| |
| |||||||
Log-Analyse und Auswertung: Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware]Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.07.2015, 19:36
| #1 |
 | ![Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] - Standard](images/icons/icon1.gif){kind=icon} Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Hallo, ich bin eigentlich erfahren mit Computern aber nun muss ich mich doch an dieses Forum wenden. Ich werde versuche hier alles wiederzugeben was ich weiß. Computer (Laptop): Toshiba Satellite L750-1V0 I7-2670QM/4GB (Alles Original Teile, nichts modifiziert / aufgerüstet) Mein OS: Windows 7 Ich nutze hauptsächlich Mozilla Firefox (NoScript & AdBlocker installiert.) Zum arbeiten nutze ich Google Chrome. Seit einigen Tagen ist mein Google Chrome von einer Ad/Malware namens "TremendousCoupon" befallen. Es ist jedoch kein Erweiterung / Plugin hinzugefügt wie bei anderen Adwares. Jegliche meiner Versuche diese Adware zu entfernen sind misslungen. Ich habe Google Chrome bereits zwei mal zurückgesetzt. Beide male war am nächsten Tag die selbe AdWare wieder da. Sie macht sich bemerkerbar als Popup & Banner Werbung. Außerdem öffnen sich Werbelinks und einige Wörter werden hervorgehoben und verlinken auf eine andere Werbeseite) Bei Wunsch kann ich Screenshots machen. Vor 2 Tagen haben sich Firefox und Chrome gleichzeitig geschlossen und ein anderer Browser öffnete sich (BoBrowser) Auf einmal waren einige andere Programme installiert bzw als Erweiterung im Firefox (aber nicht im Chrome) aufgetaucht. Diese Programme wurden sofort wieder deinstalliert sowie aus der Registry entfernt (jedenfalls alles was ich zu den programmen gefunden habe) Als kleine Randinfo: Ich achte vor der Installation von Programmen auf eine seriöse Quelle. Ich habe nach dem Befund alle installierten Programme durchgesehen und kein anderes verdächtiges entdeckt.) Desweiteren konnte ich verdächte Ordner unter Programme bzw Programme(x86) ausmachen diese heißen dann "Gleaming Farm" "DeSmuMe" "FrankerFaceZ" "Helpless Western" oder ähnlich. Sie enthalten meist nur .DLL bzw .DAT Dateien. Zur Not könnte ich so einen Ordner einmal Zippen und hochladen. Erstellt wurden diese Ordner am 26.07.2015 (FrankerFaceZ & GleamingFarm) bzw 20.07.2015 (DeSmuMe), 23.07.2015 (Helpless Western) Die Ordner wurden direkt nach dem entdecken gelöscht. (Befinden sich dennoch im Papierkorb falls einer von euch sie braucht. Ich habe meinen Computer mit mehreren Anti Viren & Anti Malware Programmen gescannt. Systemstart wurde ebenfalls durchsucht. Nur iTunes, Spotify (2x), Malwarebytes Anit-Exploit und Winows Dienste Nun erschleicht mich der Verdacht das hinter der Malware etwas anderes steckt. Vielleicht ein anderer Virus der die Adware bei jedem Systemstart neu installiert. StopZilla: Entdeckte "Adware.Win32.Couponarific" und hat sie in die Quarantäne gesteckt. (Keine Log File vorhanden, Pfad: C:\program files(x86)\mozilla firefox\maintenancesservice_installer.exe bzw. VR32!HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 39.0 (x86 de) ) Außerdem: Cookies : contextweb.com & doubleclick.net (Konnte ich nicht entfernen da ich nur die Testversion habe, stammen vermutlich von den Werbeseiten.) Malwarebytes Anti-Malware : Ich habe vor einigen Tagen gescannt mit einem einem Befund. Wurde entfernt (Log File nicht vorhanden) Ich habe gerade eben erneut gescannt: 4 Erkannte Objekte (Log File angehängt "MAM_280715_2019.txt") Alle gefundenen Elemente wurden entfernt & System rebootet. TremendousCoupon weiterhin da. Malwarebytes Anti-Exploit Ist seit etwa zwei Monaten installiert und "Schützt" angeblich beide Browser. Wenn weitere Scans von anderen Programen erwünscht so schreibt es mir bitte. (Programme solten kostenlos sein.) Ich würde gerne das Problem lösen bevor ich auf Windows 10 umsteige. Ich würde wenn es keine Lösung gibt Windows 10 komplett neu aufspielen und nicht upgraden. Gruß Jan PS: Solltest du Fragen haben / Analysen durch weitere Programme benötigen schreib einfach. |
|
28.07.2015, 19:45
| #2 | |
 | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware]Zitat:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
28.07.2015, 20:02
| #3 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Achso ja ich habe den Log gesichert bevor die Dateien entfernt wurden. Ich installiere trotzdem eben FRST melde mich gleich.
__________________FRST.TXT Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Jan (Administrator) auf JAN-LAPTOP (28-07-2015 20:51:20)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(iS3, Inc.) C:\Program Files (x86)\STOPzilla!\SZServer.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Innovative Solutions) C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(iS3, Inc.) C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [Spotify] => C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [Spotify Web Helper] => C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Richtlinienbeschränkung <======= ATTENTION
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49990;https=127.0.0.1:49990
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=http%3A%2F%2Fwww.google.com&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIESR02
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{90FB9C13-90F6-4F74-88AE-B7D8B944B178}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{90FB9C13-90F6-4F74-88AE-B7D8B944B178}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2262976956-2118714473-2327839329-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2262976956-2118714473-2327839329-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-04-28] (Apple Inc.)
FF Extension: NoScript - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-23]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-12-21]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ATTENTION
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-26]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-26]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-26]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S4 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
R4 szserver; C:\Program Files (x86)\STOPzilla!\SZServer.exe [57136 2014-10-20] (iS3, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HitmanPro37CrusaderBoot; "C:\Users\Jan\AppData\Local\Temp\Rar$EXa0.784\hitmanpro_x64.exe" /crusader:boot [X]
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
S0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2014-10-20] (iS3 Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 MUSONIK_PHASE_X64_MIDI; C:\Windows\System32\drivers\msnkphsm.sys [31296 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_USB; C:\Windows\System32\Drivers\msnkphsu.sys [460352 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_WDM; C:\Windows\System32\drivers\msnkphsa.sys [49216 2009-11-13] (Ploytec GmbH)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2014-10-20] (iS3 Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 20:51 - 2015-07-28 20:51 - 00016754 _____ C:\Users\Jan\Desktop\FRST.txt
2015-07-28 20:50 - 2015-07-28 20:51 - 00000000 ____D C:\FRST
2015-07-28 20:50 - 2015-07-28 20:50 - 02146816 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2015-07-28 20:34 - 2015-07-28 20:34 - 00000560 _____ C:\Windows\system32\Drivers\kgpcpy.cfg
2015-07-28 20:21 - 2015-07-28 20:24 - 00005672 _____ C:\Users\Jan\Desktop\Prozess_Systemstart.txt
2015-07-28 20:09 - 2015-07-28 20:09 - 00001952 _____ C:\Users\Jan\Desktop\MAM_280715_2019.txt
2015-07-28 19:47 - 2015-07-28 19:47 - 00000184 _____ C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2015-07-28 19:20 - 2015-07-28 20:31 - 00003700 _____ C:\Users\Jan\Desktop\trojanerboard.txt
2015-07-28 18:46 - 2015-07-28 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
2015-07-28 18:46 - 2014-10-20 10:53 - 00082872 ____R (GFI Software) C:\Windows\system32\Drivers\sbapifs.sys
2015-07-28 18:46 - 2014-10-20 10:53 - 00047496 ____R (GFI Software) C:\Windows\system32\SBBD.EXE
2015-07-28 18:45 - 2015-07-28 20:51 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-28 18:45 - 2015-07-28 18:49 - 00000000 ____D C:\Program Files (x86)\STOPzilla!
2015-07-28 18:44 - 2015-07-28 18:44 - 00593488 _____ C:\Users\Jan\Downloads\STOPzillaAVM_Setup-6.1.90.2.exe
2015-07-27 18:26 - 2015-07-28 18:45 - 00000259 _____ C:\Users\Jan\Desktop\programme.txt
2015-07-26 19:36 - 2015-07-26 19:36 - 00000000 ___DC C:\Users\Jan\AppData\Local\MigWiz
2015-07-26 18:37 - 2015-07-28 20:22 - 00003464 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-07-26 18:37 - 2015-07-26 18:37 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Innovative Solutions
2015-07-26 18:37 - 2015-07-26 18:37 - 00000000 ____D C:\Users\Jan\AppData\Local\Innovative Solutions
2015-07-26 18:37 - 2015-07-26 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-07-26 18:37 - 2015-07-26 18:37 - 00000000 ____D C:\Program Files (x86)\Innovative Solutions
2015-07-26 18:36 - 2015-07-26 18:36 - 05896376 _____ (Innovative Solutions ) C:\Users\Jan\Downloads\drivermax_7_63_cnet.exe
2015-07-26 17:48 - 2015-07-26 17:48 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-07-26 17:48 - 2015-07-26 17:48 - 00003306 _____ C:\Windows\system32\.crusader
2015-07-26 17:21 - 2015-07-26 17:53 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-26 17:07 - 2015-07-26 17:07 - 13485202 _____ C:\Users\Jan\Downloads\hitmanpro379.zip
2015-07-26 16:25 - 2015-07-26 16:25 - 00003264 _____ C:\Users\Jan\Desktop\AdwCleaner[S3].txt
2015-07-26 16:22 - 2015-07-28 20:20 - 00002821 _____ C:\Windows\setupact.log
2015-07-26 16:22 - 2015-07-26 16:22 - 00000000 _____ C:\Windows\setuperr.log
2015-07-26 16:21 - 2015-07-28 20:19 - 00011776 _____ C:\Windows\PFRO.log
2015-07-26 15:33 - 2015-07-26 15:33 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-26 15:32 - 2015-07-26 15:33 - 00000000 ____D C:\Program Files\CCleaner
2015-07-26 15:32 - 2015-07-26 15:32 - 05329360 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup507_slim.exe
2015-07-26 15:25 - 2015-07-26 16:14 - 00002196 _____ C:\Users\Jan\Desktop\chrome.lnk
2015-07-25 20:10 - 2015-07-26 17:20 - 00000000 ____D C:\ProgramData\{125ff2cb-231b-5466-125f-ff2cb231cb2c}
2015-07-24 19:42 - 2015-07-24 23:38 - 00000067 _____ C:\Users\Jan\Desktop\name.txt
2015-07-21 22:36 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 22:36 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 22:36 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 22:36 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 20:10 - 2015-07-26 17:20 - 00000000 ____D C:\ProgramData\{ca2e5ebb-0ea2-d872-ca2e-e5ebb0ea7aec}
2015-07-15 20:51 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 20:51 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 20:51 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 20:51 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 20:51 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 20:51 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 20:51 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 20:51 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 20:51 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 20:51 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 20:51 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 20:50 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:50 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:50 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:50 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:50 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:50 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:50 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:50 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:50 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:50 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:50 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:50 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 20:50 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 20:50 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 20:50 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 20:50 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 20:50 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 20:50 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 20:50 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 20:50 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 20:50 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 20:50 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 20:50 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 20:50 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 20:50 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 20:50 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 20:50 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 20:50 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 20:50 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 20:50 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 20:50 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 20:50 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 20:50 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 20:50 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 20:50 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 20:50 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 20:50 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 20:50 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 20:50 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 20:50 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 20:50 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 20:50 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 20:50 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 20:50 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 20:50 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 20:50 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 20:50 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 20:50 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 20:50 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 20:50 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 20:50 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 20:50 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 20:50 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 20:50 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 20:50 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 20:50 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 20:50 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 20:50 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 20:50 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 20:50 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 20:49 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 20:49 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 20:49 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 20:49 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 20:49 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 20:49 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 20:49 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 20:49 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 20:49 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 20:49 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 20:49 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 20:49 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 20:49 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 20:49 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 20:49 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 20:49 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 20:49 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 20:49 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 20:49 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 20:49 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 20:49 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 20:49 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 20:49 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 20:49 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 20:49 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 20:49 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 20:49 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 20:49 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 20:49 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 20:49 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 20:49 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-13 19:34 - 2015-07-13 19:34 - 00002097 _____ C:\Users\Jan\Desktop\Code.lnk
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Code
2015-07-13 19:32 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Local\SquirrelTemp
2015-07-13 19:32 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Local\Code
2015-07-13 19:31 - 2015-07-13 19:31 - 60842144 _____ (Microsoft Corporation) C:\Users\Jan\Downloads\VSCodeSetup.exe
2015-07-09 22:01 - 2015-07-12 16:56 - 00000000 ____D C:\Users\Jan\Desktop\Open
2015-07-03 19:09 - 2015-07-03 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-03 19:07 - 2015-07-03 19:07 - 00931408 _____ (Google Inc.) C:\Users\Jan\Downloads\ChromeSetup.exe
2015-07-01 22:49 - 2015-07-01 22:49 - 02034884 _____ C:\Users\Jan\Downloads\essen.webm
2015-07-01 22:42 - 2015-07-01 22:42 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 22:42 - 2015-07-01 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 22:41 - 2015-07-01 22:42 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files\iPod
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-01 22:33 - 2015-07-01 22:33 - 00082635 _____ C:\Users\Jan\Downloads\burn.webm
2015-07-01 22:32 - 2015-07-01 22:32 - 00043933 _____ C:\Users\Jan\Downloads\goldtops.webm
2015-06-30 21:20 - 2015-06-30 21:21 - 02953520 _____ (AVAST Software) C:\Users\Jan\Downloads\avast-browser-cleanup(1).exe
2015-06-29 17:22 - 2015-06-29 18:25 - 00000000 ____D C:\Users\Jan\Desktop\launch_fuchs_goebel
2015-06-29 14:16 - 2015-06-29 14:16 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Jan\Downloads\flashplayer18au_ha_install.exe
2015-06-28 17:27 - 2015-07-25 16:49 - 00000456 _____ C:\Users\Jan\Desktop\serien.txt
2015-06-28 14:16 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Jan\Documents\ANNO 2070
2015-06-28 14:04 - 2015-06-28 14:04 - 00000000 ____D C:\ProgramData\Solidshield
2015-06-28 14:02 - 2015-06-28 14:02 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Ubisoft
2015-06-28 12:46 - 2015-06-28 12:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-06-28 12:44 - 2015-06-28 12:45 - 61778376 _____ (Ubisoft) C:\Users\Jan\Downloads\UplayInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 20:46 - 2013-12-20 17:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 20:34 - 2013-12-20 09:53 - 01441770 _____ C:\Windows\WindowsUpdate.log
2015-07-28 20:33 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 20:33 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 20:27 - 2014-01-12 13:56 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Spotify
2015-07-28 20:27 - 2013-12-20 18:07 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2015-07-28 20:24 - 2014-12-05 17:54 - 00000000 ____D C:\Users\Jan\AppData\Local\Eclipse
2015-07-28 20:22 - 2014-12-05 17:52 - 00000000 ____D C:\Users\Jan\Desktop\eclipse
2015-07-28 20:21 - 2014-01-12 13:56 - 00000000 ____D C:\Users\Jan\AppData\Local\Spotify
2015-07-28 20:20 - 2013-12-20 11:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-28 20:20 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 19:47 - 2015-06-02 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-28 19:21 - 2015-02-18 18:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-28 18:34 - 2015-06-05 20:47 - 00000024 _____ C:\Users\Jan\AppData\Roaming\appdataFr25.bin
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-07-27 17:53 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-07-27 17:53 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-07-27 17:53 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 02:01 - 2014-06-14 19:52 - 00000000 ____D C:\Users\Jan\AppData\Local\Adobe
2015-07-26 18:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\TAPI
2015-07-26 17:48 - 2015-02-04 21:58 - 00000000 ____D C:\ProgramData\{d4e11e49-8abd-bbd5-d4e1-11e498ab7926}
