Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

suspected Infection of my laptop

Started by Vektic , Jul 09 2016 03:03 PM
laptop; performance; graphics; low FPS;

  • Please log in to reply

#1
Vektic
Posted 09 July 2016 - 03:03 PM

Vektic

    New Member

  • Member
  • Pip
  • 3 posts

Hello,

 

First  off, I wanna say, that I am not sure what is causing my problems, and I dont get any weird popups or toolbars, or find suspicious programs sucking up space in taskmanager. So I'm not sure if its actually a virus. Despite this, I'd really appreciate you having a look over it. Thanks alot in advance. I`ve first encountered problems relating to this issue several months ago, although back then I had no immediate need for help, as I didnt really use my Laptop back then. Its a MSI GE60 0ND, fyi. The performance took a huge hit and now many graphics-intense programs can only be run at the lowest settings and at about 30 FPS, whereas they used to work at 60 FPS, even with maxed out settings. There is nothing suspicious to be found in the taskmanager and overheating isn't an issue either. My first thought was that the HDD might jsut be old, so i defragged it and ran CCleaner, as well as freeing up about 100GB of space without any effect on the performance. I have then run "System Requirements Lab Detection" to find out that primarily the 3D graphics are lackluster now. Here my observation stops, as I dont have the tech-confidence to screw around with my BIOS or do anything that requires more than a basic understanding of technology. Anyways, thanks so much for helping me deal with this problem of mine, and please excuse that the report below is in german, I hope that won't be to much trouble. Greeting, Laurin 

 

 

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
durchgeführt von Laurin (Administrator) auf LAURIN-PC (09-07-2016 22:42:00)
Gestartet von C:\Users\Laurin\Desktop
Geladene Profile: Admini & Laurin (Verfügbare Profile: Admini & Laurin)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 
(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Spotify Ltd) C:\Users\Laurin\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Spotify Ltd) C:\Users\Laurin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Laurin\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Laurin\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Laurin\AppData\Roaming\Spotify\Spotify.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.1.22\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.62\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.205\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3349208 2016-07-08] (ELAN Microelectronics Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-06-08] (LogMeIn Inc.)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [SSync] => C:\Users\Admini\AppData\Roaming\SSync\SSync.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [EADM] => C:\Users\Public\Desktop\Origin\Origin.exe [3632112 2015-07-16] (Electronic Arts)
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [242688 2013-11-05] (SteelSeries ApS)
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [Intermediate] => C:\Users\Admini\AppData\Roaming\Intermediate\Intermediate.exe [37376 2013-12-09] ()
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [Sixth] => C:\Users\Admini\AppData\Roaming\Sixth\Sixth.exe [63624 2014-08-04] ()
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [MKLOL] => C:\Users\Admini\Desktop\MKJogo\MK IM\Bin\MKIM.exe [1092296 2015-06-05] ()
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [DataMgr] => C:\Users\Admini\AppData\Roaming\DataMgr\DataMgr.exe [168824 2014-01-23] (HTTO Group, Ltd.)
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [Gameo] => C:\Users\Admini\AppData\Roaming\Gameo\gameo.exe [42482176 2015-07-04] ()
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50670720 2016-03-01] (Skype Technologies S.A.)
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\...\Run: [SCheck] => C:\Users\Admini\AppData\Roaming\SCheck\SCheck.exe [51200 2015-10-26] ()
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Run: [Spotify Web Helper] => C:\Users\Laurin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-07-06] (Spotify Ltd)
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Run: [Spotify] => C:\Users\Laurin\AppData\Roaming\Spotify\Spotify.exe [7003760 2016-07-06] (Spotify Ltd)
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8824024 2016-06-21] (Piriform Ltd)
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\RunOnce: [Uninstall C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\MountPoints2: {e035a877-f067-11e5-bf19-8c89a50ac9db} - "E:\Startme.exe" 
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\lol.scr
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation)
Startup: C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-04-30]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Keine Datei)
Startup: C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-04]
ShortcutTarget: Curse.lnk -> C:\Users\Laurin\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-1109650262-165368546-2739042002-1002\User: Beschränkung <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-1109650262-165368546-2739042002-1001\User: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
 
==================== Internet (Nicht auf der Ausnahmeliste) ====================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{39b04176-13be-4de7-81f7-51f8cb930285}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{77ed79c4-9efd-4bd2-8dc5-1c00dad8904a}: [DhcpNameServer] 192.168.178.1
 
Internet Explorer:
==================
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.fdownloadr.com/?channel=fpo2&pt2610=3&t=
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
HKU\S-1-5-21-1109650262-165368546-2739042002-1001\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AICGygWdSngc7wSn1mkv6SQQiwOg2Dgo_mhfSbDtTA41rt5ipBIm2m8QG8IiMTKL8eUPbm0Gn9lZQg,,
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Software\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {ielnksrch} URL = 
SearchScopes: HKLM-x32 -> ielnksrch URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fdownloadr.com/search.php?channel=fpo2&pt2610=3&q={searchTerms}&t=
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://search.fdownloadr.com/search.php?channel=fpo2&pt2610=3&q={searchTerms}&t=
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> {C2DD0E45-0568-4C37-8095-A976A6AB30E7} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^DE&gct=&itbv=12.7.0.15&apn_uid=8FEA85D4-B700-4CE6-B154-43EC2BE57779&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^DE&apn_dbr=ie_10.0.9200.16537&doi=2014-02-03&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> {F7C78C08-3CC7-416F-B827-7C1785ABBDA8} URL = hxxp://wisersearch.com/search.php?channel=de&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> DefaultScope {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {16D9A07F-1338-40E7-9062-F20DF5914A31} URL = hxxp://start.iminent.com/?appId=C062EA0A-8BC6-44F0-997A-0F84B6BEA366&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {414F6B76-E0DA-4867-81F7-467047698EAA} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = 
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {A501C3BA-F4C0-4CB1-AF90-49362A0DAC85} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {C12D09C7-EBD2-4340-99D0-CF188C6800B4} URL = hxxp://www.search.ask.com/web?tpid=ORJ-V7C&o=APN11406&pf=V7&p2=^BBE^OSJ000^YY^DE&gct=&itbv=12.7.0.15&apn_uid=8FEA85D4-B700-4CE6-B154-43EC2BE57779&apn_ptnrs=BBE&apn_dtid=^OSJ000^YY^DE&apn_dbr=ie_10.0.9200.16537&doi=2014-02-03&trgb=IE&q={searchTerms}&psv=&pt=tb
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {EAF3ABD0-FE6D-4E33-B83F-FC625215CD1D} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {F0BA6593-F952-44C1-969D-48B827D2186D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {ielnksrch} URL = hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIz8Wcvda4f4-pJxWX46Sc4EiwnMdmjvTiIV6IxBPowC56jXUthVuhM0jSO1O4ZIVSnfpsBDcTmyfQ,,&q={searchTerms}
BHO: Kein Name -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> Keine Datei
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-09] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation)
BHO-x32: OfferMosquito -> {82B16A3D-F03E-4565-A532-666B219C9A53} -> C:\Users\Admini\AppData\Local\ext_offermosquito\OfferMosquitoIEPlaceholder.dll [2014-02-05] (Bebo Media Ltd)
BHO-x32: Kein Name -> {a5bfd1d3-18b6-4fc3-b3f9-262ae3552dbe} -> Keine Datei
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Toolbar: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> Kein Name - {4F524A2D-5637-4300-76A7-7A786E7484D7} -  Keine Datei
IE Session Restore: HKU\S-1-5-21-1109650262-165368546-2739042002-1001 -> ist aktiviert.
Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
 
Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> hxxp://go.web.de/tb/ie_startpage
 
FireFox:
========
FF ProfilePath: C:\Users\Laurin\AppData\Roaming\Mozilla\Firefox\Profiles\66klgi3w.default-1461020729735
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2014-12-11] ()
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-09] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2014-12-11] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
FF Plugin HKU\S-1-5-21-1109650262-165368546-2739042002-1001: bebomedia.com/OfferMosquitoIEHelper -> C:\Users\Admini\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll [2014-02-05] (Bebo Media Ltd)
FF Plugin HKU\S-1-5-21-1109650262-165368546-2739042002-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Laurin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-1109650262-165368546-2739042002-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-01-03] ()
FF Extension: Adblock Plus - C:\Users\Laurin\AppData\Roaming\Mozilla\Firefox\Profiles\66klgi3w.default-1461020729735\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
 
Chrome: 
=======
CHR HomePage: Profile 1 -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIznpj02b-GFRmQ6lwyXzT5i1RmT-7b-qD_TRukakY3u7HjiRh-S7m_8xgTuKpbKcieJNV9qkNlgHQ,,
CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
CHR Profile: C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
CHR Extension: (Google Docs) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17]
CHR Extension: (Google Drive) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-17]
CHR Extension: (YouTube) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
CHR Extension: (Google Search) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-17]
CHR Extension: (Google Sheets) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
CHR Extension: (Bronze Aid) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fflhpnkiccpihhhnljkflpeccfjdoagc [2015-12-16] [UpdateUrl: hxxp://cdn.bronzeaid.com/update] <==== ACHTUNG
CHR Extension: (Google Docs Offline) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
CHR Extension: (WebGL Earth) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgafkkfnmkbdeejdgefkpcmimbommna [2015-08-17]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-17]
CHR Extension: (Skype Click to Call) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
CHR Extension: (Gmail) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17]
CHR Profile: C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Adblock Plus) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-03]
CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-01-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1109650262-165368546-2739042002-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [gbmdkmlcnbapgegninelmjbfibaghdmk] - C:\Users\Admini\AppData\Local\Google\Chrome\User Data\Default\ext_offermosquito\ext_offermosquito.crx [2014-02-28]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
 
Opera: 
=======
OPR Extension: (Adblock Plus) - C:\Users\Laurin\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-07-06]
 
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-08-01] ()
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
S2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2016-07-08] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-11] (Intel Corporation)
S2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-06-07] (LogMeIn, Inc.)
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-11] ()
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-22] ()
R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-10-30] (Enigma Software Group USA, LLC.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
 
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2016-07-08] (Cypress Semiconductor, Inc.)
R3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-10-30] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-10-30] ()
S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-08] (REALiX™)
S3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows ® Codename Longhorn DDK provider)
R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-07-08] (Qualcomm Atheros, Inc.)
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-07-08] (Intel Corporation)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3363112 2015-07-28] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2016-01-21] (Wellbia.com Co., Ltd.)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
 
