Nein, das Problem ist neu. Windows 10 wurde so gut es ging mit allen Mitteln verhindert (Updates ausgeblendet und in der Registry entsprechende Schlüssel erstellt).
Code: Alles auswählen
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2016
(...)
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Softex Inc.) C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Dassault Systèmes) C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(IvoSoft) C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe
(Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_ep64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avcenter.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Hewlett-Packard)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files (x86)\Classic Shell\ClassicStartMenu.exe [161984 2014-04-20] (IvoSoft)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2014-01-05] (IDT, Inc.)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [41664 2014-01-05] (Hewlett-Packard )
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [7536520 2016-09-07] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [830064 2016-09-06] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-09-08] (Plays.tv, LLC)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58640 2016-08-23] (Raptr, Inc)
HKU\S-1-5-21-1093757153-1969341672-3717817730-1001\...\Run: [AppEx Accelerator UI] => C:\Program Files\AMD Quick Stream\AMDQuickStream.exe [482528 2014-03-31] (AppEx Networks Corporation)
HKU\S-1-5-21-1093757153-1969341672-3717817730-1001\...\Run: [VLC Updater] => C:\Program Files (x86)\VLC Updater\vlc-updater.exe [370128 2016-05-26] ()
HKU\S-1-5-21-1093757153-1969341672-3717817730-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Ribbons.scr [132608 2014-10-29] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files (x86)\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files (x86)\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2015-01-02]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\Users\Marco\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar799.lnk [2016-09-11]
ShortcutTarget: Sidebar799.lnk -> C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 88.134.230.161 88.134.230.225
Tcpip\..\Interfaces\{2B399A28-D447-4431-A18F-93EB83C78D35}: [DhcpNameServer] 88.134.230.161 88.134.230.225
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1093757153-1969341672-3717817730-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK14/4
SearchScopes: HKLM -> {F76FAC8D-1EC6-4C6E-83B4-32015C7EA911} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKLM-x32 -> {F76FAC8D-1EC6-4C6E-83B4-32015C7EA911} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1093757153-1969341672-3717817730-1001 -> {F76FAC8D-1EC6-4C6E-83B4-32015C7EA911} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de1-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files (x86)\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2016-07-21] (HP Inc.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files (x86)\Classic Shell\ClassicIEDLL_64.dll [2014-04-20] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files (x86)\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files (x86)\Classic Shell\ClassicIEDLL_32.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files (x86)\Classic Shell\ClassicExplorer64.dll [2014-04-20] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files (x86)\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
FireFox:
========
FF ProfilePath: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default
FF DefaultSearchEngine: Bing
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-16] ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-16] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-1093757153-1969341672-3717817730-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll [2015-02-09] (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\searchplugins\suchmaschine.xml [2015-01-02]
FF Extension: (Disconnect) - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\extensions\2.0@disconnect.me.xpi [2016-04-27]
FF Extension: (Modify Headers) - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi [2016-04-27]
FF Extension: (NoScript) - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-10]
FF Extension: (Firefox Hotfix) - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-08]
FF Extension: (uBlock Origin) - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\Extensions\uBlock0@raymondhill.net.xpi [2016-09-09]
FF Extension: (Flagfox) - C:\Users\Marco\AppData\Roaming\Mozilla\Firefox\Profiles\dog6vik7.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-08-26]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (AdBlock) - C:\Users\Marco\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2016-05-17]
OPR Extension: (Disconnect) - C:\Users\Marco\AppData\Roaming\Opera Software\Opera Stable\Extensions\hciohocinlhbdkbjldffomiadmnhjnoj [2016-04-02]
OPR Extension: (uBlock Origin) - C:\Users\Marco\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2016-08-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpusrsvc; C:\Program Files\AMD\{920DEC42-4CA5-4d1d-9487-67BE645CDDFC}\amdacpusrsvc.exe [121856 2016-08-11] (Advanced Micro Devices) [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [989696 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [470600 2016-09-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1454720 2016-09-06] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
R2 DraftSight API Service; C:\Program Files\Dassault Systemes\DraftSight\bin\dsHttpApiService.exe [123904 2015-05-30] (Dassault Systèmes) [Datei ist nicht signiert]
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [29728 2016-08-15] (HP Inc.)