2015-07-26 16:25 - 2015-02-18 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-26 16:25 - 2015-02-18 18:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-26 16:21 - 2014-06-01 17:13 - 00000000 ____D C:\AdwCleaner
2015-07-26 15:47 - 2015-06-07 22:41 - 00000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2015-07-26 15:47 - 2014-01-16 15:37 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-26 15:47 - 2013-12-20 22:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-26 15:47 - 2013-12-20 09:49 - 00000000 ____D C:\Windows\Panther
2015-07-26 15:38 - 2014-01-24 20:17 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2015-07-26 15:27 - 2014-01-15 11:07 - 00000000 ____D C:\Windows\pss
2015-07-22 12:37 - 2009-07-14 06:45 - 05202000 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 22:28 - 2013-12-20 17:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-21 22:28 - 2013-12-20 17:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-21 22:28 - 2013-12-20 17:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 20:30 - 2014-05-17 11:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 20:29 - 2014-05-17 11:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-17 20:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 21:19 - 2015-04-08 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-16 20:24 - 2015-04-16 16:26 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 20:24 - 2015-04-05 01:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 20:24 - 2015-04-05 01:40 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 20:24 - 2014-05-18 10:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 22:00 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-07-15 21:55 - 2013-12-20 17:55 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 20:27 - 2014-10-15 15:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-15 20:27 - 2013-12-20 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 19:49 - 2013-12-20 10:05 - 00000000 ____D C:\Users\Jan
2015-07-13 19:38 - 2015-01-28 16:09 - 00000000 ____D C:\Users\Jan\hex16de
2015-07-12 19:07 - 2013-12-20 17:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\.minecraft
2015-07-12 16:56 - 2014-01-25 17:08 - 00000132 _____ C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-07-11 12:13 - 2014-09-25 10:53 - 00000000 ____D C:\Users\Jan\Desktop\Projekte
2015-07-11 12:02 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-10 18:01 - 2013-12-20 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 19:08 - 2013-12-20 20:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-03 19:06 - 2015-01-09 15:56 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieBrowserModeList
2015-07-03 19:06 - 2014-05-04 14:33 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieUserList
2015-07-03 19:06 - 2014-05-04 14:33 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieSiteList
2015-07-03 17:53 - 2015-06-15 16:56 - 00000658 _____ C:\Users\Jan\Downloads\debug.log
2015-07-03 17:53 - 2013-12-20 20:23 - 00000000 ____D C:\Users\Jan\AppData\Local\Google
2015-07-03 08:43 - 2013-12-20 17:55 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 17:13 - 2014-01-12 00:07 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Apple Computer
2015-07-01 22:41 - 2015-04-28 18:03 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 22:41 - 2014-01-12 00:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 21:31 - 2015-06-17 17:45 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-06-30 21:31 - 2014-01-19 21:12 - 00000000 ____D C:\Users\Jan\AppData\Local\Deployment
2015-06-29 17:47 - 2015-06-17 17:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\GitHub
2015-06-29 17:47 - 2015-06-17 17:46 - 00000000 ____D C:\Users\Jan\AppData\Local\GitHub
2015-06-28 14:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-28 13:47 - 2014-08-17 13:48 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-06-28 13:47 - 2013-12-20 10:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-28 12:54 - 2014-08-17 14:42 - 00000000 ____D C:\Users\Jan\AppData\Local\Ubisoft Game Launcher
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-05 13:55 - 2015-02-09 19:57 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2014-01-25 17:08 - 2015-07-12 16:56 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-06-05 20:47 - 2015-07-28 18:34 - 0000024 _____ () C:\Users\Jan\AppData\Roaming\appdataFr25.bin
2015-01-28 15:38 - 2015-01-28 15:38 - 0000885 _____ () C:\Users\Jan\AppData\Roaming\Roaming - Verknüpfung.lnk
2015-01-28 15:38 - 2015-01-28 15:39 - 0035840 ___SH () C:\Users\Jan\AppData\Roaming\Thumbs.db
2014-04-05 12:25 - 2014-04-05 12:25 - 0000600 _____ () C:\Users\Jan\AppData\Roaming\winscp.rnd
2014-01-13 16:14 - 2015-02-09 19:59 - 0001456 _____ () C:\Users\Jan\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 23:44 - 2014-06-29 00:06 - 0000600 _____ () C:\Users\Jan\AppData\Local\PUTTY.RND
2014-12-30 16:23 - 2015-02-13 21:20 - 0007602 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2015-06-05 20:45 - 2015-06-05 20:45 - 0000000 _____ () C:\Users\Jan\AppData\Local\Temp.dat
2014-11-28 16:15 - 2014-11-28 16:15 - 0000000 _____ () C:\Users\Jan\AppData\Local\{C2735D3C-D70C-4EF8-B582-87FD8E14A1CE}
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-23 20:36
==================== Ende von log ============================
Addition.TXT Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Jan an 2015-07-28 20:52:43
Gestartet von C:\Users\Jan\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2262976956-2118714473-2327839329-500 - Administrator - Disabled)
Gast (S-1-5-21-2262976956-2118714473-2327839329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2262976956-2118714473-2327839329-1003 - Limited - Enabled)
Jan (S-1-5-21-2262976956-2118714473-2327839329-1000 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: STOPzilla (Disabled - Up to date) {17032AB1-6644-0721-EEB5-A39B8B646009}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: STOPzilla (Disabled - Up to date) {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon iP4900 series Benutzerregistrierung (HKLM-x32\...\Canon iP4900 series Benutzerregistrierung) (Version: - )
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Code (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Code) (Version: 0.5.0 - Microsoft Corporation)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.63.0.1160 - Innovative Solutions)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{2e8b5d3e-04b1-40c7-ade4-487d5357ba8c}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PHASE X64 USB (HKLM\...\USB_AUDIO_DEusb-audio.dePhaseX64USB) (Version: - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Python 3.2.1 (64-bit) (HKLM\...\{34b2530c-6349-4292-9dc3-60bda4aed93d}) (Version: 3.2.1150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.12 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
STOPzilla (HKLM-x32\...\{9242735B-A101-45B0-BC06-2AA20A114627}) (Version: 6.1.100.3 - iS3 Inc.)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
26-07-2015 17:47:00 Prüfpunkt von HitmanPro
26-07-2015 17:48:10 Prüfpunkt von HitmanPro
26-07-2015 19:20:42 Windows-Sicherung
26-07-2015 19:22:12 Windows-Sicherung
26-07-2015 19:23:47 Windows-Sicherung
27-07-2015 06:44:51 Windows-Sicherung
28-07-2015 18:42:03 Removed AirServer Universal (x64)
28-07-2015 18:45:38 Installed STOPzilla
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-28 18:47 - 00001090 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
192.168.2.1 speedport.ip
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {38C14103-C5E0-4A19-B24C-6CC222AD96FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {43C16A31-0723-434E-8F07-9F9CF79EEBA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46590ECA-A7D9-42E1-A95E-F902CEF987EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {655C589F-F055-4437-95BF-9956DA9B21A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21] (Adobe Systems Incorporated)
Task: {71B4E02D-7753-49A7-8586-06BFD4864276} - System32\Tasks\AdobeAAMUpdater-1.0-Jan-Laptop-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {7501907F-041B-4F57-AD95-CAD9588D9B05} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {764D0EFC-5E44-473A-A1B3-CF0CED1D24C4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8072E26A-B668-4CE5-9DD5-C6D9571B5DCA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {85A5DCB1-C807-4CF7-BDD0-A8C64E051E39} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe [2015-07-22] (Innovative Solutions)
Task: {8CAD0CFE-56EA-4943-8418-9A5B7CDB2ABE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {99CE6F87-CED7-4E26-ABA1-F5C2291A2928} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CF461DE5-5FA0-4A23-B6AB-CCF688ADBC1D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D2380ADA-2EE4-46CA-A3CC-1306651333E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-02 17:20 - 2015-06-02 17:20 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-07-28 18:54 - 2015-06-26 03:13 - 00184184 _____ () C:\ProgramData\STOPzilla!\VIPRE\libBase64.dll
2015-07-28 18:54 - 2015-06-26 03:13 - 00175992 _____ () C:\ProgramData\STOPzilla!\VIPRE\libMachoUniv.dll
2015-03-13 15:12 - 2015-07-24 19:35 - 41287224 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libcef.dll
2015-03-13 15:12 - 2015-07-24 19:35 - 01488440 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libglesv2.dll
2015-03-13 15:12 - 2015-07-24 19:35 - 00079928 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libegl.dll
2015-03-13 15:12 - 2015-03-20 15:26 - 09305656 _____ () C:\Users\Jan\AppData\Roaming\Spotify\pdf.dll
2015-05-19 18:30 - 2015-05-19 18:30 - 03350640 _____ () C:\Program Files (x86)\Mozilla Thunderbird\mozjs.dll
2015-05-19 18:30 - 2015-05-19 18:30 - 00158832 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAP32V60.dll
2015-05-19 18:30 - 2015-05-19 18:30 - 00023152 _____ () C:\Program Files (x86)\Mozilla Thunderbird\NSLDAPPR32V60.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\exefile: <===== ATTENTION!
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: abc71024 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fussvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: szserver => 2
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NetDrive Fully Activated Version 2015.lnk => C:\Windows\pss\NetDrive Fully Activated Version 2015.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk => C:\Windows\pss\Stardock ObjectDock.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NetDrive2 => "C:\PROGRA~1\NETDRI~1\NetDrive2.exe" -tray
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0976E6F7-9387-471F-A948-D201241639AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C37DC54C-9539-4554-8BBB-0476AE00530A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2E0E96D5-384C-4190-A85E-474DF1B9F6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8BA3ECCD-A878-4643-9D23-48539A280039}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD8F1C24-B776-48C5-8F68-AF2C1C579393}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9A285861-5838-4111-884B-733244DB0463}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2EC86A39-B361-44ED-AA5F-F1ED832902E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EDBBC63-788D-4EA7-977F-34A34D9AE56E}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{D9825504-CA76-4D88-A95B-3E81040EAFFC}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{D2EEEA2D-2A5E-4032-9C4B-BE68591F35DA}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{85DEF6D4-8EA6-4720-97EC-2080B5459801}C:\program files\teamspeak server\ts3server_win64.exe] => (Allow) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [UDP Query User{05C5E5D4-4DC4-4E32-A1C9-A413C26847D3}C:\program files\teamspeak server\ts3server_win64.exe] => (Allow) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{B6F17A45-DB4E-49B2-A073-D55C25A285D0}] => (Block) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{B426C42B-9BB3-4CCF-9646-A1072CC16488}] => (Block) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{3F3D77CA-B1F0-4E05-873B-09FE85CDB59B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2ADFC848-155A-46BE-B9E8-094ECD5148A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F6FF1D5-C489-405A-B7B9-BDD0804CD819}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90744F51-4949-4AAC-B7E8-E87B201C1C44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8021B9AC-CD4D-4DD7-8133-643DDF8A1559}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2EC5688C-B013-4677-9C2A-8CE4374EE86E}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DAF55C42-00D0-4A00-990F-6FF87336E34C}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{057F41B7-2B95-409B-BC90-DBE8B7C439C9}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{34BCA0C6-24BC-4172-90FE-0D79E14B43CB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1F1E8F27-E3FA-4DE3-A083-88DE5B2402CE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A3A9BAB2-35BD-40F2-A4C1-AE57B6E1A72E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D0311CA8-6334-425F-BE80-EE25D6571E76}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{10A2F165-FAD9-4D60-B65A-D20B351F7CB7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79D65973-88B9-4168-8CA6-22C7205A1AC7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C2AF801-6ECE-4785-8214-ED9D593FB2F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{234D6BAD-3649-4E5E-AC56-989000E5146D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{233EF561-778F-4E98-AF2D-F4CC55DE73EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{541FC549-5EF2-4141-9C68-DBBDBDD80EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F495F2F7-A595-41DC-BEC1-6CA7D143CE12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4F92BA4A-23FD-437F-A730-018B1165D3A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{FBA7074D-BCB5-4A96-8092-66AC93198371}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{2A188E3D-8613-4A47-8DED-0B16E1ED065A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{0E4F7EB4-8D1C-4B1B-9148-FAFF07D23489}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{E54E539B-0E3E-4C7C-BE6C-41FD0D8163E5}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{6E4A3F64-099A-42E6-8F51-339D281ADFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{A78BEE3C-F11F-42CF-9D83-E775F849342B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{601AD48D-B12E-4BEA-9AA3-8F4D02FAA181}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{8F8F223A-1183-43CA-8D84-E0556D34D1CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{DB837E3A-A131-4F31-B1A3-64DB368B81EF}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{B73DE78B-3AD6-4E52-9830-6645F233C78F}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{8CD2A718-7288-448A-86FE-E6E0FFB3DDA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{31609EBC-232E-48B0-88EE-126218158BD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{A3021DAA-AD8F-493D-931F-07BEE1F93ADA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{605FF6B2-252D-4D72-BF4D-4CE769EB7BD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{FB47F274-EA67-4D2F-BD8C-D42A588A7E13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{ACCAAB65-33EB-40A2-8E99-1CDE7B779E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{E0C12B2F-EB2A-499C-918A-09F90AFED33D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{B1E06FD2-9C1B-40A8-8C13-1E3C1E92E1EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{270EE487-CFC1-41DA-92BD-65285C25548D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{962FFC8C-F67E-451C-8AEE-2DA714BBFE60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [TCP Query User{8E8D75CA-1540-417D-82E6-7D92DB66347E}C:\program files (x86)\patrizier ii gold\patrizier 2.exe] => (Allow) C:\program files (x86)\patrizier ii gold\patrizier 2.exe
FirewallRules: [UDP Query User{6F36C024-5845-4AC0-AC78-2D0363871D8F}C:\program files (x86)\patrizier ii gold\patrizier 2.exe] => (Allow) C:\program files (x86)\patrizier ii gold\patrizier 2.exe
FirewallRules: [{5CD6D919-D995-4966-9EC3-52E991E5AAE3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{147E0B9A-1A92-451E-B97D-E9039A280749}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9AB4A64C-6057-40F5-B656-43A122127196}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29BDBF0A-52F8-42AE-BD8F-1318270C4180}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{96F05D28-0C76-4517-9542-C79A15B3461E}] => (Allow) LPort=1688
FirewallRules: [{0B3BAD3B-98EB-46FB-BE17-DFFDC6E44CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{24189447-ABD8-43DA-962F-233DE6FE0606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{7BCA10B2-E584-4E83-B528-744848198811}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{2690920F-6174-4C32-98FF-34398A88A5E4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{6AB87171-6DE7-41CB-AF41-06F4547749D1}] => (Allow) LPort=1688
FirewallRules: [{862BC2A9-9CED-43B7-8AD0-C1DF68051325}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EB7C9F4F-3A23-468F-9BAE-1CC33E7E9240}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{1A9F66E8-30C7-47E4-9D52-8EAC47A0BBC0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{65FAC513-A9C4-4D7A-9B61-9C1B500A69EE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{2FF85989-0DFA-4F8C-84DC-B786997CADD1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EAD29C05-109C-4808-98B2-09629E6E128F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{BE17F196-F16F-4ED0-85A9-4808E1F7E8C1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{A0C1D69F-2216-4A90-AD7C-6BB7D0DFC066}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{08F65D32-6A6E-4789-8783-B2772844EBA2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B767AA25-CFA9-49E0-85BD-6717F870DC11}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BA9FD215-E3FE-462A-BE41-0BE5EB6725BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D77E9AC-18BC-49B5-ADD3-DCCF06F007E2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{1CA3C5FB-040D-4167-8F05-4084A1CFCB9F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{15BBD7E9-141E-4B3F-9A03-B4EFA33434F9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{838A1963-F1D0-4529-8D61-D440664DAD05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{91E4747A-8157-463B-A4DF-4A578F168D02}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5221C9FA-2CCB-49F2-97AF-A8751E0C616F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{26E2B62F-7FA4-4711-8C20-DB3451A73A99}C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe] => (Allow) C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe
FirewallRules: [UDP Query User{B0253995-0445-4BFA-AECF-7F7246B3E8B8}C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe] => (Allow) C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe
FirewallRules: [TCP Query User{A7126FC9-FD77-4F79-8E5D-2DD1D6B35CB8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{67AD0B7E-68EA-4A12-96A0-A55B31ABA689}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{546D8EE3-B5DC-4274-98B5-AF15CF4E36E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E39CB5FF-F018-4F76-AECC-4C3D81604108}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CCF883DC-0CF1-4B7B-8312-B2F697DF14D7}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1E245082-F1D4-4A87-94F0-FAE32641532A}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{F9EBB761-E66C-4CEF-AD88-AA52AD02A945}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0661D40F-2EAF-49FD-B0A0-A82D43E9E73C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5C0DE893-1387-4797-A476-A42F76F294E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39273EA0-D83E-40C9-94B1-29769AFBF63D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEBD3C81-7711-4274-9A6A-90558D62115F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{2D13B2C9-BA2D-4AEC-BBCC-27ED29096321}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8BDB930C-7C42-4AAF-A46A-2C9012A25796}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{4216D01B-4EC2-4103-B01B-DD4F6861BF47}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{77318D4D-FF28-4A8A-AF6A-386A2D8E12B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{845C652C-6849-4476-9CEB-D328264E4BAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{CF313A48-034A-4A40-B77E-519612253460}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{60B39E45-3ABA-46F8-A472-485D5C3007AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/28/2015 08:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 06:55:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Beschreibung = STOPzilla Restore Point.; Fehler = 0x80042319).