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 
==================== Ein Monat: Erstellte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2016-07-09 22:42 - 2016-07-09 22:42 - 00032083 _____ C:\Users\Laurin\Desktop\FRST.txt
2016-07-09 22:41 - 2016-07-09 22:42 - 00000000 ____D C:\FRST
2016-07-09 22:40 - 2016-07-09 22:40 - 02390016 _____ (Farbar) C:\Users\Laurin\Downloads\FRST64.exe
2016-07-09 22:40 - 2016-07-09 22:40 - 02390016 _____ (Farbar) C:\Users\Laurin\Desktop\FRST64.exe
2016-07-09 22:34 - 2016-07-09 22:34 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2016-07-09 22:34 - 2016-07-09 22:34 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-07-09 22:34 - 2016-07-09 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-07-09 22:34 - 2016-07-09 22:34 - 00000000 ____D C:\Program Files\CCleaner
2016-07-09 22:33 - 2016-07-09 22:33 - 06996256 _____ (Piriform Ltd) C:\Users\Laurin\Downloads\ccsetup_519.exe
2016-07-09 21:56 - 2016-07-09 21:56 - 19464906 _____ C:\Users\Laurin\Downloads\SpotifyLyrics-x86_64.exe
2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\Users\Laurin\Documents\PassMark
2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\Users\Laurin\AppData\Local\PassMark
2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\ProgramData\Passmark
2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\Program Files\PerformanceTest
2016-07-09 20:12 - 2016-07-09 20:13 - 27054872 _____ (Passmark Software ) C:\Users\Laurin\Downloads\petst.exe
2016-07-09 20:10 - 2016-07-09 20:11 - 03887840 _____ (Husdawg, LLC) C:\Users\Laurin\Downloads\Detection.exe
2016-07-09 18:09 - 2016-07-09 18:09 - 00048261 _____ C:\Users\Laurin\Downloads\philosophie und weisheit.pdf
2016-07-09 16:25 - 2016-07-09 16:25 - 00007605 _____ C:\Users\Laurin\AppData\Local\Resmon.ResmonCfg
2016-07-09 15:25 - 2016-07-09 15:25 - 00000000 ____D C:\Users\Laurin\AppData\Local\Bluestacks
2016-07-08 22:40 - 2016-07-08 22:40 - 00000000 ____D C:\ProgramData\Avg_Update_0516piz
2016-07-08 22:38 - 2016-07-08 22:38 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\AVG
2016-07-08 22:35 - 2016-07-08 22:48 - 00000000 ___HD C:\$AVG
2016-07-08 22:34 - 2016-07-08 22:48 - 00000000 ____D C:\ProgramData\MFAData
2016-07-08 22:34 - 2016-07-08 22:34 - 00000000 ____D C:\Users\Laurin\AppData\Local\MFAData
2016-07-08 22:33 - 2016-07-08 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-07-08 22:32 - 2016-07-08 22:35 - 00000000 ____D C:\Program Files (x86)\AVG
2016-07-08 22:31 - 2016-07-08 22:48 - 00000000 ____D C:\Users\Laurin\AppData\Local\AvgSetupLog
2016-07-08 22:31 - 2016-07-08 22:37 - 00000000 ____D C:\Users\Laurin\AppData\Local\Avg
2016-07-08 22:31 - 2016-07-08 22:35 - 00000000 ____D C:\ProgramData\Avg
2016-07-08 22:31 - 2016-07-08 22:31 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Laurin\Downloads\AVG_Protection_Free_1606.exe
2016-07-08 20:08 - 2016-07-08 20:09 - 00063824 _____ C:\Users\Laurin\Downloads\In_the_Loop_2009.DVDRip.DMT.en.zip
2016-07-08 20:07 - 2016-07-08 20:07 - 00989680 _____ (Garafekam ) C:\Users\Laurin\Downloads\in-the-loop-bos-6479603 (1).exe
2016-07-08 20:06 - 2016-07-08 20:07 - 00989680 _____ (Garafekam ) C:\Users\Laurin\Downloads\in-the-loop-bos-6479603.exe
2016-07-08 18:16 - 2016-07-08 18:16 - 00000000 _____ C:\Users\Laurin\AppData\Local\Driver_LOM_8161Present.flag
2016-07-08 18:07 - 2016-07-08 18:07 - 05885651 _____ C:\Users\Laurin\Downloads\lan_rtl8111e_vl_8.2.612.2012_w800.zip
2016-07-08 18:01 - 2016-07-08 18:07 - 351144222 _____ C:\Users\Laurin\Downloads\lan_killer_8.1.0.23_1.1.42.1045package_0x8d486875_818700 (1).zip
2016-07-08 17:58 - 2016-07-08 17:58 - 06012956 _____ C:\Users\Laurin\Downloads\j8rb03ww.zip
2016-07-08 17:34 - 2016-07-08 17:35 - 41176512 _____ C:\Users\Laurin\Downloads\PROWinx64.exe
2016-07-08 17:27 - 2016-07-08 17:27 - 31001328 _____ (Riot Games) C:\Users\Laurin\Downloads\LeagueofLegends_EUW_Installer_2016_05_13.exe
2016-07-08 16:55 - 2016-07-08 16:55 - 00019968 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cykbfltr.sys
2016-07-08 16:50 - 2016-07-08 16:50 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2016-07-08 16:49 - 2016-07-08 16:49 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-07-08 16:49 - 2016-07-08 16:49 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-07-08 16:49 - 2016-07-08 16:49 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-07-08 16:47 - 2016-07-08 16:49 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-07-08 16:46 - 2016-07-08 16:46 - 00058584 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
2016-07-08 16:41 - 2016-07-08 16:41 - 00000000 ____D C:\ProgramData\ProductData
2016-07-08 16:40 - 2016-07-08 16:40 - 00000000 ____D C:\WINDOWS\IObit
2016-07-08 16:39 - 2016-07-09 15:21 - 00003018 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Laurin)
2016-07-08 16:39 - 2016-07-08 16:55 - 00002237 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-07-08 16:39 - 2016-07-08 16:41 - 00000000 ____D C:\Users\Laurin\AppData\LocalLow\IObit
2016-07-08 16:39 - 2016-07-08 16:39 - 00027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-07-08 16:39 - 2016-07-08 16:39 - 00003372 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-07-08 16:39 - 2016-07-08 16:39 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\IObit
2016-07-08 16:39 - 2016-07-08 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-07-08 16:39 - 2016-07-08 16:39 - 00000000 ____D C:\ProgramData\IObit
2016-07-08 16:39 - 2016-07-08 16:39 - 00000000 ____D C:\Program Files (x86)\IObit
2016-07-08 16:38 - 2016-07-08 16:52 - 00000000 ____D C:\Users\Laurin\AppData\Local\Downloaded Installations
2016-07-08 16:35 - 2016-07-08 16:35 - 01474568 _____ C:\Users\Laurin\Downloads\Driver Booster Free - CHIP-Installer.exe
2016-07-08 16:35 - 2016-07-08 16:35 - 01474568 _____ C:\Users\Laurin\Downloads\Driver Booster Free - CHIP-Installer (1).exe
2016-07-06 23:49 - 2016-07-09 21:05 - 00000000 ____D C:\Users\Laurin\AppData\Local\Spotify
2016-07-06 23:49 - 2016-07-06 23:49 - 00001894 _____ C:\Users\Laurin\Desktop\Spotify.lnk
2016-07-06 23:49 - 2016-07-06 23:49 - 00001880 _____ C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-07-06 23:48 - 2016-07-09 21:05 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Spotify
2016-07-06 23:46 - 2016-07-06 23:46 - 00348376 _____ (Spotify Ltd) C:\Users\Laurin\Downloads\SpotifySetup (4).exe
2016-07-06 11:53 - 2016-07-06 11:53 - 00348376 _____ (Spotify Ltd) C:\Users\Laurin\Downloads\SpotifySetup (3).exe
2016-07-05 20:26 - 2016-07-05 20:26 - 00000000 ___HD C:\OneDriveTemp
2016-07-05 17:36 - 2016-07-05 17:37 - 00000000 ____D C:\Users\Laurin\Documents\FTBInventions
2016-07-01 23:21 - 2016-07-01 23:22 - 05756448 _____ (Piriform Ltd) C:\Users\Laurin\Downloads\ccsetup519_slim.exe
2016-07-01 23:21 - 2016-07-01 23:22 - 05756448 _____ (Piriform Ltd) C:\Users\Laurin\Downloads\ccsetup519_slim (1).exe
2016-06-30 18:07 - 2016-06-30 18:07 - 00000222 _____ C:\Users\Laurin\Desktop\Spelunky.url
2016-06-29 18:38 - 2016-06-29 18:38 - 00110709 _____ C:\Users\Laurin\Desktop\Handlung Deutsch.pdf
2016-06-29 14:15 - 2016-06-29 18:38 - 00048644 _____ C:\Users\Laurin\Desktop\Handlung Deutsch.pptx
2016-06-24 18:01 - 2016-06-25 13:20 - 00000000 ____D C:\Users\Laurin\Documents\Darkest
2016-06-24 17:54 - 2016-06-24 17:54 - 00000222 _____ C:\Users\Laurin\Desktop\Darkest Dungeon.url
2016-06-22 19:08 - 2016-06-22 19:09 - 12495254 _____ C:\Users\Laurin\Downloads\tPC Parkour Ver 2.2.zip
2016-06-22 17:21 - 2016-06-22 17:22 - 16967135 _____ C:\Users\Laurin\Downloads\PureBDcraft  64x MC110 (1).zip
2016-06-22 17:18 - 2016-06-22 17:21 - 16967135 _____ C:\Users\Laurin\Downloads\PureBDcraft  64x MC110.zip
2016-06-22 17:14 - 2016-06-22 17:14 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\.minecraft2
2016-06-22 17:11 - 2016-06-22 17:12 - 09218216 _____ C:\Users\Laurin\Downloads\SolveITCase4.zip
2016-06-22 15:53 - 2016-06-22 15:53 - 00348376 _____ (Spotify Ltd) C:\Users\Laurin\Downloads\SpotifySetup (2).exe
2016-06-21 22:53 - 2016-06-21 22:53 - 01429211 _____ C:\Users\Laurin\Downloads\das_schwarze_auge_pfad_nach_aventurien_d84f (1).pdf
2016-06-16 23:09 - 2016-06-16 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2016-06-16 23:09 - 2016-06-16 23:09 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2016-06-15 04:07 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 04:07 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 04:07 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 04:07 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 04:07 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 04:07 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 04:07 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 04:07 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 04:07 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 04:07 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 04:07 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 04:07 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 04:07 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 04:07 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 04:07 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 04:07 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 04:07 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 04:07 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 04:07 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 04:07 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 04:07 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 04:07 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 04:07 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 04:07 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 04:07 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 04:07 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 04:07 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 04:06 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 04:06 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 04:06 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 04:06 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 04:06 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 04:06 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 04:06 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 04:06 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 04:06 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 04:06 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 04:06 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 04:06 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 04:06 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 04:06 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 04:06 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 04:06 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 04:06 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 04:06 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 04:06 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 04:06 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 04:06 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 04:06 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 04:06 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 04:06 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 04:06 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 04:06 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 04:06 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 04:06 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 04:06 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 04:06 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 04:06 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 04:06 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 04:06 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 04:06 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 04:06 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 04:06 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 04:06 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 04:06 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 04:06 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 04:06 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 04:06 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 04:06 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 04:05 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 04:05 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 04:05 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 04:05 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 04:05 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 04:05 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 04:05 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 04:05 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 04:05 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 04:05 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 04:05 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 04:05 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 04:05 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 04:05 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 04:05 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 04:05 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 04:05 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 04:05 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 04:05 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 04:05 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 04:05 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 04:05 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 04:05 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 04:05 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 04:05 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 04:05 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 04:05 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 04:05 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 04:05 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 04:05 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 04:05 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 04:05 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 04:05 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 04:05 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 04:05 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 04:05 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 04:05 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 04:05 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 04:05 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 04:05 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 04:05 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 04:05 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 04:05 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 04:05 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 04:05 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 04:05 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 04:05 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 04:05 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 04:05 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 04:05 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 04:05 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 04:05 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 04:05 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 04:05 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 04:05 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 04:05 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 04:05 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 04:05 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 04:05 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 04:05 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 04:05 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 04:05 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 04:05 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 04:05 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 04:05 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 04:05 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 04:05 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 04:05 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 04:05 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 04:05 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 04:05 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 04:05 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 04:05 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 04:05 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 04:05 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 04:05 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 04:05 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 04:05 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 04:05 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 04:05 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 04:05 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 04:05 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 04:05 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 04:05 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 04:05 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 04:05 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 04:05 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 04:05 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 04:04 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 04:04 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 04:04 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 04:04 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 04:04 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 04:04 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 04:04 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 04:04 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 04:04 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 04:04 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 04:04 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 04:04 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 04:04 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 04:04 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 04:04 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 04:04 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 04:04 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 04:04 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 04:04 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 04:04 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 04:04 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 04:04 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 04:04 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 04:04 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 04:04 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 04:04 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 04:04 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 04:04 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 04:04 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 04:04 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 04:04 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 04:04 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 04:04 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 04:04 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 04:04 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 04:04 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 04:04 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 04:04 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 04:04 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 04:04 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 04:04 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 04:04 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 04:04 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 04:04 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 04:04 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 04:04 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 04:04 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 04:04 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 04:04 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 04:04 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 04:04 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 04:04 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 04:04 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 04:04 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 04:04 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 04:04 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 04:04 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 04:04 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-15 00:13 - 2016-06-15 00:13 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Raptr
2016-06-15 00:13 - 2016-06-15 00:13 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\library_dir
2016-06-15 00:13 - 2016-06-15 00:13 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
2016-06-15 00:12 - 2016-06-15 00:12 - 00077504 _____ C:\Users\Laurin\Downloads\playstv_installer.exe
2016-06-12 17:11 - 2016-06-12 17:14 - 122274373 _____ C:\Users\Laurin\Downloads\Game-of-Thrones-s06e08-Season-6-Episode-8-No-One-full-episode¾'^ €îºF-O.mp4
2016-06-10 14:35 - 2016-06-10 14:35 - 00094056 _____ C:\Users\Laurin\Downloads\ueb_berechnungen_mwg (1).pdf
2016-06-10 14:21 - 2016-06-10 14:21 - 00094056 _____ C:\Users\Laurin\Downloads\ueb_berechnungen_mwg.pdf
2016-06-09 15:27 - 2016-06-09 15:27 - 00018992 _____ C:\Users\Laurin\Downloads\Sportstundenprotokoll.odt
 