R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [Datei ist nicht signiert]
R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [32528 2016-09-08] (Plays.tv, LLC)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] ()
S3 SandraAgentSrv; C:\Program Files (x86)\SiSoftware Sandra Lite 2015.SP1\RpcAgentSrv.exe [73200 2015-02-15] (SiSoftware) [Datei ist nicht signiert]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2014-01-05] (IDT, Inc.) [Datei ist nicht signiert]
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 amdacpksd; C:\windows\system32\drivers\amdacpksd.sys [305544 2016-09-07] (Advanced Micro Devices)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [118848 2016-08-09] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [144664 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [154392 2016-07-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-14] (Avira Operations GmbH & Co. KG)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-09-09] (Malwarebytes)
S3 SANDRA; C:\Program Files (x86)\SiSoftware Sandra Lite 2015.SP1\WNt600x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 AmUStor; \SystemRoot\system32\drivers\AmUStor.SYS [X]
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
U3 McAPExe; kein ImagePath
U3 McMPFSvc; kein ImagePath
U3 McNaiAnn; kein ImagePath
U3 mcpltsvc; kein ImagePath
U3 McProxy; kein ImagePath
U3 mfecore; kein ImagePath
U3 MSK80Service; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-11 18:44 - 2016-09-11 18:45 - 00018210 _____ C:\Users\Marco\Downloads\FRST.txt
2016-09-11 18:43 - 2016-09-11 18:43 - 02397696 _____ (Farbar) C:\Users\Marco\Downloads\FRST64.exe
2016-09-11 18:40 - 2016-09-11 18:40 - 120730214 _____ C:\Users\Marco\Downloads\EmsisoftEmergencyKit.exe.part
2016-09-11 18:40 - 2016-09-11 18:40 - 00000000 _____ C:\Users\Marco\Downloads\EmsisoftEmergencyKit.exe
2016-09-10 17:05 - 2016-09-10 17:05 - 00010688 _____ C:\Users\Marco\AppData\Local\recently-used.xbel
2016-09-10 17:01 - 2016-09-10 17:02 - 00036744 _____ C:\Users\Marco\Downloads\matschuck.cdr
2016-09-10 03:15 - 2016-09-10 03:15 - 00000000 ____D C:\windows\system32\ÿÿÿÿÿÿÿÿ
2016-09-10 03:15 - 2016-09-10 03:15 - 00000000 ____D C:\windows\system32\ce471af0abeffd5eb0b22..bin
2016-09-10 02:15 - 2016-09-10 02:15 - 00000000 ____D C:\Users\Marco\AppData\LocalLow\AMD
2016-09-10 01:07 - 2016-09-10 01:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings
2016-09-10 01:04 - 2016-09-10 01:06 - 00000000 ____D C:\windows\LastGood
2016-09-08 23:33 - 2016-09-08 23:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptr
2016-09-07 17:48 - 2016-09-07 17:48 - 00462080 _____ C:\windows\system32\amdmiracast.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00145400 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00141280 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdhcp64.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00125288 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdhcp32.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00109856 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2016-09-07 17:48 - 2016-09-07 17:48 - 00092328 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2016-09-07 17:47 - 2016-09-07 17:47 - 10981024 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd6a.dll
2016-09-07 17:47 - 2016-09-07 17:47 - 09983912 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdva.dll
2016-09-07 17:47 - 2016-09-07 17:47 - 07212736 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiumdag.dll
2016-09-07 17:47 - 2016-09-07 17:47 - 00150544 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiu9p64.dll
2016-09-07 17:47 - 2016-09-07 17:47 - 00123776 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiu9pag.dll
2016-09-07 17:46 - 2016-09-07 17:46 - 08847376 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiumd64.dll
2016-09-07 17:46 - 2016-09-07 17:46 - 00305544 _____ (Advanced Micro Devices) C:\windows\system32\Drivers\amdacpksd.sys
2016-09-07 17:42 - 2016-09-07 17:42 - 26542592 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmdag.sys
2016-09-07 17:42 - 2016-09-07 17:42 - 00502272 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\atikmpag.sys