Error: (07/28/2015 05:37:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2015 08:34:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:49:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000002b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000216EC00.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000002f0,(null),0,REG_BINARY,00000000073EDD80.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Generatorname: MSSearch Service Writer
Generatorinstanz-ID: {02753435-a8a7-4519-be31-b19e6dbaf375}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001cc,(null),0,REG_BINARY,0000000001ECEEC0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {9f562a5c-2d71-4675-a3eb-401d38afe639}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
Systemfehler:
=============
Error: (07/28/2015 08:34:14 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT-AUTORITÄT60 has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.203.598.0
Update Source: %NT-AUTORITÄT59
Update Stage: 4.8.0204.00
Source Path: 4.8.0204.01
Signature Type: %NT-AUTORITÄT602
Update Type: %NT-AUTORITÄT604
User: NT-AUTORITÄT\SYSTEM
Current Engine Version: %NT-AUTORITÄT605
Previous Engine Version: %NT-AUTORITÄT606
Error code: %NT-AUTORITÄT607
Error description: %NT-AUTORITÄT608
Error: (07/28/2015 08:26:21 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/28/2015 08:21:37 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
is3srv
Error: (07/28/2015 08:20:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/28/2015 05:35:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/27/2015 08:38:11 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Update" wurde nicht richtig gestartet.
Error: (07/27/2015 08:32:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/27/2015 07:10:47 PM) (Source: volsnap) (EventID: 25) (User: )
Description: Die Schattenkopien von Volume "E:" wurden gelöscht, weil der Schattenkopiespeicher nicht rechtzeitig vergrößert wurde. Sie sollten die E/A-Last auf dem System verringern oder ein Schattenkopie-Speichervolume, von dem keine Schattenkopie erstellt wird, auswählen.
Error: (07/26/2015 06:47:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/26/2015 06:44:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Der Aufruf "ScRegSetValueExW" ist für "Type" aufgrund folgenden Fehlers fehlgeschlagen:
%%5
Microsoft Office:
=========================
Error: (07/28/2015 08:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 06:55:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319
Error: (07/28/2015 05:37:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2015 08:34:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:49:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000216EC00.72)0x80070005, Zugriff verweigert
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002f0,(null),0,REG_BINARY,00000000073EDD80.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Generatorname: MSSearch Service Writer
Generatorinstanz-ID: {02753435-a8a7-4519-be31-b19e6dbaf375}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001cc,(null),0,REG_BINARY,0000000001ECEEC0.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {9f562a5c-2d71-4675-a3eb-401d38afe639}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 61%
Total physical RAM: 4077.86 MB
Available physical RAM: 1574.62 MB
Total Virtual: 8153.93 MB
Available Virtual: 4765.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:292.36 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 3C96D6C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
"ph" und "bl" jeweils mit dem Zusatz "(x32 Version: 1.0.0 - Your Company Name) Hidden" scheinen mir verdächtig. |
|
28.07.2015, 20:08
| #4 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4 Bitte starte  FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.Bitte poste mir die Inhalte der Logs von Adwarecleaner, MBAM, JRT und FRST hier in den Thread.
__________________ Proud member of Unite |
|
28.07.2015, 20:09
| #5 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Dauert ein wenig. |
|
28.07.2015, 20:13
| #6 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Das weiß ich.
__________________ --> Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] |
|
28.07.2015, 21:03
| #7 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] So ADWCleaner[S4].txt Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 28/07/2015 um 21:12:46
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-07-26.2 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Jan - JAN-LAPTOP
# Gestarted von : C:\Users\Jan\Downloads\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\{125ff2cb-231b-5466-125f-ff2cb231cb2c}
Ordner Gelöscht : C:\ProgramData\{ca2e5ebb-0ea2-d872-ca2e-e5ebb0ea7aec}
Ordner Gelöscht : C:\ProgramData\{d4e11e49-8abd-bbd5-d4e1-11e498ab7926}
Ordner Gelöscht : C:\Program Files (x86)\Innovative Solutions
Ordner Gelöscht : C:\Users\Jan\AppData\Local\Innovative Solutions
Ordner Gelöscht : C:\Users\Jan\AppData\Roaming\Innovative Solutions
Datei Gelöscht : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
Datei Gelöscht : C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:49990;hxxps=127.0.0.1:49990
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1
Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17909
-\\ Mozilla Firefox v39.0 (x86 de)
-\\ Google Chrome v43.0.2357.134
*************************
AdwCleaner[R0].txt - [1967 Bytes] - [01/06/2014 17:13:47]
AdwCleaner[R1].txt - [2515 Bytes] - [15/03/2015 16:54:15]
AdwCleaner[R2].txt - [1751 Bytes] - [08/04/2015 17:26:27]
AdwCleaner[R3].txt - [2681 Bytes] - [20/07/2015 20:18:57]
AdwCleaner[R4].txt - [3741 Bytes] - [26/07/2015 16:19:54]
AdwCleaner[R5].txt - [2941 Bytes] - [28/07/2015 21:10:33]
AdwCleaner[S0].txt - [1906 Bytes] - [01/06/2014 17:16:22]
AdwCleaner[S1].txt - [2468 Bytes] - [15/03/2015 16:59:14]
AdwCleaner[S2].txt - [2519 Bytes] - [20/07/2015 20:26:54]
AdwCleaner[S3].txt - [3264 Bytes] - [26/07/2015 16:20:56]
AdwCleaner[S4].txt - [2355 Bytes] - [28/07/2015 21:12:46]
########## EOF - C:\AdwCleaner\AdwCleaner[S4].txt - [2414 Bytes] ##########
( Malwarebytes Anti-Malware ) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 28.07.2015 Suchlaufzeit: 21:17 Protokolldatei: MAM_280715_2156.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.07.28.05 Rootkit-Datenbank: v2015.07.22.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Jan Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 425442 Abgelaufene Zeit: 44 Min., 56 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Warnen PUM: Warnen Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 7 Professional x64
Ran by Jan on 28.07.2015 at 22:03:51,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
Successfully deleted: [File] C:\Users\Jan\AppData\Roaming\appdataFr25.bin
~~~ Folders
~~~ FireFox
Successfully deleted the following from C:\Users\Jan\AppData\Roaming\mozilla\firefox\profiles\7hh7ws0o.default\prefs.js
user_pref(extensions.acNBDGFOoc3YZNIx.url, hxxp://opticgoldnew.org/sync2/?q=hfZ9ofmGhe8TCchEAen0rHUGpihTB6lKDzt4okmxtNtVh7n0rjkEqHsErjYFrds4tMFHhd9Fqja6rTaFpdwFrTnMDMlGojUM
Emptied folder: C:\Users\Jan\AppData\Roaming\mozilla\firefox\profiles\7hh7ws0o.default\minidumps [1 files]
~~~ Chrome
[C:\Users\Jan\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Jan\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Jan\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Jan\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.07.2015 at 22:16:59,60
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Jan (Administrator) auf JAN-LAPTOP (28-07-2015 22:18:07)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [Spotify] => C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [Spotify Web Helper] => C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:49990;https=127.0.0.1:49990
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=http%3A%2F%2Fwww.google.com&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIESR02
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{90FB9C13-90F6-4F74-88AE-B7D8B944B178}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{90FB9C13-90F6-4F74-88AE-B7D8B944B178}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2262976956-2118714473-2327839329-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2262976956-2118714473-2327839329-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-04-28] (Apple Inc.)
FF Extension: NoScript - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-23]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-12-21]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ATTENTION
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-26]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-26]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-26]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S4 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S4 szserver; C:\Program Files (x86)\STOPzilla!\SZServer.exe [57136 2014-10-20] (iS3, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HitmanPro37CrusaderBoot; "C:\Users\Jan\AppData\Local\Temp\Rar$EXa0.784\hitmanpro_x64.exe" /crusader:boot [X]
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
S0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2014-10-20] (iS3 Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 MUSONIK_PHASE_X64_MIDI; C:\Windows\System32\drivers\msnkphsm.sys [31296 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_USB; C:\Windows\System32\Drivers\msnkphsu.sys [460352 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_WDM; C:\Windows\System32\drivers\msnkphsa.sys [49216 2009-11-13] (Ploytec GmbH)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2014-10-20] (iS3 Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 22:16 - 2015-07-28 22:16 - 00001660 _____ C:\Users\Jan\Desktop\JRT.txt
2015-07-28 22:02 - 2015-07-28 22:02 - 00001213 _____ C:\Users\Jan\Desktop\MAM_280715_2156.txt
2015-07-28 21:19 - 2015-07-28 21:19 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Jan\Desktop\JRT.exe
2015-07-28 21:15 - 2015-07-28 21:15 - 00002494 _____ C:\Users\Jan\Desktop\AdwCleaner[S4].txt
2015-07-28 21:09 - 2015-07-28 21:09 - 02248704 _____ C:\Users\Jan\Downloads\AdwCleaner_4.208.exe
2015-07-28 20:52 - 2015-07-28 20:53 - 00060954 _____ C:\Users\Jan\Desktop\Addition.txt
2015-07-28 20:51 - 2015-07-28 22:18 - 00014725 _____ C:\Users\Jan\Desktop\FRST.txt
2015-07-28 20:50 - 2015-07-28 22:18 - 00000000 ____D C:\FRST
2015-07-28 20:50 - 2015-07-28 20:50 - 02146816 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2015-07-28 20:21 - 2015-07-28 20:24 - 00005672 _____ C:\Users\Jan\Desktop\Prozess_Systemstart.txt
2015-07-28 20:09 - 2015-07-28 20:09 - 00001952 _____ C:\Users\Jan\Desktop\MAM_280715_2019.txt
2015-07-28 19:47 - 2015-07-28 19:47 - 00000184 _____ C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2015-07-28 19:20 - 2015-07-28 20:31 - 00003700 _____ C:\Users\Jan\Desktop\trojanerboard.txt
2015-07-28 18:46 - 2015-07-28 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
2015-07-28 18:46 - 2014-10-20 10:53 - 00082872 ____R (GFI Software) C:\Windows\system32\Drivers\sbapifs.sys
2015-07-28 18:46 - 2014-10-20 10:53 - 00047496 ____R (GFI Software) C:\Windows\system32\SBBD.EXE
2015-07-28 18:45 - 2015-07-28 20:51 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-28 18:45 - 2015-07-28 18:49 - 00000000 ____D C:\Program Files (x86)\STOPzilla!
