18 - 2016-04-25 10:18 - 00002957 _____ C:\Windows\SysWOW64\FSS.txt
2016-04-25 10:12 - 2016-04-25 10:11 - 00007164 _____ C:\Users\Jan\Desktop\WinDefend.reg
2016-04-25 10:11 - 2016-04-25 10:11 - 00007164 _____ C:\Users\Jan\Downloads\WinDefend.reg
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour-Druckdienste
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\Program Files\Bonjour Print Services
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\Program Files\Bonjour
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-04-25 09:57 - 2016-04-25 09:57 - 00000000 ____D C:\Users\Jan\Documents\Bluetooth Folder
2016-04-25 09:57 - 2016-04-25 09:57 - 00000000 ____D C:\Users\Jan\AppData\Local\BMExplorer
2016-04-22 17:15 - 2016-04-22 17:20 - 00000696 _____ C:\Users\Jan\Desktop\Search.txt
2016-04-22 14:13 - 2016-04-25 18:26 - 00009152 _____ C:\Users\Jan\Documents\Liste der erhaltenen Geschenke Konfirmation Jan am 24.04.2016.docx.xlsx
2016-04-22 14:12 - 2016-04-22 14:12 - 00008302 _____ C:\Users\Jan\Documents\Mappe1.xlsx
2016-04-21 19:52 - 2016-04-21 19:52 - 00000000 ____D C:\Users\Jan\Downloads\370LvL
2016-04-21 19:51 - 2016-04-21 19:51 - 00061155 _____ C:\Users\Jan\Downloads\370LvL.rar
2016-04-21 18:52 - 2016-04-21 18:52 - 00002796 _____ C:\Users\Jan\Downloads\FSS.txt
2016-04-21 18:51 - 2016-04-21 18:51 - 00899584 _____ (Farbar) C:\Users\Jan\Downloads\FSS.exe
2016-04-21 18:24 - 2016-04-21 18:26 - 00237504 _____ C:\TDSSKiller.3.1.0.9_21.04.2016_18.24.25_log.txt
2016-04-21 18:23 - 2016-04-21 18:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Jan\Downloads\tdsskiller.exe
2016-04-20 19:55 - 2016-04-20 19:55 - 02870984 _____ (ESET) C:\Users\Jan\Downloads\esetsmartinstaller_deu.exe
2016-04-20 19:49 - 2016-04-25 19:05 - 00002354 _____ C:\Users\Jan\Desktop\Fixlog.txt
2016-04-19 19:07 - 2016-04-19 19:08 - 29872687 _____ C:\Users\Jan\Downloads\client_20810.zip
2016-04-19 15:10 - 2016-04-25 19:14 - 00019430 _____ C:\Users\Jan\Desktop\FRST.txt
2016-04-19 15:10 - 2016-04-21 06:12 - 00050301 _____ C:\Users\Jan\Desktop\Addition.txt
2016-04-19 15:09 - 2016-04-19 15:09 - 00001271 _____ C:\Users\Jan\Downloads\FRST - Verknüpfung.lnk
2016-04-19 15:09 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
2016-04-19 15:01 - 2016-04-19 14:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-19 14:50 - 2016-04-22 13:43 - 00001377 _____ C:\Users\Jan\Desktop\zoek - Verknüpfung.lnk
2016-04-19 14:49 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Downloads\zoek - Verknüpfung.lnk
2016-04-19 14:48 - 2016-04-19 15:01 - 00000000 ____D C:\zoek_backup
2016-04-19 14:48 - 2016-04-19 14:48 - 01309184 _____ C:\Users\Jan\Downloads\zoek.exe
2016-04-19 14:44 - 2016-04-19 14:44 - 00047545 _____ C:\Users\Jan\Desktop\mbam.txt
2016-04-19 14:39 - 2016-04-22 13:43 - 00001353 _____ C:\Users\Jan\Desktop\GeForce Experience.lnk
2016-04-19 13:07 - 2016-04-25 19:06 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 13:07 - 2016-04-22 13:43 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 13:05 - 2016-04-19 13:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 16:48 - 2016-04-18 16:50 - 00047979 _____ C:\Users\Jan\Downloads\Addition.txt
2016-04-18 16:47 - 2016-04-18 16:50 - 00048575 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-25 19:14 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:18 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 17:18 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-16 17:18 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 17:17 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 17:17 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 17:17 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 17:17 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 17:17 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-16 17:17 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-16 17:17 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 17:17 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-16 17:17 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 17:17 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-16 17:16 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-16 17:16 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 17:16 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 17:16 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 17:16 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 17:16 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 17:16 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 17:16 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-16 17:16 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 17:16 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-16 17:15 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 17:15 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 17:15 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-16 17:14 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-16 17:14 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 17:14 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-16 17:12 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-16 12:12 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL
2016-03-29 12:06 - 2016-03-29 12:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\NVIDIA
2016-03-29 11:31 - 2016-03-29 11:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-03-29 11:31 - 2016-03-22 04:25 - 06369728 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02993088 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 02561472 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 01264064 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-03-29 11:31 - 2016-03-22 04:25 - 00532536 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00393784 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-03-29 11:31 - 2016-03-18 20:10 - 06253721 _____ C:\Windows\system32\nvcoproc.bin
2016-03-29 11:30 - 2016-03-22 06:12 - 42923576 _____ C:\Windows\system32\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 37567424 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 31555008 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 25321408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 21355248 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 20897416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 19004040 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17748712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17342392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 17248408 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 16446032 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 14128840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 12567608 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-03-29 11:30 - 2016-03-22 06:12 - 10550736 _____ C:\Windows\system32\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 08659472 _____ C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03714472 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03286992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 03235896 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 02809280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436472.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00959544 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00889400 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00753208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00695864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00678520 _____ C:\Windows\system32\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00571912 _____ C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00501896 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00425016 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00377792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00153392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-03-29 11:30 - 2016-03-22 06:12 - 00037091 _____ C:\Windows\system32\nvinfo.pb
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\SysWOW64\nv-vk32.json
2016-03-29 11:30 - 2016-03-22 06:12 - 00000139 _____ C:\Windows\system32\nv-vk64.json
2016-03-27 12:08 - 2016-03-27 12:08 - 00000000 ____D C:\Users\Jan\Documents\Razer

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-25 19:13 - 2015-06-17 21:46 - 06387290 _____ C:\Windows\system32\perfh007.dat
2016-04-25 19:13 - 2015-06-17 21:46 - 01843714 _____ C:\Windows\system32\perfc007.dat
2016-04-25 19:13 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-25 19:06 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-25 19:06 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-25 19:05 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-25 19:05 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-25 19:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-25 18:53 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-25 16:15 - 2016-03-20 10:00 - 00000000 ____D C:\Users\Jan\AppData\Local\ElevatedDiagnostics
2016-04-25 16:15 - 2015-08-09 08:50 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-25 13:04 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-04-25 10:20 - 2015-06-17 12:54 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-04-25 09:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-23 20:37 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-23 13:04 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-23 13:04 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-22 13:43 - 2016-03-22 18:08 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-22 13:43 - 2016-03-22 16:58 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-22 13:43 - 2016-02-24 21:09 - 00000921 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-22 13:43 - 2016-02-24 21:09 - 00000916 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-22 13:43 - 2016-02-15 20:24 - 00000867 _____ C:\Users\Jan\Desktop\Steam.lnk
2016-04-22 13:43 - 2015-12-08 21:50 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-22 13:43 - 2015-11-03 19:57 - 00001772 _____ C:\Users\Jan\Desktop\Word 2013.lnk
2016-04-22 13:43 - 2015-08-31 16:42 - 00002838 _____ C:\Users\Jan\Desktop\Excel 2013.lnk
2016-04-22 13:43 - 2015-08-31 16:42 - 00002769 _____ C:\Users\Jan\Desktop\PowerPoint 2013.lnk
2016-04-22 13:43 - 2015-08-30 13:14 - 00001251 _____ C:\Users\Jan\Desktop\Landwirtschafts Simulator 15 .lnk
2016-04-22 13:43 - 2015-08-30 12:46 - 00001945 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-22 13:43 - 2015-08-30 12:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-22 13:43 - 2015-08-30 12:28 - 00002031 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-22 13:43 - 2015-08-30 12:15 - 00001089 _____ C:\Users\Public\Desktop\phase-6 desktop.lnk
2016-04-22 13:43 - 2015-08-30 11:54 - 00001042 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-22 13:43 - 2015-08-30 11:43 - 00001027 _____ C:\Users\Public\Desktop\EssentialPIM.lnk
2016-04-22 13:43 - 2015-08-30 11:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-22 13:43 - 2015-08-30 11:40 - 00000990 _____ C:\Users\Jan\Desktop\IrfanView 64.lnk
2016-04-22 13:43 - 2015-07-15 18:58 - 00001272 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-22 13:43 - 2015-07-15 18:58 - 00001051 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-22 13:43 - 2015-07-15 18:57 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-04-22 13:43 - 2015-07-15 18:57 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-04-22 13:43 - 2015-01-12 15:58 - 00001357 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
2016-04-22 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\addins
2016-04-22 13:34 - 2015-12-08 21:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2016-04-22 13:29 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-21 06:19 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-20 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-20 19:31 - 2015-08-30 13:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-19 20:34 - 2016-02-10 14:20 - 00000000 ____D C:\Users\Jan\Documents\ETS2MP
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ____D C:\ProgramData\Skype
2016-04-19 19:32 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETS2 + ATS Multiplayer
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\Program Files\TruckersMP
2016-04-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2016-04-19 13:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-19 13:02 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-18 18:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 17:05 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:14 - 2016-01-12 20:47 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 17:13 - 2016-03-09 15:46 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-09 09:45 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-03-29 11:31 - 2015-06-17 12:50 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-03-29 11:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Help

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 21:55

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-25 19:14:55)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.8.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.8.1 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {0F0B2947-8987-410B-87C4-8783AB74FC1B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_ERROR_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-03-11] (Microsoft Corporation)
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {91CFB104-0317-4B91-89F7-29EAFF0CD2B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {95A1FE22-88D3-4336-B7AD-CCF5B920B496} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {E987A9FC-7172-4CFF-AC33-3F4B42D608F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2014-08-27 19:48 - 2014-08-27 19:48 - 00384128 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ContactsApi.dll
2014-08-27 19:36 - 2014-08-27 19:36 - 00020992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-04-23 13:04 - 2016-04-21 07:10 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\libglesv2.dll
2016-04-23 13:04 - 2016-04-21 07:10 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\libegl.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{BAEDA2ED-8C25-4C9C-A51F-72FC0BB0ADE9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{0D9F4E1B-F2B1-4B46-8FD9-8BC452808629}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{225A46F2-0C09-4422-9E6A-53D188C34E05}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B274B511-4E4E-4E19-8BE6-D4BEDA1F9C9E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D6353889-13F9-4AE5-BFA3-71349B47325C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{5E84EF38-6DC6-40A9-A45E-CC41BE572881}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{8480922A-BF1B-4F54-87AA-1E80C8FA4C44}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C3A5C10A-5F58-4FC0-A69C-F02D39C6F7EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2AF52FEC-CB35-4E46-B89F-D48C7F7EBABF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

==================== Wiederherstellungspunkte =========================

25-04-2016 10:01:11 Installed Bonjour Print Services

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/25/2016 07:13:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/25/2016 07:13:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/25/2016 07:13:14 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/25/2016 07:06:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  21 D.B.8.7.9.D.8.F.D.8.E.7.E.3.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Notebook-Jan2.local.

Error: (04/25/2016 07:06:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.19:5353  23 D.B.8.7.9.D.8.F.D.8.E.7.E.3.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Notebook-Jan2-2.local.

Error: (04/25/2016 07:06:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  21 D.B.8.7.9.D.8.F.D.8.E.7.E.3.8.2.0.0.3.E.0.C.B.C.E.D.0.0.3.0.0.2.ip6.arpa. PTR Notebook-Jan2.local.

Error: (04/25/2016 07:06:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.19:5353  23 D.B.8.7.9.D.8.F.D.8.E.7.E.3.8.2.0.0.3.E.0.C.B.C.E.D.0.0.3.0.0.2.ip6.arpa. PTR Notebook-Jan2-2.local.

Error: (04/25/2016 07:06:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  21 19.178.168.192.in-addr.arpa. PTR Notebook-Jan2.local.

Error: (04/25/2016 07:06:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.178.19:5353  23 19.178.168.192.in-addr.arpa. PTR Notebook-Jan2-2.local.

Error: (04/25/2016 07:01:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  21 D.B.8.7.9.D.8.F.D.8.E.7.E.3.8.2.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR Notebook-Jan2.local.


Systemfehler:
=============
Error: (04/25/2016 07:06:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/25/2016 07:05:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/25/2016 07:01:10 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: Der Name "WORKGROUP      :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.178.19
registriert werden. Der Computer mit IP-Adresse 192.168.178.1 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.

Error: (04/25/2016 07:00:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/25/2016 07:00:11 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎25.‎04.‎2016 um 18:50:53 unerwartet heruntergefahren.

Error: (04/25/2016 06:31:48 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/25/2016 06:15:08 PM) (Source: BTHUSB) (EventID: 16) (User: )
Description: Die beiderseitige Authentifizierung zwischen dem lokalen Bluetooth-Adapter und einem Gerät mit Bluetooth-Adapteradresse (08:df:1f:de:84:91) ist fehlgeschlagen.

Error: (04/25/2016 05:00:57 PM) (Source: DCOM) (EventID: 10016) (User: Notebook-Jan2)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Notebook-Jan2JanS-1-5-21-489078762-871934448-399521353-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/25/2016 05:00:57 PM) (Source: DCOM) (EventID: 10016) (User: Notebook-Jan2)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Notebook-Jan2JanS-1-5-21-489078762-871934448-399521353-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/25/2016 05:00:57 PM) (Source: DCOM) (EventID: 10016) (User: Notebook-Jan2)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}Notebook-Jan2JanS-1-5-21-489078762-871934448-399521353-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


CodeIntegrity:
===================================
  Date: 2016-04-25 19:06:10.023
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-25 19:05:02.537
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-25 19:00:52.353
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-25 17:00:55.667
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-25 12:19:36.949
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-25 10:15:58.727
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-20 19:50:08.821
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-10 16:20:41.321
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.224
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-10 16:20:41.108
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Sound+\SoundP.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5954.97 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 14480.1 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:221.46 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================

burningice 26.04.2016 16:25
... Hattest du zu vor mal eine andere Antivirenlösung installiert? Wenn ja, welche?

Schritt: 1
Bitte gehe mal zu diesem Pfad:
Zitat:
C:\Program Files\Windows Defender
und starte die MSASCui.exe. Bekommst du eine Fehlermeldung? Bzw. was passiert?

Jan02 26.04.2016 16:37
Hallo Rafael,

Nein ich hatte keine Antivirenlösung installiert. Die MSASCUI.exe ist in dem angegebenen Ordner nicht vorhanden. Was nun?


Gruß Jan

burningice 28.04.2016 09:12
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
cmd: sfc /Scannow
cmd: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
cmd: dir "C:\Program Files\Windows Defender"

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


Jan02 29.04.2016 05:12
Hallo Rafael,

die Fixlog.txt ist zu lang um sie hier posten zu können!!! Sind noch viele Schritte bis zur engültigen besiegung der adware nötig?

Gruß Jan

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-28 18:22:26) Run:3
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
cmd: sfc /Scannow
cmd: findstr /c:"[SR]" %windir%\logs\cbs\cbs.log
cmd: dir "C:\Program Files\Windows Defender"
       
*****************


=========  sfc /Scannow =========


 
 
 S y s t e m s u c h e  w i r d  g e s t a r t e t .  D i e s e r  V o r g a n g  k a n n  e i n i g e  Z e i t  d a u e r n .
 
 
 
 
 
 � b e r p r � f u n g s p h a s e  d e r  S y s t e m s u c h e  w i r d  g e s t a r t e t .
 
 
 � b e r p r � f u n g  0  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  0  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  1  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  1  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  2  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  2  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  2  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  3  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  3  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  4  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  4  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  5  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  5  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  5  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  6  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  6  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  7  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  7  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  7  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  8  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  8  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  9  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  9  %  a b g e s c h l o s s e n .                               � b e r p r � f u n g  1 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  2 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  3 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  4 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  5 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  6 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  7 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  8 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 0  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 1  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 2  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 3  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 4  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 5  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 6  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 7  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 8  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  9 9  %  a b g e s c h l o s s e n .                                � b e r p r � f u n g  1 0 0  %  a b g e s c h l o s s e n .
 
 
 
 
 V o m  W i n d o w s - R e s s o u r c e n s c h u t z  w u r d e n  b e s c h � d i g t e  D a t e i e n  g e f u n d e n ,  u n d
 
 
 e i n i g e  d a v o n  k o n n t e n  n i c h t  r e p a r i e r t  w e r d e n .  W e i t e r e  I n f o r m a t i o n e n  f i n d e n  S i e  i n  d e r  D a t e i  " C B S . L o g "  u n t e r  " w i n d i r \ L o g s \ C B S \ C B S . l o g " ,
 
 
 z . B .  " C : \ W i n d o w s \ L o g s \ C B S \ C B S . l o g " .
 
 
 H i n w e i s :  B e i  d e r  O f f l i n e w a r t u n g  w i r d  d i e  P r o t o k o l l i e r u n g  d e r z e i t  n i c h t  u n t e r s t � t z t .
 