==================== Ein Monat: Geänderte Dateien und Ordner ========
 
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 
2016-07-09 21:54 - 2014-01-30 16:14 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-09 21:14 - 2014-02-24 17:51 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\TS3Client
2016-07-09 19:01 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-09 19:01 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-09 19:01 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-09 19:01 - 2015-09-04 10:08 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-09 17:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-09 16:32 - 2014-02-24 17:50 - 00000000 ____D C:\Users\Laurin\AppData\Local\TeamSpeak 3 Client
2016-07-09 15:26 - 2014-12-14 18:56 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Samsung
2016-07-09 15:26 - 2014-12-14 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-07-09 15:26 - 2014-12-14 18:55 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-07-09 15:26 - 2014-06-13 09:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-09 15:25 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
2016-07-09 15:24 - 2016-01-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2016-07-09 15:24 - 2016-01-21 18:19 - 00000000 ____D C:\Program Files (x86)\NCWest
2016-07-09 15:23 - 2016-01-21 18:21 - 00000000 ____D C:\Program Files (x86)\NCSOFT
2016-07-09 15:22 - 2016-01-21 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2016-07-09 15:21 - 2014-02-02 22:09 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-09 15:18 - 2015-10-11 00:07 - 00000388 _____ C:\WINDOWS\Tasks\XPRICZF1.job
2016-07-09 15:18 - 2015-09-04 14:39 - 00000000 __SHD C:\Users\Laurin\IntelGraphicsProfiles
2016-07-09 15:18 - 2014-01-30 16:14 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-09 14:56 - 2014-10-23 20:54 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{566DEBF7-F642-4659-9FA1-790F5B96B94E}
2016-07-09 13:52 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-09 00:01 - 2014-12-14 19:08 - 00000000 ____D C:\Users\Laurin\AppData\Local\Samsung
2016-07-08 23:59 - 2014-12-14 19:03 - 00000000 ____D C:\ProgramData\Samsung
2016-07-08 22:48 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2016-07-08 22:39 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-08 22:36 - 2015-11-08 18:49 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\TuneUp Software
2016-07-08 18:48 - 2016-01-02 07:22 - 00000000 ____D C:\Windows.old
2016-07-08 18:33 - 2016-01-02 08:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-08 18:32 - 2016-01-02 07:33 - 00000000 ____D C:\Program Files\Elantech
2016-07-08 18:31 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-08 18:30 - 2016-01-02 07:40 - 00000000 ____D C:\Users\Laurin
2016-07-08 18:30 - 2015-05-13 16:37 - 00000000 ___RD C:\Users\Laurin\OneDrive
2016-07-08 17:46 - 2016-01-28 19:12 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-07-08 17:34 - 2014-08-03 13:40 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
2016-07-08 17:33 - 2014-02-15 16:05 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Riot Games
2016-07-08 17:22 - 2014-01-30 16:01 - 00000000 ____D C:\Users\Laurin\AppData\Local\Packages
2016-07-08 17:19 - 2016-01-04 01:46 - 00000000 ____D C:\ProgramData\HappyCloud
2016-07-08 17:19 - 2016-01-04 01:46 - 00000000 ____D C:\AeriaGames
2016-07-08 17:19 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-08 17:19 - 2014-02-04 22:07 - 00000000 ____D C:\Program Files (x86)\Origin Games
2016-07-08 17:17 - 2016-01-08 22:59 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
2016-07-08 17:14 - 2015-11-25 20:10 - 00000000 ____D C:\Program Files (x86)\LSI
2016-07-08 17:13 - 2014-10-23 17:22 - 00000000 ____D C:\Program Files (x86)\Steam
2016-07-08 17:13 - 2014-02-20 20:44 - 00000000 ____D C:\Riot Games
2016-07-08 17:01 - 2014-02-15 16:08 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
2016-07-08 16:49 - 2012-03-29 08:26 - 00367320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2016-07-08 16:48 - 2016-02-05 17:55 - 00162456 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\e2xw10x64.sys
2016-07-08 16:46 - 2015-12-17 20:53 - 00454744 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
2016-07-07 21:57 - 2015-12-30 00:59 - 00000002 _____ C:\end
2016-07-07 17:37 - 2015-10-11 00:08 - 00003980 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1444514887
2016-07-07 17:37 - 2015-10-11 00:08 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-07-07 17:37 - 2015-10-11 00:07 - 00000000 ____D C:\Program Files (x86)\Opera
2016-07-07 02:39 - 2014-01-30 15:13 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-07 01:01 - 2014-12-11 18:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-07-05 17:52 - 2016-04-18 18:11 - 00271013 _____ C:\Users\Laurin\Documents\MinecraftLog.txt
2016-07-05 17:52 - 2016-04-18 18:11 - 00038473 _____ C:\Users\Laurin\Documents\FTBLauncherLog.txt
2016-07-05 17:36 - 2016-04-17 22:00 - 00000000 ____D C:\Users\Laurin\AppData\Local\ftblauncher
2016-07-01 23:29 - 2014-10-17 21:01 - 00000000 ____D C:\Users\Laurin\AppData\Local\LogMeIn Hamachi
2016-07-01 23:28 - 2016-06-04 18:08 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-24 04:25 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 19:06 - 2014-02-03 22:47 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\.minecraft
2016-06-21 12:48 - 2016-05-22 22:24 - 00000000 ____D C:\Users\Laurin\Desktop\ab 20.05.16
2016-06-19 17:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-18 03:56 - 2014-01-30 16:15 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 03:56 - 2014-01-30 16:15 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 01:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 23:10 - 2015-09-04 14:39 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-16 23:06 - 2016-01-02 07:27 - 00239816 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 22:49 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 22:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 22:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 06:10 - 2014-01-30 15:03 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 05:55 - 2014-01-30 15:03 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
 
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 
2015-11-28 04:10 - 2015-11-28 04:10 - 0003584 _____ () C:\Users\Laurin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-07-08 18:16 - 2016-07-08 18:16 - 0000000 _____ () C:\Users\Laurin\AppData\Local\Driver_LOM_8161Present.flag
2016-07-09 16:25 - 2016-07-09 16:25 - 0007605 _____ () C:\Users\Laurin\AppData\Local\Resmon.ResmonCfg
2014-07-16 17:46 - 2014-07-16 17:46 - 0000000 _____ () C:\Users\Laurin\AppData\Local\{DA106EC8-A0C7-4C6C-895F-834266FF7918}
2016-01-20 18:02 - 2016-01-20 18:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
 
Einige Dateien in TEMP:
====================
C:\Users\Admini\AppData\Local\Temp\avgnt.exe
C:\Users\Laurin\AppData\Local\Temp\BRSVC_75017953_hlp.exe
C:\Users\Laurin\AppData\Local\Temp\hcuninstaller_20160708_171739_7444.exe
C:\Users\Laurin\AppData\Local\Temp\HD-ShortcutHandler.dll
C:\Users\Laurin\AppData\Local\Temp\uninstall.exe
 
 
==================== Bamital & volsnap =================
 
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 
 
LastRegBack: 2016-07-05 12:39
 
==================== Ende von FRST.txt ============================

Edited by Vektic, 09 July 2016 - 03:07 PM.

  • 0

Advertisements

#2
RKinner
Posted 09 July 2016 - 08:15 PM

RKinner

    Malware Expert

  • Expert
  • 24,624 posts
  • MVP

I see an adware infection in your browsers.  Something that translates to feed.sonic-search.com

 

Let's see if adwcleaner will take care of it for us.

 

 
Download : ADWCleaner to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @BleepingComputer
 
NOTE: If using Internet Explorer and you get an alert that stops the program downloading, click on the warning and allow the download to complete.
 
Close  all programs, pause your anti-virus and run AdwCleaner (Vista or Win 7 => right click and Run As Administrator).
 
scan-results.jpg
 
Click on Scan  and follow the prompts. Let it run unhindered. When done, click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy & Paste this report on your next reply.
 
The report will be saved in the C:\AdwCleaner folder.
 
 
 
Junkware-Removal-Tool
 
Please download Junkware Removal Tool to your desktop.  Make sure you get the correct Download button.  Sometimes the ads on BleepingComputer will mimic the real Download button which should say: Download Now @Author's site
  • Pause your anti-virus.  Close all browsers.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
    •  
     
     
    •  
     
  • Run FRST
    •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. 
  • Check the Addition.txt box
  • Press Scan button. 
  • It will produce a log called FRST.txt in the same directory the tool is run from.  
  • Please copy and paste log back here. 
  • It will generate another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply. 

    • 0

    #3
    Vektic
    Posted 10 July 2016 - 05:39 AM

    Vektic

      New Member

    • Topic Starter
    • Member
    • Pip
    • 3 posts

    Thanks for the quick reply. I have run the programs, the logs are just below. Unfortunately I didnt manage to change the language.

     

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 8.0.7 (07.03.2016)
    Operating System: Windows 10 Home x64 
    Ran by Laurin (Administrator) on 10.07.2016 at 13:22:34,05
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    File System: 11 
     
    Successfully deleted: C:\ProgramData\iobit\driver booster (Folder) 
    Successfully deleted: C:\ProgramData\productdata (Folder) 
    Successfully deleted: C:\ProgramData\silsoliss (Folder) 
    Successfully deleted: C:\Users\Laurin\AppData\Roaming\iobit\driver booster (Folder) 
    Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
    Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Laurin) (Task)
    Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder) 
    Successfully deleted: C:\WINDOWS\prefetch\DRIVER_BOOSTER_SETUP34.TMP-47AE11E5.pf (File) 
    Successfully deleted: C:\WINDOWS\prefetch\DRIVER_BOOSTER_SETUP34.TMP-A995A64B.pf (File) 
    Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-51D78DCC.pf (File) 
    Successfully deleted: C:\WINDOWS\prefetch\SPOTIFYLYRICS-X86_64.EXE-2055A533.pf (File) 
     
     
     
    Registry: 4 
     
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\SearchAssistant (Registry Value) 
    Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} (Registry Key)
    Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a5bfd1d3-18b6-4fc3-b3f9-262ae3552dbe} (Registry Key)
    Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a5bfd1d3-18b6-4fc3-b3f9-262ae3552dbe} (Registry Key)
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on 10.07.2016 at 13:29:34,98
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
    Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-07-2016
    durchgeführt von Laurin (Administrator) auf LAURIN-PC (10-07-2016 13:30:56)
    Gestartet von C:\Users\Laurin\Desktop
    Geladene Profile: Laurin (Verfügbare Profile: Admini & Laurin)
    Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
    Internet Explorer Version 11 (Standard-Browser: Chrome)
    Start-Modus: Normal
    Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
     
    ==================== Prozesse (Nicht auf der Ausnahmeliste) =================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
     
    (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
    (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
    (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
    (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
    (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
    (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
    () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
    (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
    (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Nicht auf der Ausnahmeliste) ===========================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
     
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3349208 2016-07-08] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2462536 2014-10-04] (NVIDIA Corporation)
    HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-03-20] (Oracle Corporation)
    HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565960 2016-06-08] (LogMeIn Inc.)
    HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [186640 2016-06-21] (AVG Technologies CZ, s.r.o.)
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Run: [Spotify Web Helper] => C:\Users\Laurin\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1553520 2016-07-06] (Spotify Ltd)
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Run: [Spotify] => C:\Users\Laurin\AppData\Roaming\Spotify\Spotify.exe [7003760 2016-07-06] (Spotify Ltd)
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8824024 2016-06-21] (Piriform Ltd)
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\RunOnce: [Uninstall C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.5930.0814_1\amd64"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\MountPoints2: {e035a877-f067-11e5-bf19-8c89a50ac9db} - "E:\Startme.exe" 
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\lol.scr
    ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation)
    ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileSyncShell64.dll [2016-05-24] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation)
    ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileSyncShell.dll [2016-05-24] (Microsoft Corporation)
    Startup: C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-04-30]
    ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\ONENOTEM.EXE (Keine Datei)
    Startup: C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Curse.lnk [2016-06-04]
    ShortcutTarget: Curse.lnk -> C:\Users\Laurin\AppData\Roaming\Curse Client\Bin\Curse.exe (Curse, Inc)
    GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
    GroupPolicyUsers\S-1-5-21-1109650262-165368546-2739042002-1002\User: Beschränkung <======= ACHTUNG
    GroupPolicyUsers\S-1-5-21-1109650262-165368546-2739042002-1001\User: Beschränkung <======= ACHTUNG
    CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
     
    ==================== Internet (Nicht auf der Ausnahmeliste) ====================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
     
    Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
    Tcpip\..\Interfaces\{39b04176-13be-4de7-81f7-51f8cb930285}: [DhcpNameServer] 192.168.178.1
    Tcpip\..\Interfaces\{77ed79c4-9efd-4bd2-8dc5-1c00dad8904a}: [DhcpNameServer] 192.168.178.1
     
    Internet Explorer:
    ==================
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt
    SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {414F6B76-E0DA-4867-81F7-467047698EAA} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {A501C3BA-F4C0-4CB1-AF90-49362A0DAC85} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {EAF3ABD0-FE6D-4E33-B83F-FC625215CD1D} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    SearchScopes: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> {F0BA6593-F952-44C1-969D-48B827D2186D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
    BHO: Kein Name -> {4F524A2D-5637-4300-76A7-7A786E7484D7} -> Keine Datei
    BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_77\bin\ssv.dll [2016-04-09] (Oracle Corporation)
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
    BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_77\bin\jp2ssv.dll [2016-04-09] (Oracle Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
    BHO-x32: ChromeFrame BHO -> {ECB3C477-1A0A-44BD-BB57-78F9EFE34FA7} -> C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
    Handler-x32: gcf - {9875BFAF-B04D-445E-8A69-BE36838CDE3E} - C:\Program Files (x86)\Google\Chrome Frame\Application\32.0.1700.107\npchrome_frame.dll [2014-02-02] (Google Inc.)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)
     
    Edge: 
    ======
    Edge HomeButtonPage: HKU\S-1-5-21-1109650262-165368546-2739042002-1002 -> hxxp://go.web.de/tb/ie_startpage
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\Laurin\AppData\Roaming\Mozilla\Firefox\Profiles\66klgi3w.default-1461020729735
    FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll [2014-12-11] ()
    FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
    FF Plugin: @java.com/DTPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\dtplugin\npDeployJava1.dll [2016-04-09] (Oracle Corporation)
    FF Plugin: @java.com/JavaPlugin,version=11.77.2 -> C:\Program Files\Java\jre1.8.0_77\bin\plugin2\npjp2.dll [2016-04-09] (Oracle Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll [2014-12-11] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
    FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
    FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
    FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN)
    FF Plugin HKU\S-1-5-21-1109650262-165368546-2739042002-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Laurin\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
    FF Plugin HKU\S-1-5-21-1109650262-165368546-2739042002-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-01-03] ()
    FF Extension: Adblock Plus - C:\Users\Laurin\AppData\Roaming\Mozilla\Firefox\Profiles\66klgi3w.default-1461020729735\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-30]
     
    Chrome: 
    =======
    CHR HomePage: Profile 1 -> hxxp://%66%65%65%64.%73%6E%61%70%64%6F.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBPxn49PYmQ_ay0kzj6uILRnD2bQzWRIklCtahJtlz9yYHBjSvUXrdkeiY7Ofoe83I8FTr9TMiym_LAqpsNCMJ3AIznpj02b-GFRmQ6lwyXzT5i1RmT-7b-qD_TRukakY3u7HjiRh-S7m_8xgTuKpbKcieJNV9qkNlgHQ,,
    CHR StartupUrls: Profile 1 -> "hxxp://google.com/"
    CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.8.823\_platform_specific\win_x86\widevinecdmadapter.dll => Keine Datei
    CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\PepperFlash\pepflashplayer.dll ()
    CHR Profile: C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Präsentationen) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17]
    CHR Extension: (Google Docs) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17]
    CHR Extension: (Google Drive) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-17]
    CHR Extension: (YouTube) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
    CHR Extension: (Adblock Plus) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-09-24]
    CHR Extension: (Google-Suche) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-17]
    CHR Extension: (Google Tabellen) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17]
    CHR Extension: (Bronze Aid) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\fflhpnkiccpihhhnljkflpeccfjdoagc [2015-12-16] [UpdateUrl: hxxp://cdn.bronzeaid.com/update] <==== ACHTUNG
    CHR Extension: (Google Text & Tabellen Offline) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-09-04]
    CHR Extension: (WebGL Earth) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgafkkfnmkbdeejdgefkpcmimbommna [2015-08-17]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-08-17]
    CHR Extension: (Skype Click to Call) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-08-17]
    CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-17]
    CHR Extension: (Google Mail) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17]
    CHR Profile: C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1
    CHR Extension: (Adblock Plus) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-07-03]
    CHR Extension: (Disable Youtube™ HTML5 Player) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\enmofgaijnbjpblfljopnpdogpldapoc [2015-01-29]
    CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-03]
    CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
    CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
     