2015-07-28 18:44 - 2015-07-28 18:44 - 00593488 _____ C:\Users\Jan\Downloads\STOPzillaAVM_Setup-6.1.90.2.exe
2015-07-27 18:26 - 2015-07-28 18:45 - 00000259 _____ C:\Users\Jan\Desktop\programme.txt
2015-07-26 19:36 - 2015-07-26 19:36 - 00000000 ___DC C:\Users\Jan\AppData\Local\MigWiz
2015-07-26 18:37 - 2015-07-28 20:22 - 00003464 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-07-26 18:37 - 2015-07-26 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-07-26 18:36 - 2015-07-26 18:36 - 05896376 _____ (Innovative Solutions ) C:\Users\Jan\Downloads\drivermax_7_63_cnet.exe
2015-07-26 17:48 - 2015-07-26 17:48 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-07-26 17:48 - 2015-07-26 17:48 - 00003306 _____ C:\Windows\system32\.crusader
2015-07-26 17:21 - 2015-07-26 17:53 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-26 17:07 - 2015-07-26 17:07 - 13485202 _____ C:\Users\Jan\Downloads\hitmanpro379.zip
2015-07-26 16:25 - 2015-07-26 16:25 - 00003264 _____ C:\Users\Jan\Desktop\AdwCleaner[S3].txt
2015-07-26 16:22 - 2015-07-28 21:13 - 00002877 _____ C:\Windows\setupact.log
2015-07-26 16:22 - 2015-07-26 16:22 - 00000000 _____ C:\Windows\setuperr.log
2015-07-26 16:21 - 2015-07-28 20:19 - 00011776 _____ C:\Windows\PFRO.log
2015-07-26 15:33 - 2015-07-26 15:33 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-26 15:32 - 2015-07-26 15:33 - 00000000 ____D C:\Program Files\CCleaner
2015-07-26 15:32 - 2015-07-26 15:32 - 05329360 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup507_slim.exe
2015-07-26 15:25 - 2015-07-26 16:14 - 00002196 _____ C:\Users\Jan\Desktop\chrome.lnk
2015-07-24 19:42 - 2015-07-24 23:38 - 00000067 _____ C:\Users\Jan\Desktop\name.txt
2015-07-21 22:36 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 22:36 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 22:36 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 22:36 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 20:51 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 20:51 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 20:51 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 20:51 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 20:51 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 20:51 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 20:51 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 20:51 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 20:51 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 20:51 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 20:50 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:50 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:50 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:50 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:50 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:50 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:50 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:50 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:50 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:50 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:50 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:50 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 20:50 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 20:50 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 20:50 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 20:50 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 20:50 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 20:50 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 20:50 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 20:50 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 20:50 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 20:50 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 20:50 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 20:50 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 20:50 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 20:50 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 20:50 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 20:50 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 20:50 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 20:50 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 20:50 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 20:50 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 20:50 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 20:50 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 20:50 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 20:50 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 20:50 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 20:50 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 20:50 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 20:50 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 20:50 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 20:50 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 20:50 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 20:50 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 20:50 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 20:50 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 20:50 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 20:50 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 20:50 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 20:50 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 20:50 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 20:50 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 20:50 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 20:50 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 20:50 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 20:50 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 20:50 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 20:50 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 20:50 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 20:50 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 20:49 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 20:49 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 20:49 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 20:49 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 20:49 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 20:49 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 20:49 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 20:49 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 20:49 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 20:49 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 20:49 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 20:49 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 20:49 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 20:49 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 20:49 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 20:49 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 20:49 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 20:49 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 20:49 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 20:49 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 20:49 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 20:49 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 20:49 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 20:49 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 20:49 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 20:49 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 20:49 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 20:49 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 20:49 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 20:49 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 20:49 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-13 19:34 - 2015-07-13 19:34 - 00002097 _____ C:\Users\Jan\Desktop\Code.lnk
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Code
2015-07-13 19:32 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Local\SquirrelTemp
2015-07-13 19:32 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Local\Code
2015-07-13 19:31 - 2015-07-13 19:31 - 60842144 _____ (Microsoft Corporation) C:\Users\Jan\Downloads\VSCodeSetup.exe
2015-07-09 22:01 - 2015-07-12 16:56 - 00000000 ____D C:\Users\Jan\Desktop\Open
2015-07-03 19:09 - 2015-07-03 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-03 19:07 - 2015-07-03 19:07 - 00931408 _____ (Google Inc.) C:\Users\Jan\Downloads\ChromeSetup.exe
2015-07-01 22:49 - 2015-07-01 22:49 - 02034884 _____ C:\Users\Jan\Downloads\essen.webm
2015-07-01 22:42 - 2015-07-01 22:42 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 22:42 - 2015-07-01 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 22:41 - 2015-07-01 22:42 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files\iPod
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-01 22:33 - 2015-07-01 22:33 - 00082635 _____ C:\Users\Jan\Downloads\burn.webm
2015-07-01 22:32 - 2015-07-01 22:32 - 00043933 _____ C:\Users\Jan\Downloads\goldtops.webm
2015-06-30 21:20 - 2015-06-30 21:21 - 02953520 _____ (AVAST Software) C:\Users\Jan\Downloads\avast-browser-cleanup(1).exe
2015-06-29 17:22 - 2015-06-29 18:25 - 00000000 ____D C:\Users\Jan\Desktop\launch_fuchs_goebel
2015-06-29 14:16 - 2015-06-29 14:16 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Jan\Downloads\flashplayer18au_ha_install.exe
2015-06-28 17:27 - 2015-07-25 16:49 - 00000456 _____ C:\Users\Jan\Desktop\serien.txt
2015-06-28 14:16 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Jan\Documents\ANNO 2070
2015-06-28 14:04 - 2015-06-28 14:04 - 00000000 ____D C:\ProgramData\Solidshield
2015-06-28 14:02 - 2015-06-28 14:02 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Ubisoft
2015-06-28 12:46 - 2015-06-28 12:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-06-28 12:44 - 2015-06-28 12:45 - 61778376 _____ (Ubisoft) C:\Users\Jan\Downloads\UplayInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 22:15 - 2013-12-20 18:07 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2015-07-28 21:46 - 2013-12-20 17:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 21:23 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 21:23 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 21:19 - 2014-01-12 13:56 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Spotify
2015-07-28 21:18 - 2013-12-20 09:53 - 01445613 _____ C:\Windows\WindowsUpdate.log
2015-07-28 21:17 - 2015-02-18 18:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-28 21:14 - 2014-01-12 13:56 - 00000000 ____D C:\Users\Jan\AppData\Local\Spotify
2015-07-28 21:13 - 2013-12-20 11:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-28 21:13 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 21:12 - 2014-06-01 17:13 - 00000000 ____D C:\AdwCleaner
2015-07-28 20:24 - 2014-12-05 17:54 - 00000000 ____D C:\Users\Jan\AppData\Local\Eclipse
2015-07-28 20:22 - 2014-12-05 17:52 - 00000000 ____D C:\Users\Jan\Desktop\eclipse
2015-07-28 19:47 - 2015-06-02 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-07-27 17:53 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-07-27 17:53 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-07-27 17:53 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-27 02:01 - 2014-06-14 19:52 - 00000000 ____D C:\Users\Jan\AppData\Local\Adobe
2015-07-26 18:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\TAPI
2015-07-26 16:25 - 2015-02-18 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-26 16:25 - 2015-02-18 18:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-26 15:47 - 2015-06-07 22:41 - 00000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2015-07-26 15:47 - 2014-01-16 15:37 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-26 15:47 - 2013-12-20 22:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-26 15:47 - 2013-12-20 09:49 - 00000000 ____D C:\Windows\Panther
2015-07-26 15:38 - 2014-01-24 20:17 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2015-07-26 15:27 - 2014-01-15 11:07 - 00000000 ____D C:\Windows\pss
2015-07-22 12:37 - 2009-07-14 06:45 - 05202000 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 22:28 - 2013-12-20 17:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-21 22:28 - 2013-12-20 17:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-21 22:28 - 2013-12-20 17:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 20:30 - 2014-05-17 11:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 20:29 - 2014-05-17 11:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-17 20:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 21:19 - 2015-04-08 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-16 20:24 - 2015-04-16 16:26 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 20:24 - 2015-04-05 01:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 20:24 - 2015-04-05 01:40 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 20:24 - 2014-05-18 10:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 22:00 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-07-15 21:55 - 2013-12-20 17:55 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 20:27 - 2014-10-15 15:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-15 20:27 - 2013-12-20 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 19:49 - 2013-12-20 10:05 - 00000000 ____D C:\Users\Jan
2015-07-13 19:38 - 2015-01-28 16:09 - 00000000 ____D C:\Users\Jan\hex16de
2015-07-12 19:07 - 2013-12-20 17:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\.minecraft
2015-07-12 16:56 - 2014-01-25 17:08 - 00000132 _____ C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-07-11 12:13 - 2014-09-25 10:53 - 00000000 ____D C:\Users\Jan\Desktop\Projekte
2015-07-11 12:02 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-10 18:01 - 2013-12-20 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 19:08 - 2013-12-20 20:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-03 19:06 - 2015-01-09 15:56 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieBrowserModeList
2015-07-03 19:06 - 2014-05-04 14:33 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieUserList
2015-07-03 19:06 - 2014-05-04 14:33 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieSiteList
2015-07-03 17:53 - 2015-06-15 16:56 - 00000658 _____ C:\Users\Jan\Downloads\debug.log
2015-07-03 17:53 - 2013-12-20 20:23 - 00000000 ____D C:\Users\Jan\AppData\Local\Google
2015-07-03 08:43 - 2013-12-20 17:55 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 17:13 - 2014-01-12 00:07 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Apple Computer
2015-07-01 22:41 - 2015-04-28 18:03 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 22:41 - 2014-01-12 00:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 21:31 - 2015-06-17 17:45 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-06-30 21:31 - 2014-01-19 21:12 - 00000000 ____D C:\Users\Jan\AppData\Local\Deployment
2015-06-29 17:47 - 2015-06-17 17:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\GitHub
2015-06-29 17:47 - 2015-06-17 17:46 - 00000000 ____D C:\Users\Jan\AppData\Local\GitHub
2015-06-28 14:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-28 13:47 - 2014-08-17 13:48 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-06-28 13:47 - 2013-12-20 10:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-28 12:54 - 2014-08-17 14:42 - 00000000 ____D C:\Users\Jan\AppData\Local\Ubisoft Game Launcher
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-05 13:55 - 2015-02-09 19:57 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2014-01-25 17:08 - 2015-07-12 16:56 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-01-28 15:38 - 2015-01-28 15:38 - 0000885 _____ () C:\Users\Jan\AppData\Roaming\Roaming - Verknüpfung.lnk
2015-01-28 15:38 - 2015-01-28 15:39 - 0035840 ___SH () C:\Users\Jan\AppData\Roaming\Thumbs.db
2014-04-05 12:25 - 2014-04-05 12:25 - 0000600 _____ () C:\Users\Jan\AppData\Roaming\winscp.rnd
2014-01-13 16:14 - 2015-02-09 19:59 - 0001456 _____ () C:\Users\Jan\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 23:44 - 2014-06-29 00:06 - 0000600 _____ () C:\Users\Jan\AppData\Local\PUTTY.RND
2014-12-30 16:23 - 2015-02-13 21:20 - 0007602 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2015-06-05 20:45 - 2015-06-05 20:45 - 0000000 _____ () C:\Users\Jan\AppData\Local\Temp.dat
2014-11-28 16:15 - 2014-11-28 16:15 - 0000000 _____ () C:\Users\Jan\AppData\Local\{C2735D3C-D70C-4EF8-B582-87FD8E14A1CE}
Einige Dateien in TEMP:
====================
C:\Users\Jan\AppData\Local\Temp\Quarantine.exe
C:\Users\Jan\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-23 20:36
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Jan an 2015-07-28 22:19:09
Gestartet von C:\Users\Jan\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2262976956-2118714473-2327839329-500 - Administrator - Disabled)
Gast (S-1-5-21-2262976956-2118714473-2327839329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2262976956-2118714473-2327839329-1003 - Limited - Enabled)
Jan (S-1-5-21-2262976956-2118714473-2327839329-1000 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: STOPzilla (Disabled - Up to date) {17032AB1-6644-0721-EEB5-A39B8B646009}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: STOPzilla (Disabled - Up to date) {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon iP4900 series Benutzerregistrierung (HKLM-x32\...\Canon iP4900 series Benutzerregistrierung) (Version: - )
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Code (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Code) (Version: 0.5.0 - Microsoft Corporation)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.63.0.1160 - Innovative Solutions)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{2e8b5d3e-04b1-40c7-ade4-487d5357ba8c}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PHASE X64 USB (HKLM\...\USB_AUDIO_DEusb-audio.dePhaseX64USB) (Version: - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Python 3.2.1 (64-bit) (HKLM\...\{34b2530c-6349-4292-9dc3-60bda4aed93d}) (Version: 3.2.1150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.12 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
STOPzilla (HKLM-x32\...\{9242735B-A101-45B0-BC06-2AA20A114627}) (Version: 6.1.100.3 - iS3 Inc.)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
26-07-2015 17:47:00 Prüfpunkt von HitmanPro
26-07-2015 17:48:10 Prüfpunkt von HitmanPro
26-07-2015 19:20:42 Windows-Sicherung
26-07-2015 19:22:12 Windows-Sicherung
26-07-2015 19:23:47 Windows-Sicherung
27-07-2015 06:44:51 Windows-Sicherung
28-07-2015 18:42:03 Removed AirServer Universal (x64)
28-07-2015 18:45:38 Installed STOPzilla
28-07-2015 22:03:56 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-28 18:47 - 00001090 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
192.168.2.1 speedport.ip
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {38C14103-C5E0-4A19-B24C-6CC222AD96FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {43C16A31-0723-434E-8F07-9F9CF79EEBA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46590ECA-A7D9-42E1-A95E-F902CEF987EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {655C589F-F055-4437-95BF-9956DA9B21A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21] (Adobe Systems Incorporated)
Task: {71B4E02D-7753-49A7-8586-06BFD4864276} - System32\Tasks\AdobeAAMUpdater-1.0-Jan-Laptop-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {7501907F-041B-4F57-AD95-CAD9588D9B05} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {764D0EFC-5E44-473A-A1B3-CF0CED1D24C4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8072E26A-B668-4CE5-9DD5-C6D9571B5DCA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {85A5DCB1-C807-4CF7-BDD0-A8C64E051E39} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {8CAD0CFE-56EA-4943-8418-9A5B7CDB2ABE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {99CE6F87-CED7-4E26-ABA1-F5C2291A2928} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CF461DE5-5FA0-4A23-B6AB-CCF688ADBC1D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D2380ADA-2EE4-46CA-A3CC-1306651333E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-02 17:20 - 2015-06-02 17:20 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\exefile: <===== ATTENTION!