 
 
========= Ende von CMD: =========


=========  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log =========

2016-04-28 18:22:36, Info                  CSI    0000000a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:22:36, Info                  CSI    0000000b [SR] Beginning Verify and Repair transaction
2016-04-28 18:22:42, Info                  CSI    0000000c [SR] Verify complete
2016-04-28 18:22:42, Info                  CSI    0000000d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:22:42, Info                  CSI    0000000e [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:00, Info                  CSI    0000000f [SR] Verify complete
2016-04-28 18:23:00, Info                  CSI    00000010 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:00, Info                  CSI    00000011 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:03, Info                  CSI    00000012 [SR] Verify complete
2016-04-28 18:23:03, Info                  CSI    00000013 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:03, Info                  CSI    00000014 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:06, Info                  CSI    00000015 [SR] Verify complete
2016-04-28 18:23:06, Info                  CSI    00000016 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:06, Info                  CSI    00000017 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:10, Info                  CSI    00000018 [SR] Verify complete
2016-04-28 18:23:10, Info                  CSI    00000019 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:10, Info                  CSI    0000001a [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:13, Info                  CSI    0000001b [SR] Verify complete
2016-04-28 18:23:13, Info                  CSI    0000001c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:13, Info                  CSI    0000001d [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:22, Info                  CSI    0000001e [SR] Verify complete
2016-04-28 18:23:22, Info                  CSI    0000001f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:22, Info                  CSI    00000020 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:26, Info                  CSI    00000021 [SR] Verify complete
2016-04-28 18:23:26, Info                  CSI    00000022 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:26, Info                  CSI    00000023 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:29, Info                  CSI    00000024 [SR] Verify complete
2016-04-28 18:23:29, Info                  CSI    00000025 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:29, Info                  CSI    00000026 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:31, Info                  CSI    00000027 [SR] Verify complete
2016-04-28 18:23:31, Info                  CSI    00000028 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:31, Info                  CSI    00000029 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:34, Info                  CSI    0000002a [SR] Verify complete
2016-04-28 18:23:35, Info                  CSI    0000002b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:35, Info                  CSI    0000002c [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:44, Info                  CSI    0000002d [SR] Verify complete
2016-04-28 18:23:44, Info                  CSI    0000002e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:44, Info                  CSI    0000002f [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:46, Info                  CSI    00000030 [SR] Verify complete
2016-04-28 18:23:46, Info                  CSI    00000031 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:46, Info                  CSI    00000032 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:49, Info                  CSI    00000033 [SR] Verify complete
2016-04-28 18:23:49, Info                  CSI    00000034 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:49, Info                  CSI    00000035 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:52, Info                  CSI    00000036 [SR] Verify complete
2016-04-28 18:23:52, Info                  CSI    00000037 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:52, Info                  CSI    00000038 [SR] Beginning Verify and Repair transaction
2016-04-28 18:23:59, Info                  CSI    00000039 [SR] Verify complete
2016-04-28 18:23:59, Info                  CSI    0000003a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:23:59, Info                  CSI    0000003b [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:02, Info                  CSI    0000003c [SR] Verify complete
2016-04-28 18:24:02, Info                  CSI    0000003d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:02, Info                  CSI    0000003e [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:04, Info                  CSI    0000003f [SR] Verify complete
2016-04-28 18:24:04, Info                  CSI    00000040 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:04, Info                  CSI    00000041 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:07, Info                  CSI    00000042 [SR] Verify complete
2016-04-28 18:24:07, Info                  CSI    00000043 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:07, Info                  CSI    00000044 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:15, Info                  CSI    00000045 [SR] Verify complete
2016-04-28 18:24:15, Info                  CSI    00000046 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:15, Info                  CSI    00000047 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:17, Info                  CSI    00000048 [SR] Verify complete
2016-04-28 18:24:17, Info                  CSI    00000049 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:17, Info                  CSI    0000004a [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:20, Info                  CSI    0000004b [SR] Verify complete
2016-04-28 18:24:20, Info                  CSI    0000004c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:20, Info                  CSI    0000004d [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:22, Info                  CSI    0000004e [SR] Verify complete
2016-04-28 18:24:23, Info                  CSI    0000004f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:23, Info                  CSI    00000050 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:25, Info                  CSI    00000051 [SR] Verify complete
2016-04-28 18:24:25, Info                  CSI    00000052 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:25, Info                  CSI    00000053 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:33, Info                  CSI    00000054 [SR] Verify complete
2016-04-28 18:24:33, Info                  CSI    00000055 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:33, Info                  CSI    00000056 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:36, Info                  CSI    00000057 [SR] Verify complete
2016-04-28 18:24:36, Info                  CSI    00000058 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:36, Info                  CSI    00000059 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:38, Info                  CSI    0000005a [SR] Verify complete
2016-04-28 18:24:38, Info                  CSI    0000005b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:38, Info                  CSI    0000005c [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:40, Info                  CSI    0000005d [SR] Verify complete
2016-04-28 18:24:40, Info                  CSI    0000005e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:40, Info                  CSI    0000005f [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:42, Info                  CSI    00000060 [SR] Verify complete
2016-04-28 18:24:42, Info                  CSI    00000061 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:42, Info                  CSI    00000062 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:50, Info                  CSI    00000063 [SR] Verify complete
2016-04-28 18:24:50, Info                  CSI    00000064 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:50, Info                  CSI    00000065 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:53, Info                  CSI    00000066 [SR] Verify complete
2016-04-28 18:24:53, Info                  CSI    00000067 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:53, Info                  CSI    00000068 [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:55, Info                  CSI    00000069 [SR] Verify complete
2016-04-28 18:24:55, Info                  CSI    0000006a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:55, Info                  CSI    0000006b [SR] Beginning Verify and Repair transaction
2016-04-28 18:24:57, Info                  CSI    0000006c [SR] Verify complete
2016-04-28 18:24:58, Info                  CSI    0000006d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:24:58, Info                  CSI    0000006e [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:05, Info                  CSI    0000006f [SR] Verify complete
2016-04-28 18:25:05, Info                  CSI    00000070 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:05, Info                  CSI    00000071 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:08, Info                  CSI    00000072 [SR] Verify complete
2016-04-28 18:25:08, Info                  CSI    00000073 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:08, Info                  CSI    00000074 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:10, Info                  CSI    00000075 [SR] Verify complete
2016-04-28 18:25:10, Info                  CSI    00000076 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:10, Info                  CSI    00000077 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:12, Info                  CSI    00000078 [SR] Verify complete
2016-04-28 18:25:12, Info                  CSI    00000079 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:12, Info                  CSI    0000007a [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:14, Info                  CSI    0000007b [SR] Verify complete
2016-04-28 18:25:14, Info                  CSI    0000007c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:14, Info                  CSI    0000007d [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:22, Info                  CSI    0000007e [SR] Verify complete
2016-04-28 18:25:22, Info                  CSI    0000007f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:22, Info                  CSI    00000080 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:25, Info                  CSI    00000081 [SR] Verify complete
2016-04-28 18:25:25, Info                  CSI    00000082 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:25, Info                  CSI    00000083 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:27, Info                  CSI    00000084 [SR] Verify complete
2016-04-28 18:25:27, Info                  CSI    00000085 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:27, Info                  CSI    00000086 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:29, Info                  CSI    00000087 [SR] Verify complete
2016-04-28 18:25:29, Info                  CSI    00000088 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:29, Info                  CSI    00000089 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:32, Info                  CSI    0000008a [SR] Verify complete
2016-04-28 18:25:32, Info                  CSI    0000008b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:32, Info                  CSI    0000008c [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:40, Info                  CSI    0000008d [SR] Verify complete
2016-04-28 18:25:40, Info                  CSI    0000008e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:40, Info                  CSI    0000008f [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:42, Info                  CSI    00000090 [SR] Verify complete
2016-04-28 18:25:42, Info                  CSI    00000091 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:42, Info                  CSI    00000092 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:44, Info                  CSI    00000093 [SR] Verify complete
2016-04-28 18:25:44, Info                  CSI    00000094 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:44, Info                  CSI    00000095 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:47, Info                  CSI    00000096 [SR] Verify complete
2016-04-28 18:25:47, Info                  CSI    00000097 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:47, Info                  CSI    00000098 [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:49, Info                  CSI    00000099 [SR] Verify complete
2016-04-28 18:25:49, Info                  CSI    0000009a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:49, Info                  CSI    0000009b [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:56, Info                  CSI    0000009c [SR] Verify complete
2016-04-28 18:25:56, Info                  CSI    0000009d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:56, Info                  CSI    0000009e [SR] Beginning Verify and Repair transaction
2016-04-28 18:25:59, Info                  CSI    0000009f [SR] Verify complete
2016-04-28 18:25:59, Info                  CSI    000000a0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:25:59, Info                  CSI    000000a1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:01, Info                  CSI    000000a2 [SR] Verify complete
2016-04-28 18:26:01, Info                  CSI    000000a3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:01, Info                  CSI    000000a4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:03, Info                  CSI    000000a5 [SR] Verify complete
2016-04-28 18:26:03, Info                  CSI    000000a6 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:03, Info                  CSI    000000a7 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:05, Info                  CSI    000000a8 [SR] Verify complete
2016-04-28 18:26:05, Info                  CSI    000000a9 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:05, Info                  CSI    000000aa [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:12, Info                  CSI    000000ab [SR] Verify complete
2016-04-28 18:26:12, Info                  CSI    000000ac [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:12, Info                  CSI    000000ad [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:16, Info                  CSI    000000ae [SR] Verify complete
2016-04-28 18:26:16, Info                  CSI    000000af [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:16, Info                  CSI    000000b0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:18, Info                  CSI    000000b1 [SR] Verify complete
2016-04-28 18:26:18, Info                  CSI    000000b2 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:18, Info                  CSI    000000b3 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:20, Info                  CSI    000000b4 [SR] Verify complete
2016-04-28 18:26:20, Info                  CSI    000000b5 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:20, Info                  CSI    000000b6 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:25, Info                  CSI    000000b7 [SR] Verify complete
2016-04-28 18:26:25, Info                  CSI    000000b8 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:25, Info                  CSI    000000b9 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:30, Info                  CSI    000000bb [SR] Verify complete
2016-04-28 18:26:30, Info                  CSI    000000bc [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:30, Info                  CSI    000000bd [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:36, Info                  CSI    000000be [SR] Verify complete
2016-04-28 18:26:36, Info                  CSI    000000bf [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:36, Info                  CSI    000000c0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:38, Info                  CSI    000000c1 [SR] Verify complete
2016-04-28 18:26:38, Info                  CSI    000000c2 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:38, Info                  CSI    000000c3 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:40, Info                  CSI    000000c4 [SR] Verify complete
2016-04-28 18:26:40, Info                  CSI    000000c5 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:40, Info                  CSI    000000c6 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:42, Info                  CSI    000000c7 [SR] Verify complete
2016-04-28 18:26:42, Info                  CSI    000000c8 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:42, Info                  CSI    000000c9 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:44, Info                  CSI    000000ca [SR] Verify complete
2016-04-28 18:26:44, Info                  CSI    000000cb [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:44, Info                  CSI    000000cc [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:46, Info                  CSI    000000cd [SR] Verify complete
2016-04-28 18:26:46, Info                  CSI    000000ce [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:46, Info                  CSI    000000cf [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:48, Info                  CSI    000000d0 [SR] Verify complete
2016-04-28 18:26:49, Info                  CSI    000000d1 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:49, Info                  CSI    000000d2 [SR] Beginning Verify and Repair transaction
2016-04-28 18:26:59, Info                  CSI    000000d3 [SR] Verify complete
2016-04-28 18:26:59, Info                  CSI    000000d4 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:26:59, Info                  CSI    000000d5 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:01, Info                  CSI    000000d6 [SR] Verify complete
2016-04-28 18:27:01, Info                  CSI    000000d7 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:01, Info                  CSI    000000d8 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:03, Info                  CSI    000000d9 [SR] Verify complete
2016-04-28 18:27:04, Info                  CSI    000000da [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:04, Info                  CSI    000000db [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:06, Info                  CSI    000000dc [SR] Verify complete
2016-04-28 18:27:06, Info                  CSI    000000dd [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:06, Info                  CSI    000000de [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:15, Info                  CSI    000000df [SR] Verify complete
2016-04-28 18:27:15, Info                  CSI    000000e0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:15, Info                  CSI    000000e1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:16, Info                  CSI    000000e2 [SR] Verify complete
2016-04-28 18:27:16, Info                  CSI    000000e3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:16, Info                  CSI    000000e4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:18, Info                  CSI    000000e5 [SR] Verify complete
2016-04-28 18:27:18, Info                  CSI    000000e6 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:18, Info                  CSI    000000e7 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:20, Info                  CSI    000000e8 [SR] Verify complete
2016-04-28 18:27:20, Info                  CSI    000000e9 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:20, Info                  CSI    000000ea [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:21, Info                  CSI    000000eb [SR] Verify complete
2016-04-28 18:27:22, Info                  CSI    000000ec [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:22, Info                  CSI    000000ed [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:29, Info                  CSI    000000ee [SR] Verify complete
2016-04-28 18:27:30, Info                  CSI    000000ef [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:30, Info                  CSI    000000f0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:33, Info                  CSI    000000f1 [SR] Verify complete
2016-04-28 18:27:33, Info                  CSI    000000f2 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:33, Info                  CSI    000000f3 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:36, Info                  CSI    000000f4 [SR] Verify complete
2016-04-28 18:27:36, Info                  CSI    000000f5 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:36, Info                  CSI    000000f6 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:38, Info                  CSI    000000f7 [SR] Verify complete
2016-04-28 18:27:38, Info                  CSI    000000f8 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:38, Info                  CSI    000000f9 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:40, Info                  CSI    000000fa [SR] Verify complete
2016-04-28 18:27:40, Info                  CSI    000000fb [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:40, Info                  CSI    000000fc [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:49, Info                  CSI    000000fd [SR] Verify complete
2016-04-28 18:27:49, Info                  CSI    000000fe [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:49, Info                  CSI    000000ff [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:51, Info                  CSI    00000100 [SR] Verify complete
2016-04-28 18:27:51, Info                  CSI    00000101 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:51, Info                  CSI    00000102 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:54, Info                  CSI    00000103 [SR] Verify complete
2016-04-28 18:27:54, Info                  CSI    00000104 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:54, Info                  CSI    00000105 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:56, Info                  CSI    00000106 [SR] Verify complete
2016-04-28 18:27:56, Info                  CSI    00000107 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:56, Info                  CSI    00000108 [SR] Beginning Verify and Repair transaction
2016-04-28 18:27:57, Info                  CSI    0000010a [SR] Cannot repair member file [l:32{16}]"Event Viewer.lnk" of EventViewerSettings, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:27:58, Info                  CSI    0000010c [SR] Cannot repair member file [l:32{16}]"Event Viewer.lnk" of EventViewerSettings, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:27:58, Info                  CSI    0000010d [SR] This component was referenced by [l:164{82}]"Package_752_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2054_neutral_GDR"
2016-04-28 18:27:58, Info                  CSI    00000110 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:32{16}]"Event Viewer.lnk"; source file in store is also corrupted
2016-04-28 18:27:58, Info                  CSI    00000111 [SR] Verify complete
2016-04-28 18:27:58, Info                  CSI    00000112 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:27:58, Info                  CSI    00000113 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:00, Info                  CSI    00000114 [SR] Verify complete
2016-04-28 18:28:00, Info                  CSI    00000115 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:00, Info                  CSI    00000116 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:12, Info                  CSI    00000117 [SR] Verify complete
2016-04-28 18:28:12, Info                  CSI    00000118 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:12, Info                  CSI    00000119 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:16, Info                  CSI    0000011a [SR] Verify complete
2016-04-28 18:28:16, Info                  CSI    0000011b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:16, Info                  CSI    0000011c [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:19, Info                  CSI    0000011d [SR] Verify complete
2016-04-28 18:28:19, Info                  CSI    0000011e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:19, Info                  CSI    0000011f [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:23, Info                  CSI    00000120 [SR] Verify complete
2016-04-28 18:28:23, Info                  CSI    00000121 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:23, Info                  CSI    00000122 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:30, Info                  CSI    00000123 [SR] Verify complete
2016-04-28 18:28:30, Info                  CSI    00000124 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:30, Info                  CSI    00000125 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:35, Info                  CSI    00000126 [SR] Verify complete
2016-04-28 18:28:35, Info                  CSI    00000127 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:35, Info                  CSI    00000128 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:36, Info                  CSI    00000129 [SR] Verify complete
2016-04-28 18:28:36, Info                  CSI    0000012a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:36, Info                  CSI    0000012b [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:39, Info                  CSI    0000012c [SR] Verify complete
2016-04-28 18:28:39, Info                  CSI    0000012d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:39, Info                  CSI    0000012e [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:45, Info                  CSI    00000147 [SR] Verify complete
2016-04-28 18:28:45, Info                  CSI    00000148 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:45, Info                  CSI    00000149 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:47, Info                  CSI    0000014b [SR] Cannot repair member file [l:36{18}]"Steps Recorder.lnk" of Microsoft-Windows-Application-Compatibility-ProblemStepsRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:28:49, Info                  CSI    0000014d [SR] Cannot repair member file [l:32{16}]"Task Manager.lnk" of Microsoft-Windows-AdvancedTaskManager, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:28:52, Info                  CSI    00000152 [SR] Cannot repair member file [l:36{18}]"Steps Recorder.lnk" of Microsoft-Windows-Application-Compatibility-ProblemStepsRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:28:52, Info                  CSI    00000153 [SR] This component was referenced by [l:164{82}]"Package_873_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2613_neutral_GDR"
2016-04-28 18:28:52, Info                  CSI    00000156 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:36{18}]"Steps Recorder.lnk"; source file in store is also corrupted
2016-04-28 18:28:53, Info                  CSI    00000158 [SR] Cannot repair member file [l:32{16}]"Task Manager.lnk" of Microsoft-Windows-AdvancedTaskManager, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:28:53, Info                  CSI    00000159 [SR] This component was referenced by [l:164{82}]"Package_868_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2529_neutral_GDR"
2016-04-28 18:28:53, Info                  CSI    0000015c [SR] Could not reproject corrupted file [ml:520{260},l:138{69}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools"\[l:32{16}]"Task Manager.lnk"; source file in store is also corrupted
2016-04-28 18:28:53, Info                  CSI    00000160 [SR] Verify complete
2016-04-28 18:28:53, Info                  CSI    00000161 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:53, Info                  CSI    00000162 [SR] Beginning Verify and Repair transaction
2016-04-28 18:28:58, Info                  CSI    00000165 [SR] Verify complete
2016-04-28 18:28:58, Info                  CSI    00000166 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:28:58, Info                  CSI    00000167 [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:06, Info                  CSI    0000016f [SR] Verify complete
2016-04-28 18:29:06, Info                  CSI    00000170 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:06, Info                  CSI    00000171 [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:10, Info                  CSI    00000177 [SR] Verify complete
2016-04-28 18:29:10, Info                  CSI    00000178 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:10, Info                  CSI    00000179 [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:13, Info                  CSI    0000017a [SR] Verify complete
2016-04-28 18:29:13, Info                  CSI    0000017b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:13, Info                  CSI    0000017c [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:15, Info                  CSI    0000017e [SR] Cannot repair member file [l:44{22}]"Component Services.lnk" of Microsoft-Windows-COM-ComPlus-Admin-CompSvcLink, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:15, Info                  CSI    00000180 [SR] Cannot repair member file [l:46{23}]"Computer Management.lnk" of Microsoft-Windows-ComputerManagementSnapin, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:16, Info                  CSI    00000182 [SR] Cannot repair member file [l:28{14}]"Calculator.lnk" of Microsoft-Windows-calc, Version = 6.3.9600.17667, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:17, Info                  CSI    00000184 [SR] Cannot repair member file [l:46{23}]"Computer Management.lnk" of Microsoft-Windows-ComputerManagementSnapin, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:17, Info                  CSI    00000185 [SR] This component was referenced by [l:164{82}]"Package_752_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2048_neutral_GDR"
2016-04-28 18:29:17, Info                  CSI    00000188 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:46{23}]"Computer Management.lnk"; source file in store is also corrupted
2016-04-28 18:29:18, Info                  CSI    0000018b [SR] Cannot repair member file [l:28{14}]"Calculator.lnk" of Microsoft-Windows-calc, Version = 6.3.9600.17667, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:18, Info                  CSI    0000018c [SR] This component was referenced by [l:154{77}]"Package_1_for_KB3024755~31bf3856ad364e35~amd64~~6.3.1.1.3024755-1_neutral_GDR"
2016-04-28 18:29:18, Info                  CSI    0000018f [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:28{14}]"Calculator.lnk"; source file in store is also corrupted
2016-04-28 18:29:19, Info                  CSI    00000191 [SR] Cannot repair member file [l:44{22}]"Component Services.lnk" of Microsoft-Windows-COM-ComPlus-Admin-CompSvcLink, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:19, Info                  CSI    00000192 [SR] This component was referenced by [l:326{163}]"Microsoft-Windows-Client-Features-Package-AutoMerged-com~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-com-Deployment"
2016-04-28 18:29:19, Info                  CSI    00000195 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:44{22}]"Component Services.lnk"; source file in store is also corrupted
2016-04-28 18:29:20, Info                  CSI    00000196 [SR] Verify complete
2016-04-28 18:29:21, Info                  CSI    00000197 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:21, Info                  CSI    00000198 [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:23, Info                  CSI    0000019a [SR] Cannot repair member file [l:34{17}]"Character Map.lnk" of Microsoft-Windows-charmap, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:24, Info                  CSI    0000019c [SR] Cannot repair member file [l:32{16}]"Disk Cleanup.lnk" of Microsoft-Windows-cleanmgr, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:27, Info                  CSI    000001a5 [SR] Cannot repair member file [l:34{17}]"Character Map.lnk" of Microsoft-Windows-charmap, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:27, Info                  CSI    000001a6 [SR] This component was referenced by [l:166{83}]"Package_1361_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3943_neutral_GDR"
2016-04-28 18:29:27, Info                  CSI    000001a9 [SR] Could not reproject corrupted file [ml:520{260},l:162{81}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools"\[l:34{17}]"Character Map.lnk"; source file in store is also corrupted
2016-04-28 18:29:28, Info                  CSI    000001b5 [SR] Cannot repair member file [l:32{16}]"Disk Cleanup.lnk" of Microsoft-Windows-cleanmgr, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:29:28, Info                  CSI    000001b6 [SR] This component was referenced by [l:166{83}]"Package_1361_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3942_neutral_GDR"
2016-04-28 18:29:28, Info                  CSI    000001b9 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:32{16}]"Disk Cleanup.lnk"; source file in store is also corrupted
2016-04-28 18:29:30, Info                  CSI    000001c9 [SR] Verify complete
2016-04-28 18:29:30, Info                  CSI    000001ca [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:30, Info                  CSI    000001cb [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:40, Info                  CSI    000001ef [SR] Verify complete
2016-04-28 18:29:40, Info                  CSI    000001f0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:40, Info                  CSI    000001f1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:47, Info                  CSI    000001fb [SR] Verify complete
2016-04-28 18:29:47, Info                  CSI    000001fc [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:47, Info                  CSI    000001fd [SR] Beginning Verify and Repair transaction
2016-04-28 18:29:57, Info                  CSI    00000206 [SR] Verify complete
2016-04-28 18:29:57, Info                  CSI    00000207 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:29:57, Info                  CSI    00000208 [SR] Beginning Verify and Repair transaction
2016-04-28 18:30:04, Info                  CSI    00000220 [SR] Verify complete
2016-04-28 18:30:04, Info                  CSI    00000221 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:30:04, Info                  CSI    00000222 [SR] Beginning Verify and Repair transaction
2016-04-28 18:30:10, Info                  CSI    00000224 [SR] Cannot repair member file [l:20{10}]"dfrgui.lnk" of Microsoft-Windows-Defrag-AdminUI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:30:15, Info                  CSI    00000226 [SR] Cannot repair member file [l:20{10}]"dfrgui.lnk" of Microsoft-Windows-Defrag-AdminUI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:30:15, Info                  CSI    00000227 [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2637_neutral_GDR"
2016-04-28 18:30:15, Info                  CSI    0000022a [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:20{10}]"dfrgui.lnk"; source file in store is also corrupted
2016-04-28 18:30:16, Info                  CSI    00000230 [SR] Verify complete
2016-04-28 18:30:16, Info                  CSI    00000231 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:30:16, Info                  CSI    00000232 [SR] Beginning Verify and Repair transaction
2016-04-28 18:30:22, Info                  CSI    00000233 [SR] Verify complete
2016-04-28 18:30:22, Info                  CSI    00000234 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:30:22, Info                  CSI    00000235 [SR] Beginning Verify and Repair transaction
2016-04-28 18:30:31, Info                  CSI    0000023a [SR] Verify complete
2016-04-28 18:30:31, Info                  CSI    0000023b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:30:31, Info                  CSI    0000023c [SR] Beginning Verify and Repair transaction
2016-04-28 18:30:41, Info                  CSI    00000258 [SR] Verify complete
2016-04-28 18:30:41, Info                  CSI    00000259 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:30:41, Info                  CSI    0000025a [SR] Beginning Verify and Repair transaction
2016-04-28 18:30:43, Info                  CSI    0000025c [SR] Cannot repair member file [l:48{24}]"Windows Fax and Scan.lnk" of Microsoft-Windows-Fax-Client-Applications, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:30:53, Info                  CSI    00000284 [SR] Cannot repair member file [l:48{24}]"Windows Fax and Scan.lnk" of Microsoft-Windows-Fax-Client-Applications, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:30:53, Info                  CSI    00000285 [SR] This component was referenced by [l:166{83}]"Package_2188_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6085_neutral_GDR"
2016-04-28 18:30:53, Info                  CSI    00000288 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:48{24}]"Windows Fax and Scan.lnk"; source file in store is also corrupted
2016-04-28 18:30:54, Info                  CSI    00000297 [SR] Verify complete
2016-04-28 18:30:54, Info                  CSI    00000298 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:30:54, Info                  CSI    00000299 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:08, Info                  CSI    000002b9 [SR] Verify complete
2016-04-28 18:31:08, Info                  CSI    000002ba [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:08, Info                  CSI    000002bb [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:24, Info                  CSI    000002c0 [SR] Verify complete
2016-04-28 18:31:24, Info                  CSI    000002c1 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:24, Info                  CSI    000002c2 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:28, Info                  CSI    000002c7 [SR] Verify complete
2016-04-28 18:31:28, Info                  CSI    000002c8 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:28, Info                  CSI    000002c9 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:33, Info                  CSI    000002e2 [SR] Verify complete
2016-04-28 18:31:33, Info                  CSI    000002e3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:33, Info                  CSI    000002e4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:42, Info                  CSI    000002f0 [SR] Verify complete
2016-04-28 18:31:42, Info                  CSI    000002f1 [SR] Verifying 100 (0x0000000000000064) components