    Opera: 
    =======
    OPR Extension: (Adblock Plus) - C:\Users\Laurin\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2016-07-06]
     
    ==================== Dienste (Nicht auf der Ausnahmeliste) ========================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
     
    R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1080080 2016-06-21] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-08-01] ()
    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
    R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-29] (Digital Wave Ltd.)
    R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2016-07-08] (ELAN Microelectronics Corp.)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-10-04] (NVIDIA Corporation)
    R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-11-11] (Intel Corporation)
    R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [419248 2016-06-07] (LogMeIn, Inc.)
    S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3916368 2016-01-09] (INCA Internet Co., Ltd.)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-10-04] (NVIDIA Corporation)
    S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-10-04] (NVIDIA Corporation)
    R2 PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [76152 2014-08-11] ()
    R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-08-22] ()
    R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1025920 2014-10-30] (Enigma Software Group USA, LLC.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
    R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)
     
    ===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
     
    R3 cykbfltrService; C:\Windows\system32\DRIVERS\cykbfltr.sys [19968 2016-07-08] (Cypress Semiconductor, Inc.)
    S3 DIRECTIO; C:\Program Files\PerformanceTest\DirectIo64.sys [31376 2015-03-10] ()
    S3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2014-10-30] (Enigma Software Group USA, LLC.)
    S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2014-10-30] ()
    S3 Hamachi; C:\Windows\System32\drivers\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
    R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-07-08] (REALiX™)
    S3 i8042HDR; C:\Windows\system32\DRIVERS\i8042HDR.sys [15920 2009-08-14] (Windows ® Codename Longhorn DDK provider)
    R3 KillerEth; C:\Windows\System32\drivers\e2xw10x64.sys [162456 2016-07-08] (Qualcomm Atheros, Inc.)
    R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185896 2016-07-08] (Intel Corporation)
    R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3363112 2015-07-28] (Intel Corporation)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-10-04] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
    S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
    R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
    S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2016-01-21] (Wellbia.com Co., Ltd.)
    S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
     
    ==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
     
     
    ==================== Ein Monat: Erstellte Dateien und Ordner ========
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
     
    2016-07-10 13:29 - 2016-07-10 13:29 - 00001978 _____ C:\Users\Laurin\Desktop\JRT.txt
    2016-07-10 13:21 - 2016-07-10 13:21 - 01610560 _____ (Malwarebytes) C:\Users\Laurin\Downloads\JRT.exe
    2016-07-10 13:20 - 2016-07-10 13:20 - 03712064 _____ C:\Users\Laurin\Downloads\AdwCleaner (2).exe
    2016-07-10 12:40 - 2016-07-10 12:40 - 03712064 _____ C:\Users\Laurin\Downloads\AdwCleaner (1).exe
    2016-07-10 12:38 - 2016-07-10 12:38 - 03712064 _____ C:\Users\Laurin\Downloads\AdwCleaner.exe
    2016-07-10 12:38 - 2016-07-10 12:38 - 00000000 ____D C:\Users\Laurin\Downloads\AdwCleaner
    2016-07-10 12:35 - 2016-07-10 12:35 - 03712064 _____ C:\Users\Laurin\Desktop\AdwCleaner.exe
    2016-07-10 12:35 - 2016-04-22 21:55 - 01092512 _____ (TMRG, Inc.) C:\WINDOWS\system32\rlls64.dll
    2016-07-10 12:35 - 2016-04-22 21:55 - 00735648 _____ (TMRG, Inc.) C:\WINDOWS\SysWOW64\rlls.dll
    2016-07-09 23:15 - 2016-07-09 23:17 - 00000000 ____D C:\Program Files (x86)\ChrisPC Win Experience Index
    2016-07-09 23:15 - 2016-07-09 23:15 - 00000000 ____D C:\WINDOWS\LastGood
    2016-07-09 23:15 - 2016-07-09 23:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ChrisPC Win Experience Index
    2016-07-09 23:08 - 2016-07-09 23:08 - 01350592 _____ (Chris P.C. srl ) C:\Users\Laurin\Downloads\setup_chrispc_wei_4_40.exe
    2016-07-09 22:43 - 2016-07-09 22:45 - 00057707 _____ C:\Users\Laurin\Desktop\Addition.txt
    2016-07-09 22:42 - 2016-07-10 13:30 - 00021647 _____ C:\Users\Laurin\Desktop\FRST.txt
    2016-07-09 22:41 - 2016-07-10 13:30 - 00000000 ____D C:\FRST
    2016-07-09 22:40 - 2016-07-09 22:40 - 02390016 _____ (Farbar) C:\Users\Laurin\Downloads\FRST64.exe
    2016-07-09 22:40 - 2016-07-09 22:40 - 02390016 _____ (Farbar) C:\Users\Laurin\Desktop\FRST64.exe
    2016-07-09 22:34 - 2016-07-09 22:34 - 00002860 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
    2016-07-09 22:34 - 2016-07-09 22:34 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2016-07-09 22:34 - 2016-07-09 22:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2016-07-09 22:34 - 2016-07-09 22:34 - 00000000 ____D C:\Program Files\CCleaner
    2016-07-09 22:33 - 2016-07-09 22:33 - 06996256 _____ (Piriform Ltd) C:\Users\Laurin\Downloads\ccsetup_519.exe
    2016-07-09 21:56 - 2016-07-09 21:56 - 19464906 _____ C:\Users\Laurin\Downloads\SpotifyLyrics-x86_64.exe
    2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\Users\Laurin\Documents\PassMark
    2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\Users\Laurin\AppData\Local\PassMark
    2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\ProgramData\Passmark
    2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PerformanceTest
    2016-07-09 20:13 - 2016-07-09 20:13 - 00000000 ____D C:\Program Files\PerformanceTest
    2016-07-09 20:12 - 2016-07-09 20:13 - 27054872 _____ (Passmark Software ) C:\Users\Laurin\Downloads\petst.exe
    2016-07-09 20:10 - 2016-07-09 20:11 - 03887840 _____ (Husdawg, LLC) C:\Users\Laurin\Downloads\Detection.exe
    2016-07-09 18:09 - 2016-07-09 18:09 - 00048261 _____ C:\Users\Laurin\Downloads\philosophie und weisheit.pdf
    2016-07-09 16:25 - 2016-07-09 16:25 - 00007605 _____ C:\Users\Laurin\AppData\Local\Resmon.ResmonCfg
    2016-07-09 15:25 - 2016-07-09 15:25 - 00000000 ____D C:\Users\Laurin\AppData\Local\Bluestacks
    2016-07-08 22:38 - 2016-07-08 22:38 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\AVG
    2016-07-08 22:34 - 2016-07-09 23:20 - 00000000 ____D C:\ProgramData\MFAData
    2016-07-08 22:34 - 2016-07-08 22:34 - 00000000 ____D C:\Users\Laurin\AppData\Local\MFAData
    2016-07-08 22:33 - 2016-07-08 22:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
    2016-07-08 22:32 - 2016-07-09 23:20 - 00000000 ____D C:\Program Files (x86)\AVG
    2016-07-08 22:31 - 2016-07-09 23:20 - 00000000 ____D C:\Users\Laurin\AppData\Local\Avg
    2016-07-08 22:31 - 2016-07-08 22:48 - 00000000 ____D C:\Users\Laurin\AppData\Local\AvgSetupLog
    2016-07-08 22:31 - 2016-07-08 22:35 - 00000000 ____D C:\ProgramData\Avg
    2016-07-08 22:31 - 2016-07-08 22:31 - 03143504 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Laurin\Downloads\AVG_Protection_Free_1606.exe
    2016-07-08 20:08 - 2016-07-08 20:09 - 00063824 _____ C:\Users\Laurin\Downloads\In_the_Loop_2009.DVDRip.DMT.en.zip
    2016-07-08 20:07 - 2016-07-08 20:07 - 00989680 _____ (Garafekam ) C:\Users\Laurin\Downloads\in-the-loop-bos-6479603 (1).exe
    2016-07-08 20:06 - 2016-07-08 20:07 - 00989680 _____ (Garafekam ) C:\Users\Laurin\Downloads\in-the-loop-bos-6479603.exe
    2016-07-08 18:16 - 2016-07-08 18:16 - 00000000 _____ C:\Users\Laurin\AppData\Local\Driver_LOM_8161Present.flag
    2016-07-08 18:07 - 2016-07-08 18:07 - 05885651 _____ C:\Users\Laurin\Downloads\lan_rtl8111e_vl_8.2.612.2012_w800.zip
    2016-07-08 18:01 - 2016-07-08 18:07 - 351144222 _____ C:\Users\Laurin\Downloads\lan_killer_8.1.0.23_1.1.42.1045package_0x8d486875_818700 (1).zip
    2016-07-08 17:58 - 2016-07-08 17:58 - 06012956 _____ C:\Users\Laurin\Downloads\j8rb03ww.zip
    2016-07-08 17:34 - 2016-07-08 17:35 - 41176512 _____ C:\Users\Laurin\Downloads\PROWinx64.exe
    2016-07-08 17:27 - 2016-07-08 17:27 - 31001328 _____ (Riot Games) C:\Users\Laurin\Downloads\LeagueofLegends_EUW_Installer_2016_05_13.exe
    2016-07-08 16:55 - 2016-07-08 16:55 - 00019968 _____ (Cypress Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\cykbfltr.sys
    2016-07-08 16:50 - 2016-07-08 16:50 - 00185896 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
    2016-07-08 16:49 - 2016-07-08 16:49 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
    2016-07-08 16:49 - 2016-07-08 16:49 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
    2016-07-08 16:49 - 2016-07-08 16:49 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
    2016-07-08 16:47 - 2016-07-08 16:49 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
    2016-07-08 16:46 - 2016-07-08 16:46 - 00058584 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\ETDCoInstaller01000.dll
    2016-07-08 16:40 - 2016-07-08 16:40 - 00000000 ____D C:\WINDOWS\IObit
    2016-07-08 16:39 - 2016-07-10 13:25 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\IObit
    2016-07-08 16:39 - 2016-07-10 13:25 - 00000000 ____D C:\ProgramData\IObit
    2016-07-08 16:39 - 2016-07-10 13:25 - 00000000 ____D C:\Program Files (x86)\IObit
    2016-07-08 16:39 - 2016-07-08 16:55 - 00002237 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
    2016-07-08 16:39 - 2016-07-08 16:41 - 00000000 ____D C:\Users\Laurin\AppData\LocalLow\IObit
    2016-07-08 16:39 - 2016-07-08 16:39 - 00027552 _____ (REALiX™) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
    2016-07-08 16:39 - 2016-07-08 16:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
    2016-07-08 16:38 - 2016-07-08 16:52 - 00000000 ____D C:\Users\Laurin\AppData\Local\Downloaded Installations
    2016-07-08 16:35 - 2016-07-08 16:35 - 01474568 _____ C:\Users\Laurin\Downloads\Driver Booster Free - CHIP-Installer.exe
    2016-07-08 16:35 - 2016-07-08 16:35 - 01474568 _____ C:\Users\Laurin\Downloads\Driver Booster Free - CHIP-Installer (1).exe
    2016-07-06 23:49 - 2016-07-10 13:22 - 00000000 ____D C:\Users\Laurin\AppData\Local\Spotify
    2016-07-06 23:49 - 2016-07-06 23:49 - 00001894 _____ C:\Users\Laurin\Desktop\Spotify.lnk
    2016-07-06 23:49 - 2016-07-06 23:49 - 00001880 _____ C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
    2016-07-06 23:48 - 2016-07-10 13:22 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Spotify
    2016-07-06 23:46 - 2016-07-06 23:46 - 00348376 _____ (Spotify Ltd) C:\Users\Laurin\Downloads\SpotifySetup (4).exe
    2016-07-06 11:53 - 2016-07-06 11:53 - 00348376 _____ (Spotify Ltd) C:\Users\Laurin\Downloads\SpotifySetup (3).exe
    2016-07-05 20:26 - 2016-07-05 20:26 - 00000000 ___HD C:\OneDriveTemp
    2016-07-05 17:36 - 2016-07-05 17:37 - 00000000 ____D C:\Users\Laurin\Documents\FTBInventions
    2016-07-01 23:21 - 2016-07-01 23:22 - 05756448 _____ (Piriform Ltd) C:\Users\Laurin\Downloads\ccsetup519_slim.exe
    2016-07-01 23:21 - 2016-07-01 23:22 - 05756448 _____ (Piriform Ltd) C:\Users\Laurin\Downloads\ccsetup519_slim (1).exe
    2016-06-30 18:07 - 2016-06-30 18:07 - 00000222 _____ C:\Users\Laurin\Desktop\Spelunky.url
    2016-06-29 18:38 - 2016-06-29 18:38 - 00110709 _____ C:\Users\Laurin\Desktop\Handlung Deutsch.pdf
    2016-06-29 14:15 - 2016-06-29 18:38 - 00048644 _____ C:\Users\Laurin\Desktop\Handlung Deutsch.pptx
    2016-06-24 18:01 - 2016-06-25 13:20 - 00000000 ____D C:\Users\Laurin\Documents\Darkest
    2016-06-24 17:54 - 2016-06-24 17:54 - 00000222 _____ C:\Users\Laurin\Desktop\Darkest Dungeon.url
    2016-06-22 19:08 - 2016-06-22 19:09 - 12495254 _____ C:\Users\Laurin\Downloads\tPC Parkour Ver 2.2.zip
    2016-06-22 17:21 - 2016-06-22 17:22 - 16967135 _____ C:\Users\Laurin\Downloads\PureBDcraft  64x MC110 (1).zip
    2016-06-22 17:18 - 2016-06-22 17:21 - 16967135 _____ C:\Users\Laurin\Downloads\PureBDcraft  64x MC110.zip
    2016-06-22 17:14 - 2016-06-22 17:14 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\.minecraft2
    2016-06-22 17:11 - 2016-06-22 17:12 - 09218216 _____ C:\Users\Laurin\Downloads\SolveITCase4.zip
    2016-06-22 15:53 - 2016-06-22 15:53 - 00348376 _____ (Spotify Ltd) C:\Users\Laurin\Downloads\SpotifySetup (2).exe
    2016-06-21 22:53 - 2016-06-21 22:53 - 01429211 _____ C:\Users\Laurin\Downloads\das_schwarze_auge_pfad_nach_aventurien_d84f (1).pdf
    2016-06-16 23:09 - 2016-06-16 23:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
    2016-06-16 23:09 - 2016-06-16 23:09 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
    2016-06-15 04:07 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
    2016-06-15 04:07 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
    2016-06-15 04:07 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
    2016-06-15 04:07 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
    2016-06-15 04:07 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
    2016-06-15 04:07 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
    2016-06-15 04:07 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
    2016-06-15 04:07 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
    2016-06-15 04:07 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
    2016-06-15 04:07 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
    2016-06-15 04:07 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
    2016-06-15 04:07 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
    2016-06-15 04:07 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
    2016-06-15 04:07 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
    2016-06-15 04:07 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
    2016-06-15 04:07 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
    2016-06-15 04:07 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
    2016-06-15 04:07 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
    2016-06-15 04:07 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
    2016-06-15 04:07 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
    2016-06-15 04:07 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
    2016-06-15 04:07 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
    2016-06-15 04:07 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
    2016-06-15 04:07 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
    2016-06-15 04:07 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
    2016-06-15 04:07 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
    2016-06-15 04:07 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
    2016-06-15 04:06 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
    2016-06-15 04:06 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
    2016-06-15 04:06 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
    2016-06-15 04:06 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
    2016-06-15 04:06 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
    2016-06-15 04:06 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
    2016-06-15 04:06 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
    2016-06-15 04:06 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
    2016-06-15 04:06 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
    2016-06-15 04:06 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
    2016-06-15 04:06 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
    2016-06-15 04:06 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
    2016-06-15 04:06 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
    2016-06-15 04:06 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
    2016-06-15 04:06 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
    2016-06-15 04:06 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
    2016-06-15 04:06 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
    2016-06-15 04:06 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
    2016-06-15 04:06 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
    2016-06-15 04:06 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
    2016-06-15 04:06 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
    2016-06-15 04:06 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
    2016-06-15 04:06 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
    2016-06-15 04:06 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
    2016-06-15 04:06 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
    2016-06-15 04:06 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
    2016-06-15 04:06 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
    2016-06-15 04:06 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
    2016-06-15 04:06 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
    2016-06-15 04:06 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
    2016-06-15 04:06 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
    2016-06-15 04:06 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
    2016-06-15 04:06 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
    2016-06-15 04:06 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
    2016-06-15 04:06 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
    2016-06-15 04:06 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
    2016-06-15 04:06 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
    2016-06-15 04:06 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
    2016-06-15 04:06 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
    2016-06-15 04:06 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
    2016-06-15 04:06 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
    2016-06-15 04:06 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
    2016-06-15 04:05 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
    2016-06-15 04:05 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
    2016-06-15 04:05 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
    2016-06-15 04:05 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
    2016-06-15 04:05 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
    2016-06-15 04:05 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
    2016-06-15 04:05 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
    2016-06-15 04:05 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
    2016-06-15 04:05 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
    2016-06-15 04:05 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
    2016-06-15 04:05 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
    2016-06-15 04:05 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
    2016-06-15 04:05 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
    2016-06-15 04:05 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
    2016-06-15 04:05 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
    2016-06-15 04:05 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
    2016-06-15 04:05 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
    2016-06-15 04:05 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
    2016-06-15 04:05 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
    2016-06-15 04:05 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
    2016-06-15 04:05 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
    2016-06-15 04:05 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
    2016-06-15 04:05 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
    2016-06-15 04:05 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
    2016-06-15 04:05 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
    2016-06-15 04:05 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
    2016-06-15 04:05 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
    2016-06-15 04:05 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
    2016-06-15 04:05 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
    2016-06-15 04:05 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
    2016-06-15 04:05 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
    2016-06-15 04:05 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
    2016-06-15 04:05 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
    2016-06-15 04:05 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
    2016-06-15 04:05 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
    2016-06-15 04:05 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
    2016-06-15 04:05 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
    2016-06-15 04:05 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
    2016-06-15 04:05 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
    2016-06-15 04:05 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
    2016-06-15 04:05 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
    2016-06-15 04:05 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
    2016-06-15 04:05 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
    2016-06-15 04:05 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
    2016-06-15 04:05 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
    2016-06-15 04:05 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
    2016-06-15 04:05 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
    2016-06-15 04:05 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
    2016-06-15 04:05 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
    2016-06-15 04:05 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
    2016-06-15 04:05 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
    2016-06-15 04:05 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
    2016-06-15 04:05 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
    2016-06-15 04:05 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
    2016-06-15 04:05 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
    2016-06-15 04:05 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
    2016-06-15 04:05 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
    2016-06-15 04:05 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
    2016-06-15 04:05 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
    2016-06-15 04:05 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
    2016-06-15 04:05 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
    2016-06-15 04:05 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
    2016-06-15 04:05 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
    2016-06-15 04:05 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
    2016-06-15 04:05 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
    2016-06-15 04:05 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
    2016-06-15 04:05 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
    2016-06-15 04:05 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
    2016-06-15 04:05 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
    2016-06-15 04:05 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
    2016-06-15 04:05 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
    2016-06-15 04:05 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
    2016-06-15 04:05 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
    2016-06-15 04:05 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
    2016-06-15 04:05 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
    2016-06-15 04:05 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
    2016-06-15 04:05 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
    2016-06-15 04:05 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
    2016-06-15 04:05 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
    2016-06-15 04:05 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
    2016-06-15 04:05 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
    2016-06-15 04:05 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
    2016-06-15 04:05 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
    2016-06-15 04:05 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
    2016-06-15 04:05 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
    2016-06-15 04:05 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
    2016-06-15 04:05 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
    2016-06-15 04:05 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
    2016-06-15 04:04 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
    2016-06-15 04:04 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
    2016-06-15 04:04 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
    2016-06-15 04:04 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
    2016-06-15 04:04 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
    2016-06-15 04:04 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
    2016-06-15 04:04 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
    2016-06-15 04:04 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
    2016-06-15 04:04 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
    2016-06-15 04:04 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
    2016-06-15 04:04 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
    2016-06-15 04:04 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
    2016-06-15 04:04 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
    2016-06-15 04:04 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
    2016-06-15 04:04 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
    2016-06-15 04:04 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
    2016-06-15 04:04 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
    2016-06-15 04:04 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
    2016-06-15 04:04 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
    2016-06-15 04:04 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
    2016-06-15 04:04 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
    2016-06-15 04:04 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
    2016-06-15 04:04 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
    2016-06-15 04:04 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
    2016-06-15 04:04 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
    2016-06-15 04:04 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
    2016-06-15 04:04 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
    2016-06-15 04:04 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
    2016-06-15 04:04 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
    2016-06-15 04:04 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
    2016-06-15 04:04 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
    2016-06-15 04:04 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
    2016-06-15 04:04 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
    2016-06-15 04:04 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
    2016-06-15 04:04 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
    2016-06-15 04:04 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
    2016-06-15 04:04 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
    2016-06-15 04:04 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
    2016-06-15 04:04 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
    2016-06-15 04:04 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
    2016-06-15 04:04 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
    2016-06-15 04:04 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
    2016-06-15 04:04 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
    2016-06-15 04:04 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
    2016-06-15 04:04 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
    2016-06-15 04:04 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
    2016-06-15 04:04 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
    2016-06-15 04:04 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
    2016-06-15 04:04 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
    2016-06-15 04:04 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
    2016-06-15 04:04 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
    2016-06-15 04:04 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
    2016-06-15 04:04 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
    2016-06-15 04:04 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
    2016-06-15 04:04 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
    2016-06-15 04:04 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
    2016-06-15 04:04 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
    2016-06-15 04:04 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
    2016-06-15 00:13 - 2016-06-15 00:13 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Raptr
    2016-06-15 00:13 - 2016-06-15 00:13 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\library_dir
    2016-06-15 00:13 - 2016-06-15 00:13 - 00000000 ____D C:\Program Files (x86)\Raptr Inc
    2016-06-15 00:12 - 2016-06-15 00:12 - 00077504 _____ C:\Users\Laurin\Downloads\playstv_installer.exe
    2016-06-12 17:11 - 2016-06-12 17:14 - 122274373 _____ C:\Users\Laurin\Downloads\Game-of-Thrones-s06e08-Season-6-Episode-8-No-One-full-episode¾'^ €îºF-O.mp4
    2016-06-10 14:35 - 2016-06-10 14:35 - 00094056 _____ C:\Users\Laurin\Downloads\ueb_berechnungen_mwg (1).pdf
    2016-06-10 14:21 - 2016-06-10 14:21 - 00094056 _____ C:\Users\Laurin\Downloads\ueb_berechnungen_mwg.pdf
     