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: abc71024 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fussvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: szserver => 2
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NetDrive Fully Activated Version 2015.lnk => C:\Windows\pss\NetDrive Fully Activated Version 2015.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk => C:\Windows\pss\Stardock ObjectDock.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NetDrive2 => "C:\PROGRA~1\NETDRI~1\NetDrive2.exe" -tray
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0976E6F7-9387-471F-A948-D201241639AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C37DC54C-9539-4554-8BBB-0476AE00530A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2E0E96D5-384C-4190-A85E-474DF1B9F6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8BA3ECCD-A878-4643-9D23-48539A280039}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD8F1C24-B776-48C5-8F68-AF2C1C579393}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9A285861-5838-4111-884B-733244DB0463}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2EC86A39-B361-44ED-AA5F-F1ED832902E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EDBBC63-788D-4EA7-977F-34A34D9AE56E}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{D9825504-CA76-4D88-A95B-3E81040EAFFC}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{D2EEEA2D-2A5E-4032-9C4B-BE68591F35DA}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{85DEF6D4-8EA6-4720-97EC-2080B5459801}C:\program files\teamspeak server\ts3server_win64.exe] => (Allow) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [UDP Query User{05C5E5D4-4DC4-4E32-A1C9-A413C26847D3}C:\program files\teamspeak server\ts3server_win64.exe] => (Allow) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{B6F17A45-DB4E-49B2-A073-D55C25A285D0}] => (Block) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{B426C42B-9BB3-4CCF-9646-A1072CC16488}] => (Block) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{3F3D77CA-B1F0-4E05-873B-09FE85CDB59B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2ADFC848-155A-46BE-B9E8-094ECD5148A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F6FF1D5-C489-405A-B7B9-BDD0804CD819}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90744F51-4949-4AAC-B7E8-E87B201C1C44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8021B9AC-CD4D-4DD7-8133-643DDF8A1559}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2EC5688C-B013-4677-9C2A-8CE4374EE86E}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DAF55C42-00D0-4A00-990F-6FF87336E34C}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{057F41B7-2B95-409B-BC90-DBE8B7C439C9}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{34BCA0C6-24BC-4172-90FE-0D79E14B43CB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1F1E8F27-E3FA-4DE3-A083-88DE5B2402CE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A3A9BAB2-35BD-40F2-A4C1-AE57B6E1A72E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D0311CA8-6334-425F-BE80-EE25D6571E76}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{10A2F165-FAD9-4D60-B65A-D20B351F7CB7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79D65973-88B9-4168-8CA6-22C7205A1AC7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C2AF801-6ECE-4785-8214-ED9D593FB2F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{234D6BAD-3649-4E5E-AC56-989000E5146D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{233EF561-778F-4E98-AF2D-F4CC55DE73EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{541FC549-5EF2-4141-9C68-DBBDBDD80EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F495F2F7-A595-41DC-BEC1-6CA7D143CE12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4F92BA4A-23FD-437F-A730-018B1165D3A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{FBA7074D-BCB5-4A96-8092-66AC93198371}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{2A188E3D-8613-4A47-8DED-0B16E1ED065A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{0E4F7EB4-8D1C-4B1B-9148-FAFF07D23489}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{E54E539B-0E3E-4C7C-BE6C-41FD0D8163E5}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{6E4A3F64-099A-42E6-8F51-339D281ADFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{A78BEE3C-F11F-42CF-9D83-E775F849342B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{601AD48D-B12E-4BEA-9AA3-8F4D02FAA181}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{8F8F223A-1183-43CA-8D84-E0556D34D1CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{DB837E3A-A131-4F31-B1A3-64DB368B81EF}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{B73DE78B-3AD6-4E52-9830-6645F233C78F}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{8CD2A718-7288-448A-86FE-E6E0FFB3DDA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{31609EBC-232E-48B0-88EE-126218158BD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{A3021DAA-AD8F-493D-931F-07BEE1F93ADA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{605FF6B2-252D-4D72-BF4D-4CE769EB7BD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{FB47F274-EA67-4D2F-BD8C-D42A588A7E13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{ACCAAB65-33EB-40A2-8E99-1CDE7B779E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{E0C12B2F-EB2A-499C-918A-09F90AFED33D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{B1E06FD2-9C1B-40A8-8C13-1E3C1E92E1EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{270EE487-CFC1-41DA-92BD-65285C25548D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{962FFC8C-F67E-451C-8AEE-2DA714BBFE60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [TCP Query User{8E8D75CA-1540-417D-82E6-7D92DB66347E}C:\program files (x86)\patrizier ii gold\patrizier 2.exe] => (Allow) C:\program files (x86)\patrizier ii gold\patrizier 2.exe
FirewallRules: [UDP Query User{6F36C024-5845-4AC0-AC78-2D0363871D8F}C:\program files (x86)\patrizier ii gold\patrizier 2.exe] => (Allow) C:\program files (x86)\patrizier ii gold\patrizier 2.exe
FirewallRules: [{5CD6D919-D995-4966-9EC3-52E991E5AAE3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{147E0B9A-1A92-451E-B97D-E9039A280749}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9AB4A64C-6057-40F5-B656-43A122127196}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29BDBF0A-52F8-42AE-BD8F-1318270C4180}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{96F05D28-0C76-4517-9542-C79A15B3461E}] => (Allow) LPort=1688
FirewallRules: [{0B3BAD3B-98EB-46FB-BE17-DFFDC6E44CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{24189447-ABD8-43DA-962F-233DE6FE0606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{7BCA10B2-E584-4E83-B528-744848198811}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{2690920F-6174-4C32-98FF-34398A88A5E4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{6AB87171-6DE7-41CB-AF41-06F4547749D1}] => (Allow) LPort=1688
FirewallRules: [{862BC2A9-9CED-43B7-8AD0-C1DF68051325}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EB7C9F4F-3A23-468F-9BAE-1CC33E7E9240}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{1A9F66E8-30C7-47E4-9D52-8EAC47A0BBC0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{65FAC513-A9C4-4D7A-9B61-9C1B500A69EE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{2FF85989-0DFA-4F8C-84DC-B786997CADD1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EAD29C05-109C-4808-98B2-09629E6E128F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{BE17F196-F16F-4ED0-85A9-4808E1F7E8C1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{A0C1D69F-2216-4A90-AD7C-6BB7D0DFC066}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{08F65D32-6A6E-4789-8783-B2772844EBA2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B767AA25-CFA9-49E0-85BD-6717F870DC11}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BA9FD215-E3FE-462A-BE41-0BE5EB6725BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D77E9AC-18BC-49B5-ADD3-DCCF06F007E2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{1CA3C5FB-040D-4167-8F05-4084A1CFCB9F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{15BBD7E9-141E-4B3F-9A03-B4EFA33434F9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{838A1963-F1D0-4529-8D61-D440664DAD05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{91E4747A-8157-463B-A4DF-4A578F168D02}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5221C9FA-2CCB-49F2-97AF-A8751E0C616F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{26E2B62F-7FA4-4711-8C20-DB3451A73A99}C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe] => (Allow) C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe
FirewallRules: [UDP Query User{B0253995-0445-4BFA-AECF-7F7246B3E8B8}C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe] => (Allow) C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe
FirewallRules: [TCP Query User{A7126FC9-FD77-4F79-8E5D-2DD1D6B35CB8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{67AD0B7E-68EA-4A12-96A0-A55B31ABA689}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{546D8EE3-B5DC-4274-98B5-AF15CF4E36E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E39CB5FF-F018-4F76-AECC-4C3D81604108}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CCF883DC-0CF1-4B7B-8312-B2F697DF14D7}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1E245082-F1D4-4A87-94F0-FAE32641532A}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{F9EBB761-E66C-4CEF-AD88-AA52AD02A945}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0661D40F-2EAF-49FD-B0A0-A82D43E9E73C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5C0DE893-1387-4797-A476-A42F76F294E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39273EA0-D83E-40C9-94B1-29769AFBF63D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEBD3C81-7711-4274-9A6A-90558D62115F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{2D13B2C9-BA2D-4AEC-BBCC-27ED29096321}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8BDB930C-7C42-4AAF-A46A-2C9012A25796}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{4216D01B-4EC2-4103-B01B-DD4F6861BF47}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{77318D4D-FF28-4A8A-AF6A-386A2D8E12B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{845C652C-6849-4476-9CEB-D328264E4BAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{CF313A48-034A-4A40-B77E-519612253460}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{60B39E45-3ABA-46F8-A472-485D5C3007AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/28/2015 09:15:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 08:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 06:55:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Beschreibung = STOPzilla Restore Point.; Fehler = 0x80042319).
Error: (07/28/2015 05:37:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2015 08:34:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:49:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000002b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000216EC00.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000002f0,(null),0,REG_BINARY,00000000073EDD80.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Generatorname: MSSearch Service Writer
Generatorinstanz-ID: {02753435-a8a7-4519-be31-b19e6dbaf375}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000001cc,(null),0,REG_BINARY,0000000001ECEEC0.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {9f562a5c-2d71-4675-a3eb-401d38afe639}
Systemfehler:
=============
Error: (07/28/2015 10:04:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/28/2015 10:04:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Anti-Exploit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:55 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Apple Mobile Device Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/28/2015 10:04:55 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 09:15:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
is3srv
Error: (07/28/2015 09:15:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Microsoft Office:
=========================
Error: (07/28/2015 09:15:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 08:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 06:55:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319
Error: (07/28/2015 05:37:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2015 08:34:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:49:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000216EC00.72)0x80070005, Zugriff verweigert
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002f0,(null),0,REG_BINARY,00000000073EDD80.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {cd3f2362-8bef-46c7-9181-d62844cdc0b2}
Generatorname: MSSearch Service Writer
Generatorinstanz-ID: {02753435-a8a7-4519-be31-b19e6dbaf375}
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001cc,(null),0,REG_BINARY,0000000001ECEEC0.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {542da469-d3e1-473c-9f4f-7847f01fc64f}
Generatorname: COM+ REGDB Writer
Generatorinstanz-ID: {9f562a5c-2d71-4675-a3eb-401d38afe639}
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 51%
Total physical RAM: 4077.86 MB
Available physical RAM: 1993.84 MB
Total Virtual: 8153.93 MB
Available Virtual: 5888.25 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:292.63 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 3C96D6C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
Geändert von HEX16 (28.07.2015 um 21:20 Uhr) |
|
28.07.2015, 21:29
| #8 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Schritt 1: FRST Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [AdobeBridge] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
RemoveProxy:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\exefile: <===== ATTENTION!
EmptyTemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2: FRST Scan  Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan. Schritt 3: ESET ESET Online Scanner
Schritt 4: Frage Wie läuft Dein PC?
__________________ Proud member of Unite |
|
28.07.2015, 21:32
| #9 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Jan an 2015-07-28 22:42:54 Run:1
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [AdobeBridge] => [X]
CHR HKLM\SOFTWARE\Policies\Google: Richtlinienbeschränkung <======= ATTENTION
RemoveProxy:
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\.exe: exefile => <===== ATTENTION!
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\exefile: <===== ATTENTION!
EmptyTemp:
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge => Wert erfolgreich entfernt
"HKLM\SOFTWARE\Policies\Google" => Schlüssel erfolgreich entfernt
========= RemoveProxy: =========
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Wert erfolgreich entfernt
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
"HKLM\Software\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin" => Schlüssel erfolgreich entfernt
C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll nicht gefunden.
"HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\exefile" => Schlüssel erfolgreich entfernt
"HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\.exe" => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Classes\exefile => Schlüssel nicht gefunden.
EmptyTemp: => 197 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 22:43:20 ====
Neustart -- Zweiter Scann FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:26-07-2015
durchgeführt von Jan (Administrator) auf JAN-LAPTOP (28-07-2015 22:47:23)
Gestartet von C:\Users\Jan\Desktop
Geladene Profile: Jan (Verfügbare Profile: Jan)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\SpotifyCrashService.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Spotify Ltd) C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-06-29] (Apple Inc.)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [2620728 2015-07-22] (Malwarebytes Corporation)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [Spotify] => C:\Users\Jan\AppData\Roaming\Spotify\Spotify.exe [7574584 2015-07-24] (Spotify Ltd)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Run: [Spotify Web Helper] => C:\Users\Jan\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2017848 2015-07-24] (Spotify Ltd)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://go.microsoft.com/fwlink/?LinkID=226786&Mkt=de-DE&Src=MSE&Tid=000328B0&OHP=http%3A%2F%2Fwww.google.com&OSP=http%3A%2F%2Fwww.bing.com%2Fsearch%3Fq%3D%7BsearchTerms%7D%26src%3DIE%2DSearchBox%26FORM%3DIESR02
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-04-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{90FB9C13-90F6-4F74-88AE-B7D8B944B178}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{90FB9C13-90F6-4F74-88AE-B7D8B944B178}: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-21] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MIF5BA~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-03] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll [2014-12-05] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-03-31] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll [2013-12-18] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-03] (Adobe Systems)
FF Plugin HKU\S-1-5-21-2262976956-2118714473-2327839329-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2262976956-2118714473-2327839329-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-05] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-03-31] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2015-04-28] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2015-04-28] (Apple Inc.)
FF Extension: NoScript - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-07-23]
FF Extension: Adblock Plus - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\7hh7ws0o.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-07-23]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-12-21]
Chrome:
=======
CHR dev: Chrome dev build erkannt! <======= ATTENTION
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-26]
CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-26]
CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-26]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-07-03]
CHR Extension: (Google Search) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-07-03]
CHR Extension: (Google Sheets) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-26]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-28]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-03]
==================== Services (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-20] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-20] (BlueStack Systems, Inc.)
S4 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [713016 2015-07-22] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S4 szserver; C:\Program Files (x86)\STOPzilla!\SZServer.exe [57136 2014-10-20] (iS3, Inc.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 HitmanPro37CrusaderBoot; "C:\Users\Jan\AppData\Local\Temp\Rar$EXa0.784\hitmanpro_x64.exe" /crusader:boot [X]
==================== Drivers (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [114448 2013-12-20] (BlueStack Systems)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [63064 2015-07-22] ()
S0 is3srv; C:\Windows\SysWow64\drivers\is3srv64.sys [74768 2014-10-20] (iS3 Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-07-28] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
S3 MUSONIK_PHASE_X64_MIDI; C:\Windows\System32\drivers\msnkphsm.sys [31296 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_USB; C:\Windows\System32\Drivers\msnkphsu.sys [460352 2009-11-13] (Ploytec GmbH)
S3 MUSONIK_PHASE_X64_WDM; C:\Windows\System32\drivers\msnkphsa.sys [49216 2009-11-13] (Ploytec GmbH)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R0 szkg5; C:\Windows\SysWow64\DRIVERS\szkg64.sys [74768 2014-10-20] (iS3 Inc.)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-26] (Microsoft Corporation)
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 22:16 - 2015-07-28 22:16 - 00001660 _____ C:\Users\Jan\Desktop\JRT.txt
2015-07-28 22:02 - 2015-07-28 22:02 - 00001213 _____ C:\Users\Jan\Desktop\MAM_280715_2156.txt
2015-07-28 21:19 - 2015-07-28 21:19 - 01798176 _____ (Malwarebytes Corporation) C:\Users\Jan\Desktop\JRT.exe
2015-07-28 21:15 - 2015-07-28 21:15 - 00002494 _____ C:\Users\Jan\Desktop\AdwCleaner[S4].txt
2015-07-28 21:09 - 2015-07-28 21:09 - 02248704 _____ C:\Users\Jan\Downloads\AdwCleaner_4.208.exe
2015-07-28 20:52 - 2015-07-28 22:20 - 00059081 _____ C:\Users\Jan\Desktop\Addition.txt
2015-07-28 20:51 - 2015-07-28 22:48 - 00015276 _____ C:\Users\Jan\Desktop\FRST.txt
2015-07-28 20:50 - 2015-07-28 22:47 - 00000000 ____D C:\FRST
2015-07-28 20:50 - 2015-07-28 20:50 - 02146816 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2015-07-28 20:21 - 2015-07-28 20:24 - 00005672 _____ C:\Users\Jan\Desktop\Prozess_Systemstart.txt
2015-07-28 20:09 - 2015-07-28 20:09 - 00001952 _____ C:\Users\Jan\Desktop\MAM_280715_2019.txt
2015-07-28 19:47 - 2015-07-28 19:47 - 00000184 _____ C:\Windows\SysWOW64\Drivers\kgpfr2.cfg
2015-07-28 19:20 - 2015-07-28 20:31 - 00003700 _____ C:\Users\Jan\Desktop\trojanerboard.txt
2015-07-28 18:46 - 2015-07-28 18:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STOPzilla
2015-07-28 18:46 - 2014-10-20 10:53 - 00082872 ____R (GFI Software) C:\Windows\system32\Drivers\sbapifs.sys
2015-07-28 18:46 - 2014-10-20 10:53 - 00047496 ____R (GFI Software) C:\Windows\system32\SBBD.EXE
2015-07-28 18:45 - 2015-07-28 20:51 - 00000000 ____D C:\ProgramData\STOPzilla!