2016-09-07 17:42 - 2016-09-07 17:42 - 00270336 _____ (AMD) C:\windows\system32\atitmm64.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00143360 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantle64.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00119808 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00118272 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantle32.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00113152 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\mantleaxl64.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00101376 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00092160 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\mantleaxl32.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\detoured.dll
2016-09-07 17:42 - 2016-09-07 17:42 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\detoured.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 33263104 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atio6axx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 27297280 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atioglxx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 15711744 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticaldd64.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 14302720 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticaldd.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00981504 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00505856 _____ (AMD) C:\windows\system32\atieclxx.exe
2016-09-07 17:41 - 2016-09-07 17:41 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00385536 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiapfxx.exe
2016-09-07 17:41 - 2016-09-07 17:41 - 00332800 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ATIODE.exe
2016-09-07 17:41 - 2016-09-07 17:41 - 00269824 _____ (AMD) C:\windows\system32\atiesrxx.exe
2016-09-07 17:41 - 2016-09-07 17:41 - 00106496 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6pxx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00094208 _____ (AMD) C:\windows\system32\atimuixx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiglpxx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00091136 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiglpxx.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00062464 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalrt64.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00055808 _____ (Advanced Micro Devices Inc.) C:\windows\system32\aticalcl64.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00052224 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalrt.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00051200 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ATIODCLI.exe
2016-09-07 17:41 - 2016-09-07 17:41 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00049152 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\aticalcl.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Drivers\ati2erec.dll
2016-09-07 17:41 - 2016-09-07 17:41 - 00038400 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmmcl.dll
2016-09-07 17:40 - 2016-09-07 17:40 - 08724992 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmantle64.dll
2016-09-07 17:40 - 2016-09-07 17:40 - 07046656 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdmantle32.dll
2016-09-07 17:40 - 2016-09-07 17:40 - 00087040 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2016-09-07 17:36 - 2016-09-07 17:36 - 02222592 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amfrt64.dll
2016-09-07 17:35 - 2016-09-07 17:35 - 01902080 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amfrt32.dll
2016-09-07 17:34 - 2016-09-07 17:34 - 09364992 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdvlk64.dll
2016-09-07 17:24 - 2016-09-07 17:24 - 07568384 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdvlk32.dll
2016-09-07 17:19 - 2016-09-07 17:19 - 00184320 _____ C:\windows\system32\amdhdl64.dll
2016-09-07 17:18 - 2016-09-07 17:18 - 00164352 _____ C:\windows\SysWOW64\amdhdl32.dll