Jan02 29.04.2016 05:13
Code:
2016-04-28 18:31:42, Info                  CSI    000002f2 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:44, Info                  CSI    000002f3 [SR] Verify complete
2016-04-28 18:31:44, Info                  CSI    000002f4 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:44, Info                  CSI    000002f5 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:47, Info                  CSI    000002fe [SR] Verify complete
2016-04-28 18:31:47, Info                  CSI    000002ff [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:47, Info                  CSI    00000300 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:49, Info                  CSI    00000304 [SR] Verify complete
2016-04-28 18:31:49, Info                  CSI    00000305 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:49, Info                  CSI    00000306 [SR] Beginning Verify and Repair transaction
2016-04-28 18:31:58, Info                  CSI    0000037b [SR] Verify complete
2016-04-28 18:31:58, Info                  CSI    0000037c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:31:58, Info                  CSI    0000037d [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:06, Info                  CSI    00000385 [SR] Verify complete
2016-04-28 18:32:06, Info                  CSI    00000386 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:06, Info                  CSI    00000387 [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:10, Info                  CSI    00000389 [SR] Cannot repair member file [l:38{19}]"iSCSI Initiator.lnk" of Microsoft-Windows-iSCSI_Initiator_UI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:10, Info                  CSI    0000038e [SR] Cannot repair member file [l:38{19}]"iSCSI Initiator.lnk" of Microsoft-Windows-iSCSI_Initiator_UI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:10, Info                  CSI    0000038f [SR] This component was referenced by [l:164{82}]"Package_941_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2791_neutral_GDR"
2016-04-28 18:32:10, Info                  CSI    00000392 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:38{19}]"iSCSI Initiator.lnk"; source file in store is also corrupted
2016-04-28 18:32:12, Info                  CSI    0000039f [SR] Verify complete
2016-04-28 18:32:12, Info                  CSI    000003a0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:12, Info                  CSI    000003a1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:24, Info                  CSI    000003a2 [SR] Verify complete
2016-04-28 18:32:24, Info                  CSI    000003a3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:24, Info                  CSI    000003a4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:30, Info                  CSI    000003ae [SR] Verify complete
2016-04-28 18:32:30, Info                  CSI    000003af [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:30, Info                  CSI    000003b0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:31, Info                  CSI    000003b2 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (64-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:33, Info                  CSI    000003b4 [SR] Cannot repair member file [l:54{27}]"Memory Diagnostics Tool.lnk" of Microsoft-Windows-Memory-Diagnostic-Schedule, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:33, Info                  CSI    000003b6 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (64-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:33, Info                  CSI    000003b7 [SR] This component was referenced by [l:166{83}]"Package_1052_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3082_neutral_GDR"
2016-04-28 18:32:33, Info                  CSI    000003ba [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:60{30}]"ODBC Data Sources (64-bit).lnk"; source file in store is also corrupted
2016-04-28 18:32:36, Info                  CSI    000003c8 [SR] Cannot repair member file [l:54{27}]"Memory Diagnostics Tool.lnk" of Microsoft-Windows-Memory-Diagnostic-Schedule, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:36, Info                  CSI    000003c9 [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2631_neutral_GDR"
2016-04-28 18:32:36, Info                  CSI    000003cc [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:54{27}]"Memory Diagnostics Tool.lnk"; source file in store is also corrupted
2016-04-28 18:32:36, Info                  CSI    000003d4 [SR] Verify complete
2016-04-28 18:32:36, Info                  CSI    000003d5 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:36, Info                  CSI    000003d6 [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:48, Info                  CSI    000003e1 [SR] Verify complete
2016-04-28 18:32:49, Info                  CSI    000003e2 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:49, Info                  CSI    000003e3 [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:49, Info                  CSI    000003e5 [SR] Cannot repair member file [l:50{25}]"Windows Easy Transfer.lnk" of Microsoft-Windows-MigrationWizardApplication, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:52, Info                  CSI    000003e7 [SR] Cannot repair member file [l:50{25}]"Windows Easy Transfer.lnk" of Microsoft-Windows-MigrationWizardApplication, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:32:52, Info                  CSI    000003e8 [SR] This component was referenced by [l:164{82}]"Package_844_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2333_neutral_GDR"
2016-04-28 18:32:52, Info                  CSI    000003eb [SR] Could not reproject corrupted file [ml:520{260},l:138{69}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools"\[l:50{25}]"Windows Easy Transfer.lnk"; source file in store is also corrupted
2016-04-28 18:32:53, Info                  CSI    000003ec [SR] Verify complete
2016-04-28 18:32:53, Info                  CSI    000003ed [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:32:53, Info                  CSI    000003ee [SR] Beginning Verify and Repair transaction
2016-04-28 18:32:56, Info                  CSI    000003f0 [SR] Cannot repair member file [l:48{24}]"Windows Media Player.lnk" of Microsoft-Windows-MediaPlayer-Shortcut, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:05, Info                  CSI    000003f2 [SR] Cannot repair member file [l:48{24}]"Windows Media Player.lnk" of Microsoft-Windows-MediaPlayer-Shortcut, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:05, Info                  CSI    000003f3 [SR] This component was referenced by [l:190{95}]"Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.WindowsMediaPlayer"
2016-04-28 18:33:05, Info                  CSI    000003f6 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:48{24}]"Windows Media Player.lnk"; source file in store is also corrupted
2016-04-28 18:33:08, Info                  CSI    00000404 [SR] Verify complete
2016-04-28 18:33:08, Info                  CSI    00000405 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:08, Info                  CSI    00000406 [SR] Beginning Verify and Repair transaction
2016-04-28 18:33:10, Info                  CSI    00000408 [SR] Cannot repair member file [l:48{24}]"System Configuration.lnk" of Microsoft-Windows-MsConfig-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:12, Info                  CSI    00000413 [SR] Cannot repair member file [l:48{24}]"System Configuration.lnk" of Microsoft-Windows-MsConfig-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:12, Info                  CSI    00000414 [SR] This component was referenced by [l:164{82}]"Package_874_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2621_neutral_GDR"
2016-04-28 18:33:12, Info                  CSI    00000417 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:48{24}]"System Configuration.lnk"; source file in store is also corrupted
2016-04-28 18:33:14, Info                  CSI    00000428 [SR] Verify complete
2016-04-28 18:33:15, Info                  CSI    00000429 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:15, Info                  CSI    0000042a [SR] Beginning Verify and Repair transaction
2016-04-28 18:33:21, Info                  CSI    0000042c [SR] Cannot repair member file [l:44{22}]"System Information.lnk" of Microsoft-Windows-MSInfo32-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:21, Info                  CSI    0000042e [SR] Cannot repair member file [l:18{9}]"Paint.lnk" of Microsoft-Windows-mspaint, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:25, Info                  CSI    00000435 [SR] Cannot repair member file [l:44{22}]"System Information.lnk" of Microsoft-Windows-MSInfo32-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:25, Info                  CSI    00000436 [SR] This component was referenced by [l:164{82}]"Package_844_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2332_neutral_GDR"
2016-04-28 18:33:25, Info                  CSI    00000439 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:44{22}]"System Information.lnk"; source file in store is also corrupted
2016-04-28 18:33:25, Info                  CSI    0000043b [SR] Cannot repair member file [l:18{9}]"Paint.lnk" of Microsoft-Windows-mspaint, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:33:25, Info                  CSI    0000043c [SR] This component was referenced by [l:166{83}]"Package_1365_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-4028_neutral_GDR"
2016-04-28 18:33:25, Info                  CSI    0000043f [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:18{9}]"Paint.lnk"; source file in store is also corrupted
2016-04-28 18:33:26, Info                  CSI    00000444 [SR] Verify complete
2016-04-28 18:33:26, Info                  CSI    00000445 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:26, Info                  CSI    00000446 [SR] Beginning Verify and Repair transaction
2016-04-28 18:33:34, Info                  CSI    00000455 [SR] Verify complete
2016-04-28 18:33:34, Info                  CSI    00000456 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:34, Info                  CSI    00000457 [SR] Beginning Verify and Repair transaction
2016-04-28 18:33:46, Info                  CSI    00000484 [SR] Verify complete
2016-04-28 18:33:46, Info                  CSI    00000485 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:46, Info                  CSI    00000486 [SR] Beginning Verify and Repair transaction
2016-04-28 18:33:52, Info                  CSI    00000489 [SR] Verify complete
2016-04-28 18:33:52, Info                  CSI    0000048a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:52, Info                  CSI    0000048b [SR] Beginning Verify and Repair transaction
2016-04-28 18:33:58, Info                  CSI    00000497 [SR] Verify complete
2016-04-28 18:33:59, Info                  CSI    00000498 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:33:59, Info                  CSI    00000499 [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:09, Info                  CSI    000004aa [SR] Verify complete
2016-04-28 18:34:09, Info                  CSI    000004ab [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:09, Info                  CSI    000004ac [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:11, Info                  CSI    000004ae [SR] Cannot repair member file [l:40{20}]"Resource Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:11, Info                  CSI    000004b0 [SR] Cannot repair member file [l:46{23}]"Performance Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:13, Info                  CSI    000004b5 [SR] Cannot repair member file [l:40{20}]"Resource Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:13, Info                  CSI    000004b6 [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2628_neutral_GDR"
2016-04-28 18:34:13, Info                  CSI    000004b8 [SR] Cannot repair member file [l:46{23}]"Performance Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:13, Info                  CSI    000004b9 [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2628_neutral_GDR"
2016-04-28 18:34:13, Info                  CSI    000004bc [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:40{20}]"Resource Monitor.lnk"; source file in store is also corrupted
2016-04-28 18:34:13, Info                  CSI    000004bf [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:46{23}]"Performance Monitor.lnk"; source file in store is also corrupted
2016-04-28 18:34:13, Info                  CSI    000004c2 [SR] Verify complete
2016-04-28 18:34:14, Info                  CSI    000004c3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:14, Info                  CSI    000004c4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:14, Info                  CSI    000004c6 [SR] Cannot repair member file [l:52{26}]"Windows PowerShell ISE.lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:14, Info                  CSI    000004c8 [SR] Cannot repair member file [l:64{32}]"Windows PowerShell ISE (x86).lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:18, Info                  CSI    000004cd [SR] Cannot repair member file [l:52{26}]"Windows PowerShell ISE.lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:18, Info                  CSI    000004ce [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:34:18, Info                  CSI    000004d0 [SR] Cannot repair member file [l:64{32}]"Windows PowerShell ISE (x86).lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:34:18, Info                  CSI    000004d1 [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:34:18, Info                  CSI    000004d4 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:52{26}]"Windows PowerShell ISE.lnk"; source file in store is also corrupted
2016-04-28 18:34:18, Info                  CSI    000004d7 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:64{32}]"Windows PowerShell ISE (x86).lnk"; source file in store is also corrupted
2016-04-28 18:34:22, Info                  CSI    000004e4 [SR] Verify complete
2016-04-28 18:34:22, Info                  CSI    000004e5 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:22, Info                  CSI    000004e6 [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:30, Info                  CSI    000004ef [SR] Verify complete
2016-04-28 18:34:30, Info                  CSI    000004f0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:30, Info                  CSI    000004f1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:34, Info                  CSI    000004f3 [SR] Verify complete
2016-04-28 18:34:34, Info                  CSI    000004f4 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:34, Info                  CSI    000004f5 [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:47, Info                  CSI    000004f8 [SR] Verify complete
2016-04-28 18:34:47, Info                  CSI    000004f9 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:47, Info                  CSI    000004fa [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:51, Info                  CSI    00000509 [SR] Verify complete
2016-04-28 18:34:51, Info                  CSI    0000050a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:51, Info                  CSI    0000050b [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:55, Info                  CSI    0000050d [SR] Verify complete
2016-04-28 18:34:55, Info                  CSI    0000050e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:55, Info                  CSI    0000050f [SR] Beginning Verify and Repair transaction
2016-04-28 18:34:59, Info                  CSI    00000510 [SR] Verify complete
2016-04-28 18:34:59, Info                  CSI    00000511 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:34:59, Info                  CSI    00000512 [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:13, Info                  CSI    00000522 [SR] Verify complete
2016-04-28 18:35:13, Info                  CSI    00000523 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:13, Info                  CSI    00000524 [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:17, Info                  CSI    00000527 [SR] Verify complete
2016-04-28 18:35:17, Info                  CSI    00000528 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:17, Info                  CSI    00000529 [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:22, Info                  CSI    0000052b [SR] Cannot repair member file [l:24{12}]"services.lnk" of Microsoft-Windows-ServicesSnapIn, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:26, Info                  CSI    00000532 [SR] Cannot repair member file [l:24{12}]"services.lnk" of Microsoft-Windows-ServicesSnapIn, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:26, Info                  CSI    00000533 [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:35:26, Info                  CSI    00000536 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:24{12}]"services.lnk"; source file in store is also corrupted
2016-04-28 18:35:28, Info                  CSI    0000053e [SR] Verify complete
2016-04-28 18:35:28, Info                  CSI    0000053f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:28, Info                  CSI    00000540 [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:31, Info                  CSI    00000542 [SR] Cannot repair member file [l:34{17}]"Snipping Tool.lnk" of Microsoft-Windows-SnippingTool-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:32, Info                  CSI    00000544 [SR] Cannot repair member file [l:36{18}]"Sound Recorder.lnk" of Microsoft-Windows-SoundRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:32, Info                  CSI    00000546 [SR] Cannot repair member file [l:44{22}]"Speech Recognition.lnk" of Microsoft-Windows-Speech-UserExperience, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:32, Info                  CSI    0000054a [SR] Cannot repair member file [l:44{22}]"Speech Recognition.lnk" of Microsoft-Windows-Speech-UserExperience, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:32, Info                  CSI    0000054b [SR] This component was referenced by [l:166{83}]"Package_1049_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3060_neutral_GDR"
2016-04-28 18:35:32, Info                  CSI    0000054e [SR] Could not reproject corrupted file [ml:520{260},l:140{70}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility"\[l:44{22}]"Speech Recognition.lnk"; source file in store is also corrupted
2016-04-28 18:35:33, Info                  CSI    00000550 [SR] Cannot repair member file [l:36{18}]"Sound Recorder.lnk" of Microsoft-Windows-SoundRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:33, Info                  CSI    00000551 [SR] This component was referenced by [l:166{83}]"Package_1133_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3321_neutral_GDR"
2016-04-28 18:35:33, Info                  CSI    00000554 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:36{18}]"Sound Recorder.lnk"; source file in store is also corrupted
2016-04-28 18:35:35, Info                  CSI    00000584 [SR] Cannot repair member file [l:34{17}]"Snipping Tool.lnk" of Microsoft-Windows-SnippingTool-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:35, Info                  CSI    00000585 [SR] This component was referenced by [l:166{83}]"Package_2946_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7137_neutral_GDR"
2016-04-28 18:35:35, Info                  CSI    00000588 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:34{17}]"Snipping Tool.lnk"; source file in store is also corrupted
2016-04-28 18:35:35, Info                  CSI    00000589 [SR] Verify complete
2016-04-28 18:35:35, Info                  CSI    0000058a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:35, Info                  CSI    0000058b [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:35, Info                  CSI    0000058d [SR] Cannot repair member file [l:32{16}]"Sticky Notes.lnk" of Microsoft-Windows-StickyNotes-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:37, Info                  CSI    0000058f [SR] Cannot repair member file [l:40{20}]"Default Programs.lnk" of Microsoft-Windows-sud-link, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:40, Info                  CSI    00000591 [SR] Cannot repair member file [l:32{16}]"Sticky Notes.lnk" of Microsoft-Windows-StickyNotes-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:40, Info                  CSI    00000592 [SR] This component was referenced by [l:166{83}]"Package_3033_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7293_neutral_GDR"
2016-04-28 18:35:40, Info                  CSI    00000595 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:32{16}]"Sticky Notes.lnk"; source file in store is also corrupted
2016-04-28 18:35:44, Info                  CSI    00000598 [SR] Cannot repair member file [l:40{20}]"Default Programs.lnk" of Microsoft-Windows-sud-link, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:44, Info                  CSI    00000599 [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-shell-Deployment"
2016-04-28 18:35:44, Info                  CSI    0000059c [SR] Could not reproject corrupted file [ml:520{260},l:138{69}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools"\[l:40{20}]"Default Programs.lnk"; source file in store is also corrupted
2016-04-28 18:35:44, Info                  CSI    0000059e [SR] Verify complete
2016-04-28 18:35:44, Info                  CSI    0000059f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:44, Info                  CSI    000005a0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:47, Info                  CSI    000005a2 [SR] Cannot repair member file [l:40{20}]"Math Input Panel.lnk" of Microsoft-Windows-TabletPC-MathInputPanel, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:49, Info                  CSI    000005a8 [SR] Cannot repair member file [l:40{20}]"Math Input Panel.lnk" of Microsoft-Windows-TabletPC-MathInputPanel, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:49, Info                  CSI    000005a9 [SR] This component was referenced by [l:166{83}]"Package_2947_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7141_neutral_GDR"
2016-04-28 18:35:49, Info                  CSI    000005ac [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:40{20}]"Math Input Panel.lnk"; source file in store is also corrupted
2016-04-28 18:35:49, Info                  CSI    000005af [SR] Verify complete
2016-04-28 18:35:50, Info                  CSI    000005b0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:50, Info                  CSI    000005b1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:35:52, Info                  CSI    000005b3 [SR] Cannot repair member file [l:58{29}]"Remote Desktop Connection.lnk" of Microsoft-Windows-TerminalServices-TerminalServicesClient, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:55, Info                  CSI    000005b5 [SR] Cannot repair member file [l:58{29}]"Remote Desktop Connection.lnk" of Microsoft-Windows-TerminalServices-TerminalServicesClient, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:35:55, Info                  CSI    000005b6 [SR] This component was referenced by [l:166{83}]"Package_1471_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-4215_neutral_GDR"
2016-04-28 18:35:55, Info                  CSI    000005b9 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:58{29}]"Remote Desktop Connection.lnk"; source file in store is also corrupted
2016-04-28 18:35:55, Info                  CSI    000005ba [SR] Verify complete
2016-04-28 18:35:55, Info                  CSI    000005bb [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:35:55, Info                  CSI    000005bc [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:05, Info                  CSI    000005be [SR] Cannot repair member file [l:38{19}]"Windows Journal.lnk" of Microsoft-Windows-TabletPC-Journal, Version = 6.3.9600.18189, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:36:07, Info                  CSI    000005c0 [SR] Cannot repair member file [l:38{19}]"Windows Journal.lnk" of Microsoft-Windows-TabletPC-Journal, Version = 6.3.9600.18189, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:36:07, Info                  CSI    000005c1 [SR] This component was referenced by [l:154{77}]"Package_3_for_KB3115858~31bf3856ad364e35~amd64~~6.3.1.1.3115858-5_neutral_GDR"
2016-04-28 18:36:07, Info                  CSI    000005c4 [SR] Could not reproject corrupted file [ml:520{260},l:156{78}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC"\[l:38{19}]"Windows Journal.lnk"; source file in store is also corrupted
2016-04-28 18:36:07, Info                  CSI    000005c5 [SR] Verify complete
2016-04-28 18:36:08, Info                  CSI    000005c6 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:08, Info                  CSI    000005c7 [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:13, Info                  CSI    000005ce [SR] Verify complete
2016-04-28 18:36:13, Info                  CSI    000005cf [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:13, Info                  CSI    000005d0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:19, Info                  CSI    000005d8 [SR] Repairing corrupted file [ml:520{260},l:112{56}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs"\[l:20{10}]"Search.lnk" from store
2016-04-28 18:36:19, Info                  CSI    000005e0 [SR] Verify complete