2015-07-28 18:45 - 2015-07-28 18:49 - 00000000 ____D C:\Program Files (x86)\STOPzilla!
2015-07-28 18:44 - 2015-07-28 18:44 - 00593488 _____ C:\Users\Jan\Downloads\STOPzillaAVM_Setup-6.1.90.2.exe
2015-07-27 18:26 - 2015-07-28 18:45 - 00000259 _____ C:\Users\Jan\Desktop\programme.txt
2015-07-26 19:36 - 2015-07-26 19:36 - 00000000 ___DC C:\Users\Jan\AppData\Local\MigWiz
2015-07-26 18:37 - 2015-07-28 20:22 - 00003464 _____ C:\Windows\System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c
2015-07-26 18:37 - 2015-07-26 18:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverMax
2015-07-26 18:36 - 2015-07-26 18:36 - 05896376 _____ (Innovative Solutions ) C:\Users\Jan\Downloads\drivermax_7_63_cnet.exe
2015-07-26 17:48 - 2015-07-26 17:48 - 00012872 _____ (SurfRight B.V.) C:\Windows\system32\bootdelete.exe
2015-07-26 17:48 - 2015-07-26 17:48 - 00003306 _____ C:\Windows\system32\.crusader
2015-07-26 17:21 - 2015-07-26 17:53 - 00000000 ____D C:\ProgramData\HitmanPro
2015-07-26 17:07 - 2015-07-26 17:07 - 13485202 _____ C:\Users\Jan\Downloads\hitmanpro379.zip
2015-07-26 16:25 - 2015-07-26 16:25 - 00003264 _____ C:\Users\Jan\Desktop\AdwCleaner[S3].txt
2015-07-26 16:22 - 2015-07-28 22:44 - 00002933 _____ C:\Windows\setupact.log
2015-07-26 16:22 - 2015-07-26 16:22 - 00000000 _____ C:\Windows\setuperr.log
2015-07-26 16:21 - 2015-07-28 20:19 - 00011776 _____ C:\Windows\PFRO.log
2015-07-26 15:33 - 2015-07-26 15:33 - 00002790 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-26 15:32 - 2015-07-26 15:33 - 00000000 ____D C:\Program Files\CCleaner
2015-07-26 15:32 - 2015-07-26 15:32 - 05329360 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup507_slim.exe
2015-07-26 15:25 - 2015-07-26 16:14 - 00002196 _____ C:\Users\Jan\Desktop\chrome.lnk
2015-07-24 19:42 - 2015-07-24 23:38 - 00000067 _____ C:\Users\Jan\Desktop\name.txt
2015-07-21 22:36 - 2015-07-15 05:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-21 22:36 - 2015-07-15 05:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-21 22:36 - 2015-07-15 04:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-21 22:36 - 2015-07-15 04:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-21 22:36 - 2015-07-15 03:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-21 22:36 - 2015-07-15 03:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 20:51 - 2015-07-09 19:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 20:51 - 2015-07-09 19:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 20:51 - 2015-07-09 19:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 20:51 - 2015-07-09 19:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 20:51 - 2015-07-09 19:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 20:51 - 2015-06-25 10:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 20:51 - 2015-06-17 19:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 20:51 - 2015-06-17 19:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 20:51 - 2015-06-09 20:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-15 20:51 - 2015-06-09 20:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-15 20:51 - 2015-06-02 02:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-15 20:51 - 2015-06-02 01:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 20:50 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 20:50 - 2015-07-02 23:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 20:50 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 20:50 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 20:50 - 2015-07-02 22:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 20:50 - 2015-07-02 22:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-15 20:50 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 20:50 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 20:50 - 2015-07-02 22:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 20:50 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 20:50 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 20:50 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 20:50 - 2015-07-01 22:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 20:50 - 2015-06-27 04:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-15 20:50 - 2015-06-27 04:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 20:50 - 2015-06-27 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 20:50 - 2015-06-27 03:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 20:50 - 2015-06-25 20:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-15 20:50 - 2015-06-25 19:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 20:50 - 2015-06-20 22:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-15 20:50 - 2015-06-20 21:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-15 20:50 - 2015-06-20 21:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 20:50 - 2015-06-20 21:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-15 20:50 - 2015-06-20 21:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-15 20:50 - 2015-06-20 21:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 20:50 - 2015-06-20 21:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-15 20:50 - 2015-06-20 21:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-15 20:50 - 2015-06-20 21:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 20:50 - 2015-06-20 21:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-15 20:50 - 2015-06-20 21:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-15 20:50 - 2015-06-20 21:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-15 20:50 - 2015-06-20 21:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-15 20:50 - 2015-06-20 21:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-15 20:50 - 2015-06-20 21:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 20:50 - 2015-06-20 21:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 20:50 - 2015-06-20 21:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 20:50 - 2015-06-20 20:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 20:50 - 2015-06-20 20:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-15 20:50 - 2015-06-20 20:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 20:50 - 2015-06-20 20:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-15 20:50 - 2015-06-20 20:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 20:50 - 2015-06-20 20:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 20:50 - 2015-06-19 20:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 20:50 - 2015-06-19 20:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-15 20:50 - 2015-06-19 20:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-15 20:50 - 2015-06-19 20:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 20:50 - 2015-06-19 20:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 20:50 - 2015-06-19 20:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 20:50 - 2015-06-19 20:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-15 20:50 - 2015-06-19 20:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 20:50 - 2015-06-19 20:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 20:50 - 2015-06-19 20:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 20:50 - 2015-06-19 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 20:50 - 2015-06-19 19:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 20:50 - 2015-06-19 19:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 20:50 - 2015-06-19 19:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 20:50 - 2015-06-19 19:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 20:50 - 2015-06-19 19:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 20:50 - 2015-06-19 19:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 20:50 - 2015-06-19 19:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 20:50 - 2015-06-19 19:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 20:49 - 2015-07-09 19:59 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 20:49 - 2015-07-09 19:58 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 20:49 - 2015-07-09 19:58 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 20:49 - 2015-07-09 19:50 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 20:49 - 2015-07-04 20:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 20:49 - 2015-07-04 19:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 20:49 - 2015-07-01 22:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 20:49 - 2015-07-01 22:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-15 20:49 - 2015-07-01 22:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-15 20:49 - 2015-07-01 22:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-15 20:49 - 2015-07-01 22:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-15 20:49 - 2015-07-01 22:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-15 20:49 - 2015-07-01 22:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-15 20:49 - 2015-07-01 22:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-15 20:49 - 2015-07-01 22:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-15 20:49 - 2015-07-01 22:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-15 20:49 - 2015-07-01 22:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-15 20:49 - 2015-07-01 22:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-15 20:49 - 2015-07-01 22:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-15 20:49 - 2015-07-01 22:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-15 20:49 - 2015-07-01 22:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-15 20:49 - 2015-07-01 22:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-15 20:49 - 2015-07-01 21:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 20:49 - 2015-07-01 21:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 20:49 - 2015-07-01 21:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 20:49 - 2015-06-15 23:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-15 20:49 - 2015-06-15 23:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-15 20:49 - 2015-06-15 23:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-15 20:49 - 2015-06-15 23:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 20:49 - 2015-06-15 23:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 20:49 - 2015-06-15 23:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 20:49 - 2015-06-15 23:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-15 20:49 - 2015-06-15 23:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 20:49 - 2015-06-15 23:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-15 20:49 - 2015-06-15 23:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-07-15 20:49 - 2015-06-11 19:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 07077376 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 01057792 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-15 20:49 - 2015-06-11 19:56 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-15 20:49 - 2015-06-11 15:15 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-13 19:34 - 2015-07-13 19:34 - 00002097 _____ C:\Users\Jan\Desktop\Code.lnk
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Corporation
2015-07-13 19:33 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Code
2015-07-13 19:32 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Local\SquirrelTemp
2015-07-13 19:32 - 2015-07-13 19:34 - 00000000 ____D C:\Users\Jan\AppData\Local\Code
2015-07-13 19:31 - 2015-07-13 19:31 - 60842144 _____ (Microsoft Corporation) C:\Users\Jan\Downloads\VSCodeSetup.exe
2015-07-09 22:01 - 2015-07-12 16:56 - 00000000 ____D C:\Users\Jan\Desktop\Open
2015-07-03 19:09 - 2015-07-03 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-07-03 19:07 - 2015-07-03 19:07 - 00931408 _____ (Google Inc.) C:\Users\Jan\Downloads\ChromeSetup.exe
2015-07-01 22:49 - 2015-07-01 22:49 - 02034884 _____ C:\Users\Jan\Downloads\essen.webm
2015-07-01 22:42 - 2015-07-01 22:42 - 00001753 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-07-01 22:42 - 2015-07-01 22:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-07-01 22:41 - 2015-07-01 22:42 - 00000000 ____D C:\Program Files\iTunes
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files\iPod
2015-07-01 22:41 - 2015-07-01 22:41 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-07-01 22:33 - 2015-07-01 22:33 - 00082635 _____ C:\Users\Jan\Downloads\burn.webm
2015-07-01 22:32 - 2015-07-01 22:32 - 00043933 _____ C:\Users\Jan\Downloads\goldtops.webm
2015-06-30 21:20 - 2015-06-30 21:21 - 02953520 _____ (AVAST Software) C:\Users\Jan\Downloads\avast-browser-cleanup(1).exe
2015-06-29 17:22 - 2015-06-29 18:25 - 00000000 ____D C:\Users\Jan\Desktop\launch_fuchs_goebel
2015-06-29 14:16 - 2015-06-29 14:16 - 01125056 _____ (Adobe Systems Incorporated) C:\Users\Jan\Downloads\flashplayer18au_ha_install.exe
2015-06-28 17:27 - 2015-07-25 16:49 - 00000456 _____ C:\Users\Jan\Desktop\serien.txt
2015-06-28 14:16 - 2015-06-28 14:16 - 00000000 ____D C:\Users\Jan\Documents\ANNO 2070
2015-06-28 14:04 - 2015-06-28 14:04 - 00000000 ____D C:\ProgramData\Solidshield
2015-06-28 14:02 - 2015-06-28 14:02 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Ubisoft
2015-06-28 12:46 - 2015-06-28 12:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2015-06-28 12:44 - 2015-06-28 12:45 - 61778376 _____ (Ubisoft) C:\Users\Jan\Downloads\UplayInstaller.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-07-28 22:46 - 2014-01-12 13:56 - 00000000 ____D C:\Users\Jan\AppData\Local\Spotify
2015-07-28 22:46 - 2013-12-20 17:06 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-07-28 22:45 - 2015-06-22 18:29 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2015-07-28 22:45 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-28 22:44 - 2013-12-20 11:10 - 00000000 ____D C:\ProgramData\NVIDIA
2015-07-28 22:43 - 2014-01-24 20:17 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps
2015-07-28 22:43 - 2013-12-20 09:53 - 01474259 _____ C:\Windows\WindowsUpdate.log
2015-07-28 22:25 - 2014-06-14 19:52 - 00000000 ____D C:\Users\Jan\AppData\Local\Adobe
2015-07-28 22:22 - 2013-12-20 18:07 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype
2015-07-28 21:23 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-07-28 21:23 - 2009-07-14 06:45 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-07-28 21:19 - 2014-01-12 13:56 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Spotify
2015-07-28 21:17 - 2015-02-18 18:27 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-28 21:12 - 2014-06-01 17:13 - 00000000 ____D C:\AdwCleaner
2015-07-28 20:24 - 2014-12-05 17:54 - 00000000 ____D C:\Users\Jan\AppData\Local\Eclipse
2015-07-28 20:22 - 2014-12-05 17:52 - 00000000 ____D C:\Users\Jan\Desktop\eclipse
2015-07-28 19:47 - 2015-06-02 16:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2015-07-27 20:34 - 2015-06-22 18:29 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Exploit
2015-07-27 17:53 - 2010-11-21 08:50 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-07-27 17:53 - 2010-11-21 08:50 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-07-27 17:53 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-07-26 18:47 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\TAPI
2015-07-26 16:25 - 2015-02-18 18:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-26 16:25 - 2015-02-18 18:27 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-26 15:47 - 2015-06-07 22:41 - 00000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2015-07-26 15:47 - 2014-01-16 15:37 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2015-07-26 15:47 - 2013-12-20 22:43 - 00000000 ____D C:\Program Files (x86)\Steam
2015-07-26 15:47 - 2013-12-20 09:49 - 00000000 ____D C:\Windows\Panther
2015-07-26 15:27 - 2014-01-15 11:07 - 00000000 ____D C:\Windows\pss
2015-07-22 12:37 - 2009-07-14 06:45 - 05202000 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-21 22:28 - 2013-12-20 17:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-21 22:28 - 2013-12-20 17:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-21 22:28 - 2013-12-20 17:06 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-18 20:30 - 2014-05-17 11:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-18 20:29 - 2014-05-17 11:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-07-17 20:49 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 21:19 - 2015-04-08 17:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-16 20:24 - 2015-04-16 16:26 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-16 20:24 - 2015-04-05 01:40 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-16 20:24 - 2015-04-05 01:40 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-16 20:24 - 2014-05-18 10:49 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 22:00 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-07-15 21:55 - 2013-12-20 17:55 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 20:27 - 2014-10-15 15:38 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-07-15 20:27 - 2013-12-20 18:06 - 00000000 ____D C:\ProgramData\Skype
2015-07-13 19:49 - 2013-12-20 10:05 - 00000000 ____D C:\Users\Jan
2015-07-13 19:38 - 2015-01-28 16:09 - 00000000 ____D C:\Users\Jan\hex16de