2016-09-07 16:56 - 2016-09-07 16:56 - 00252928 _____ C:\windows\system32\clinfo.exe
2016-09-07 16:52 - 2016-09-07 16:52 - 00733696 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2016-09-07 16:51 - 2016-09-07 16:51 - 00608768 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2016-09-07 16:28 - 2016-09-07 16:28 - 03437632 _____ C:\windows\system32\atiumd6a.cap
2016-09-07 16:17 - 2016-09-07 16:17 - 03471376 _____ C:\windows\SysWOW64\atiumdva.cap
2016-09-07 16:16 - 2016-09-07 16:16 - 00875008 _____ (AMD) C:\windows\system32\coinst_16.40.dll
2016-09-07 16:15 - 2016-09-07 16:15 - 00748320 _____ C:\windows\SysWOW64\atiapfxx.blb
2016-09-07 16:15 - 2016-09-07 16:15 - 00748320 _____ C:\windows\system32\atiapfxx.blb
2016-09-07 16:09 - 2016-09-07 16:09 - 00138752 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amduve64.dll
2016-09-07 16:08 - 2016-09-07 16:08 - 00118272 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amduve32.dll
2016-09-07 16:07 - 2016-09-07 16:07 - 00275456 _____ C:\windows\system32\dgtrayicon.exe
2016-09-07 16:07 - 2016-09-07 16:07 - 00258560 _____ C:\windows\system32\GameManager64.dll
2016-09-07 16:07 - 2016-09-07 16:07 - 00223744 _____ C:\windows\SysWOW64\GameManager32.dll
2016-09-07 16:07 - 2016-09-07 16:07 - 00214016 _____ C:\windows\system32\atieah64.exe
2016-09-07 16:07 - 2016-09-07 16:07 - 00192000 _____ C:\windows\SysWOW64\atieah32.exe
2016-09-07 16:06 - 2016-09-07 16:06 - 00231936 _____ C:\windows\system32\amdgfxinfo64.dll
2016-09-07 16:06 - 2016-09-07 16:06 - 00204800 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2016-09-07 15:57 - 2016-09-07 15:57 - 00251392 _____ C:\windows\system32\hsa-thunk64.dll
2016-09-07 15:57 - 2016-09-07 15:57 - 00217088 _____ C:\windows\SysWOW64\hsa-thunk.dll
2016-09-04 22:20 - 2016-09-04 22:23 - 30394282 _____ C:\Users\Marco\Downloads\Audiowhores - Sanctuary (Original Mix)(1).wma
2016-09-03 21:41 - 2016-09-03 21:43 - 133532168 _____ C:\Users\Marco\Downloads\Flughafen Tempelhof (THF) im Jahr 1993.mp4
2016-09-03 17:40 - 2016-09-03 17:40 - 47206960 _____ C:\Users\Marco\Downloads\Firefox Setup 48.0.2.exe
2016-09-03 15:05 - 2016-09-10 14:12 - 00003164 _____ C:\windows\System32\Tasks\HPCeeScheduleForMarco
2016-09-03 15:05 - 2016-09-10 14:12 - 00000350 _____ C:\windows\Tasks\HPCeeScheduleForMarco.job
2016-09-03 12:36 - 2016-09-03 12:36 - 00313366 _____ C:\Users\Marco\Downloads\WindowsUpdateDiagnostic.diagcab
2016-09-03 12:34 - 2016-09-03 12:35 - 00000000 ____D C:\windows\LastGood.Tmp
2016-09-02 14:23 - 2016-09-02 14:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-08-26 18:26 - 2016-08-26 18:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-08-26 15:22 - 2016-07-24 01:01 - 07445856 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-08-26 15:22 - 2016-07-09 20:32 - 00675328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-08-26 15:22 - 2016-07-09 20:32 - 00416768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-08-26 15:22 - 2016-07-09 20:31 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-08-26 15:22 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
2016-08-26 15:22 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2016-08-26 15:22 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
2016-08-26 15:22 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
2016-08-26 15:22 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys
2016-08-26 15:22 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\windows\system32\iprtrmgr.dll
2016-08-26 15:22 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\windows\system32\mprdim.dll
2016-08-26 15:22 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\windows\system32\rasppp.dll
2016-08-26 15:22 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\rasman.dll
2016-08-26 15:22 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2016-08-26 15:22 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2016-08-26 15:22 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\rascustom.dll
2016-08-26 15:22 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
2016-08-26 15:22 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll
2016-08-26 15:22 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll
2016-08-26 15:22 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\windows\SysWOW64\iprtrmgr.dll
2016-08-26 15:22 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprdim.dll
2016-08-26 15:22 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2016-08-26 15:22 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2016-08-26 15:22 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasppp.dll
2016-08-26 15:22 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasman.dll
2016-08-26 15:22 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll
2016-08-26 15:22 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2016-08-26 15:22 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\windows\system32\rdpclip.exe
2016-08-26 15:22 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\windows\system32\esent.dll
2016-08-26 15:22 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2016-08-26 15:22 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\windows\SysWOW64\esent.dll
2016-08-26 15:22 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2016-08-26 15:22 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2016-08-26 15:22 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\windows\system32\dssenh.dll
2016-08-26 15:22 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dssenh.dll
2016-08-26 15:22 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2016-08-19 15:05 - 2016-08-19 15:05 - 00891196 _____ C:\windows\system32\amdicdxx.dat
2016-08-18 20:53 - 2016-08-18 20:53 - 00370304 _____ C:\windows\system32\ativvaxy_el_nd.dat
2016-08-17 19:39 - 2016-08-17 19:41 - 44733285 _____ C:\Users\Marco\Downloads\Audiowhores - Sanctuary (Original Mix).WMA
2016-08-13 21:29 - 2016-08-13 21:29 - 00004238 _____ C:\windows\System32\Tasks\AMD Updater
2016-08-13 20:55 - 2016-08-13 20:55 - 00000000 _____ C:\windows\ativpsrm.bin
2016-08-13 20:54 - 2016-08-13 20:54 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-08-13 20:33 - 2016-08-13 20:33 - 00000000 ____D C:\Users\Marco\AppData\Roaming\ATI
2016-08-13 20:33 - 2016-08-13 20:33 - 00000000 ____D C:\Users\Marco\AppData\Local\ATI
2016-08-13 20:33 - 2016-08-13 20:33 - 00000000 ____D C:\ProgramData\ATI
2016-08-13 13:23 - 2016-09-10 01:07 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-08-13 13:23 - 2016-09-10 01:05 - 00000000 ____D C:\Users\Marco\AppData\Local\AMD
2016-08-13 13:23 - 2016-07-21 17:47 - 00265504 _____ C:\windows\SysWOW64\vulkan-1.dll
2016-08-13 13:23 - 2016-07-21 17:47 - 00110880 _____ C:\windows\SysWOW64\vulkaninfo.exe
2016-08-13 13:23 - 2016-07-21 17:46 - 00258336 _____ C:\windows\system32\vulkan-1.dll
2016-08-13 13:23 - 2016-07-21 17:46 - 00125216 _____ C:\windows\system32\vulkaninfo.exe
2016-08-13 13:22 - 2016-09-10 01:03 - 00000000 ____D C:\Program Files\AMD
2016-08-13 13:22 - 2016-08-13 13:22 - 00000000 ____D C:\Program Files (x86)\AMD
2016-08-13 12:53 - 2016-08-13 12:53 - 00000000 ___HD C:\$SysReset
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-09-11 18:44 - 2016-08-11 20:26 - 00000000 ____D C:\FRST
2016-09-11 18:13 - 2015-01-02 17:48 - 00000000 ____D C:\Users\Marco\AppData\Local\Sidebar7
2016-09-11 16:40 - 2015-01-06 01:54 - 00000000 ____D C:\Users\Marco\AppData\Roaming\ClassicShell
2016-09-11 16:16 - 2015-01-02 16:11 - 00003930 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{0E68E2A3-7044-415B-AF62-5DB0D6648B7F}
2016-09-11 16:13 - 2016-07-09 18:32 - 00000000 ____D C:\Users\Marco\AppData\Roaming\PlaysTV
2016-09-11 16:13 - 2016-07-09 18:31 - 00000000 ____D C:\Users\Marco\AppData\Roaming\Raptr
2016-09-10 18:56 - 2015-07-31 23:26 - 00000946 _____ C:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-09-10 18:40 - 2016-05-28 00:12 - 00000000 ____D C:\Users\Marco\AppData\Roaming\vlc
2016-09-10 15:39 - 2014-11-12 09:54 - 00757756 _____ C:\windows\system32\perfh007.dat
2016-09-10 15:39 - 2014-11-12 09:54 - 00173028 _____ C:\windows\system32\perfc007.dat
2016-09-10 15:39 - 2014-03-18 17:32 - 01783968 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-10 15:39 - 2013-08-22 15:36 - 00000000 ____D C:\windows\Inf
2016-09-10 14:38 - 2015-01-03 17:56 - 57024000 ___SH C:\Users\Marco\Downloads\Thumbs.db