2016-04-28 18:36:19, Info                  CSI    000005e1 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:19, Info                  CSI    000005e2 [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:32, Info                  CSI    000005ec [SR] Verify complete
2016-04-28 18:36:32, Info                  CSI    000005ed [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:32, Info                  CSI    000005ee [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:38, Info                  CSI    000005fb [SR] Verify complete
2016-04-28 18:36:38, Info                  CSI    000005fc [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:38, Info                  CSI    000005fd [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:48, Info                  CSI    00000615 [SR] Verify complete
2016-04-28 18:36:48, Info                  CSI    00000616 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:48, Info                  CSI    00000617 [SR] Beginning Verify and Repair transaction
2016-04-28 18:36:54, Info                  CSI    00000619 [SR] Verify complete
2016-04-28 18:36:54, Info                  CSI    0000061a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:36:54, Info                  CSI    0000061b [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:01, Info                  CSI    0000061c [SR] Verify complete
2016-04-28 18:37:01, Info                  CSI    0000061d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:01, Info                  CSI    0000061e [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:06, Info                  CSI    00000620 [SR] Cannot repair member file [l:22{11}]"Wordpad.lnk" of Microsoft-Windows-wordpad, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:37:09, Info                  CSI    00000622 [SR] Cannot repair member file [l:28{14}]"XPS Viewer.lnk" of Microsoft-Windows-XPSReachViewer, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:37:10, Info                  CSI    0000062c [SR] Cannot repair member file [l:28{14}]"XPS Viewer.lnk" of Microsoft-Windows-XPSReachViewer, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:37:10, Info                  CSI    0000062d [SR] This component was referenced by [l:166{83}]"Package_3081_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7359_neutral_GDR"
2016-04-28 18:37:11, Info                  CSI    00000630 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:28{14}]"XPS Viewer.lnk"; source file in store is also corrupted
2016-04-28 18:37:11, Info                  CSI    00000632 [SR] Cannot repair member file [l:22{11}]"Wordpad.lnk" of Microsoft-Windows-wordpad, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:37:11, Info                  CSI    00000633 [SR] This component was referenced by [l:166{83}]"Package_1362_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3948_neutral_GDR"
2016-04-28 18:37:11, Info                  CSI    00000636 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:22{11}]"Wordpad.lnk"; source file in store is also corrupted
2016-04-28 18:37:11, Info                  CSI    0000063b [SR] Verify complete
2016-04-28 18:37:11, Info                  CSI    0000063c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:11, Info                  CSI    0000063d [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:23, Info                  CSI    0000066b [SR] Verify complete
2016-04-28 18:37:23, Info                  CSI    0000066c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:23, Info                  CSI    0000066d [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:25, Info                  CSI    00000670 [SR] Verify complete
2016-04-28 18:37:25, Info                  CSI    00000671 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:25, Info                  CSI    00000672 [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:31, Info                  CSI    00000681 [SR] Verify complete
2016-04-28 18:37:31, Info                  CSI    00000682 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:31, Info                  CSI    00000683 [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:40, Info                  CSI    00000684 [SR] Verify complete
2016-04-28 18:37:40, Info                  CSI    00000685 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:40, Info                  CSI    00000686 [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:44, Info                  CSI    00000688 [SR] Verify complete
2016-04-28 18:37:44, Info                  CSI    00000689 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:44, Info                  CSI    0000068a [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:53, Info                  CSI    0000068b [SR] Verify complete
2016-04-28 18:37:53, Info                  CSI    0000068c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:53, Info                  CSI    0000068d [SR] Beginning Verify and Repair transaction
2016-04-28 18:37:58, Info                  CSI    0000068e [SR] Verify complete
2016-04-28 18:37:58, Info                  CSI    0000068f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:37:58, Info                  CSI    00000690 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:01, Info                  CSI    00000691 [SR] Verify complete
2016-04-28 18:38:01, Info                  CSI    00000692 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:01, Info                  CSI    00000693 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:12, Info                  CSI    00000694 [SR] Verify complete
2016-04-28 18:38:12, Info                  CSI    00000695 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:12, Info                  CSI    00000696 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:17, Info                  CSI    00000697 [SR] Verify complete
2016-04-28 18:38:18, Info                  CSI    00000698 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:18, Info                  CSI    00000699 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:21, Info                  CSI    0000069a [SR] Verify complete
2016-04-28 18:38:21, Info                  CSI    0000069b [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:21, Info                  CSI    0000069c [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:32, Info                  CSI    0000069d [SR] Verify complete
2016-04-28 18:38:32, Info                  CSI    0000069e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:32, Info                  CSI    0000069f [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:37, Info                  CSI    000006d2 [SR] Verify complete
2016-04-28 18:38:37, Info                  CSI    000006d3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:37, Info                  CSI    000006d4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:41, Info                  CSI    000006d5 [SR] Verify complete
2016-04-28 18:38:41, Info                  CSI    000006d6 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:41, Info                  CSI    000006d7 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:51, Info                  CSI    000006d9 [SR] Cannot repair member file [l:86{43}]"Windows Firewall with Advanced Security.lnk" of Networking-MPSSVC, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:38:55, Info                  CSI    000006db [SR] Cannot repair member file [l:86{43}]"Windows Firewall with Advanced Security.lnk" of Networking-MPSSVC, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:38:55, Info                  CSI    000006dc [SR] This component was referenced by [l:166{83}]"Package_1189_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3446_neutral_GDR"
2016-04-28 18:38:55, Info                  CSI    000006df [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:86{43}]"Windows Firewall with Advanced Security.lnk"; source file in store is also corrupted
2016-04-28 18:38:56, Info                  CSI    000006e2 [SR] Verify complete
2016-04-28 18:38:56, Info                  CSI    000006e3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:38:56, Info                  CSI    000006e4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:38:57, Info                  CSI    000006e6 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:39:06, Info                  CSI    000006e8 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:39:06, Info                  CSI    000006e9 [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"
2016-04-28 18:39:07, Info                  CSI    000006ea [SR] Verify complete
2016-04-28 18:39:07, Info                  CSI    000006eb [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:07, Info                  CSI    000006ec [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:11, Info                  CSI    000006ed [SR] Verify complete
2016-04-28 18:39:11, Info                  CSI    000006ee [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:11, Info                  CSI    000006ef [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:14, Info                  CSI    000006f1 [SR] Cannot repair member file [l:36{18}]"Task Scheduler.lnk" of TaskSchedulerSettings, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:39:17, Info                  CSI    000006f3 [SR] Cannot repair member file [l:36{18}]"Task Scheduler.lnk" of TaskSchedulerSettings, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:39:17, Info                  CSI    000006f4 [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:39:17, Info                  CSI    000006f7 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:36{18}]"Task Scheduler.lnk"; source file in store is also corrupted
2016-04-28 18:39:18, Info                  CSI    000006f8 [SR] Verify complete
2016-04-28 18:39:18, Info                  CSI    000006f9 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:18, Info                  CSI    000006fa [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:25, Info                  CSI    000006fb [SR] Verify complete
2016-04-28 18:39:25, Info                  CSI    000006fc [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:25, Info                  CSI    000006fd [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:34, Info                  CSI    000006ff [SR] Verify complete
2016-04-28 18:39:34, Info                  CSI    00000700 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:34, Info                  CSI    00000701 [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:38, Info                  CSI    0000070b [SR] Verify complete
2016-04-28 18:39:38, Info                  CSI    0000070c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:38, Info                  CSI    0000070d [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:49, Info                  CSI    0000070e [SR] Verify complete
2016-04-28 18:39:49, Info                  CSI    0000070f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:49, Info                  CSI    00000710 [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:52, Info                  CSI    0000077e [SR] Verify complete
2016-04-28 18:39:52, Info                  CSI    0000077f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:52, Info                  CSI    00000780 [SR] Beginning Verify and Repair transaction
2016-04-28 18:39:56, Info                  CSI    00000783 [SR] Verify complete
2016-04-28 18:39:56, Info                  CSI    00000784 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:39:56, Info                  CSI    00000785 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:05, Info                  CSI    00000786 [SR] Verify complete
2016-04-28 18:40:05, Info                  CSI    00000787 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:05, Info                  CSI    00000788 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:11, Info                  CSI    00000789 [SR] Verify complete
2016-04-28 18:40:11, Info                  CSI    0000078a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:11, Info                  CSI    0000078b [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:16, Info                  CSI    0000078c [SR] Verify complete
2016-04-28 18:40:16, Info                  CSI    0000078d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:16, Info                  CSI    0000078e [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:21, Info                  CSI    0000078f [SR] Verify complete
2016-04-28 18:40:21, Info                  CSI    00000790 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:21, Info                  CSI    00000791 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:29, Info                  CSI    000007a2 [SR] Verify complete
2016-04-28 18:40:29, Info                  CSI    000007a3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:29, Info                  CSI    000007a4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:34, Info                  CSI    000007ba [SR] Verify complete
2016-04-28 18:40:34, Info                  CSI    000007bb [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:34, Info                  CSI    000007bc [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:45, Info                  CSI    000007cb [SR] Verify complete
2016-04-28 18:40:45, Info                  CSI    000007cc [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:45, Info                  CSI    000007cd [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:47, Info                  CSI    000007cf [SR] Verify complete
2016-04-28 18:40:47, Info                  CSI    000007d0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:47, Info                  CSI    000007d1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:49, Info                  CSI    000007d2 [SR] Verify complete
2016-04-28 18:40:49, Info                  CSI    000007d3 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:49, Info                  CSI    000007d4 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:54, Info                  CSI    000007e1 [SR] Verify complete
2016-04-28 18:40:55, Info                  CSI    000007e2 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:40:55, Info                  CSI    000007e3 [SR] Beginning Verify and Repair transaction
2016-04-28 18:40:55, Info                  CSI    000007e5 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (32-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:41:04, Info                  CSI    000007e8 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (32-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:41:04, Info                  CSI    000007e9 [SR] This component was referenced by [l:164{82}]"Package_443_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-1244_neutral_GDR"
2016-04-28 18:41:04, Info                  CSI    000007ec [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:60{30}]"ODBC Data Sources (32-bit).lnk"; source file in store is also corrupted
2016-04-28 18:41:04, Info                  CSI    000007ed [SR] Verify complete
2016-04-28 18:41:04, Info                  CSI    000007ee [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:04, Info                  CSI    000007ef [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:10, Info                  CSI    00000811 [SR] Verify complete
2016-04-28 18:41:10, Info                  CSI    00000812 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:10, Info                  CSI    00000813 [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:18, Info                  CSI    0000081c [SR] Verify complete
2016-04-28 18:41:18, Info                  CSI    0000081d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:18, Info                  CSI    0000081e [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:24, Info                  CSI    0000082b [SR] Verify complete
2016-04-28 18:41:24, Info                  CSI    0000082c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:24, Info                  CSI    0000082d [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:35, Info                  CSI    0000084c [SR] Verify complete
2016-04-28 18:41:35, Info                  CSI    0000084d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:35, Info                  CSI    0000084e [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:43, Info                  CSI    000008a7 [SR] Verify complete
2016-04-28 18:41:43, Info                  CSI    000008a8 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:43, Info                  CSI    000008a9 [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:51, Info                  CSI    000008aa [SR] Verify complete
2016-04-28 18:41:51, Info                  CSI    000008ab [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:51, Info                  CSI    000008ac [SR] Beginning Verify and Repair transaction
2016-04-28 18:41:57, Info                  CSI    000008ad [SR] Verify complete
2016-04-28 18:41:57, Info                  CSI    000008ae [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:41:57, Info                  CSI    000008af [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:02, Info                  CSI    000008b3 [SR] Verify complete
2016-04-28 18:42:02, Info                  CSI    000008b4 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:02, Info                  CSI    000008b5 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:12, Info                  CSI    000008cf [SR] Verify complete
2016-04-28 18:42:12, Info                  CSI    000008d0 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:12, Info                  CSI    000008d1 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:16, Info                  CSI    000008f6 [SR] Verify complete
2016-04-28 18:42:16, Info                  CSI    000008f7 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:16, Info                  CSI    000008f8 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:23, Info                  CSI    000008fb [SR] Verify complete
2016-04-28 18:42:23, Info                  CSI    000008fc [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:23, Info                  CSI    000008fd [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:28, Info                  CSI    00000905 [SR] Verify complete
2016-04-28 18:42:28, Info                  CSI    00000906 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:28, Info                  CSI    00000907 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:34, Info                  CSI    00000909 [SR] Verify complete
2016-04-28 18:42:34, Info                  CSI    0000090a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:34, Info                  CSI    0000090b [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:42, Info                  CSI    00000915 [SR] Verify complete
2016-04-28 18:42:43, Info                  CSI    00000916 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:43, Info                  CSI    00000917 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:48, Info                  CSI    00000936 [SR] Verify complete
2016-04-28 18:42:48, Info                  CSI    00000937 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:48, Info                  CSI    00000938 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:53, Info                  CSI    0000094f [SR] Verify complete
2016-04-28 18:42:53, Info                  CSI    00000950 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:53, Info                  CSI    00000951 [SR] Beginning Verify and Repair transaction
2016-04-28 18:42:58, Info                  CSI    00000952 [SR] Verify complete
2016-04-28 18:42:58, Info                  CSI    00000953 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:42:58, Info                  CSI    00000954 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:03, Info                  CSI    00000956 [SR] Verify complete
2016-04-28 18:43:03, Info                  CSI    00000957 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:03, Info                  CSI    00000958 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:09, Info                  CSI    00000962 [SR] Verify complete
2016-04-28 18:43:09, Info                  CSI    00000963 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:09, Info                  CSI    00000964 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:17, Info                  CSI    00000965 [SR] Verify complete
2016-04-28 18:43:17, Info                  CSI    00000966 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:17, Info                  CSI    00000967 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:21, Info                  CSI    00000981 [SR] Verify complete
2016-04-28 18:43:21, Info                  CSI    00000982 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:21, Info                  CSI    00000983 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:26, Info                  CSI    00000985 [SR] Verify complete
2016-04-28 18:43:26, Info                  CSI    00000986 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:26, Info                  CSI    00000987 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:36, Info                  CSI    0000099e [SR] Verify complete
2016-04-28 18:43:36, Info                  CSI    0000099f [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:36, Info                  CSI    000009a0 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:42, Info                  CSI    000009b6 [SR] Verify complete
2016-04-28 18:43:42, Info                  CSI    000009b7 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:42, Info                  CSI    000009b8 [SR] Beginning Verify and Repair transaction
2016-04-28 18:43:57, Info                  CSI    000009c8 [SR] Verify complete
2016-04-28 18:43:57, Info                  CSI    000009c9 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:43:57, Info                  CSI    000009ca [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:03, Info                  CSI    000009eb [SR] Verify complete
2016-04-28 18:44:03, Info                  CSI    000009ec [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:03, Info                  CSI    000009ed [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:11, Info                  CSI    000009f6 [SR] Verify complete
2016-04-28 18:44:11, Info                  CSI    000009f7 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:11, Info                  CSI    000009f8 [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:16, Info                  CSI    00000a02 [SR] Verify complete
2016-04-28 18:44:16, Info                  CSI    00000a03 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:16, Info                  CSI    00000a04 [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:20, Info                  CSI    00000a09 [SR] Verify complete
2016-04-28 18:44:20, Info                  CSI    00000a0a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:20, Info                  CSI    00000a0b [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:29, Info                  CSI    00000a0d [SR] Verify complete
2016-04-28 18:44:29, Info                  CSI    00000a0e [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:29, Info                  CSI    00000a0f [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:35, Info                  CSI    00000a14 [SR] Verify complete
2016-04-28 18:44:35, Info                  CSI    00000a15 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:35, Info                  CSI    00000a16 [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:43, Info                  CSI    00000a1b [SR] Verify complete
2016-04-28 18:44:43, Info                  CSI    00000a1c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:43, Info                  CSI    00000a1d [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:52, Info                  CSI    00000a20 [SR] Verify complete
2016-04-28 18:44:52, Info                  CSI    00000a21 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:52, Info                  CSI    00000a22 [SR] Beginning Verify and Repair transaction
2016-04-28 18:44:57, Info                  CSI    00000a27 [SR] Verify complete
2016-04-28 18:44:57, Info                  CSI    00000a28 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:44:57, Info                  CSI    00000a29 [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:03, Info                  CSI    00000a2b [SR] Verify complete
2016-04-28 18:45:03, Info                  CSI    00000a2c [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:03, Info                  CSI    00000a2d [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:10, Info                  CSI    00000a2f [SR] Verify complete
2016-04-28 18:45:10, Info                  CSI    00000a30 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:10, Info                  CSI    00000a31 [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:16, Info                  CSI    00000a3f [SR] Verify complete
2016-04-28 18:45:16, Info                  CSI    00000a40 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:16, Info                  CSI    00000a41 [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:25, Info                  CSI    00000a42 [SR] Verify complete
2016-04-28 18:45:25, Info                  CSI    00000a43 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:25, Info                  CSI    00000a44 [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:29, Info                  CSI    00000a46 [SR] Verify complete
2016-04-28 18:45:29, Info                  CSI    00000a47 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:29, Info                  CSI    00000a48 [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:36, Info                  CSI    00000a49 [SR] Verify complete
2016-04-28 18:45:36, Info                  CSI    00000a4a [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:36, Info                  CSI    00000a4b [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:40, Info                  CSI    00000a4c [SR] Verify complete
2016-04-28 18:45:40, Info                  CSI    00000a4d [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:40, Info                  CSI    00000a4e [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:49, Info                  CSI    00000a4f [SR] Verify complete
2016-04-28 18:45:49, Info                  CSI    00000a50 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:49, Info                  CSI    00000a51 [SR] Beginning Verify and Repair transaction
2016-04-28 18:45:54, Info                  CSI    00000a52 [SR] Verify complete
2016-04-28 18:45:54, Info                  CSI    00000a53 [SR] Verifying 100 (0x0000000000000064) components
2016-04-28 18:45:54, Info                  CSI    00000a54 [SR] Beginning Verify and Repair transaction
2016-04-28 18:46:01, Info                  CSI    00000a57 [SR] Verify complete
2016-04-28 18:46:01, Info                  CSI    00000a58 [SR] Verifying 4 components
2016-04-28 18:46:01, Info                  CSI    00000a59 [SR] Beginning Verify and Repair transaction
2016-04-28 18:46:02, Info                  CSI    00000a5a [SR] Verify complete
2016-04-28 18:46:02, Info                  CSI    00000a5b [SR] Repairing 36 (0x0000000000000024) components
2016-04-28 18:46:02, Info                  CSI    00000a5c [SR] Beginning Verify and Repair transaction
2016-04-28 18:46:02, Info                  CSI    00000a5e [SR] Cannot repair member file [l:32{16}]"Event Viewer.lnk" of EventViewerSettings, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a60 [SR] Cannot repair member file [l:36{18}]"Steps Recorder.lnk" of Microsoft-Windows-Application-Compatibility-ProblemStepsRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a62 [SR] Cannot repair member file [l:32{16}]"Task Manager.lnk" of Microsoft-Windows-AdvancedTaskManager, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a64 [SR] Cannot repair member file [l:46{23}]"Computer Management.lnk" of Microsoft-Windows-ComputerManagementSnapin, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a66 [SR] Cannot repair member file [l:28{14}]"Calculator.lnk" of Microsoft-Windows-calc, Version = 6.3.9600.17667, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a68 [SR] Cannot repair member file [l:44{22}]"Component Services.lnk" of Microsoft-Windows-COM-ComPlus-Admin-CompSvcLink, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a6a [SR] Cannot repair member file [l:34{17}]"Character Map.lnk" of Microsoft-Windows-charmap, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a6c [SR] Cannot repair member file [l:32{16}]"Disk Cleanup.lnk" of Microsoft-Windows-cleanmgr, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a6e [SR] Cannot repair member file [l:20{10}]"dfrgui.lnk" of Microsoft-Windows-Defrag-AdminUI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a70 [SR] Cannot repair member file [l:48{24}]"Windows Fax and Scan.lnk" of Microsoft-Windows-Fax-Client-Applications, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a72 [SR] Cannot repair member file [l:38{19}]"iSCSI Initiator.lnk" of Microsoft-Windows-iSCSI_Initiator_UI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a74 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (64-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:02, Info                  CSI    00000a76 [SR] Cannot repair member file [l:54{27}]"Memory Diagnostics Tool.lnk" of Microsoft-Windows-Memory-Diagnostic-Schedule, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a78 [SR] Cannot repair member file [l:50{25}]"Windows Easy Transfer.lnk" of Microsoft-Windows-MigrationWizardApplication, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a7a [SR] Cannot repair member file [l:48{24}]"Windows Media Player.lnk" of Microsoft-Windows-MediaPlayer-Shortcut, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a7c [SR] Cannot repair member file [l:48{24}]"System Configuration.lnk" of Microsoft-Windows-MsConfig-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a7e [SR] Cannot repair member file [l:44{22}]"System Information.lnk" of Microsoft-Windows-MSInfo32-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a80 [SR] Cannot repair member file [l:18{9}]"Paint.lnk" of Microsoft-Windows-mspaint, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a82 [SR] Cannot repair member file [l:40{20}]"Resource Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a84 [SR] Cannot repair member file [l:46{23}]"Performance Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a86 [SR] Cannot repair member file [l:52{26}]"Windows PowerShell ISE.lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a88 [SR] Cannot repair member file [l:64{32}]"Windows PowerShell ISE (x86).lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a8a [SR] Cannot repair member file [l:24{12}]"services.lnk" of Microsoft-Windows-ServicesSnapIn, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a8c [SR] Cannot repair member file [l:44{22}]"Speech Recognition.lnk" of Microsoft-Windows-Speech-UserExperience, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a8e [SR] Cannot repair member file [l:36{18}]"Sound Recorder.lnk" of Microsoft-Windows-SoundRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a90 [SR] Cannot repair member file [l:34{17}]"Snipping Tool.lnk" of Microsoft-Windows-SnippingTool-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a92 [SR] Cannot repair member file [l:32{16}]"Sticky Notes.lnk" of Microsoft-Windows-StickyNotes-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a94 [SR] Cannot repair member file [l:40{20}]"Default Programs.lnk" of Microsoft-Windows-sud-link, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a96 [SR] Cannot repair member file [l:40{20}]"Math Input Panel.lnk" of Microsoft-Windows-TabletPC-MathInputPanel, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a98 [SR] Cannot repair member file [l:58{29}]"Remote Desktop Connection.lnk" of Microsoft-Windows-TerminalServices-TerminalServicesClient, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:03, Info                  CSI    00000a9a [SR] Cannot repair member file [l:38{19}]"Windows Journal.lnk" of Microsoft-Windows-TabletPC-Journal, Version = 6.3.9600.18189, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000a9c [SR] Cannot repair member file [l:28{14}]"XPS Viewer.lnk" of Microsoft-Windows-XPSReachViewer, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000a9e [SR] Cannot repair member file [l:22{11}]"Wordpad.lnk" of Microsoft-Windows-wordpad, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000aa0 [SR] Cannot repair member file [l:86{43}]"Windows Firewall with Advanced Security.lnk" of Networking-MPSSVC, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000aa2 [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000aa4 [SR] Cannot repair member file [l:36{18}]"Task Scheduler.lnk" of TaskSchedulerSettings, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000aa6 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (32-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000aa8 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (64-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:04, Info                  CSI    00000aa9 [SR] This component was referenced by [l:166{83}]"Package_1052_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3082_neutral_GDR"
2016-04-28 18:46:04, Info                  CSI    00000aac [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:60{30}]"ODBC Data Sources (64-bit).lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000aae [SR] Cannot repair member file [l:36{18}]"Amd64\CNBJ2530.DPB" of prncacla.inf, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type = [l:24{12}]"driverUpdate", TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000aaf [SR] This component was referenced by [l:166{83}]"Package_2709_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6825_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000ab1 [SR] Cannot repair member file [l:48{24}]"Windows Media Player.lnk" of Microsoft-Windows-MediaPlayer-Shortcut, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000ab2 [SR] This component was referenced by [l:190{95}]"Microsoft-Windows-MediaPlayer-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.WindowsMediaPlayer"
2016-04-28 18:46:05, Info                  CSI    00000ab5 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:48{24}]"Windows Media Player.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ab7 [SR] Cannot repair member file [l:32{16}]"Sticky Notes.lnk" of Microsoft-Windows-StickyNotes-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000ab8 [SR] This component was referenced by [l:166{83}]"Package_3033_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7293_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000abb [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:32{16}]"Sticky Notes.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000abd [SR] Cannot repair member file [l:20{10}]"dfrgui.lnk" of Microsoft-Windows-Defrag-AdminUI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000abe [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2637_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000ac1 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:20{10}]"dfrgui.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ac3 [SR] Cannot repair member file [l:24{12}]"services.lnk" of Microsoft-Windows-ServicesSnapIn, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000ac4 [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:46:05, Info                  CSI    00000ac7 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:24{12}]"services.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ac9 [SR] Cannot repair member file [l:52{26}]"Windows PowerShell ISE.lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000aca [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:46:05, Info                  CSI    00000acc [SR] Cannot repair member file [l:64{32}]"Windows PowerShell ISE (x86).lnk" of Microsoft-Windows-PowerShell-ISE, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000acd [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:46:05, Info                  CSI    00000ad0 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:52{26}]"Windows PowerShell ISE.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ad3 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:64{32}]"Windows PowerShell ISE (x86).lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ad5 [SR] Cannot repair member file [l:46{23}]"Computer Management.lnk" of Microsoft-Windows-ComputerManagementSnapin, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000ad6 [SR] This component was referenced by [l:164{82}]"Package_752_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2048_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000ad9 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:46{23}]"Computer Management.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000adb [SR] Cannot repair member file [l:38{19}]"iSCSI Initiator.lnk" of Microsoft-Windows-iSCSI_Initiator_UI, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000adc [SR] This component was referenced by [l:164{82}]"Package_941_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2791_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000adf [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:38{19}]"iSCSI Initiator.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ae1 [SR] Cannot repair member file [l:44{22}]"Speech Recognition.lnk" of Microsoft-Windows-Speech-UserExperience, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000ae2 [SR] This component was referenced by [l:166{83}]"Package_1049_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3060_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000ae5 [SR] Could not reproject corrupted file [ml:520{260},l:140{70}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility"\[l:44{22}]"Speech Recognition.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000ae7 [SR] Cannot repair member file [l:34{17}]"Character Map.lnk" of Microsoft-Windows-charmap, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000ae8 [SR] This component was referenced by [l:166{83}]"Package_1361_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3943_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000aeb [SR] Could not reproject corrupted file [ml:520{260},l:162{81}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools"\[l:34{17}]"Character Map.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000aed [SR] Cannot repair member file [l:86{43}]"Windows Firewall with Advanced Security.lnk" of Networking-MPSSVC, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000aee [SR] This component was referenced by [l:166{83}]"Package_1189_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3446_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000af1 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:86{43}]"Windows Firewall with Advanced Security.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000af3 [SR] Cannot repair member file [l:36{18}]"Steps Recorder.lnk" of Microsoft-Windows-Application-Compatibility-ProblemStepsRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000af4 [SR] This component was referenced by [l:164{82}]"Package_873_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2613_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000af7 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:36{18}]"Steps Recorder.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000af9 [SR] Cannot repair member file [l:36{18}]"Sound Recorder.lnk" of Microsoft-Windows-SoundRecorder, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000afa [SR] This component was referenced by [l:166{83}]"Package_1133_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3321_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000afd [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:36{18}]"Sound Recorder.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000aff [SR] Cannot repair member file [l:48{24}]"System Configuration.lnk" of Microsoft-Windows-MsConfig-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000b00 [SR] This component was referenced by [l:164{82}]"Package_874_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2621_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000b03 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:48{24}]"System Configuration.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000b05 [SR] Cannot repair member file [l:32{16}]"Disk Cleanup.lnk" of Microsoft-Windows-cleanmgr, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000b06 [SR] This component was referenced by [l:166{83}]"Package_1361_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3942_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000b09 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:32{16}]"Disk Cleanup.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000b0b [SR] Cannot repair member file [l:28{14}]"Calculator.lnk" of Microsoft-Windows-calc, Version = 6.3.9600.17667, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000b0c [SR] This component was referenced by [l:154{77}]"Package_1_for_KB3024755~31bf3856ad364e35~amd64~~6.3.1.1.3024755-1_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000b0f [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:28{14}]"Calculator.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000b11 [SR] Cannot repair member file [l:48{24}]"Windows Fax and Scan.lnk" of Microsoft-Windows-Fax-Client-Applications, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000b12 [SR] This component was referenced by [l:166{83}]"Package_2188_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-6085_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000b15 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:48{24}]"Windows Fax and Scan.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000b16 [SR] Repairing corrupted file [ml:520{260},l:112{56}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs"\[l:20{10}]"Search.lnk" from store
2016-04-28 18:46:05, Info                  CSI    00000b1d [SR] Cannot repair member file [l:50{25}]"Windows Easy Transfer.lnk" of Microsoft-Windows-MigrationWizardApplication, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000b1e [SR] This component was referenced by [l:164{82}]"Package_844_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2333_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000b21 [SR] Could not reproject corrupted file [ml:520{260},l:138{69}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools"\[l:50{25}]"Windows Easy Transfer.lnk"; source file in store is also corrupted
2016-04-28 18:46:05, Info                  CSI    00000b23 [SR] Cannot repair member file [l:38{19}]"Windows Journal.lnk" of Microsoft-Windows-TabletPC-Journal, Version = 6.3.9600.18189, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:05, Info                  CSI    00000b24 [SR] This component was referenced by [l:154{77}]"Package_3_for_KB3115858~31bf3856ad364e35~amd64~~6.3.1.1.3115858-5_neutral_GDR"
2016-04-28 18:46:05, Info                  CSI    00000b27 [SR] Could not reproject corrupted file [ml:520{260},l:156{78}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories\Tablet PC"\[l:38{19}]"Windows Journal.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b29 [SR] Cannot repair member file [l:40{20}]"Default Programs.lnk" of Microsoft-Windows-sud-link, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b2a [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-shell-Deployment"
2016-04-28 18:46:06, Info                  CSI    00000b2d [SR] Could not reproject corrupted file [ml:520{260},l:138{69}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools"\[l:40{20}]"Default Programs.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b2f [SR] Cannot repair member file [l:36{18}]"Task Scheduler.lnk" of TaskSchedulerSettings, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b30 [SR] This component was referenced by [l:334{167}]"Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-admin-Deployment"
2016-04-28 18:46:06, Info                  CSI    00000b33 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:36{18}]"Task Scheduler.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b35 [SR] Cannot repair member file [l:28{14}]"XPS Viewer.lnk" of Microsoft-Windows-XPSReachViewer, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b36 [SR] This component was referenced by [l:166{83}]"Package_3081_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7359_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b39 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:28{14}]"XPS Viewer.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b3b [SR] Cannot repair member file [l:44{22}]"System Information.lnk" of Microsoft-Windows-MSInfo32-Exe, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b3c [SR] This component was referenced by [l:164{82}]"Package_844_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2332_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b3f [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:44{22}]"System Information.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b41 [SR] Cannot repair member file [l:40{20}]"Math Input Panel.lnk" of Microsoft-Windows-TabletPC-MathInputPanel, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b42 [SR] This component was referenced by [l:166{83}]"Package_2947_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7141_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b45 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:40{20}]"Math Input Panel.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b47 [SR] Cannot repair member file [l:54{27}]"Memory Diagnostics Tool.lnk" of Microsoft-Windows-Memory-Diagnostic-Schedule, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b48 [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2631_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b4b [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:54{27}]"Memory Diagnostics Tool.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b4d [SR] Cannot repair member file [l:22{11}]"Wordpad.lnk" of Microsoft-Windows-wordpad, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b4e [SR] This component was referenced by [l:166{83}]"Package_1362_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-3948_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b51 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:22{11}]"Wordpad.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b53 [SR] Cannot repair member file [l:18{9}]"Paint.lnk" of Microsoft-Windows-mspaint, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b54 [SR] This component was referenced by [l:166{83}]"Package_1365_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-4028_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b57 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:18{9}]"Paint.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b59 [SR] Cannot repair member file [l:32{16}]"Event Viewer.lnk" of EventViewerSettings, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b5a [SR] This component was referenced by [l:164{82}]"Package_752_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2054_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b5d [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:32{16}]"Event Viewer.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b5f [SR] Cannot repair member file [l:32{16}]"Task Manager.lnk" of Microsoft-Windows-AdvancedTaskManager, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b60 [SR] This component was referenced by [l:164{82}]"Package_868_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2529_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b63 [SR] Could not reproject corrupted file [ml:520{260},l:138{69}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools"\[l:32{16}]"Task Manager.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b65 [SR] Cannot repair member file [l:44{22}]"Component Services.lnk" of Microsoft-Windows-COM-ComPlus-Admin-CompSvcLink, Version = 6.3.9600.16384, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b66 [SR] This component was referenced by [l:326{163}]"Microsoft-Windows-Client-Features-Package-AutoMerged-com~31bf3856ad364e35~amd64~~6.3.9600.16384.Microsoft-Windows-Client-Features-Package-AutoMerged-com-Deployment"
2016-04-28 18:46:06, Info                  CSI    00000b69 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:44{22}]"Component Services.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b6b [SR] Cannot repair member file [l:40{20}]"Resource Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b6c [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2628_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b6e [SR] Cannot repair member file [l:46{23}]"Performance Monitor.lnk" of Microsoft-Windows-PerformanceToolsGui, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b6f [SR] This component was referenced by [l:164{82}]"Package_876_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-2628_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b72 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:40{20}]"Resource Monitor.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b75 [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:46{23}]"Performance Monitor.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b77 [SR] Cannot repair member file [l:60{30}]"ODBC Data Sources (32-bit).lnk" of Microsoft-Windows-Microsoft-Data-Access-Components-(MDAC)-ODBC-Administrator, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (10), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b78 [SR] This component was referenced by [l:164{82}]"Package_443_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-1244_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b7b [SR] Could not reproject corrupted file [ml:520{260},l:154{77}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools"\[l:60{30}]"ODBC Data Sources (32-bit).lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b7d [SR] Cannot repair member file [l:58{29}]"Remote Desktop Connection.lnk" of Microsoft-Windows-TerminalServices-TerminalServicesClient, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b7e [SR] This component was referenced by [l:166{83}]"Package_1471_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-4215_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b81 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:58{29}]"Remote Desktop Connection.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b83 [SR] Cannot repair member file [l:34{17}]"Snipping Tool.lnk" of Microsoft-Windows-SnippingTool-App, Version = 6.3.9600.17415, pA = PROCESSOR_ARCHITECTURE_AMD64 (9), Culture neutral, VersionScope = 1 nonSxS, PublicKeyToken = {l:8 b:31bf3856ad364e35}, Type neutral, TypeName neutral, PublicKey neutral in the store, hash mismatch
2016-04-28 18:46:06, Info                  CSI    00000b84 [SR] This component was referenced by [l:166{83}]"Package_2946_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.3000850-7137_neutral_GDR"
2016-04-28 18:46:06, Info                  CSI    00000b87 [SR] Could not reproject corrupted file [ml:520{260},l:136{68}]"\??\C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories"\[l:34{17}]"Snipping Tool.lnk"; source file in store is also corrupted
2016-04-28 18:46:06, Info                  CSI    00000b88 [SR] Repair complete
2016-04-28 18:46:06, Info                  CSI    00000b89 [SR] Committing transaction
2016-04-28 18:46:12, Info                  CSI    00000b8e [SR] Verify and Repair Transaction completed. All files and registry keys listed in this transaction  have been successfully repaired