    ==================== Ein Monat: Geänderte Dateien und Ordner ========
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
     
    2016-07-10 13:18 - 2015-09-04 14:39 - 00000000 __SHD C:\Users\Laurin\IntelGraphicsProfiles
    2016-07-10 13:17 - 2014-01-30 16:14 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
    2016-07-10 12:55 - 2015-10-30 20:35 - 00776766 _____ C:\WINDOWS\system32\perfh007.dat
    2016-07-10 12:55 - 2015-10-30 20:35 - 00155544 _____ C:\WINDOWS\system32\perfc007.dat
    2016-07-10 12:55 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
    2016-07-10 12:55 - 2015-09-04 10:08 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
    2016-07-10 12:54 - 2014-01-30 16:14 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
    2016-07-10 12:48 - 2016-01-02 08:11 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
    2016-07-10 12:48 - 2014-02-03 13:13 - 00000000 ____D C:\Users\Admini\AppData\Roaming\Common
    2016-07-10 12:41 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
    2016-07-10 12:36 - 2014-01-30 16:15 - 00002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2016-07-10 03:32 - 2014-10-23 20:54 - 00004160 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{566DEBF7-F642-4659-9FA1-790F5B96B94E}
    2016-07-10 03:11 - 2014-01-30 16:14 - 00000000 ____D C:\Program Files (x86)\Google
    2016-07-09 23:21 - 2016-01-02 07:35 - 00000000 ____D C:\ProgramData\NVIDIA
    2016-07-09 23:21 - 2016-01-02 07:27 - 00239648 _____ C:\WINDOWS\system32\FNTCACHE.DAT
    2016-07-09 23:16 - 2013-06-23 20:18 - 00000000 ____D C:\Temp
    2016-07-09 23:15 - 2016-01-02 07:34 - 00000000 ____D C:\Program Files\NVIDIA Corporation
    2016-07-09 21:14 - 2014-02-24 17:51 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\TS3Client
    2016-07-09 17:58 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
    2016-07-09 16:32 - 2014-02-24 17:50 - 00000000 ____D C:\Users\Laurin\AppData\Local\TeamSpeak 3 Client
    2016-07-09 15:26 - 2014-12-14 18:56 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Samsung
    2016-07-09 15:26 - 2014-12-14 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
    2016-07-09 15:26 - 2014-12-14 18:55 - 00000000 ____D C:\Program Files (x86)\Samsung
    2016-07-09 15:26 - 2014-06-13 09:42 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2016-07-09 15:25 - 2015-10-30 09:24 - 00000000 __RHD C:\Users\Public\Libraries
    2016-07-09 15:24 - 2016-01-21 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
    2016-07-09 15:24 - 2016-01-21 18:19 - 00000000 ____D C:\Program Files (x86)\NCWest
    2016-07-09 15:23 - 2016-01-21 18:21 - 00000000 ____D C:\Program Files (x86)\NCSOFT
    2016-07-09 15:22 - 2016-01-21 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
    2016-07-09 15:21 - 2014-02-02 22:09 - 00000000 ____D C:\ProgramData\Package Cache
    2016-07-09 13:52 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
    2016-07-09 00:01 - 2014-12-14 19:08 - 00000000 ____D C:\Users\Laurin\AppData\Local\Samsung
    2016-07-08 23:59 - 2014-12-14 19:03 - 00000000 ____D C:\ProgramData\Samsung
    2016-07-08 22:48 - 2015-10-30 09:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
    2016-07-08 22:39 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
    2016-07-08 22:36 - 2015-11-08 18:49 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\TuneUp Software
    2016-07-08 18:48 - 2016-01-02 07:22 - 00000000 ____D C:\Windows.old
    2016-07-08 18:32 - 2016-01-02 07:33 - 00000000 ____D C:\Program Files\Elantech
    2016-07-08 18:30 - 2016-01-02 07:40 - 00000000 ____D C:\Users\Laurin
    2016-07-08 18:30 - 2015-05-13 16:37 - 00000000 ___RD C:\Users\Laurin\OneDrive
    2016-07-08 17:46 - 2016-01-28 19:12 - 00000000 ____D C:\Program Files (x86)\Realtek
    2016-07-08 17:34 - 2014-08-03 13:40 - 00001585 _____ C:\Users\Public\Desktop\League of Legends.lnk
    2016-07-08 17:33 - 2014-02-15 16:05 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\Riot Games
    2016-07-08 17:22 - 2014-01-30 16:01 - 00000000 ____D C:\Users\Laurin\AppData\Local\Packages
    2016-07-08 17:19 - 2016-01-04 01:46 - 00000000 ____D C:\ProgramData\HappyCloud
    2016-07-08 17:19 - 2016-01-04 01:46 - 00000000 ____D C:\AeriaGames
    2016-07-08 17:19 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
    2016-07-08 17:19 - 2014-02-04 22:07 - 00000000 ____D C:\Program Files (x86)\Origin Games
    2016-07-08 17:17 - 2016-01-08 22:59 - 00000000 ____D C:\Program Files (x86)\World of Warcraft
    2016-07-08 17:14 - 2015-11-25 20:10 - 00000000 ____D C:\Program Files (x86)\LSI
    2016-07-08 17:13 - 2014-10-23 17:22 - 00000000 ____D C:\Program Files (x86)\Steam
    2016-07-08 17:13 - 2014-02-20 20:44 - 00000000 ____D C:\Riot Games
    2016-07-08 17:01 - 2014-02-15 16:08 - 00000000 __SHD C:\WINDOWS\SysWOW64\AI_RecycleBin
    2016-07-08 16:49 - 2012-03-29 08:26 - 00367320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
    2016-07-08 16:48 - 2016-02-05 17:55 - 00162456 _____ (Qualcomm Atheros, Inc.) C:\WINDOWS\system32\Drivers\e2xw10x64.sys
    2016-07-08 16:46 - 2015-12-17 20:53 - 00454744 _____ (ELAN Microelectronics Corp.) C:\WINDOWS\system32\Drivers\ETD.sys
    2016-07-07 17:37 - 2015-10-11 00:08 - 00003980 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1444514887
    2016-07-07 17:37 - 2015-10-11 00:08 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
    2016-07-07 17:37 - 2015-10-11 00:07 - 00000000 ____D C:\Program Files (x86)\Opera
    2016-07-07 02:39 - 2014-01-30 15:13 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
    2016-07-07 01:01 - 2014-12-11 18:03 - 00000000 ____D C:\ProgramData\BlueStacksSetup
    2016-07-05 17:52 - 2016-04-18 18:11 - 00271013 _____ C:\Users\Laurin\Documents\MinecraftLog.txt
    2016-07-05 17:52 - 2016-04-18 18:11 - 00038473 _____ C:\Users\Laurin\Documents\FTBLauncherLog.txt
    2016-07-05 17:36 - 2016-04-17 22:00 - 00000000 ____D C:\Users\Laurin\AppData\Local\ftblauncher
    2016-07-01 23:29 - 2014-10-17 21:01 - 00000000 ____D C:\Users\Laurin\AppData\Local\LogMeIn Hamachi
    2016-07-01 23:28 - 2016-06-04 18:08 - 00000000 ____D C:\WINDOWS\Minidump
    2016-06-24 04:25 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
    2016-06-22 19:06 - 2014-02-03 22:47 - 00000000 ____D C:\Users\Laurin\AppData\Roaming\.minecraft
    2016-06-21 12:48 - 2016-05-22 22:24 - 00000000 ____D C:\Users\Laurin\Desktop\ab 20.05.16
    2016-06-19 17:36 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
    2016-06-18 03:56 - 2014-01-30 16:15 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
    2016-06-17 01:25 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
    2016-06-16 23:10 - 2015-09-04 14:39 - 00000000 __RHD C:\Users\Public\AccountPictures
    2016-06-16 22:49 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
    2016-06-16 22:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
    2016-06-16 22:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
    2016-06-15 06:10 - 2014-01-30 15:03 - 00000000 ____D C:\WINDOWS\system32\MRT
    2016-06-15 05:55 - 2014-01-30 15:03 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
    2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
    2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
     
    ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
     
    2015-11-28 04:10 - 2015-11-28 04:10 - 0003584 _____ () C:\Users\Laurin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
    2016-07-08 18:16 - 2016-07-08 18:16 - 0000000 _____ () C:\Users\Laurin\AppData\Local\Driver_LOM_8161Present.flag
    2016-07-09 16:25 - 2016-07-09 16:25 - 0007605 _____ () C:\Users\Laurin\AppData\Local\Resmon.ResmonCfg
    2014-07-16 17:46 - 2014-07-16 17:46 - 0000000 _____ () C:\Users\Laurin\AppData\Local\{DA106EC8-A0C7-4C6C-895F-834266FF7918}
    2016-01-20 18:02 - 2016-01-20 18:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
     
    Einige Dateien in TEMP:
    ====================
    C:\Users\Admini\AppData\Local\Temp\avgnt.exe
    C:\Users\Laurin\AppData\Local\Temp\BRSVC_75017953_hlp.exe
    C:\Users\Laurin\AppData\Local\Temp\hcuninstaller_20160708_171739_7444.exe
    C:\Users\Laurin\AppData\Local\Temp\HD-ShortcutHandler.dll
    C:\Users\Laurin\AppData\Local\Temp\libeay32.dll
    C:\Users\Laurin\AppData\Local\Temp\msvcr120.dll
    C:\Users\Laurin\AppData\Local\Temp\sqlite3.dll
    C:\Users\Laurin\AppData\Local\Temp\uninstall.exe
     
     
    ==================== Bamital & volsnap =================
     
    (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
     
    C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
    C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
    C:\WINDOWS\explorer.exe => Datei ist digital signiert
    C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
    C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
    C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
    C:\WINDOWS\system32\services.exe => Datei ist digital signiert
    C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
    C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
    C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
    C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
    C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
    C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
    C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
    C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
     
     
    LastRegBack: 2016-07-05 12:39
     
    ==================== Ende von FRST.txt ============================
     
     
     
    Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-07-2016
    durchgeführt von Laurin (2016-07-10 13:32:23)
    Gestartet von C:\Users\Laurin\Desktop
    Windows 10 Home Version 1511 (X64) (2016-01-02 06:22:25)
    Start-Modus: Normal
    ==========================================================
     
     
    ==================== Konten: =============================
     
    Admini (S-1-5-21-1109650262-165368546-2739042002-1001 - Administrator - Enabled) => C:\Users\Admini
    Administrator (S-1-5-21-1109650262-165368546-2739042002-500 - Administrator - Disabled)
    DefaultAccount (S-1-5-21-1109650262-165368546-2739042002-503 - Limited - Disabled)
    Gast (S-1-5-21-1109650262-165368546-2739042002-501 - Limited - Disabled)
    HomeGroupUser$ (S-1-5-21-1109650262-165368546-2739042002-1007 - Limited - Enabled)
    Laurin (S-1-5-21-1109650262-165368546-2739042002-1002 - Administrator - Enabled) => C:\Users\Laurin
     
    ==================== Sicherheits-Center ========================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
     
    AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
     
    ==================== Installierte Programme ======================
     
    (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
     
    7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
    7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    AVG (HKLM\...\AvgZen) (Version: 1.72.2.24716 - AVG Technologies)
    AVG Zen (Version: 1.72.1 - AVG Technologies) Hidden
    Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
    Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
    Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
    Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version:  - Treyarch)
    Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version:  - Infinity Ward)
    Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version:  - Infinity Ward)
    CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
    ChrisPC Win Experience Index 4.40 (HKLM-x32\...\{1116089C-14B5-1A23-8113-6124567ABCDE}_is1) (Version:  - Chris P.C. srl)
    Clicker Heroes (HKLM-x32\...\Steam App 363970) (Version:  - )
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
    Crusaders of the Lost Idols (HKLM-x32\...\Steam App 402840) (Version:  - Codename Entertainment Inc.)
    Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    Darkest Dungeon (HKLM\...\Steam App 262060) (Version:  - Red Hook Studios)
    Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.9.83.1010 - Electronic Arts Inc.)
    DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
    Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
    Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
    Driver Booster 3.4 (HKLM-x32\...\Driver Booster_is1) (Version: 3.4 - IObit)
    ELAN Touchpad 15.13.2.2_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.2.2 - ELAN Microelectronic Corp.)
    FMW 1 (Version: 1.102.4 - AVG Technologies) Hidden
    Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
    Google Chrome Frame (HKLM-x32\...\{7455D86F-5295-389C-AA29-18D2BDAF8DD8}) (Version: 65.169.102 - Google, Inc.)
    Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
    Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
    Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
    Intel® PROSet/Wireless WiFi-Software (HKLM\...\{962E1735-D2E0-4813-AB9F-C6CBA09E759A}) (Version: 15.05.7000.1709 - Intel Corporation)
    Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
    Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
    League of Legends (HKLM-x32\...\League of Legends 4.1.2) (Version: 4.1.2 - Riot Games)
    League of Legends (x32 Version: 4.1.2 - Riot Games) Hidden
    LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.472 - LogMeIn, Inc.)
    LogMeIn Hamachi (x32 Version: 2.2.0.472 - LogMeIn, Inc.) Hidden
    Magic: The Gathering - Duels of the Planeswalkers 2013 (HKLM-x32\...\Steam App 97330) (Version:  - Stainless Games)
    Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
    Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
    Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
    NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
    NVIDIA Grafiktreiber 354.74 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.74 - NVIDIA Corporation)
    NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
    Office 15 Click-to-Run Extensibility Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Licensing Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Office 15 Click-to-Run Localization Component (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
    Opera Stable 38.0.2220.41 (HKLM-x32\...\Opera 38.0.2220.41) (Version: 38.0.2220.41 - Opera Software)
    Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
    PANDA-glGo (HKLM-x32\...\glGo) (Version: 1.4 - PANDANET Inc.)
    PerformanceTest v8.0 (HKLM\...\PerformanceTest 8_is1) (Version: 8.0.1053.0 - Passmark Software)
    Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version:  - Ndemic Creations)
    Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)
    Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.7.107.2016 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
    Remote Desktop Connection Manager (HKLM-x32\...\{0240359E-6A4C-4884-9E94-B397A02D893C}) (Version: 2.7.14060 - Microsoft Corporation)
    SafeFinder (HKLM-x32\...\{F9806EFC-F504-4082-BEF3-FC8C01C39FA7}) (Version: 1.0.0.0 - Linkury) <==== ACHTUNG
    SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
    SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
    Sid Meier's Civilization V SDK (HKLM-x32\...\Steam App 16830) (Version:  - Firaxis Games)
    SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
    Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
    Skype™ 7.21 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.21.100 - Skype Technologies S.A.)
    Spelunky (HKLM\...\Steam App 239350) (Version:  - )
    Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version:  - Maxis™)
    Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version:  - EA - Maxis)
    Spotify (HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\Spotify) (Version: 1.0.32.96.g3c8a06e6 - Spotify AB)
    SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.18.9.4384 - Enigma Software Group, LLC)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.171.34768 - SteelSeries)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    TeamSpeak 3 Client (HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
    TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
    Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
    The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version:  - Ubisoft Montreal)
    Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
    Unity Web Player (HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
    Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
    War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
    WinRAR 5.31 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.1 - win.rar GmbH)
    Worms Reloaded (HKLM-x32\...\Steam App 22600) (Version:  - Team17 Software Ltd.)
     
    ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
     
    CustomCLSID: HKU\S-1-5-21-1109650262-165368546-2739042002-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
    CustomCLSID: HKU\S-1-5-21-1109650262-165368546-2739042002-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
     
    ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
     
    Task: {0F962A56-B384-41E2-944A-66E92A579260} - System32\Tasks\{459742FF-ED64-4DF6-809C-96D34F50177A} => pcalua.exe -a C:\Users\Laurin\Desktop\Audiosurf\Audiosurf\Audiosurf.exe -d C:\Users\Laurin\Desktop\Audiosurf\Audiosurf
    Task: {163DE459-DCA0-4666-A9C0-7DF5CFD2EADA} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
    Task: {20F7F703-57F8-4ACA-B3C1-790ED1575B25} - System32\Tasks\{D2EB83EA-043A-4EBA-8147-FA82BEFF3A9B} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.18.64.106/de/abandoninstall?page=tsMain
    Task: {28E4B38F-596C-4020-9BAE-82747E380520} - System32\Tasks\{506C311F-9362-4CCE-BC05-2EEECDC29D0D} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
    Task: {2DC02707-5BDD-4B80-A0D2-FB8A825ADBC5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {3047C4B6-5E98-4F87-A361-AB6D4CE63356} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
    Task: {35D64DA5-3E6B-418F-8A52-E40E6AAD2E63} - System32\Tasks\{7BDA25DF-AF5C-4F5F-B3A8-EC894435B6C2} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
    Task: {3DDAACAF-1C4F-468A-A70A-B45A3799D76C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
    Task: {50A6510D-7A3D-4957-AF9E-6B1B0680BF73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-21] (Piriform Ltd)
    Task: {51A15B4D-22CE-4C1C-AC61-5F451EAA129A} - System32\Tasks\{48337115-F7F7-4F75-98EA-FA88C345C387} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.21.0.104/de/abandoninstall?page=tsProgressBar
    Task: {52BA5AE1-7E8A-428C-BFD5-A15C02D25972} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
    Task: {59F8C81D-DD1D-484E-982D-D3F70DBE3C0F} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
    Task: {6EEB2B13-F1A3-4E81-8149-40D0434212A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
    Task: {71016443-347F-4151-BD66-4E621F239BE0} - System32\Tasks\{CE9245E2-7BF5-4C19-9926-6EBC39DB7E08} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.999.130/de/go/help.faq.installer?LastError=1638
    Task: {7B3B23BF-09DC-433F-B6B7-1A5D83698D03} - System32\Tasks\Opera scheduled Autoupdate 1444514887 => C:\Program Files (x86)\Opera\launcher.exe [2016-07-01] (Opera Software)
    Task: {8563F7BF-540C-40F3-AF85-55B03F0346BA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
    Task: {8573CAC8-F6D1-4EEB-AFB5-CB85CE5A9B6C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
    Task: {87ABA172-4273-45F1-BEA4-240CC8F69373} - System32\Tasks\{C0BBDCF5-2C5A-4877-9332-229AF560EA63} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.18.64.106/de/abandoninstall?page=tsProgressBar
    Task: {92298DAA-BEE1-400F-91E0-F80D44FB7B6A} - System32\Tasks\{7DB4985C-0024-48DD-89C2-C91E77A393FB} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.18.64.106/de/abandoninstall?page=tsProgressBar
    Task: {96929B0F-AB2E-41A9-B65A-594F249DF60D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
    Task: {974357E3-BE24-4D1F-AA7D-D6552028F485} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2014-10-30] (Enigma Software Group USA, LLC.)
    Task: {9A074922-5D72-4A84-80A6-2B8406F3744F} - System32\Tasks\LoL => C:\Users\Laurin\Saved Games\lol.launcher.admin.exe
    Task: {BB6582EE-1FCC-47B0-A64F-B242C15A4ABE} - System32\Tasks\{75420DB2-77AC-4063-B2F9-8A1932DB1ADD} => Chrome.exe hxxp://ui.skype.com/ui/0/7.7.0.103/de/abandoninstall?page=tsBing
    Task: {C76B1640-A266-4B7D-A256-827E30914894} - System32\Tasks\{E8BBA491-4393-44DC-A046-6303CD262F2D} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
    Task: {CB479092-87A4-4DB5-BD20-1D7455EAD4BF} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
    Task: {CD12B216-AA6F-43D3-9901-94BCCE251B88} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
    Task: {D1FA0173-FBA8-4C2A-8C0D-0CDA26508F57} - System32\Tasks\{7E67E8F2-346C-47BC-84E8-807AAE384FBB} => pcalua.exe -a "C:\Riot Games\League of Legends\lol.launcher.exe" -d "C:\Riot Games\League of Legends\"
    Task: {EACA1AA4-90E7-47F7-9E31-8E4D7ED35A28} - System32\Tasks\{2F4073D0-423B-4C03-9C93-229D9231F831} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.5.0.102/de/abandoninstall?page=tsProgressBar
    Task: {ED5171F1-486A-47BD-A871-64DAD78F7136} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
    Task: {F0E61977-D62F-4DA3-AA3E-B16D064BC35E} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
    Task: {FAE606A1-2742-42AD-9C73-50973F3A666E} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
     