2015-07-12 19:07 - 2013-12-20 17:06 - 00000000 ____D C:\Users\Jan\AppData\Roaming\.minecraft
2015-07-12 16:56 - 2014-01-25 17:08 - 00000132 _____ C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-07-11 12:13 - 2014-09-25 10:53 - 00000000 ____D C:\Users\Jan\Desktop\Projekte
2015-07-11 12:02 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-07-10 18:01 - 2013-12-20 19:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-05 12:08 - 2010-11-21 05:27 - 00300704 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2015-07-03 19:08 - 2013-12-20 20:23 - 00000000 ____D C:\Program Files (x86)\Google
2015-07-03 19:06 - 2015-01-09 15:56 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieBrowserModeList
2015-07-03 19:06 - 2014-05-04 14:33 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieUserList
2015-07-03 19:06 - 2014-05-04 14:33 - 00000000 __SHD C:\Users\Jan\AppData\Local\EmieSiteList
2015-07-03 17:53 - 2015-06-15 16:56 - 00000658 _____ C:\Users\Jan\Downloads\debug.log
2015-07-03 17:53 - 2013-12-20 20:23 - 00000000 ____D C:\Users\Jan\AppData\Local\Google
2015-07-03 08:43 - 2013-12-20 17:55 - 130333168 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-07-02 17:13 - 2014-01-12 00:07 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Apple Computer
2015-07-01 22:41 - 2015-04-28 18:03 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-07-01 22:41 - 2014-01-12 00:03 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-06-30 21:31 - 2015-06-17 17:45 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GitHub, Inc
2015-06-30 21:31 - 2014-01-19 21:12 - 00000000 ____D C:\Users\Jan\AppData\Local\Deployment
2015-06-29 17:47 - 2015-06-17 17:46 - 00000000 ____D C:\Users\Jan\AppData\Roaming\GitHub
2015-06-29 17:47 - 2015-06-17 17:46 - 00000000 ____D C:\Users\Jan\AppData\Local\GitHub
2015-06-28 14:02 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-28 13:47 - 2014-08-17 13:48 - 00000000 ____D C:\Program Files (x86)\Ubisoft
2015-06-28 13:47 - 2013-12-20 10:33 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-28 12:54 - 2014-08-17 14:42 - 00000000 ____D C:\Users\Jan\AppData\Local\Ubisoft Game Launcher
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-07-05 13:55 - 2015-02-09 19:57 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-GIF-Format - Voreinstellungen
2014-01-25 17:08 - 2015-07-12 16:56 - 0000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen
2015-01-28 15:38 - 2015-01-28 15:38 - 0000885 _____ () C:\Users\Jan\AppData\Roaming\Roaming - Verknüpfung.lnk
2015-01-28 15:38 - 2015-01-28 15:39 - 0035840 ___SH () C:\Users\Jan\AppData\Roaming\Thumbs.db
2014-04-05 12:25 - 2014-04-05 12:25 - 0000600 _____ () C:\Users\Jan\AppData\Roaming\winscp.rnd
2014-01-13 16:14 - 2015-02-09 19:59 - 0001456 _____ () C:\Users\Jan\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2014-04-04 23:44 - 2014-06-29 00:06 - 0000600 _____ () C:\Users\Jan\AppData\Local\PUTTY.RND
2014-12-30 16:23 - 2015-02-13 21:20 - 0007602 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2015-06-05 20:45 - 2015-06-05 20:45 - 0000000 _____ () C:\Users\Jan\AppData\Local\Temp.dat
2014-11-28 16:15 - 2014-11-28 16:15 - 0000000 _____ () C:\Users\Jan\AppData\Local\{C2735D3C-D70C-4EF8-B582-87FD8E14A1CE}
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\System32\winlogon.exe => Datei ist digital signiert
C:\Windows\System32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\System32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\System32\services.exe => Datei ist digital signiert
C:\Windows\System32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\System32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\System32\rpcss.dll => Datei ist digital signiert
C:\Windows\System32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-23 20:36
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:26-07-2015
durchgeführt von Jan an 2015-07-28 22:49:30
Gestartet von C:\Users\Jan\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2262976956-2118714473-2327839329-500 - Administrator - Disabled)
Gast (S-1-5-21-2262976956-2118714473-2327839329-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2262976956-2118714473-2327839329-1003 - Limited - Enabled)
Jan (S-1-5-21-2262976956-2118714473-2327839329-1000 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: STOPzilla (Disabled - Up to date) {17032AB1-6644-0721-EEB5-A39B8B646009}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: STOPzilla (Disabled - Up to date) {AC62CB55-407E-08AF-D405-98E9F0E32AB4}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.9 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.22.87 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.00.007 - Atheros Communications)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 DEU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{44181DF6-2751-48C7-B918-72F14508F127}) (Version: 0.8.4.3036 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
Canon iP4900 series Benutzerregistrierung (HKLM-x32\...\Canon iP4900 series Benutzerregistrierung) (Version: - )
Canon iP4900 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4900_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Code (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Code) (Version: 0.5.0 - Microsoft Corporation)
Devenv-Ressourcen für Microsoft Visual Studio 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
DriverMax 7 (HKLM-x32\...\DMX5_is1) (Version: 7.63.0.1160 - Innovative Solutions)
Entity Framework Designer für Visual Studio 2012 - DEU (HKLM-x32\...\{094D6E27-97CC-447E-8660-56F75CFC1E00}) (Version: 11.1.20702.00 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
FileZilla Client 3.11.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.11.0.2 - Tim Kosse)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.134 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
iTunes (HKLM\...\{4046F74A-28F8-48C6-A5D3-2AFC472574C1}) (Version: 12.2.0.145 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version: - LEGO A/S)
LibreOffice 4.1.4.2 (HKLM-x32\...\{94E11973-ED58-47A0-907C-ABF6D95C5DD8}) (Version: 4.1.4.2 - The Document Foundation)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for de-de (x32 Version: 8.59.25584 - Microsoft) Hidden
Malwarebytes Anti-Exploit version 1.07.1.1015 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.07.1.1015 - Malwarebytes)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{98B45D1C-6EB1-460D-A87D-2B60678DC105}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 - DEU (HKLM-x32\...\{07AC2D83-E795-4AD5-970D-B9BD14A1E411}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages - DEU (HKLM-x32\...\{93EEC4E9-EEFE-4027-ACD3-6E8C1D085975}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 Language Pack - DEU (HKLM-x32\...\Microsoft Help Viewer 2.0 Language Pack - DEU) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK - Deutsch (HKLM-x32\...\{8EA792A5-38AA-4F0E-8DFE-D1BAF1145431}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{AD49BD4B-6CEE-4EA2-B53E-8EB0606F1B11}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{EF18EF0F-96D3-4A6B-9600-2197F1720A15}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{55FABD1D-8BE6-4A1A-958D-52B15F1DFEF0}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{13C9CD03-A5FE-4F50-AC8A-17B77C38CC52}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{28C7A4BB-3966-4373-8376-C11F38290630}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (11.1.20627.00) (HKLM-x32\...\{F6F1EE45-97E9-48A3-94B2-044B0A3C08D3}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (11.1.20627.00) (HKLM-x32\...\{CEEDB2C4-46BE-4340-BAB9-F30110D9BBB8}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{2e8b5d3e-04b1-40c7-ade4-487d5357ba8c}) (Version: 11.0.50727.26 - Microsoft Corporation)
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - DEU (HKLM-x32\...\{86756584-C41A-4CA3-B42D-4768C7720F56}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.0.2100.60 - Microsoft Corporation)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.5 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.4 - Notepad++ Team)
NVIDIA 3D Vision Treiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 341.44 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.44 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.44 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Oracle VM VirtualBox 4.3.6 (HKLM\...\{DC65DFD8-E175-4A85-948A-42965853B2E8}) (Version: 4.3.6 - Oracle Corporation)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Patrizier II Gold (HKLM-x32\...\Patrizier II Gold_is1) (Version: - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PHASE X64 USB (HKLM\...\USB_AUDIO_DEusb-audio.dePhaseX64USB) (Version: - )
PreEmptive Analytics Client German Language Pack (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Python 3.2.1 (64-bit) (HKLM\...\{34b2530c-6349-4292-9dc3-60bda4aed93d}) (Version: 3.2.1150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek USB 2.0 Reader Driver (HKLM-x32\...\{62BBB2F0-E220-4821-A564-730807D2C34D}) (Version: 1.0.0.12 - Realtek Semiconductor Corp.)
REAPER (x64) (HKLM\...\REAPER) (Version: - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version: - Volition)
Secure Download Manager (HKLM-x32\...\{C58626D6-7EBD-460D-8B6C-75B3C3464879}) (Version: 3.1.60 - Kivuto Solutions Inc.)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 7.6 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.6.105 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\Spotify) (Version: 1.0.10.107.gd0dfca3a - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
STOPzilla (HKLM-x32\...\{9242735B-A101-45B0-BC06-2AA20A114627}) (Version: 6.1.100.3 - iS3 Inc.)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.51a - Ghisler Software GmbH)
Unity Web Player (HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB3054946) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{5280698D-EE40-4A94-9E69-ED2E2B1E12A2}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 7.1 - Ubisoft)
VLC media player 2.1.1 (HKLM\...\VLC media player) (Version: 2.1.1 - VideoLAN)
WCF Data Services 5.0 (for OData v3) DEU Language Pack (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Visual Studio 11 DEU Language Pack (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
26-07-2015 17:47:00 Prüfpunkt von HitmanPro
26-07-2015 17:48:10 Prüfpunkt von HitmanPro
26-07-2015 19:20:42 Windows-Sicherung
26-07-2015 19:22:12 Windows-Sicherung
26-07-2015 19:23:47 Windows-Sicherung
27-07-2015 06:44:51 Windows-Sicherung
28-07-2015 18:42:03 Removed AirServer Universal (x64)
28-07-2015 18:45:38 Installed STOPzilla
28-07-2015 22:03:56 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-07-28 18:47 - 00001090 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
192.168.2.1 speedport.ip
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {38C14103-C5E0-4A19-B24C-6CC222AD96FB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {43C16A31-0723-434E-8F07-9F9CF79EEBA2} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {46590ECA-A7D9-42E1-A95E-F902CEF987EE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {655C589F-F055-4437-95BF-9956DA9B21A9} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-21] (Adobe Systems Incorporated)
Task: {71B4E02D-7753-49A7-8586-06BFD4864276} - System32\Tasks\AdobeAAMUpdater-1.0-Jan-Laptop-Jan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {7501907F-041B-4F57-AD95-CAD9588D9B05} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {764D0EFC-5E44-473A-A1B3-CF0CED1D24C4} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {8072E26A-B668-4CE5-9DD5-C6D9571B5DCA} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {85A5DCB1-C807-4CF7-BDD0-A8C64E051E39} - System32\Tasks\Application Starter - f1375f225883e83d52e8db9690775c3c => C:\Program Files (x86)\Innovative Solutions\DriverMax\innostp.exe
Task: {8CAD0CFE-56EA-4943-8418-9A5B7CDB2ABE} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {99CE6F87-CED7-4E26-ABA1-F5C2291A2928} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: {CF461DE5-5FA0-4A23-B6AB-CCF688ADBC1D} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {D2380ADA-2EE4-46CA-A3CC-1306651333E1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-06-02 17:20 - 2015-06-02 17:20 - 00043480 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2015-03-13 15:12 - 2015-07-24 19:35 - 41287224 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libcef.dll
2015-03-13 15:12 - 2015-07-24 19:35 - 01488440 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libglesv2.dll
2015-03-13 15:12 - 2015-07-24 19:35 - 00079928 _____ () C:\Users\Jan\AppData\Roaming\Spotify\libegl.dll
2015-03-13 15:12 - 2015-03-20 15:26 - 09305656 _____ () C:\Users\Jan\AppData\Roaming\Spotify\pdf.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2262976956-2118714473-2327839329-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\Services: abc71024 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: bthserv => 3
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: fussvc => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: PeerDistSvc => 3
MSCONFIG\Services: SCardSvr => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: szserver => 2
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^NetDrive Fully Activated Version 2015.lnk => C:\Windows\pss\NetDrive Fully Activated Version 2015.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Stardock ObjectDock.lnk => C:\Windows\pss\Stardock ObjectDock.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: GoogleDriveSync => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Lync => "C:\Program Files\Microsoft Office\Office15\lync.exe" /fromrunkey
MSCONFIG\startupreg: Malwarebytes Anti-Exploit => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NetDrive2 => "C:\PROGRA~1\NETDRI~1\NetDrive2.exe" -tray
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RocketDock => "C:\Program Files (x86)\RocketDock\RocketDock.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: XboxStat => "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{0976E6F7-9387-471F-A948-D201241639AF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{C37DC54C-9539-4554-8BBB-0476AE00530A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{2E0E96D5-384C-4190-A85E-474DF1B9F6E8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8BA3ECCD-A878-4643-9D23-48539A280039}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD8F1C24-B776-48C5-8F68-AF2C1C579393}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{9A285861-5838-4111-884B-733244DB0463}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2EC86A39-B361-44ED-AA5F-F1ED832902E8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1EDBBC63-788D-4EA7-977F-34A34D9AE56E}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{D9825504-CA76-4D88-A95B-3E81040EAFFC}] => (Allow) C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\FlashBuilder.exe
FirewallRules: [{D2EEEA2D-2A5E-4032-9C4B-BE68591F35DA}] => (Allow) LPort=7935
FirewallRules: [TCP Query User{85DEF6D4-8EA6-4720-97EC-2080B5459801}C:\program files\teamspeak server\ts3server_win64.exe] => (Allow) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [UDP Query User{05C5E5D4-4DC4-4E32-A1C9-A413C26847D3}C:\program files\teamspeak server\ts3server_win64.exe] => (Allow) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{B6F17A45-DB4E-49B2-A073-D55C25A285D0}] => (Block) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{B426C42B-9BB3-4CCF-9646-A1072CC16488}] => (Block) C:\program files\teamspeak server\ts3server_win64.exe
FirewallRules: [{3F3D77CA-B1F0-4E05-873B-09FE85CDB59B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2ADFC848-155A-46BE-B9E8-094ECD5148A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{5F6FF1D5-C489-405A-B7B9-BDD0804CD819}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{90744F51-4949-4AAC-B7E8-E87B201C1C44}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{8021B9AC-CD4D-4DD7-8133-643DDF8A1559}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2EC5688C-B013-4677-9C2A-8CE4374EE86E}C:\users\jan\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{DAF55C42-00D0-4A00-990F-6FF87336E34C}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{057F41B7-2B95-409B-BC90-DBE8B7C439C9}] => (Block) C:\users\jan\appdata\roaming\spotify\spotify.exe
FirewallRules: [{34BCA0C6-24BC-4172-90FE-0D79E14B43CB}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1F1E8F27-E3FA-4DE3-A083-88DE5B2402CE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{A3A9BAB2-35BD-40F2-A4C1-AE57B6E1A72E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{D0311CA8-6334-425F-BE80-EE25D6571E76}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{10A2F165-FAD9-4D60-B65A-D20B351F7CB7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79D65973-88B9-4168-8CA6-22C7205A1AC7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{4C2AF801-6ECE-4785-8214-ED9D593FB2F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{234D6BAD-3649-4E5E-AC56-989000E5146D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{233EF561-778F-4E98-AF2D-F4CC55DE73EE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{541FC549-5EF2-4141-9C68-DBBDBDD80EF7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F495F2F7-A595-41DC-BEC1-6CA7D143CE12}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [{4F92BA4A-23FD-437F-A730-018B1165D3A6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe
FirewallRules: [TCP Query User{FBA7074D-BCB5-4A96-8092-66AC93198371}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [UDP Query User{2A188E3D-8613-4A47-8DED-0B16E1ED065A}C:\windows\system32\javaw.exe] => (Allow) C:\windows\system32\javaw.exe
FirewallRules: [{0E4F7EB4-8D1C-4B1B-9148-FAFF07D23489}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{E54E539B-0E3E-4C7C-BE6C-41FD0D8163E5}] => (Block) C:\windows\system32\javaw.exe
FirewallRules: [{6E4A3F64-099A-42E6-8F51-339D281ADFF5}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{A78BEE3C-F11F-42CF-9D83-E775F849342B}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2680\Agent.exe
FirewallRules: [{601AD48D-B12E-4BEA-9AA3-8F4D02FAA181}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [{8F8F223A-1183-43CA-8D84-E0556D34D1CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Banished\Application-steam-x64.exe
FirewallRules: [TCP Query User{DB837E3A-A131-4F31-B1A3-64DB368B81EF}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{B73DE78B-3AD6-4E52-9830-6645F233C78F}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Allow) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{8CD2A718-7288-448A-86FE-E6E0FFB3DDA9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{31609EBC-232E-48B0-88EE-126218158BD4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\MountBlade Warband\mb_warband.exe
FirewallRules: [{A3021DAA-AD8F-493D-931F-07BEE1F93ADA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{605FF6B2-252D-4D72-BF4D-4CE769EB7BD3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{FB47F274-EA67-4D2F-BD8C-D42A588A7E13}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{ACCAAB65-33EB-40A2-8E99-1CDE7B779E36}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\game_launcher.exe
FirewallRules: [{E0C12B2F-EB2A-499C-918A-09F90AFED33D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{B1E06FD2-9C1B-40A8-8C13-1E3C1E92E1EF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird.exe
FirewallRules: [{270EE487-CFC1-41DA-92BD-65285C25548D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [{962FFC8C-F67E-451C-8AEE-2DA714BBFE60}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Saints Row the Third\SaintsRowTheThird_DX11.exe
FirewallRules: [TCP Query User{8E8D75CA-1540-417D-82E6-7D92DB66347E}C:\program files (x86)\patrizier ii gold\patrizier 2.exe] => (Allow) C:\program files (x86)\patrizier ii gold\patrizier 2.exe
FirewallRules: [UDP Query User{6F36C024-5845-4AC0-AC78-2D0363871D8F}C:\program files (x86)\patrizier ii gold\patrizier 2.exe] => (Allow) C:\program files (x86)\patrizier ii gold\patrizier 2.exe
FirewallRules: [{5CD6D919-D995-4966-9EC3-52E991E5AAE3}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{147E0B9A-1A92-451E-B97D-E9039A280749}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{9AB4A64C-6057-40F5-B656-43A122127196}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{29BDBF0A-52F8-42AE-BD8F-1318270C4180}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{96F05D28-0C76-4517-9542-C79A15B3461E}] => (Allow) LPort=1688
FirewallRules: [{0B3BAD3B-98EB-46FB-BE17-DFFDC6E44CA6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [{24189447-ABD8-43DA-962F-233DE6FE0606}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{7BCA10B2-E584-4E83-B528-744848198811}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{2690920F-6174-4C32-98FF-34398A88A5E4}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [{6AB87171-6DE7-41CB-AF41-06F4547749D1}] => (Allow) LPort=1688
FirewallRules: [{862BC2A9-9CED-43B7-8AD0-C1DF68051325}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EB7C9F4F-3A23-468F-9BAE-1CC33E7E9240}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{1A9F66E8-30C7-47E4-9D52-8EAC47A0BBC0}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{65FAC513-A9C4-4D7A-9B61-9C1B500A69EE}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{2FF85989-0DFA-4F8C-84DC-B786997CADD1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{EAD29C05-109C-4808-98B2-09629E6E128F}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{BE17F196-F16F-4ED0-85A9-4808E1F7E8C1}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\devenv.exe
FirewallRules: [{A0C1D69F-2216-4A90-AD7C-6BB7D0DFC066}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{08F65D32-6A6E-4789-8783-B2772844EBA2}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{B767AA25-CFA9-49E0-85BD-6717F870DC11}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{BA9FD215-E3FE-462A-BE41-0BE5EB6725BC}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{7D77E9AC-18BC-49B5-ADD3-DCCF06F007E2}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [UDP Query User{1CA3C5FB-040D-4167-8F05-4084A1CFCB9F}C:\totalcmd\totalcmd64.exe] => (Allow) C:\totalcmd\totalcmd64.exe
FirewallRules: [{15BBD7E9-141E-4B3F-9A03-B4EFA33434F9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{838A1963-F1D0-4529-8D61-D440664DAD05}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{91E4747A-8157-463B-A4DF-4A578F168D02}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{5221C9FA-2CCB-49F2-97AF-A8751E0C616F}C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{26E2B62F-7FA4-4711-8C20-DB3451A73A99}C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe] => (Allow) C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe
FirewallRules: [UDP Query User{B0253995-0445-4BFA-AECF-7F7246B3E8B8}C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe] => (Allow) C:\users\jan\desktop 2\guard - sicherung 04.07-2013\wechseldatenträger (f)\programme (x86)\system\portableapps\filezillaportable\app\filezilla\filezilla.exe
FirewallRules: [TCP Query User{A7126FC9-FD77-4F79-8E5D-2DD1D6B35CB8}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{67AD0B7E-68EA-4A12-96A0-A55B31ABA689}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [{546D8EE3-B5DC-4274-98B5-AF15CF4E36E9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{E39CB5FF-F018-4F76-AECC-4C3D81604108}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{CCF883DC-0CF1-4B7B-8312-B2F697DF14D7}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [{1E245082-F1D4-4A87-94F0-FAE32641532A}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{F9EBB761-E66C-4CEF-AD88-AA52AD02A945}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{0661D40F-2EAF-49FD-B0A0-A82D43E9E73C}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{5C0DE893-1387-4797-A476-A42F76F294E4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{39273EA0-D83E-40C9-94B1-29769AFBF63D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{BEBD3C81-7711-4274-9A6A-90558D62115F}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{2D13B2C9-BA2D-4AEC-BBCC-27ED29096321}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{8BDB930C-7C42-4AAF-A46A-2C9012A25796}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{4216D01B-4EC2-4103-B01B-DD4F6861BF47}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{77318D4D-FF28-4A8A-AF6A-386A2D8E12B5}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{845C652C-6849-4476-9CEB-D328264E4BAA}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{CF313A48-034A-4A40-B77E-519612253460}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{60B39E45-3ABA-46F8-A472-485D5C3007AF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Description: Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros
Service: L1C
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/28/2015 10:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 10:42:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 39.0.0.5659, Zeitstempel: 0x55934d06
Name des fehlerhaften Moduls: mozalloc.dll, Version: 39.0.0.5659, Zeitstempel: 0x55933a83
Ausnahmecode: 0x80000003
Fehleroffset: 0x00001aa1
ID des fehlerhaften Prozesses: 0xe28
Startzeit der fehlerhaften Anwendung: 0xplugin-container.exe0
Pfad der fehlerhaften Anwendung: plugin-container.exe1
Pfad des fehlerhaften Moduls: plugin-container.exe2
Berichtskennung: plugin-container.exe3
Error: (07/28/2015 09:15:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 08:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 06:55:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" ; Beschreibung = STOPzilla Restore Point.; Fehler = 0x80042319).
Error: (07/28/2015 05:37:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2015 08:34:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:49:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x000002b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000216EC00.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
Systemfehler:
=============
Error: (07/28/2015 10:45:41 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
is3srv
Error: (07/28/2015 10:44:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (07/28/2015 10:43:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (07/28/2015 10:42:55 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (07/28/2015 10:24:54 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert: 10. Der interne Fehlerstatus lautet: 10.
Error: (07/28/2015 10:04:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Management and Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (07/28/2015 10:04:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (07/28/2015 10:04:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Anti-Exploit Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (07/28/2015 10:46:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 10:42:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe39.0.0.565955934d06mozalloc.dll39.0.0.565955933a838000000300001aa1e2801d0c973416bdc93C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll3941cd25-3569-11e5-b177-bf11c0904f38
Error: (07/28/2015 09:15:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 08:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/28/2015 06:55:43 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Program Files (x86)\STOPzilla!\SZScanner.exe Files (x86)\STOPzilla!\SZScanner.exe" STOPzilla Restore Point.0x80042319
Error: (07/28/2015 05:37:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/27/2015 08:34:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 06:49:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000002b8,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,000000000216EC00.72)0x80070005, Zugriff verweigert
Error: (07/26/2015 05:48:34 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x0000061c,(null),0,REG_BINARY,00000000159AE400.72)0x80070005, Zugriff verweigert
Vorgang:
BackupShutdown-Ereignis
Kontext:
Ausführungskontext: Writer
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {232c4d28-3710-4c85-a9cc-7338f4c9d919}
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 44%
Total physical RAM: 4077.86 MB
Available physical RAM: 2280.98 MB
Total Virtual: 8153.93 MB
Available Virtual: 6194.88 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:698.54 GB) (Free:292.8 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 3C96D6C9)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=698.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
Geändert von HEX16 (28.07.2015 um 21:53 Uhr) |
|
28.07.2015, 22:21
| #10 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Ich warte auf das ESET Log.
__________________ Proud member of Unite |
|
28.07.2015, 22:23
| #11 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Eset läuft noch. Derzeit bei 47% dauert vermutlich ein wenig länger. Ich die LOG Datei spätestens morgen abend hier hochladen. |
|
28.07.2015, 22:35
| #12 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] OK.
__________________ Proud member of Unite |
|
29.07.2015, 16:37
| #13 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] Ich musste Eset gestern Abend beenden da es noch nicht Fertig war. Ich lasse es jetzt noch einmal laufen. Ich werde den log Heute Abend posten. |
|
29.07.2015, 16:54
| #14 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] OK.
__________________ Proud member of Unite |
|
30.07.2015, 13:31
| #15 |
| | Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] So, Eset ist bei 87%. (Dauer genau 4 Stunden) Wird wohl noch 1-2 Stunden dauern. Bisher 6 Dinge gefunden. So hier der ESET Log PC wird neu gestartet und geprüft. Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34687084946ecc438da22dd8c04fef8b
# end=init
# utc_time=2015-07-28 08:54:02
# local_time=2015-07-28 10:54:02 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25016
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34687084946ecc438da22dd8c04fef8b
# end=updated
# utc_time=2015-07-28 08:56:01
# local_time=2015-07-28 10:56:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=34687084946ecc438da22dd8c04fef8b
# engine=25016
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-28 10:03:37
# local_time=2015-07-29 12:03:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 6564945 61101411 0 0
# scanned=154571
# found=5
# cleaned=0
# scan_time=4055
sh=048C2B984A8E90BCA8798BA7F79F4286F707C640 ft=1 fh=c71c0011c6b4d2b3 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TremeenDoUsCoupo\PdTD8kmuga5Khc.exe.vir"
sh=3F9D3F7F20798BA0944B59DA2A5280507512749E ft=1 fh=0c867f66ece39cc9 vn="Win32/VOPackage.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jan\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=0F26F44E670D3FF85548DAD0C6A37F6C48D8409D ft=1 fh=992f061f86f55a72 vn="Win32/Adware.ConvertAd.AQ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jan\AppData\Roaming\VOPackage\Uninstall.exe.vir"
sh=D01A63F182F829FC9D412356B87EA2D8C2E48F48 ft=1 fh=cc6c974337401f03 vn="Variante von Win32/VOPackage.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jan\AppData\Roaming\VOPackage\VOsrv.exe.vir"
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34687084946ecc438da22dd8c04fef8b
# end=init
# utc_time=2015-07-29 03:35:37
# local_time=2015-07-29 05:35:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25031
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=34687084946ecc438da22dd8c04fef8b
# end=updated
# utc_time=2015-07-29 03:37:38
# local_time=2015-07-29 05:37:38 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=34687084946ecc438da22dd8c04fef8b
# engine=25031
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-07-29 08:16:32
# local_time=2015-07-29 10:16:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 6644920 61181386 0 0
# scanned=456600
# found=6
# cleaned=0
# scan_time=16732
sh=048C2B984A8E90BCA8798BA7F79F4286F707C640 ft=1 fh=c71c0011c6b4d2b3 vn="Variante von Win32/Adware.MultiPlug.IY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\mozilla firefox\dbghelp.dll.vir"
sh=57F3815D0942E3B0A9BEF621A7B4971F55FC74D7 ft=1 fh=c71c0011d20a434c vn="Win32/Adware.MultiPlug.KG Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\TremeenDoUsCoupo\PdTD8kmuga5Khc.exe.vir"
sh=3F9D3F7F20798BA0944B59DA2A5280507512749E ft=1 fh=0c867f66ece39cc9 vn="Win32/VOPackage.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jan\AppData\Roaming\VOPackage\runasu.exe.vir"
sh=0F26F44E670D3FF85548DAD0C6A37F6C48D8409D ft=1 fh=992f061f86f55a72 vn="Win32/Adware.ConvertAd.AQ Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jan\AppData\Roaming\VOPackage\Uninstall.exe.vir"
sh=D01A63F182F829FC9D412356B87EA2D8C2E48F48 ft=1 fh=cc6c974337401f03 vn="Variante von Win32/VOPackage.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jan\AppData\Roaming\VOPackage\VOsrv.exe.vir"
sh=1867142971E46CEFBDC91D1C32BDDB89B9CC2FCB ft=1 fh=bed49cb1acf2aab9 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jan\Desktop 2\Proggen\DTLite4471-0333.exe"
Computer Neu gestartet und Chrome gestartet. Es scheint wieder alles normal. Ich werde einige Tage warten bevor ich auf Win 10 upgrade. Aber erstmal ein SUPER GROSSES DANKE an dich! Auf dieses Forum kann man sich wirklch verlassen  Und das ihr das alles noch freiwillig macht finde ich gut. Vielleicht sollte ich auch ein paar usern helfen Gruß Kleiner Anhang nebenbei: Wo bzw Wie kann man sich "ausbilden" lassen um in diesem Forum zu helfen. Ich würde gerne mein bisheriges Wissen nutzen und erweitern und dabei noch gutes tun. Nur we ich gelesen habe dass man eine "Ausbilung" benötigt Gruß Was sagst du zu dem Log? |
|
| Themen zu Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware] |
| .dll, adware, bobrowser, browser, computer, doubleclick.net, entfernen, file, firefox, frage, google, installation, keine log file, laptop, log, log file, malware, malwarebytes, microsoft, mozilla, neu, ordner, popup, problem, programme, registry, software, tremendous, tremendouscoupon, viren, virus, werbung, windows, windows 10 |
![Windows 7: TremendousCoupon lässt sich nicht entfernen [Malware/Adware]](iconimages/log-analyse-auswertung/windows-7-tremendouscoupon-laesst-entfernen-malware-adware_ltr.gif)
Linear-Darstellung