========= Ende von CMD: =========


=========  dir "C:\Program Files\Windows Defender" =========

Jan02 29.04.2016 05:15
Code:
Datentr�ger in Laufwerk C: ist Acer
 Volumeseriennummer: 2093-6EEC

 Verzeichnis von C:\Program Files\Windows Defender

11.08.2015  21:06    <DIR>          .
11.08.2015  21:06    <DIR>          ..
20.09.2014  00:09        1.532.584 DbgHelp.dll
11.08.2015  21:06    <DIR>          de-DE
06.07.2015  21:20          276.128 EppManifest.dll
06.07.2015  21:20          152.736 MpAsDesc.dll
06.07.2015  21:20          895.432 MpClient.dll
07.07.2015  11:39          387.336 MpCmdRun.exe
06.07.2015  21:20          376.448 MpCommu.dll
06.07.2015  21:20          111.264 MpEvMsg.dll
06.07.2015  21:20          275.736 MpOAV.dll
06.07.2015  21:20          567.560 MpRtp.dll
06.07.2015  21:20        1.784.248 MpSvc.dll
06.07.2015  21:20            62.760 MpTpmAtt.dll
06.07.2015  21:20            28.480 mpuxhostproxy.dll
07.07.2015  11:40            59.736 MpUXSrv.exe
06.07.2015  21:20        1.401.384 MSASCui.exe
06.07.2015  21:20            80.896 MsMpCom.dll
07.07.2015  11:39            23.824 MsMpEng.exe
06.07.2015  21:20            20.408 MsMpLics.dll
06.07.2015  21:20          442.016 MsMpRes.dll
06.07.2015  21:20          119.800 NisIpsPlugin.dll
06.07.2015  21:20            68.448 NisLog.dll
07.07.2015  11:39          366.552 NisSrv.exe
06.07.2015  21:20            81.944 NisWfp.dll
06.07.2015  21:20          640.832 ProtectionManagement.dll
29.06.2015  17:06            27.482 ProtectionManagement.mof
18.06.2013  16:42            2.382 ProtectionManagement_Uninstall.mof
20.09.2014  00:09          143.520 SymSrv.dll
18.06.2013  16:43                1 SymSrv.yes
              27 Datei(en),      9.929.937 Bytes
              3 Verzeichnis(se), 236.105.093.120 Bytes frei

========= Ende von CMD: =========


==== Ende von Fixlog 18:46:15 ====
Hallo Rafael,

hier ist jetzt doch die Fixlog.txt!!! Habe sie in drei Teilen gepostet.

mfg, Jan

burningice 29.04.2016 09:27
okay - die ganzen Fehler in deinem SFC Bericht kommen von einem Bug in einem Windows Update soweit ich weiß, jedenfalls nicht schlimm.

Die Datei vom Windows Defender ist ganz normal in dem Ordner vorhanden. Bitte versuche noch einmal die Anweisung aus diesem Post.

MSASCui.exe befindet sich im Ordner C:\Programme\Windows Defender.

Jan02 29.04.2016 14:15
Hallo Rafael,

die MSASCui.exe war jetztv vorhanden habe sie gestartet und den Windows Defender wieder aktiviert. Was ist der nächste Schritt oder sind wir mit allem durch?

Mfg,
Jan

burningice 29.04.2016 14:55
Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen.

Hast du noch irgendwelche Probleme mit deinem Rechner?

Jan02 29.04.2016 15:08
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:17-04-2016 01
durchgeführt von Jan (Administrator) auf NOTEBOOK-JAN2 (29-04-2016 15:59:52)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
(Intel Corporation) C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerWinMonitor.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\c008c377e14e1f793da31680ece54c17\windowsupdatebox.exe
(Microsoft Corporation) C:\$WINDOWS.~BT\Sources\SetupHost.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\wimserv.exe
(Astonsoft) C:\Program Files (x86)\EssentialPIM\EssentialPIM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\$WINDOWS.~BT\Work\EE3DE1E7-CCCC-4860-A5F6-E767C11B3677\DismHost.exe
(Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
(Microsoft Corporation) C:\$WINDOWS.~BT\Work\87A68FA7-17AE-4276-BFA3-DF68F3A0C529\DismHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-03-19] (Apple Inc.)
HKLM-x32\...\Run: [Intel Privacy Notification Tool] => C:\Program Files (x86)\Common Files\Intel\RSSDK\v3\bin\win32\notification_tool.exe [8173240 2014-10-30] (Intel Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\CortexLauncher.exe -autorun
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [134784 2014-08-27] (Atheros Communications)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3077712 2016-03-31] (Valve Corporation)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1008280 2016-04-21] (Google Inc.)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [Allway Sync] => C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe [93488 2015-10-29] ()
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8686296 2016-03-11] (Piriform Ltd)
HKU\S-1-5-21-489078762-871934448-399521353-1001\...\MountPoints2: {7dd3a79a-3f30-11e5-826a-206a8a9e0239} - "F:\LaunchU3.exe" -a
HKU\S-1-5-18\...\Run: [abDocsDllLoader] => C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
HKU\S-1-5-18\...\RunOnce: [iCloud] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe [60688 2015-12-01] (Apple Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\phase-6 Reminder.lnk [2016-04-22]
ShortcutTarget: phase-6 Reminder.lnk -> C:\Program Files (x86)\phase-6\phase-6\reminder\reminder.exe (phase-6)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{562729EF-57C3-478A-BEFD-55F1642D22A4}: [DhcpNameServer] 10.61.12.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{DB5D870B-9660-446A-83A0-9E1575A73068}: [DhcpNameServer] 192.168.178.1
ManualProxies:

Internet Explorer:
==================
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-489078762-871934448-399521353-1001 -> {A3782EB2-C684-409E-A3C8-C932D426AFD5} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-03-15] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-04-20] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-08-30] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default
FF NewTab: about:newtab
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2015-08-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2016-03-08] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-02-19] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-08-30] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-05] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\kZsq9LNj.default\Extensions\abs@avira.com.xpi [2016-04-10]
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Adblock Plus) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-04-19]
CHR Extension: (Skype) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-04-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [322176 2014-08-27] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert]
R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2829552 2016-03-08] (Microsoft Corporation)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573032 2014-07-22] (Acer Incorporated)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-06-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-02-19] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [254512 2012-04-24] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3905536 2014-08-11] (Qualcomm Atheros Communications, Inc.)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2014-08-27] (Qualcomm Atheros)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-04-29] (Malwarebytes)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)
R3 SynRMIHID; C:\Windows\system32\DRIVERS\SynRMIHID.sys [42736 2014-07-10] (Synaptics Incorporated)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-26 17:46 - 2016-04-26 17:46 - 00002312 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-04-25 16:21 - 2016-04-25 16:21 - 00000000 ____D C:\Users\Jan\AppData\Local\TempTaskUpdateDetection4822F7AE-F8AC-457E-8AF6-112DFE867E18
2016-04-25 15:48 - 2016-04-25 15:48 - 00000000 ____D C:\Users\Jan\AppData\Local\Microsoft Help
2016-04-25 10:18 - 2016-04-25 10:18 - 00002957 _____ C:\Windows\SysWOW64\FSS.txt
2016-04-25 10:12 - 2016-04-25 10:11 - 00007164 _____ C:\Users\Jan\Desktop\WinDefend.reg
2016-04-25 10:11 - 2016-04-25 10:11 - 00007164 _____ C:\Users\Jan\Downloads\WinDefend.reg
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bonjour-Druckdienste
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\Program Files\Bonjour Print Services
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\Program Files\Bonjour
2016-04-25 10:01 - 2016-04-25 10:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2016-04-25 09:57 - 2016-04-25 09:57 - 00000000 ____D C:\Users\Jan\Documents\Bluetooth Folder
2016-04-25 09:57 - 2016-04-25 09:57 - 00000000 ____D C:\Users\Jan\AppData\Local\BMExplorer
2016-04-22 17:15 - 2016-04-22 17:20 - 00000696 _____ C:\Users\Jan\Desktop\Search.txt
2016-04-22 14:13 - 2016-04-25 18:26 - 00009152 _____ C:\Users\Jan\Documents\Liste der erhaltenen Geschenke Konfirmation Jan am 24.04.2016.docx.xlsx
2016-04-22 14:12 - 2016-04-22 14:12 - 00008302 _____ C:\Users\Jan\Documents\Mappe1.xlsx
2016-04-21 19:52 - 2016-04-21 19:52 - 00000000 ____D C:\Users\Jan\Downloads\370LvL
2016-04-21 19:51 - 2016-04-21 19:51 - 00061155 _____ C:\Users\Jan\Downloads\370LvL.rar
2016-04-21 18:52 - 2016-04-21 18:52 - 00002796 _____ C:\Users\Jan\Downloads\FSS.txt
2016-04-21 18:51 - 2016-04-21 18:51 - 00899584 _____ (Farbar) C:\Users\Jan\Downloads\FSS.exe
2016-04-21 18:24 - 2016-04-21 18:26 - 00237504 _____ C:\TDSSKiller.3.1.0.9_21.04.2016_18.24.25_log.txt
2016-04-21 18:23 - 2016-04-21 18:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Jan\Downloads\tdsskiller.exe
2016-04-20 19:55 - 2016-04-20 19:55 - 02870984 _____ (ESET) C:\Users\Jan\Downloads\esetsmartinstaller_deu.exe
2016-04-20 19:49 - 2016-04-28 18:46 - 00198320 _____ C:\Users\Jan\Desktop\Fixlog.txt
2016-04-19 19:07 - 2016-04-19 19:08 - 29872687 _____ C:\Users\Jan\Downloads\client_20810.zip
2016-04-19 15:10 - 2016-04-29 16:00 - 00020556 _____ C:\Users\Jan\Desktop\FRST.txt
2016-04-19 15:10 - 2016-04-25 19:15 - 00047887 _____ C:\Users\Jan\Desktop\Addition.txt
2016-04-19 15:09 - 2016-04-19 15:09 - 00001271 _____ C:\Users\Jan\Downloads\FRST - Verknüpfung.lnk
2016-04-19 15:09 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Desktop\FRST64 (1).exe
2016-04-19 15:01 - 2016-04-19 14:50 - 00024064 _____ C:\Windows\zoek-delete.exe
2016-04-19 14:50 - 2016-04-22 13:43 - 00001377 _____ C:\Users\Jan\Desktop\zoek - Verknüpfung.lnk
2016-04-19 14:49 - 2016-04-19 14:49 - 00001355 _____ C:\Users\Jan\Downloads\zoek - Verknüpfung.lnk
2016-04-19 14:48 - 2016-04-19 15:01 - 00000000 ____D C:\zoek_backup
2016-04-19 14:48 - 2016-04-19 14:48 - 01309184 _____ C:\Users\Jan\Downloads\zoek.exe
2016-04-19 14:44 - 2016-04-19 14:44 - 00047545 _____ C:\Users\Jan\Desktop\mbam.txt
2016-04-19 14:39 - 2016-04-22 13:43 - 00001353 _____ C:\Users\Jan\Desktop\GeForce Experience.lnk
2016-04-19 13:07 - 2016-04-29 15:10 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-04-19 13:07 - 2016-04-22 13:43 - 00001074 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-04-19 13:07 - 2016-04-19 13:07 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-04-19 13:07 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-04-19 13:07 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-04-19 13:05 - 2016-04-19 13:05 - 22851472 _____ (Malwarebytes ) C:\Users\Jan\Downloads\mbam-setup-2.2.1.1043.exe
2016-04-18 16:48 - 2016-04-18 16:50 - 00047979 _____ C:\Users\Jan\Downloads\Addition.txt
2016-04-18 16:47 - 2016-04-18 16:50 - 00048575 _____ C:\Users\Jan\Downloads\FRST.txt
2016-04-18 16:46 - 2016-04-29 15:59 - 00000000 ____D C:\FRST
2016-04-18 16:45 - 2016-04-18 16:45 - 02375680 _____ (Farbar) C:\Users\Jan\Downloads\FRST64 (1).exe
2016-04-16 17:44 - 2016-04-16 17:44 - 00002440 _____ C:\Users\Jan\Desktop\AdwCleaner[C6].txt
2016-04-16 17:38 - 2016-04-16 17:38 - 01726464 _____ (Farbar) C:\Users\Jan\Downloads\FRST.exe
2016-04-16 17:36 - 2016-04-16 17:36 - 02375168 _____ (Farbar) C:\Users\Jan\Downloads\FRST64.exe
2016-04-16 17:18 - 2016-03-31 02:54 - 25817600 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-04-16 17:18 - 2016-03-31 02:03 - 20352512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-04-16 17:18 - 2016-03-31 01:39 - 15415808 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-04-16 17:17 - 2016-03-31 02:31 - 02892800 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-04-16 17:17 - 2016-03-31 02:28 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-04-16 17:17 - 2016-03-31 02:25 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-04-16 17:17 - 2016-03-31 02:17 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-04-16 17:17 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:53 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-04-16 17:17 - 2016-03-31 01:51 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-04-16 17:17 - 2016-03-31 01:50 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-04-16 17:17 - 2016-03-31 01:45 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:43 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-04-16 17:17 - 2016-03-31 01:43 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:42 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:30 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-04-16 17:17 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-04-16 17:17 - 2016-03-31 01:27 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-04-16 17:17 - 2016-03-31 01:24 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-04-16 17:17 - 2016-03-31 01:23 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-04-16 17:17 - 2016-03-31 01:23 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-04-16 17:17 - 2016-03-31 01:21 - 13811712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-04-16 17:17 - 2016-03-31 01:18 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:06 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-04-16 17:17 - 2016-03-31 01:05 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-04-16 17:17 - 2016-03-31 01:02 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-04-16 17:17 - 2016-03-31 01:00 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-04-16 17:16 - 2016-03-16 01:00 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-04-16 17:16 - 2016-03-15 16:14 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-04-16 17:16 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2016-04-16 17:16 - 2016-03-10 20:22 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-04-16 17:16 - 2016-03-10 20:21 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-04-16 17:16 - 2016-03-10 20:20 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-04-16 17:16 - 2016-03-10 19:44 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:16 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-04-16 17:16 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll
2016-04-16 17:16 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll
2016-04-16 17:16 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2016-04-16 17:16 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2016-04-16 17:15 - 2016-04-16 17:15 - 03677760 _____ C:\Users\Jan\Downloads\adwcleaner_5.111.exe
2016-04-16 17:15 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-04-16 17:15 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-04-16 17:15 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-04-16 17:15 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-04-16 17:15 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-04-16 17:14 - 2016-03-10 21:19 - 07452512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01663192 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01523216 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01490128 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-04-16 17:14 - 2016-03-10 21:17 - 01358960 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-04-16 17:14 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-04-16 17:14 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-04-16 17:14 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-04-16 17:14 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-04-16 17:12 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2016-04-16 12:12 - 2016-03-29 16:05 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-04-11 19:01 - 2016-04-11 19:01 - 00000000 _____ C:\autoexec.bat
2016-04-11 18:29 - 2016-04-16 17:20 - 00000000 ____D C:\AdwCleaner
2016-04-10 16:51 - 2016-04-10 16:51 - 00000000 ____D C:\Users\Jan\AppData\Roaming\MCorp
2016-04-10 16:28 - 2016-04-10 16:34 - 00000000 ____D C:\Users\Jan\AppData\Local\app
2016-04-10 16:19 - 2016-04-10 16:20 - 00000000 ____D C:\Users\Jan\AppData\Local\Tempfolder
2016-04-10 16:19 - 2016-04-10 16:19 - 00000000 ____D C:\uninst
2016-04-10 16:17 - 2016-04-10 16:20 - 00127488 _____ C:\Users\Jan\AppData\Roaming\Installer.dat
2016-04-10 16:16 - 2016-04-10 16:15 - 00001006 _____ C:\Windows\system32\Drivers\etc\hp.bak
2016-04-09 12:37 - 2016-04-09 12:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\dvdcss
2016-04-09 10:39 - 2016-04-09 10:39 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira_Operations_GmbH_&_C
2016-04-09 10:31 - 2016-04-09 10:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Avira
2016-04-09 10:29 - 2016-04-12 20:41 - 00000000 ____D C:\Program Files (x86)\Avira
2016-04-09 10:29 - 2016-04-11 20:20 - 00000000 ____D C:\ProgramData\Avira
2016-04-09 09:57 - 2016-04-09 09:57 - 00000000 ____D C:\Windows\system32\SSL