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
     
    ==================== Verknüpfungen =============================
     
    (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
     
    Shortcut: C:\Users\Laurin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PANDA-glGo\glGo Webpage.lnk -> hxxp://www.pandanet.co.jp/English/glgo/ (Keine Datei)
     
    ShortcutWithArgument: C:\Users\Laurin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\Profile 1\Google Profile.ico () -> --profile-directory="Profile 1"
     
    ==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
     
    2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
    2015-01-17 19:51 - 2014-09-11 08:06 - 00020240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\TeamViewer_PrintProcessor.dll
    2014-02-05 12:44 - 2014-08-22 01:16 - 00076888 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
    2016-04-12 22:35 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
    2016-04-12 22:35 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
    2016-05-24 18:00 - 2016-05-24 18:00 - 00959168 _____ () C:\Users\Laurin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
    2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
    2016-04-19 19:57 - 2016-04-19 19:57 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
    2016-01-02 07:21 - 2016-01-02 07:21 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
    2016-05-11 13:38 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
    2016-06-15 04:05 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
    2016-06-15 04:05 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
    2016-06-15 04:06 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
    2016-06-15 04:06 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
    2015-11-08 18:40 - 2015-10-29 21:13 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
    2015-11-08 18:40 - 2015-10-29 19:10 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
    2015-11-08 18:40 - 2015-10-29 19:10 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
    2015-11-08 18:40 - 2015-10-29 19:10 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
    2015-11-08 18:40 - 2015-10-29 19:10 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
    2015-11-08 18:40 - 2015-10-29 19:10 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
    2016-04-19 19:57 - 2016-04-19 19:57 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
    2016-04-19 19:57 - 2016-04-19 19:57 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
    2014-04-29 20:49 - 2014-02-10 13:44 - 04592128 _____ () C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
    2014-04-29 20:49 - 2014-02-10 13:44 - 00112128 _____ () C:\Users\Laurin\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
     
    ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
     
     
    ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
     
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
     
    ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
     
     
    ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
     
     
    ==================== Hosts Inhalt: ===============================
     
    (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
     
    2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
     
     
    ==================== Andere Bereiche ============================
     
    (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
     
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Laurin\Desktop\parra.jpg
    DNS Servers: 192.168.178.1
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall ist aktiviert.
     
    ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
     
    (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
     
    HKLM\...\StartupApproved\StartupFolder: => "Killer Network Manager.lnk"
    HKLM\...\StartupApproved\Run: => "ShadowPlay"
    HKLM\...\StartupApproved\Run: => "NvBackend"
    HKLM\...\StartupApproved\Run: => "ETDCtrl"
    HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
    HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
    HKLM\...\StartupApproved\Run32: => "IminentMessenger"
    HKLM\...\StartupApproved\Run32: => "Andy"
    HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
    HKLM\...\StartupApproved\Run32: => "APSDaemon"
    HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
    HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
    HKLM\...\StartupApproved\Run32: => "PlaysTV"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\StartupFolder: => "Curse.lnk"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\StartupFolder: => "Tor.lnk"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\StartupFolder: => "An OneNote senden.lnk"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\Run: => "Spotify"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\Run: => "Spotify Web Helper"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\Run: => "CCleaner Monitoring"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\Run: => "OneDrive"
    HKU\S-1-5-21-1109650262-165368546-2739042002-1002\...\StartupApproved\Run: => "Overwolf"
     
    ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
     
    (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
     
    FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
    FirewallRules: [{2CFEE5A1-1193-4E6B-8E94-5711D7C3923D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusaders of the Lost Idols\Crusaders of the Lost Idols.exe
    FirewallRules: [{A240A243-CD41-4024-AF55-28FC3F7CD8EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Crusaders of the Lost Idols\Crusaders of the Lost Idols.exe
    FirewallRules: [{4DD07CE6-33CE-43B2-AD16-5259D2122BFD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
    FirewallRules: [{965FD045-2F08-43BC-8301-5D6471330F0C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops III\BlackOps3.exe
    FirewallRules: [{7D3EE1F0-9B9B-48ED-8411-B10043C4F50D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
    FirewallRules: [{50BD3E5A-FCDB-4384-918C-41F7C72E1CCB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6mp.exe
    FirewallRules: [{A37AE636-2264-475F-930A-6582BEF5A135}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
    FirewallRules: [{7A1B305B-7D04-4CE0-A083-A6F14DF2D9C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{5088575A-0363-48A1-B8AD-4720A1966471}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
    FirewallRules: [{EDFCA881-0156-4FF0-9AC6-2FEDE241B4A7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{7DD098C0-5E2C-4C63-BB1B-21BD99650BDE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
    FirewallRules: [{364DB0B3-9125-4BEA-9321-C48EBAE0A261}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    FirewallRules: [{5406B46F-D64A-4934-87B2-786439C95726}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{626CD283-1979-499B-9C9D-583061A32EE1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe
    FirewallRules: [{42EF3BA2-0146-4E65-8BCA-E950172FE262}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [{1719BE75-F6D1-4733-A808-1BDD5A52819C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Terraria\Terraria.exe
    FirewallRules: [{C8CA8871-B138-4F4A-8B5F-47FC76728309}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
    FirewallRules: [{720B91AF-F64F-435A-869D-5D650CA1D1C3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe
    FirewallRules: [{9B177811-DF98-4415-838F-C7971D446342}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{1C3A8844-4D98-4A4C-8217-BC4CA4BFC8A1}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{F4D33722-1D66-4CA5-B3C3-F0301A991881}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
    FirewallRules: [{C851B0F3-C61A-4420-AC20-EF1ACA800C99}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Black Ops II\t6sp.exe
    FirewallRules: [{1C5824B6-0D7E-477F-A0C7-1D61D1976A7C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{8909A769-450D-4FED-812C-EA46B1CB9CE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [UDP Query User{7EE0E019-64AA-40BC-A7F6-9ED7B57A228B}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
    FirewallRules: [TCP Query User{06A82E00-1394-453A-A284-117773F19958}C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe] => (Block) C:\program files (x86)\microsoft games\age of empires ii\age2_x1\age2_x1.exe
    FirewallRules: [{26E1EBEB-9D7F-4B84-8B28-80715C2BCEE5}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{9448A035-CE5B-43BC-AD5A-8970CDCEE296}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity\SimCity\SimCity.exe
    FirewallRules: [{DE166577-9322-4AAD-A392-9C5CAC0E7D05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{8CA4524A-643A-4D21-8C4E-A65249317BFE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
    FirewallRules: [{87DCD951-7448-49C0-9C05-B1F8D417671F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{2DEB8A57-9780-49E5-BDFF-18B432D13552}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    FirewallRules: [{B7CBB9D0-443F-40D3-B669-91C6667B7CBA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{DD48F10F-3512-4301-9189-2D904261DC7D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{D353103E-9368-4AF6-9E45-F26B923F9D0A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{E9E32F3E-85C1-4742-9EB5-0412B09DF1FA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
    FirewallRules: [{A7E76BF6-5649-493E-A49E-EF03D11A4BD7}] => (Allow) C:\Users\Admini\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
    FirewallRules: [{6765C05E-FF9D-474C-80FE-83652C3210EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
    FirewallRules: [{083A9F6E-01FC-439C-88DB-2FE4A283C16A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe
    FirewallRules: [{406A6BFF-68EA-4547-88F1-48AC1A4EA951}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{FD422274-566D-4882-8821-B18F52AF3564}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
    FirewallRules: [{753124FC-291C-4B79-BE73-0C8641BB7829}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{AFB4FD50-8143-463B-B328-E9282D87786F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
    FirewallRules: [{0164F8B0-1EC3-4713-993F-DEBFAFB2B87C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{9F49FA2B-24BF-45E2-A086-54B68AD17559}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
    FirewallRules: [{424601E2-C0FC-4258-B5FA-1766B28F7BC5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{6B1D13D5-A10E-452C-8320-743C08598C67}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Realm of the Mad God\Realm of the Mad God.exe
    FirewallRules: [{EDB79B91-5DFE-41A9-BBEE-DD7A185E109E}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
    FirewallRules: [TCP Query User{2407E1AF-398C-4D04-BF48-A3935CA42378}C:\users\laurin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\laurin\appdata\roaming\spotify\spotify.exe
    FirewallRules: [UDP Query User{0F731686-248D-480B-8D75-CC3C18F588B4}C:\users\laurin\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\laurin\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{EE502213-6179-44E0-BA7C-F5E96A6FD257}] => (Block) C:\users\laurin\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{92ED1D6C-9434-4952-9D4D-C8F6D95BBC13}] => (Block) C:\users\laurin\appdata\roaming\spotify\spotify.exe
    FirewallRules: [{26F49D41-78FA-46BD-A380-935C7856C8DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
    FirewallRules: [{DC855F8D-349A-405B-AB9D-2E5FEAD219BC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe
    FirewallRules: [{FFFDA4AF-23B4-4FB4-9DEB-FC3EEB54EBF6}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{BB1F4B9F-1DFE-4783-B24D-927579702414}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
    FirewallRules: [{D54AA7A0-9608-41A2-8273-E8EC99561525}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{49BF6214-29B9-4D26-B7D3-BD8EC809F800}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
    FirewallRules: [{27DB28E8-1453-48F0-96B7-DF55F9686943}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{FE522BA6-2F27-4863-B949-472B9C38B3EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{7F9C800A-CFB7-44EB-8FDD-0FF7B61D1466}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{4395C687-FABE-4FA4-A8A2-0B5B39521AD5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
    FirewallRules: [{B097BC77-FD6D-4889-BB13-214AE1B9148B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{A250B913-36E4-4849-8946-FDD8F7EEAFA6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
    FirewallRules: [{E3E7F1E3-6EF8-4213-A148-064AE61344B3}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{58ED7405-9FEA-4892-BC90-218F518F0EF9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
    FirewallRules: [{CBBDD202-1687-4253-88E8-ED87DCAB8604}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
    FirewallRules: [{C9B66D09-8A59-4A79-8769-F9306B28EDD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect.exe
    FirewallRules: [{2B8D2553-0E7E-4FDE-B0DD-87C4868B78E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2013\DotP_D13.exe
    FirewallRules: [{049CCE8E-894D-4D96-8218-CFBD2A7A5F75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Magic 2013\DotP_D13.exe
    FirewallRules: [{5067273D-E38B-462A-9C88-CACA466A94D8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
    FirewallRules: [{AF04A1F4-2683-4114-BFAC-2F960234DCC9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe
    FirewallRules: [{188570EB-8C2E-4EA8-AC2B-50A8ACA5A408}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{3344907E-8998-4E3D-AAC8-F35CD4561735}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
    FirewallRules: [{80EB214F-9AD1-4849-9854-B2C72A89D83C}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{1A4C393E-1638-4D1C-ADB7-51DEF45D38E9}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
    FirewallRules: [{7F6B94BE-E97B-427D-85AD-01E623B30725}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
    FirewallRules: [{DAD10A1D-BA40-48F9-841D-E18FE9704F76}] => (Allow) LPort=2869
    FirewallRules: [{2E19098A-5139-47A1-996B-A82D06D9EBF7}] => (Allow) LPort=1900
    FirewallRules: [{6D57911A-7C4F-4BA4-BD95-0B031F73EA61}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{7D3E1919-78FA-427C-8DD2-EE82049B62DA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Clicker Heroes\Clicker Heroes.exe
    FirewallRules: [{DA383A0E-B1E6-43F3-B773-AFF29416E5F9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{A4F39663-1E18-460F-8579-FCAB14BA7DB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [TCP Query User{829E4292-3B4B-4438-9FBB-B94C8212E549}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [UDP Query User{885C2290-0B57-413B-96E2-A93F7FB50E3B}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
    FirewallRules: [{0D2CF1FB-57A6-4F18-AA73-C3929BA0DBD9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DLC Quest\DLC.exe
    FirewallRules: [{B087901F-616C-45B8-A8B1-3FCC40847932}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DLC Quest\DLC.exe
    FirewallRules: [{D40A2DB3-5231-48A5-9761-84DD5A9DFB66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
    FirewallRules: [{D83BC97A-97BE-4174-8EC8-D1F3D87F9098}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\PublicLauncher.exe
    FirewallRules: [{3CF4B88B-CB56-48EE-A920-0759BB908A28}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
    FirewallRules: [{0052F65F-3CA7-4393-8C25-CFC0CF853AB5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Mighty Quest For Epic Loot\Launcher\MQELDiagnostics.exe
    FirewallRules: [{C31AB13F-A964-4313-9DD5-EE9ED3CE9D3F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
    FirewallRules: [{4BDC8BFA-712A-45C8-865E-7EE6418E1D5C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Worms Reloaded\WormsReloaded.exe
    FirewallRules: [{AAE589B6-F938-46A0-B685-32D929836668}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{2B84F999-7DE6-46EB-AEBB-B3E1D0B06E63}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
    FirewallRules: [{193F8F8B-FBAF-4D7D-BD7A-DA31F60C45C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
    FirewallRules: [{12F780E7-CC0D-404B-9F9C-10E0395A1265}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Prison Architect\Prison Architect Safe Mode.exe
    FirewallRules: [TCP Query User{6F250E54-D290-4588-B5AC-90F753317BD6}C:\program files\java\jdk1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_20\bin\javaw.exe
    FirewallRules: [UDP Query User{AF251631-1691-436E-9935-137186F5E1E3}C:\program files\java\jdk1.8.0_20\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_20\bin\javaw.exe
    FirewallRules: [{FD7EC68F-041E-4009-BB6B-B296EFAA6A1C}] => (Block) C:\program files\java\jdk1.8.0_20\bin\javaw.exe
    FirewallRules: [{0DABC7E9-65A9-402F-9EA3-58DEF3410931}] => (Block) C:\program files\java\jdk1.8.0_20\bin\javaw.exe
    FirewallRules: [TCP Query User{63D7E22D-DFFC-458A-8E52-B47AA892D2F9}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_77\bin\javaw.exe
    FirewallRules: [UDP Query User{520A2112-1F2F-4DF6-843B-6B58E3F4020C}C:\program files\java\jre1.8.0_77\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_77\bin\javaw.exe
    FirewallRules: [TCP Query User{8421D04D-A53D-4350-B631-D3D1832F96FD}C:\program files\java\jre1.8.0_77\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\java.exe
    FirewallRules: [UDP Query User{0973ED89-EF2E-41CD-927A-007E3667DEAA}C:\program files\java\jre1.8.0_77\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_77\bin\java.exe
    FirewallRules: [{AC74D83D-DE64-42E7-824B-D00F994725E2}] => (Block) C:\program files\java\jre1.8.0_77\bin\java.exe
    FirewallRules: [{23455791-8385-4F96-B7C8-A6EF28EC759F}] => (Block) C:\program files\java\jre1.8.0_77\bin\java.exe
    FirewallRules: [{5993BE36-9700-4250-92F4-BC97982A0FE8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{DE1BEE4B-0104-4704-823A-FF1FAA6620CC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dont_starve\bin\dontstarve_steam.exe
    FirewallRules: [{282595A5-1444-4E8C-B7D6-10FF56C134F1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    FirewallRules: [{D564B42B-DF20-46F8-830C-78EB2C6E3F52}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{B881A682-F508-42B8-97C4-388E5B26726B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DarkestDungeon\_windows\Darkest.exe
    FirewallRules: [{A4A95FC9-AE2A-4653-ADF4-21B1A601270D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
    FirewallRules: [{6EC28476-6A24-4BFA-9897-A6D90FB0E5A9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Spelunky\Spelunky.exe
    FirewallRules: [{0B36B8A5-E72A-4225-8BD9-2B7FCD2132B8}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
    FirewallRules: [{5878B110-0B2F-4408-A865-DA4A4548C833}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
     