2016-09-10 13:55 - 2015-01-02 16:08 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1093757153-1969341672-3717817730-1001
2016-09-10 03:15 - 2014-11-12 01:23 - 00000000 ____D C:\AMD
2016-09-09 15:37 - 2015-01-02 18:16 - 00192216 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-07 18:53 - 2016-06-09 18:37 - 00003868 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1421096150
2016-09-07 18:53 - 2015-01-12 22:55 - 00001030 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-09-07 18:53 - 2015-01-12 22:54 - 00000000 ____D C:\Program Files (x86)\Opera
2016-09-07 17:48 - 2014-12-15 22:42 - 00170072 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atiuxp64.dll
2016-09-07 17:48 - 2014-12-15 22:41 - 00124776 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2016-09-07 17:47 - 2014-12-15 22:42 - 10931560 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atidxx64.dll
2016-09-07 17:47 - 2014-12-15 22:42 - 00139720 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atiuxpag.dll
2016-09-07 17:47 - 2014-12-15 22:41 - 09089920 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atidxx32.dll
2016-09-07 17:47 - 2014-12-15 22:41 - 01546712 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2016-09-07 17:47 - 2014-12-15 22:41 - 01271160 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2016-09-07 17:41 - 2016-08-11 10:51 - 27473408 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl12cl64.dll
2016-09-07 17:41 - 2016-08-11 10:51 - 21624320 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl12cl.dll
2016-09-07 17:41 - 2016-08-11 10:17 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2016-09-07 17:41 - 2016-08-11 10:17 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2016-09-07 17:41 - 2014-12-15 22:41 - 48805888 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdocl64.dll
2016-09-07 17:41 - 2014-12-15 22:41 - 38250496 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\amdocl.dll
2016-09-07 17:41 - 2014-12-15 22:41 - 01316864 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2016-09-07 17:41 - 2014-12-15 22:41 - 00981504 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2016-09-07 17:40 - 2014-12-15 22:41 - 00096256 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2016-09-06 21:28 - 2015-04-28 00:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-09-03 17:49 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-03 17:47 - 2014-11-12 00:59 - 00065536 _____ C:\windows\system32\spu_storage.bin
2016-09-03 17:43 - 2015-04-01 21:02 - 00000000 ____D C:\Users\Marco\AppData\Local\ElevatedDiagnostics
2016-08-30 23:07 - 2014-12-15 22:42 - 00170072 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\SETD015.tmp
2016-08-30 23:07 - 2014-12-15 22:42 - 00139208 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\SETEA0B.tmp
2016-08-30 23:07 - 2014-12-15 22:41 - 01525600 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\SETD0C6.tmp
2016-08-30 23:07 - 2014-12-15 22:41 - 01253120 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\SETD155.tmp
2016-08-30 23:07 - 2014-12-15 22:41 - 00124776 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\SETCE3B.tmp
2016-08-30 23:06 - 2014-12-15 22:42 - 10865616 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\SETA889.tmp
2016-08-30 23:06 - 2014-12-15 22:41 - 09022440 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\SETB73B.tmp
2016-08-30 22:57 - 2014-12-15 22:41 - 48801792 _____ (Advanced Micro Devices Inc.) C:\windows\system32\SETDCC3.tmp
2016-08-30 22:56 - 2014-12-15 22:41 - 38248960 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\SETE67B.tmp
2016-08-30 22:55 - 2014-12-15 22:41 - 00096256 _____ (Khronos Group) C:\windows\system32\SETD176.tmp
2016-08-30 22:53 - 2016-08-11 10:51 - 27471872 _____ (Advanced Micro Devices Inc.) C:\windows\system32\SET9F44.tmp
2016-08-30 22:53 - 2016-08-11 10:51 - 21623808 _____ (Advanced Micro Devices Inc.) C:\windows\SysWOW64\SETC052.tmp
2016-08-30 22:33 - 2016-08-11 10:30 - 00865792 _____ (AMD) C:\windows\system32\coinst_16.30.dll
2016-08-30 22:22 - 2016-08-11 10:17 - 00185344 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\SETD037.tmp
2016-08-30 22:22 - 2016-08-11 10:17 - 00159232 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\SETEA5C.tmp
2016-08-30 22:22 - 2014-12-15 22:41 - 01311744 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\SET89EA.tmp
2016-08-30 22:22 - 2014-12-15 22:41 - 00977920 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\SETAFB3.tmp
2016-08-28 00:06 - 2015-01-10 00:52 - 00000000 ____D C:\Users\Marco\.gimp-2.8
2016-08-28 00:05 - 2015-01-27 00:20 - 00000000 ____D C:\Users\Marco\AppData\Local\gtk-2.0
2016-08-26 16:43 - 2016-07-09 18:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2016-08-26 16:43 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData
2016-08-26 16:42 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-26 16:40 - 2013-08-22 17:36 - 00000000 ____D C:\windows\registration
2016-08-26 16:39 - 2013-08-22 15:36 - 00000000 ____D C:\windows\system32\Sysprep
2016-08-26 15:51 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache
2016-08-26 15:25 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\setup
2016-08-26 15:25 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\setup
2016-08-26 15:23 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp
2016-08-26 14:58 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\BBI
2016-08-26 14:51 - 2015-01-02 16:03 - 00000000 ____D C:\Users\Marco
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-03 10:39 - 2016-02-13 21:38 - 0000624 _____ () C:\Users\Marco\AppData\Roaming\All CPU MeterV3_Settings.ini
2015-01-03 10:33 - 2015-01-03 10:33 - 0001002 _____ () C:\Users\Marco\AppData\Roaming\Currency Meter_Settings.ini
2015-09-19 23:54 - 2015-09-19 23:54 - 0000504 _____ () C:\Users\Marco\AppData\Roaming\Drives Monitor_Settings.ini
2015-01-03 10:40 - 2016-02-14 17:14 - 0000281 _____ () C:\Users\Marco\AppData\Roaming\GPU MeterV2_Settings.ini
2015-01-03 10:40 - 2015-01-03 10:40 - 0000013 _____ () C:\Users\Marco\AppData\Roaming\Network Meter_Usage.ini
2015-02-21 13:29 - 2016-04-23 00:31 - 14848000 _____ () C:\Users\Marco\AppData\Roaming\Sandra.mdb
2015-09-19 23:46 - 2015-09-19 23:49 - 0002012 _____ () C:\Users\Marco\AppData\Roaming\System Monitor II_CPU0_log.txt
2015-09-19 23:46 - 2015-09-19 23:49 - 0002255 _____ () C:\Users\Marco\AppData\Roaming\System Monitor II_CPU0_Settings.ini
2016-09-10 17:05 - 2016-09-10 17:05 - 0010688 _____ () C:\Users\Marco\AppData\Local\recently-used.xbel
2015-01-05 01:36 - 2016-03-05 23:06 - 0007602 _____ () C:\Users\Marco\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Marco\AppData\Local\Temp\avgnt.exe
C:\Users\Marco\AppData\Local\Temp\Extract.exe
C:\Users\Marco\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Marco\AppData\Local\Temp\HPSFUpdater.exe
C:\Users\Marco\AppData\Local\Temp\playstv_patch.exe
C:\Users\Marco\AppData\Local\Temp\radeon-crimson-15.12-minimalsetup.exe
C:\Users\Marco\AppData\Local\Temp\radeon-crimson-16.3.2-minimalsetup.exe
C:\Users\Marco\AppData\Local\Temp\radeon-crimson-16.7.3-minimalsetup-160728.exe
C:\Users\Marco\AppData\Local\Temp\raptrpatch.exe
C:\Users\Marco\AppData\Local\Temp\raptr_stub.exe
C:\Users\Marco\AppData\Local\Temp\SP73263.exe
C:\Users\Marco\AppData\Local\Temp\UninstallHPSA.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\windows\system32\winlogon.exe => Datei ist digital signiert
C:\windows\system32\wininit.exe => Datei ist digital signiert
C:\windows\explorer.exe => Datei ist digital signiert
C:\windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\windows\system32\svchost.exe => Datei ist digital signiert
C:\windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\windows\system32\services.exe => Datei ist digital signiert
C:\windows\system32\User32.dll => Datei ist digital signiert
C:\windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\windows\system32\userinit.exe => Datei ist digital signiert
C:\windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\windows\system32\rpcss.dll => Datei ist digital signiert
C:\windows\system32\dnsapi.dll => Datei ist digital signiert
C:\windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-09-03 11:24
==================== Ende von FRST.txt ============================