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-04-29 15:56 - 2016-02-13 20:35 - 00000000 ___HD C:\$WINDOWS.~BT
2016-04-29 15:53 - 2015-08-10 08:56 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-29 15:43 - 2015-01-12 14:48 - 00000000 ____D C:\Windows\Panther
2016-04-29 15:26 - 2015-08-09 08:50 - 00003594 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-489078762-871934448-399521353-1001
2016-04-29 15:20 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-04-29 15:20 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-04-29 15:14 - 2015-06-17 21:46 - 06497862 _____ C:\Windows\system32\perfh007.dat
2016-04-29 15:14 - 2015-06-17 21:46 - 01876866 _____ C:\Windows\system32\perfc007.dat
2016-04-29 15:14 - 2014-03-18 12:03 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-29 15:10 - 2015-08-09 19:46 - 00000000 ____D C:\Program Files (x86)\Steam
2016-04-29 15:10 - 2015-08-09 10:05 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-04-29 06:31 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-28 21:09 - 2015-07-15 18:57 - 00000000 ____D C:\Users\Jan
2016-04-28 21:08 - 2015-08-30 11:43 - 00000000 ____D C:\Users\Jan\AppData\Roaming\EssentialPIM
2016-04-28 21:02 - 2015-08-09 10:05 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-04-28 20:55 - 2015-08-31 20:54 - 00000000 ____D C:\Users\Jan\Documents\Euro Truck Simulator 2
2016-04-28 19:09 - 2015-12-08 21:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2016-04-28 18:23 - 2015-08-30 13:20 - 00003186 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001
2016-04-25 20:32 - 2015-08-09 09:00 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2016-04-25 16:15 - 2016-03-20 10:00 - 00000000 ____D C:\Users\Jan\AppData\Local\ElevatedDiagnostics
2016-04-25 10:20 - 2015-06-17 12:54 - 00003718 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-04-25 09:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-04-23 13:04 - 2015-08-09 10:06 - 00002171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-04-23 13:04 - 2015-08-09 10:06 - 00002159 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-04-22 13:43 - 2016-03-22 18:08 - 00000882 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-04-22 13:43 - 2016-03-22 16:58 - 00001769 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-04-22 13:43 - 2016-02-24 21:09 - 00000921 _____ C:\Users\Public\Desktop\Euro Truck Simulator 2 Multiplayer.lnk
2016-04-22 13:43 - 2016-02-24 21:09 - 00000916 _____ C:\Users\Public\Desktop\American Truck Simulator Multiplayer.lnk
2016-04-22 13:43 - 2016-02-15 20:24 - 00000867 _____ C:\Users\Jan\Desktop\Steam.lnk
2016-04-22 13:43 - 2015-12-08 21:50 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2016-04-22 13:43 - 2015-11-03 19:57 - 00001772 _____ C:\Users\Jan\Desktop\Word 2013.lnk
2016-04-22 13:43 - 2015-08-31 16:42 - 00002838 _____ C:\Users\Jan\Desktop\Excel 2013.lnk
2016-04-22 13:43 - 2015-08-31 16:42 - 00002769 _____ C:\Users\Jan\Desktop\PowerPoint 2013.lnk
2016-04-22 13:43 - 2015-08-30 13:14 - 00001251 _____ C:\Users\Jan\Desktop\Landwirtschafts Simulator 15 .lnk
2016-04-22 13:43 - 2015-08-30 12:46 - 00001945 _____ C:\Users\Public\Desktop\Samsung Kies 3.lnk
2016-04-22 13:43 - 2015-08-30 12:28 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-04-22 13:43 - 2015-08-30 12:28 - 00002031 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2016-04-22 13:43 - 2015-08-30 12:15 - 00001089 _____ C:\Users\Public\Desktop\phase-6 desktop.lnk
2016-04-22 13:43 - 2015-08-30 11:54 - 00001042 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-04-22 13:43 - 2015-08-30 11:43 - 00001027 _____ C:\Users\Public\Desktop\EssentialPIM.lnk
2016-04-22 13:43 - 2015-08-30 11:41 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-04-22 13:43 - 2015-08-30 11:40 - 00000990 _____ C:\Users\Jan\Desktop\IrfanView 64.lnk
2016-04-22 13:43 - 2015-07-15 18:58 - 00001272 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2016-04-22 13:43 - 2015-07-15 18:58 - 00001051 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-04-22 13:43 - 2015-07-15 18:57 - 00000469 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-04-22 13:43 - 2015-07-15 18:57 - 00000467 _____ C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-04-22 13:43 - 2015-01-12 15:58 - 00001357 _____ C:\Users\Public\Desktop\CyberLink PowerDirector 10.lnk
2016-04-22 13:42 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\addins
2016-04-22 09:57 - 2015-08-09 20:32 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-04-21 06:19 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-04-20 19:32 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-04-20 19:31 - 2015-08-30 13:10 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-04-19 20:34 - 2016-02-10 14:20 - 00000000 ____D C:\Users\Jan\Documents\ETS2MP
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-04-19 19:33 - 2015-12-08 21:50 - 00000000 ____D C:\ProgramData\Skype
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ETS2 + ATS Multiplayer
2016-04-19 19:08 - 2016-02-10 12:51 - 00000000 ____D C:\Program Files\TruckersMP
2016-04-19 14:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\schemas
2016-04-19 13:51 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-04-19 13:02 - 2013-08-22 16:44 - 00381472 _____ C:\Windows\system32\FNTCACHE.DAT
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ___SD C:\Windows\system32\GWX
2016-04-18 18:42 - 2015-08-09 18:56 - 00000000 ____D C:\Windows\system32\appraiser
2016-04-18 18:41 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-04-18 16:45 - 2015-08-09 11:47 - 00000000 ____D C:\Windows\system32\MRT
2016-04-18 16:42 - 2015-08-09 11:47 - 135176864 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-04-18 16:39 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-04-16 17:21 - 2016-03-12 12:26 - 00000000 ____D C:\Program Files (x86)\Razer
2016-04-16 17:14 - 2016-01-12 20:47 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-04-16 17:13 - 2016-03-09 15:46 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-04-16 17:13 - 2016-03-09 15:46 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-04-16 17:07 - 2016-03-12 12:31 - 00000000 ____D C:\Users\Jan\AppData\Local\Razer
2016-04-16 17:07 - 2016-03-12 12:26 - 00000000 ____D C:\ProgramData\Razer
2016-04-10 17:41 - 2016-02-07 17:03 - 00000000 ____D C:\Users\Jan\Documents\American Truck Simulator
2016-04-09 12:41 - 2015-08-30 11:54 - 00000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2016-04-09 10:35 - 2015-08-30 12:20 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Mozilla
2016-04-05 23:53 - 2015-01-12 15:43 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-04-05 23:53 - 2015-01-12 15:43 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-04-05 15:36 - 2015-11-03 21:23 - 00000222 _____ C:\Users\Jan\Desktop\DiRT Rally.url
2016-04-02 19:54 - 2016-03-02 16:14 - 00000000 ____D C:\Users\Jan\Documents\Project CARS

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-04-10 16:17 - 2016-04-10 16:20 - 0127488 _____ () C:\Users\Jan\AppData\Roaming\Installer.dat
2015-06-17 13:07 - 2015-06-17 13:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-04-20 21:55

==================== Ende von FRST.txt ============================
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:17-04-2016 01
durchgeführt von Jan (2016-04-29 16:00:47)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (X64) (2015-07-15 16:57:53)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-489078762-871934448-399521353-500 - Administrator - Disabled)
Gast (S-1-5-21-489078762-871934448-399521353-501 - Limited - Disabled)
Jan (S-1-5-21-489078762-871934448-399521353-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8106.0 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8108 - Acer Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20060 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\{F83DD803-2467-4D07-9D6F-87AF0434410A}) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Allway Sync (HKLM-x32\...\{BD9C52C1-7971-47D1-AB95-5F1F9F34D35A}) (Version: 15.3.1 - Botkind, Inc.)
American Truck Simulator (HKLM-x32\...\Steam App 270880) (Version:  - SCS Software)
Apple Application Support (32-Bit) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Bonjour-Druckdienste (HKLM\...\{0DA20600-6130-443B-9D4B-F30520315FA6}) (Version: 2.0.2.0 - Apple Inc.)
Broadcom NetLink Controller (HKLM\...\{7FBA83D7-D58E-4B70-9B9B-12E95B183B22}) (Version: 16.6.1.3 - Broadcom Corporation)
Brother MFL-Pro Suite MFC-J6510DW (HKLM-x32\...\{17795164-3BC1-4D4F-8ADA-65C895EBFC9A}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.16 - Piriform)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version:  - Colossal Order Ltd.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.)
DiRT Rally (HKLM-x32\...\Steam App 310560) (Version:  - Codemasters Racing Studio)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)
EssentialPIM (HKLM-x32\...\EssentialPIM) (Version: 6.58 - Astonsoft Ltd)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version:  - SCS Software)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
F1 2012 (HKLM-x32\...\Steam App 208500) (Version:  - Codemasters Birmingham)
F1 2013 (HKLM-x32\...\Steam App 223670) (Version:  - Codemasters Birmingham)
F1 2015 (HKLM-x32\...\Steam App 286570) (Version:  - Codemasters)
Foxit PhantomPDF (HKLM-x32\...\{D4DF5498-C95C-4A02-9951-725FB2D7BC0D}) (Version: 6.0.121.624 - Foxit Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
GRID 2 (HKLM-x32\...\Steam App 44350) (Version:  - Codemasters Racing)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel RealSense Warrior Wave (HKLM-x32\...\Warrior Wave) (Version: 1.0.24 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3643 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Core (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): Face Tracking: Models (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime  (x86): User Notification Tool files and components (x32 Version: 3.1.0.25181 - Intel Corporation) Hidden
Intel® RealSense™ SDK 2014 Runtime (HKLM-x32\...\ARP_for_prd_rs_sdk_runtime_v3_3.1.0.85181) (Version: 3.1.0.85181 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
iTunes (HKLM\...\{A31C5565-90D9-4615-AE13-94D86C3836C7}) (Version: 12.3.3.17 - Apple Inc.)
Kinect for Windows Speech Recognition Language Pack (de-DE) (HKLM-x32\...\{898AA67F-99B8-4C7F-9611-B11F98EF6E78}) (Version: 11.0.7413.611 - Microsoft Corporation)
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.4.2.0 - GIANTS Software)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4815.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-489078762-871934448-399521353-1001\...\OneDriveSetup.exe) (Version: 17.3.6302.0225 - Microsoft Corporation)
Microsoft Server Speech Platform Runtime (x64) (HKLM\...\{3B433087-E62E-4BF5-97F9-4AF6E1C2409C}) (Version: 11.0.7400.345 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 364.72 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 364.72 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4815.1001 - Microsoft Corporation) Hidden
phase-6 2.3.5 (HKLM-x32\...\phase-6) (Version: 2.3.5 - phase-6)
Project CARS (HKLM-x32\...\Steam App 234630) (Version:  - Slightly Mad Studios)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.330 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.43 - Qualcomm Atheros)
RaceRoom Racing Experience  (HKLM-x32\...\Steam App 211500) (Version:  - Sector3 Studios)
RaceRoom Racing Experience Launcher (HKLM-x32\...\{1FD9F07F-7BBF-4C91-B3F0-A23714A3A913}_is1) (Version: 1.0 - Sector3 Studios)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39059 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7260 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16011.2 - Samsung Electronics Co., Ltd.) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version:  - SCS Software)
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
Spintires (HKLM-x32\...\Steam App 263280) (Version:  - Oovee® Game Studios)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TruckersMP 0.2.0.8.1 Alpha (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 0.2.0.8.1 Alpha - ETS2MP Team)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome to Intel RealSense 3D Camera (HKLM-x32\...\Welcome to Intel RealSense 3D Camera) (Version: 1.05 - Intel)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {07A88F54-C730-4DF8-BCC3-487E1A76ACF6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {144CF144-9872-4470-98C7-96F247898303} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe [2014-07-22] (Acer Incorporated)
Task: {2D8F5536-6E75-4A7B-9608-890995125601} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-10] (Adobe Systems Incorporated)
Task: {3386A9AD-41B9-44E2-8207-1CB1BBAC9757} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {61B4AA7B-433F-481E-B729-50D03345EA54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-09] (Google Inc.)
Task: {64463039-F0D9-4FA1-A62E-2423AEF171E6} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-489078762-871934448-399521353-1001 => C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-04-26] (Microsoft Corporation)
Task: {6E5497CD-4EAA-47CB-827D-E28BC9C911C1} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe [2014-06-17] (Acer Incorporated)
Task: {7D2CFD96-D1A2-45C2-974A-2814F836791E} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {7D36D36D-8C01-41F6-9BB6-AF7D5E84A5C4} - System32\Tasks\{BF66D5AD-3558-4BBF-9D5D-82147A5E9F3F} => pcalua.exe -a "C:\Program Files (x86)\Acer\abDocs\AcerDocsSetup.exe" -c -uninstall
Task: {91CFB104-0317-4B91-89F7-29EAFF0CD2B5} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)
Task: {95A1FE22-88D3-4336-B7AD-CCF5B920B496} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {9CAB6DED-5621-4F5E-9970-B32B21887A37} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-03-11] (Piriform Ltd)
Task: {9CF1FF96-5129-498B-A9F2-3EFF6A437F42} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)
Task: {BEB25077-0AEE-4334-8CD9-E0F48D46E870} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {C54C4F96-BDFA-4A9E-AAED-43F7385562F8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-04-18] (Microsoft Corporation)
Task: {D0A479A7-929A-49B8-8484-2E9B420B9332} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {E987A9FC-7172-4CFF-AC33-3F4B42D608F1} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-02-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01329936 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-30 13:10 - 2015-10-13 05:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-19 19:54 - 2016-02-17 08:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-03-01 21:16 - 2016-02-17 08:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-01-12 15:54 - 2012-04-24 12:43 - 00254512 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
2015-08-30 12:43 - 2010-03-16 01:04 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2016-03-29 11:31 - 2016-03-22 04:25 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-27 19:45 - 2014-08-27 19:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2014-08-27 19:41 - 2014-08-27 19:41 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2014-08-27 19:47 - 2014-08-27 19:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2015-06-17 12:50 - 2016-02-17 09:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-06-17 12:50 - 2016-02-17 09:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2014-04-07 16:13 - 2014-04-07 16:13 - 00052096 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2015-10-29 15:14 - 2015-10-29 15:14 - 00093488 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncappw.exe
2016-03-11 22:31 - 2016-03-11 22:31 - 00061440 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2016-03-18 23:55 - 2016-03-18 23:55 - 00306960 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-23 13:04 - 2016-04-21 07:10 - 02224280 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\libglesv2.dll
2016-04-23 13:04 - 2016-04-21 07:10 - 00097944 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.87\libegl.dll
2015-08-30 12:43 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-08-09 10:40 - 2016-02-17 09:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-09 19:48 - 2016-03-11 02:56 - 00783360 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 02549840 _____ () C:\Program Files (x86)\Steam\video.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-08-09 19:48 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-08-09 19:47 - 2016-02-09 01:14 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-08-09 19:48 - 2016-03-31 22:55 - 00829008 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-03-09 19:14 - 2016-02-18 00:25 - 00281088 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2015-10-29 13:44 - 2015-10-29 13:44 - 08569344 _____ () C:\Program Files (x86)\Allway Sync\Bin\syncapp.dll
2015-08-09 19:48 - 2016-02-09 03:33 - 48400672 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 01040656 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-03-18 23:56 - 2016-03-18 23:56 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-04-10 16:15 - 00001006 ____N C:\Windows\system32\Drivers\etc\hosts

127.0.0.1      down.baidu2016.com
127.0.0.1      123.sogou.com
127.0.0.1      www.czzsyzgm.com
127.0.0.1      www.czzsyzxl.com
127.0.0.1      union.baidu2019.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows Photo Viewer\Hintergrundbild der Windows-Fotoanzeige.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-489078762-871934448-399521353-1001\...\StartupApproved\Run: => "Spotify Web Helper"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5255B9A2-A987-47B7-AD1D-5B9EC09BBD29}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{177AEDA3-7A63-40BD-B9D2-86E5DE0B0525}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{168494FD-66C5-4C2A-AE2D-C1E8EEB66228}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{CCCF3C04-4E6A-46C3-93BD-28DAB4F8BD45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9F0CBB67-0577-48F2-9783-D423DE006369}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{03F81190-EA49-4E74-834F-09FB3235F302}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{42D08078-860B-4AE9-B02C-1B518878C94D}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{32F0C2BF-DAEF-4801-9CB7-A292D319B58E}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{B90645B1-0989-496E-B2E6-7C4AA0C67184}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{6D49E321-B7BE-48D9-96A8-FD265A4F9EB3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E4F3E027-28A6-4B3B-93AD-A37A06578C0F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{23684A87-38E4-4BA0-A204-6ECBEAD044B0}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{66D90117-1867-4F0A-B85C-CD00058459CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB017C7A-6014-404A-B10B-B38536445939}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2695E114-88E4-4C0F-A250-430847E147EB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0275EA0C-D51E-4E08-8874-4304C8165CCE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{D633977F-1C07-4F70-A691-EDAFC53FEB65}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{AB0B2FB5-21A1-45B6-B31C-5C19D4FD133C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B5B2424C-3B0D-4720-BF7A-87357F1E3177}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3B2ECB12-BCA8-47F3-A7FB-DD1715975F80}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{3A938CB8-68AA-46AE-ACD8-967440294721}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E8666CED-3003-4AE8-8F0A-62869EAB6068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{DAB988FC-FAEA-4D69-8B20-9DE4472466D9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFADCC7F-303F-4374-BB18-14622EEA487D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{0ED1EBD6-C022-4274-9495-D019F1FB9DA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{4054727D-41C2-4AD0-8069-88FDD7442191}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{514A81D2-AA7E-431C-977F-ED9E7C66B522}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{B7C60454-A552-4859-9BA2-65EFA7C40FA1}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{31B9CF05-4391-4741-85C8-1D900B7C846F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{C0010281-198A-4A0D-BFC3-F4928D9D45F6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A38C273F-78AF-4F85-A4C3-089100CFF807}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{02F30AB7-0A5A-4156-AA33-792730082FAE}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{1E20F0C0-1479-4194-A641-2774204AA61E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EABF564F-3340-43E5-8262-2CDEF4458F6C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{D4A908AA-782E-44A6-A6A5-77E5E204361B}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{2F2F3FAD-9AFD-4FA7-B4C6-0B8130B488E8}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{C3197FBD-F2D0-491C-8ECD-2CAEF5ACA4C5}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{FAD1F37E-0A45-4AAD-BC61-FCB84390D491}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{501C0F43-EBC3-4858-AF25-0B1E3D29C021}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{133E087A-AAF9-4BE6-A4F4-32EF738DC6E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{86FB5E4D-CB72-4A4C-98CD-2F892244BCBE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0EB6DFB3-0DF8-4215-AF62-52B0C597A470}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EF72E83F-26F9-4616-B64F-28D1250250DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{061DC6EF-0495-493B-81F1-DB74C9DB04A9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{BB2976D1-D38F-4137-B34D-066FA09B8682}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{5CD1601B-F887-4D2B-9367-5698E3A34B38}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{E486775E-0703-47C3-94F6-2D268BC6962B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2012\F1_2012.exe
FirewallRules: [{B05CBC4F-BC42-406D-8B87-F32FA2BAFE53}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{0EF656BD-F3FB-44B5-ACB6-096829CC86D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\f12013\F1_2013.exe
FirewallRules: [{573BC1AD-64F3-4BAB-AEA8-64DC16E4A4F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{49D2CD9B-E5B5-4777-92A5-AC8B7BBB7917}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\grid 2\grid2.exe
FirewallRules: [{16773875-EA72-44B6-912B-EC94F8A546CD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [{E9BCAC84-4BF9-41AF-8792-AFF33F96764A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spintires\SpinTires.exe
FirewallRules: [TCP Query User{00105315-7825-4946-BB0A-71F1E266630C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{B4C455B4-DEA3-44A7-991B-FFD1D366CA41}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{67B2E0AF-CCA2-4647-87DA-83930B1FEDEB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{F2D8E220-A092-42EA-9AF3-0EF775A171AC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\F1 2015\F1_2015.exe
FirewallRules: [{63976110-E447-4B78-B963-2FAB5EDAB20A}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{36C30BA6-9718-447F-B59F-0DD2AB2C28E1}] => (Allow) C:\Program Files (x86)\Brother\Brmfl10g\FAXRX.exe
FirewallRules: [{786CC2EB-683D-4794-BAAC-E38D81D66A17}] => (Allow) LPort=54925
FirewallRules: [{147D1EEF-67C4-4E55-B685-D77493CD480A}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{28B7563D-6764-437B-9E5E-1E988232B4F2}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{634A5341-F797-40F1-9AA3-D1E41EB72BB6}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{7EB100D4-EEE7-4EF8-A74D-3264DF9FD4F4}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{EA9AC0B9-6F1B-424E-8E48-64F4BF8126FA}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{2C2EA128-6412-4181-8A4D-D92E05B7EC75}] => (Allow) C:\Program Files (x86)\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{F40459FE-8EAC-433D-ACEA-97FDC5DA3D32}] => (Allow) C:\Users\Jan\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [TCP Query User{E9FFD9BF-2060-402E-AD79-C906B02B539C}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [UDP Query User{BA51C170-5763-45F1-8034-3938147ABCB3}C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe] => (Allow) C:\program files (x86)\landwirtschafts simulator 2015\x64\farmingsimulator2015game.exe
FirewallRules: [{E0CBDE1E-5C86-48CE-9802-86DA3BA91D52}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{E63F55E2-D563-4B39-A5AE-D87509A12EC9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\DiRT Rally\drt.exe
FirewallRules: [{BC520304-1C68-4BA3-89C4-32FEE1C82F4F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{E9DA2C27-251D-430B-A8E7-16A1D7319300}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\busdriver.exe
FirewallRules: [{A12925A2-9BA0-42AD-A3AE-FC712C36A199}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{341F4A65-AD01-449C-ADFD-E7E47CD8DDB1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Bus Driver\bin\win_x86\launcher.exe
FirewallRules: [{E21ADE07-AEE0-44C2-8E37-A0913B44A52A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{028CBB43-3354-487B-BB8B-FE14A4767410}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Trucks & Trailers\bin\win_x86\trucks_n_trailers.exe
FirewallRules: [{89D56416-7B46-4FCE-BFCC-4DE65FEA769F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{82F2CA31-99DA-4917-B91D-452B1D2B449F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{EC639DFF-6821-429A-951C-C651DC9B099F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [{C5753D9C-1DBE-434A-B4A2-DB3A2427141E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator\eurotrucks.exe
FirewallRules: [TCP Query User{3B3EFB66-147E-4B3D-997F-E504925A9C31}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{05FDD09D-27D4-4C69-8ECF-49B5354C1AE7}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C017ED3E-56ED-44CE-A897-2A0791F55148}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F39FBCC3-FEEB-423B-A925-E4AA7E88EFC5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{5B20645B-91CE-4204-8671-5DABE490E824}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{2F27CF8E-6801-45DF-845A-47F79EFE5CF5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Scania Truck Driving Simulator\bin\win_x86\scania_truck_driving_simulator.exe
FirewallRules: [{AE33FC29-0BE1-4DE7-A8FC-E7355C8B82F0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3C4815BF-CC19-401E-A619-F4CB7B4F63C0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\pCars\pCARS64.exe
FirewallRules: [{3981513C-C594-46CB-8249-9CB7FE806353}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E2230A58-72F0-4AB0-B896-309157D9C62C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{7F378F69-E9D6-46E3-AF0E-FEF3735F6932}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{8480922A-BF1B-4F54-87AA-1E80C8FA4C44}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C3A5C10A-5F58-4FC0-A69C-F02D39C6F7EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{2AF52FEC-CB35-4E46-B89F-D48C7F7EBABF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{31F29C08-C67C-4E2B-B50C-A0F57E70C6A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{3F8DD928-CAF0-484D-A929-8586394860B1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{84A5CEFF-F72F-4BC4-80E9-D5952EB5CF45}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{9735FA6C-8244-4C87-97B8-13C2E6FCF0C7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{19AEE153-F44C-401D-B689-8AE14321F908}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{38F358DC-8A96-40E9-B829-139198AFB4A5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\raceroom racing experience\Game\RRRE.exe

==================== Wiederherstellungspunkte =========================

25-04-2016 10:01:11 Installed Bonjour Print Services
29-04-2016 06:17:53 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (04/29/2016 03:14:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/29/2016 03:14:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/29/2016 03:14:07 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/29/2016 06:13:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/29/2016 06:13:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/29/2016 06:13:17 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/28/2016 07:28:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.

Error: (04/28/2016 07:28:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/28/2016 07:28:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

Error: (04/28/2016 07:14:28 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT)
Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich.


Systemfehler:
=============
Error: (04/29/2016 03:33:08 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/29/2016 03:27:27 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (04/29/2016 03:26:57 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (04/29/2016 06:37:28 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.219.254.0)

Error: (04/29/2016 06:37:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/29/2016 06:31:59 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/29/2016 06:30:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0xc190012f fehlgeschlagen: Upgrade auf Windows 10 Home, Version 1511, 10586

Error: (04/29/2016 06:19:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Definitionsupdate für Windows Defender – KB2267602 (Definition 1.219.254.0)

Error: (04/29/2016 06:19:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Defender-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%577

Error: (04/28/2016 09:09:14 PM) (Source: DCOM) (EventID: 10010) (User: Notebook-Jan2)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}


CodeIntegrity:
===================================
  Date: 2016-04-29 15:28:16.307
  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-04-29 06:37:22.076
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-29 06:31:59.964
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-29 06:19:12.832
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-28 20:10:51.423
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-28 19:22:14.511
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-28 18:50:06.946
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-28 18:28:18.073
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-28 18:20:51.807
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-04-27 20:39:00.102
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8115.27 MB
Verfügbarer physikalischer RAM: 5596.33 MB
Summe virtueller Speicher: 16819.27 MB
Verfügbarer virtueller Speicher: 13549.38 MB

==================== Laufwerke ================================

Drive c: (Acer) (Fixed) (Total:453.77 GB) (Free:219.3 GB) NTFS
Drive d: (DATA) (Fixed) (Total:453.77 GB) (Free:453.62 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 27067300)

Partition: GPT.

==================== Ende von Addition.txt ============================
Hallo Rafael,

Nein ich habe sonst keine Probleme mehr. Sollte ich welche haben werde ich mich melden.
Dann bedanke ich mich ganz herzlich für die sehr hilfreichen Antworten!!:)
Bis irgendwann mal.

Mfg,
Jan

burningice 29.04.2016 15:09
Bitte pass auf, wenn du von Chip oder anderen Portalen Software laden möchtest:
Warnung vor Benutzung des Chip-Installers

CHIP-Installer - was ist das?


Die Logs von deinem Rechner sehen jetzt für mich sauber aus: Herzlichen Glückwunsch - du bist Clean :daumenhoc



Zum Schluss müssen wir noch etwas aufräumen und ich gebe dir ein paar Hinweise mit auf den Weg:

Wichtig: Entfernen der verwendeten Tools
Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

http://filepony.de/icon/tiny/malware...ti_malware.png Malwarebytes Anti-Malware und http://filepony.de/icon/tiny/eset_online_scanner.pngESET kannst du als Ergänzung zu deiner bestehenden Antivirus-Lösung auf dem Computer belassen und deinen Computer damit regelmäßig scannen.


Persönliche Empfehlungen
Das wichtigste zu erst:

Schutz vor unerwünschter Software
Adware ist zu einer Art permanenten Bedrohung geworden, weil immer mehr Programme versuchen, einem beim Installieren noch was anderes unterzujubeln - und wie schnell hat man da ein Häkchen übersehen?

Darum: pass auf, wenn du dir Software aus dem Internet herunterlädst! Viele Portale im Internet wie Chip, Softonic und Sourceforge versuchen häufig, dir Adware oder sonstige Downloader mit unerwünschten Programmen unterzujubeln. Downloade nach Möglichkeit immer direkt von der Herstellerseite oder alternativ von einem sauberen Download-Portal, wie von FilePony.de.
Lese dir dazu auch folgenden Artikel durch: CHIP-Installer - was ist das? - Anleitungen

Selbst wenn du ein Programm von einer seriösen Quelle heruntergeladen hast, ist das keine Garantie, dass dein Programm nicht doch versucht, unerwünschte Änderungen an deinem Computer vorzunehmen. So versuchen immer mehr Programme, durch modifizierte Installationsroutinen unerwünschte Programme mit auf deinen PC zu schleusen. Das klappt leider auch häufig, weil viele Anwender nicht lesen, was auf dem Bildschirm steht und stattdessen schnell durchklicken.
Deshalb: Wenn du ein Programm installierst, wähle immer die benutzerdefinierte Installation und schaue, was du da gerade eigentlich alles mit einem Klick auf "Ok" oder "Weiter" abnickst - entferne entsprechend die Haken bei Dingen, die du nicht möchtest. Wer lesen kann, ist klar im Vorteil!

Benutze keine Optimizer, Cleaner oder sonstige SpeedUp Wunder, da diese Tools fast nie einen auch nur messbaren Performancegewinn bringen.
Du kannst jedoch regelmäßig auf deinem PC die Datenträgerbereinigung ausführen, so gewinnst du belegten Speicherplatz zurück.

Aktiviere in deiner Virenschutzlösungen den "Schutz vor potentiell unerwünschter Software", um dich bestmöglich zu schützen.

Guter Trick: Wenn du den kostenlosen Windows Defender benutzt (ab Windows 8), kannst du einen vergleichbaren Schutz durch einen kleinen Trick auch nutzen! Lese dazu folgenden Artikel um dich mehr zu informieren: Windows mit verstecktem Adware-Killer
Zum aktivieren dieses "Tricks" lade einfach nur diese Datei und führe sie aus: MpEnablePlus.reg

Tipps, um dein System sicherer zu machen
Halte immer deine Plug-ins und Software, insbesondere deinen Browser aktuell. Deinstalliere wenn möglich Java und den Adobe Flashplayer von deinem Computer. Neuerdings benötigt man sie fast nie mehr und stellen darum nur mehr eine unnötige Sicherheitslücke auf deinem Computer dar. Wenn du sie doch unbedingt benötigst, halte sie aber unbedingt aktuell.

Weiters kannst du dir http://filepony.de/icon/tiny/malware...ti_exploit.pngMalwarebytes Anti-Exploit installieren. Es schützt gegen viele aktuelle Sicherheitslücken und erhöht so deine Sicherheit.

Passwörter
Ändere regelmäßig deine Passwörter! Zudem musst du sichere Passwörter benutzen, das bedeutet: mindestens 8 Zeichen, Groß- und Kleinbuchstaben und Sonderzeichen.
Ganz wichtig: benutze pro Account ein anderes Passwort!
Tipp: Benutze einen Spruch, den du dir leicht merken kannst, als Hilfe für ein Passwort! Zum Beispiel: Der Himmel ist blau und wenn es regnet?-grau ==> DHibuwer?-grau


Unterstütze uns und empfiehl uns weiter

Du kennst Freunde und Bekannte, die Probleme mit ihrem Computer haben? Schick sie doch zu uns auf das Trojaner Board, wir helfen gerne :daumenhoc

Wenn du uns mit einer Spende unterstützen möchtest, freuen wir uns sehr und dies kannst du hier tun: http://www.trojaner-board.de/79994-s...ndenkonto.html Herzlichen Dank dafür :party:

Wir machen diese Tätigkeit hier freiwillig, darum freue ich mich besonders über ein kurzes Danke, wenn du mit mir zufrieden warest oder sonst über Verbesserungsvorschläge - das kannst du gerne hier machen :)

Besuche und like unsere Facebook-Seite! http://3.bp.blogspot.com/--h4eLCX9kl...ike-symbol.png


:abklatsch: Danke für deine Mitarbeit und alles Gute! :abklatsch:

Bitte gib mir Bescheid, wenn du das alles gelesen hast und du keine weiteren Fragen mehr hast.

Jan02 29.04.2016 15:22
Hallo Rafael,

Habe alles gelesen und keine weiteren Fragen mehr.
DANKE FÜR ALLES

Mfg,
Jan

burningice 30.04.2016 19:53
bitte, freut mich, dass ich helfen konnte :)


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:03 Uhr.

Copyright ©2000-2024, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58