    ==================== Wiederherstellungspunkte =========================
     
    10-07-2016 13:22:37 JRT Pre-Junkware Removal
     
    ==================== Fehlerhafte Geräte im Gerätemanager =============
     
     
    ==================== Fehlereinträge in der Ereignisanzeige: =========================
     
    Applikationsfehler:
    ==================
    Error: (07/10/2016 01:23:38 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
    Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
     
    Details:
    AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
     
    System Error:
    Zugriff verweigert
    .
     
    Error: (07/10/2016 12:40:58 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy22\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
    Error: (07/10/2016 12:40:45 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy21\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
    Error: (07/10/2016 12:38:40 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy20\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
    Error: (07/10/2016 12:37:19 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy19\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
    Error: (07/10/2016 12:34:46 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy18\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
    Error: (07/10/2016 12:24:37 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy17\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
    Error: (07/10/2016 12:19:59 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
    Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d2f5
    Ausnahmecode: 0xc000027b
    Fehleroffset: 0x000000000004b199
    ID des fehlerhaften Prozesses: 0x42c
    Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
    Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
    Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
    Berichtskennung: backgroundTaskHost.exe3
    Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5
     
    Error: (07/10/2016 12:15:05 PM) (Source: Application Error) (EventID: 1000) (User: )
    Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d8f0
    Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 10.0.10586.0, Zeitstempel: 0x5632d2f5
    Ausnahmecode: 0xc000027b
    Fehleroffset: 0x000000000004b199
    ID des fehlerhaften Prozesses: 0xa68
    Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
    Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
    Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
    Berichtskennung: backgroundTaskHost.exe3
    Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
    Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5
     
    Error: (07/10/2016 12:14:27 PM) (Source: VSS) (EventID: 12289) (User: )
    Description: Volumeschattenkopie-Dienstfehler: Unerwarteter Fehler "CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy16\,0x80000000,0x00000003,...)". hr = 0x80070570, Die Datei oder das Verzeichnis ist beschädigt und nicht lesbar.
    .
     
     
    Vorgang:
       PreFinalCommitSnapshots wird verarbeitet
     
    Kontext:
       Ausführungskontext: System Provider
     
     
    Systemfehler:
    =============
    Error: (07/10/2016 01:24:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
     
    Error: (07/10/2016 01:24:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
    Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
     
    Error: (07/10/2016 01:20:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
    Description: {784E29F4-5EBE-4279-9948-1E8FE941646D}
     
    Error: (07/10/2016 12:41:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Der Dienst "Benutzerdatenzugriff_5fc80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
     
    Error: (07/10/2016 12:41:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Der Dienst "Benutzerdatenspeicher _5fc80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
     
    Error: (07/10/2016 12:41:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Der Dienst "Kontaktdaten_5fc80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
     
    Error: (07/10/2016 12:41:35 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
    Description: Der Dienst "Synchronisierungshost_5fc80" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
     
    Error: (07/10/2016 12:41:35 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
    Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
     
    Error: (07/10/2016 12:40:59 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
    Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
     
    In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Das Attribut des beschädigten Indexes ist ":$SII:$INDEX_ALLOCATION".
     
    Error: (07/10/2016 12:40:58 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
    Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
     
    In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Das Attribut des beschädigten Indexes ist ":$SII:$INDEX_ALLOCATION".
     
     
    CodeIntegrity:
    ===================================
      Date: 2016-07-10 13:30:04.497
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 13:30:04.473
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 12:36:26.293
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 12:36:26.279
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 12:36:25.038
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 12:36:25.017
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 12:36:17.638
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 12:36:17.601
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 11:08:20.013
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
      Date: 2016-07-10 03:33:49.255
      Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
     
     
    ==================== Speicherinformationen =========================== 
     
    Prozessor: Intel® Core™ i5-3230M CPU @ 2.60GHz
    Prozentuale Nutzung des RAM: 28%
    Installierter physikalischer RAM: 8088.94 MB
    Verfügbarer physikalischer RAM: 5753.48 MB
    Summe virtueller Speicher: 9368.94 MB
    Verfügbarer virtueller Speicher: 7396.54 MB
     
    ==================== Laufwerke ================================
     
    Drive c: () (Fixed) (Total:696.33 GB) (Free:388.96 GB) NTFS
     
    ==================== MBR & Partitionstabelle ==================
     
    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 23C13E9C)
    Partition 1: (Active) - (Size=1.9 GB) - (Type=0B)
    Partition 2: (Not Active) - (Size=696.3 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
     
    ==================== Ende von Addition.txt ============================

    • 0

    #4
    RKinner
    Posted 10 July 2016 - 09:40 AM

    RKinner

      Malware Expert

    • Expert
    • 24,624 posts
    • MVP
    Error: (07/10/2016 12:40:58 PM) (Source: Ntfs) (EventID: 55) (User: NT-AUTORITÄT)
    Description: In der Dateisystemstruktur auf Volume "??" wurde eine Beschädigung erkannt.
     
    In einer Indexstruktur des Dateisystems wurde eine Beschädigung gefunden. Die Dateireferenznummer ist 0x9000000000009. Der Name der Datei ist "<Dateiname kann nicht bestimmt werden>". Das Attribut des beschädigten Indexes ist ":$SII:$INDEX_ALLOCATION".

     

     

    Win 10 is supposed to run a disk check when it sees errors of this type.  Probably worthwhile to manually do a disk check just in case.

     

    https://www.tekrevue...dsk-windows-10/

     

    Use:  chkdsk C: /f /r /x

     

    as a command.

     

    I don't see an adwcleaner log.  I do see where you downloaded it several times so I assume you had problems with it?

     

    Clear the Java Cache by following the instructions on
     
    You do not have the latest Java.
    First go into Control Panel, Add/Remove Software (XP) or Programs and Features (Vista/Win 7) and remove any old versions (which may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE)
    I see:
    Java 8 Update 77 (64-bit) 
    Java SE Development Kit 8 Update 20 (64-bit) 
     
    Java has been very vulnerable to infection so unless you absolutely need it you should not reinstall it.
     
    If you feel you must have Java:
    Get the latest Java at:
     
    Save it to your PC then close all browsers and install it.  Do not let it install the yahoo toolbar or other foistware.
    Once installed, go into Control Panel, Java, Security and set the slider to the Highest then OK.
     
    (If you also want the 64 bit version then use the 64 bit version of IE to get it.)
     
    Also Uninstall:
     
    Bonjour.  It is not working.  This detects Apple devices on the network.  You will probably get a new one next time you update Apple software.
    Driver Booster 3.4 -Worthless
    SafeFinder - Adware
    Skype Click to Call - this is the worthless add-on to your browsers that turns random 10 digit numbers into call links.  Removing it will not hurt Skype.
    SpyHunter 4 - if you didn't pay for this then it's worthless.
    LogMeIn Hamachi - If you have TeamViewer then you don't need this
     
    AVG does not appear to be working correctly.  Let's switch to the free Avast.  http://www.avast.com/index
    Click on Download then choose the free version.
     
     
    Download and Save, uninstall AVG and reboot then install Avast by right clicking on the installer and Run As Admin.
     
    Adobe Flash Player 16 NPAPI  is way out of date and thus dangerous.  Go to Adobe.com with Firefox and get the latest version. Uncheck the optional software before downloading.
     
     
     
    Download the attached fixlist.txt to the same location as FRST
     
    [attachment=81858:fixlist.txt]
     
    Run FRST and press Fix
    A fix log will be generated please post that 
     
     
    Run FRST again as before.  Make sure Addition.txt is checked and hit Scan.  Post both logs.
     

     

    Get Process Explorer
     
    Save it to your desktop then run it (Vista or Win7 - right click and Run As Administrator).  
     
    View, Select Column, check Verified Signer, OK
    Options, Verify Image Signatures
     
     
    Click twice on the CPU column header  to sort things by CPU usage with the big hitters at the top.  
     
    Wait a full minute then:
     
    File, Save As, Save.  Note the file name.   Open the file  on your desktop and copy and paste the text to a reply.
     
    Get the free version of Speccy:
     
    http://www.filehippo...download_speccy (Look in the upper right for the Download
    Latest Version button  - Do NOT press the large Start Download button on the upper left!)  
    Download, Save and Install it.  Tell it you do not need CCLEANER if it asks you to download it too.    Run Speccy (right click and Run As admin).  When it finishes (the little icon in the bottom left will stop moving), 
    File, Save as Text File,  (to your desktop) note the name it gives. OK.  Open the file in notepad and delete the line that gives the serial number of your Operating System.  
    (It will be near the top about 10 lines down.) Save the file.  Attach the file to your next post.  (More Reply Options, Choose File, Open, Attach This File)
     

    • 0

    #5
    Vektic
    Posted 19 July 2016 - 02:08 PM

    Vektic

      New Member

    • Topic Starter
    • Member
    • Pip
    • 3 posts

    Again, thanks for the quick reply, unfortunately I haven't yet found time to take care of the issues as I'm quite busy atm. Next weekend I will follow your help and also update you on the status of the issue. Apart from what you already know, I've also noticed, that when processing more advanced programs/games taskmanager shows my HDD to be locked at 100% usage. As it seemed quite odd to me, I disabled the startup of "Windows Search" which didn't really help, as now the usage seemingly randomly jumps from expected values (20%) to 100%, where it usually locks itself for a few seconds before returning to normal values. Other than that. Regarding the ADWcleaner file, the program did not react to commands for a few minutes, before I installed it again. After this it seemed to have worked, I will provide you with a log the this weekend, though. 


    • 0

    #6
    RKinner
    Posted 20 July 2016 - 08:46 PM

    RKinner

      Malware Expert

    • Expert
    • 24,624 posts
    • MVP

    Delays are no problem.  Get back to me when you can.

     

    For hard drive usage search for Task Manager and hit Enter.  Then Performance, Resource Monitor, Disk.  It should show you what processes are using the disk and how many bytes are being read/writen by each.


    • 0
    Back to Virus, Spyware, Malware Removal · Next Unread Topic →




    Similar Topics


    Also tagged with one or more of these keywords: laptop;, performance;, graphics;, low FPS;

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    1. Geeks to Go Community
    2. Security
    3. Virus, Spyware, Malware Removal

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP