| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 MinutenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
04.08.2015, 11:36
| #1 |
| |  Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten Moin, seit ein paar Tagen steigern sich die Systemunterbrechungen hoch bis zu einer Auslastung zwischen 20-30% der CPU. Der Computer stockt für einige Minuten und danach legt sich das Problem wieder. Bisher fiel mir das Problem nur auf wenn ein Livestream oder ein Spiel lief, allerdings gingen die Unterbrechungen zurück ohne etwas zuschließen, heißt durch reines abwarten. Viren- sowie Malwaresuche ergaben nichts. Treiber sind aktuell. Einen Hardwarefehler kann ich nicht ausschließen, wollte aber erstmal die Software checken. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von dafty (Administrator) auf PK (04-08-2015 12:22:22)
Gestartet von C:\Users\dafty\Desktop
Geladene Profile: dafty (Verfügbare Profile: dafty)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\dafty\AppData\Local\FluxSoftware\Flux\flux.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Hola Networks Ltd.) C:\Users\dafty\AppData\Local\Hola\firefox\app\hola_plugin.exe
(AVG Technologies CZ, s.r.o.) C:\ProgramData\MFAData\SelfUpd\avgmfapx.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-08-04] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-07-27] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3960744 2015-07-28] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Run: [f.lux] => C:\Users\dafty\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
Startup: C:\Users\dafty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2014-12-22]
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001 -> DefaultScope {482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231} URL =
SearchScopes: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001 -> {482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: PDF Architect Helper -> {691B33B0-B86E-47F3-81C7-56E4FE3B929C} -> C:\Program Files (x86)\PDF Architect 2\creator-ie-helper.dll [2014-10-10] (pdfforge GmbH)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{941AEFEA-8166-45C3-858D-5AF6F8104886}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default
FF SelectedSearchEngine: AVG Secure Search
FF Homepage: www.google.de
FF NetworkProxy: "autoconfig_url", "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gaXNZb3VUdWJlVmlkZW8odXJsKXsgcmV0dXJuIG5ldyBSZWdFeHAoIl4oPzpodHRwfGh0dHBzKTpcXC9cXC8oPzouKikoPzouZ29vZ2xldmlkZW8uY29tfC5jLnlvdXR1YmUuY29tKSg/Oi4qKVxcL3ZpZGVvcGxheWJhY2soPzouKikoPzpnY3I9dXN8XFwvZ2NyXFwvdXNcXC8pKD86LiopJCIsJ2knKS50ZXN0KHVybCk7fWZ1bmN0aW9uIGlzWW91VHViZVZpZGVvUGFnZSh1cmwsIGhvc3QsIHZpZHVybCkgeyByZXR1cm4gaG9zdC5pbmRleE9mKCd5b3V0dWJlLmNvbScpICE9IC0xICYmIHVybC5pbmRleE9mKHZpZHVybCkgIT0gLTE7fWZ1bmN0aW9uIEZpbmRQcm94eUZvclVSTCh1cmwsIGhvc3QpIHtpZihpc1lvdVR1YmVWaWRlbyh1cmwpICB8fCBpc1lvdVR1YmVWaWRlb1BhZ2UodXJsLCBob3N0LCAnaHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1PaHBhRFJFZkxKQScpKXsgcmV0dXJuICdQUk9YWSAyMDkuMjM5LjExNC4yMDU6MzEzMSc7fWVsc2V7IHJldHVybiAnRElSRUNUJzt9fQ=="
FF NetworkProxy: "ftp", "183.220.172.208"
FF NetworkProxy: "ftp_port", 8123
FF NetworkProxy: "gopher", "183.220.172.208"
FF NetworkProxy: "gopher_port", 8123
FF NetworkProxy: "http", "183.220.172.208"
FF NetworkProxy: "http_port", 8123
FF NetworkProxy: "socks", "183.220.172.208"
FF NetworkProxy: "socks_port", 8123
FF NetworkProxy: "ssl", "183.220.172.208"
FF NetworkProxy: "ssl_port", 8123
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2631200458-2655560116-1998003478-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\dafty\AppData\Local\Hola\firefox\app\vlc [2015-07-14] ()
FF Plugin HKU\S-1-5-21-2631200458-2655560116-1998003478-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\dafty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF user.js: detected! => C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\user.js [2015-06-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2015-01-28]
FF Extension: Hola Better Internet - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\jid1-4P0kohSJxU1qGg@jetpack [2015-08-03]
FF Extension: ProxTube - Unblock YouTube - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\ich@maltegoetz.de.xpi [2015-04-21]
FF Extension: Thumbnail Zoom Plus - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2015-04-10]
FF Extension: {130be971-3417-47de-96ec-516c35ebd41c} - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{130be971-3417-47de-96ec-516c35ebd41c}.xpi [2014-12-11]
FF Extension: FlashGot - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-12-11]
FF Extension: ReloadEvery - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-01-31]
FF Extension: adblock manager - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{8b82b85e-1cb8-4fd7-baf2-f76c28f4e93a}.xpi [2014-12-15]
FF Extension: Adblock Plus - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-11]
FF Extension: Greasemonkey - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-04-10]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-12]
Chrome:
=======
CHR Profile: C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Google Docs) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Drive) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25]
CHR Extension: (YouTube) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25]
CHR Extension: (Google Search) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25]
CHR Extension: (Google Sheets) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-08]
CHR Extension: (Google Wallet) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25]
CHR Extension: (Gmail) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3719592 2015-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [356888 2015-07-28] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-20] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-08-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [245680 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [296896 2015-07-10] (AVG Technologies CZ, s.r.o.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-27] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 e1edc438-f640-4184-a443-d2a7c37a01dc; \??\C:\OA3_Scripts\MB_Tools\ASUS\690b33e1-0462-4e84-9bea-c7552b45432a.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-04 12:22 - 2015-08-04 12:22 - 00020969 _____ C:\Users\dafty\Desktop\FRST.txt
2015-08-04 12:22 - 2015-08-04 12:22 - 00000000 ____D C:\FRST
2015-08-04 12:21 - 2015-08-04 12:21 - 02169856 _____ (Farbar) C:\Users\dafty\Desktop\FRST64.exe
2015-08-02 19:00 - 2015-08-02 19:00 - 00000000 _____ C:\Users\dafty\Desktop\purple christmas ep.txt
2015-08-02 14:39 - 2015-08-02 14:39 - 00044216 _____ C:\Users\dafty\Documents\Track 2 - 414.sfk
2015-08-02 14:38 - 2015-08-02 14:39 - 11304774 _____ C:\Users\dafty\Documents\Track 2 - 414.wav
2015-08-02 14:38 - 2015-08-02 14:38 - 00002136 _____ C:\Users\dafty\Documents\Track 2 - 413.sfk
2015-08-02 14:37 - 2015-08-02 14:38 - 00531734 _____ C:\Users\dafty\Documents\Track 2 - 413.wav
2015-08-02 14:37 - 2015-08-02 14:37 - 00046320 _____ C:\Users\dafty\Documents\Track 2 - 412.sfk
2015-08-02 14:36 - 2015-08-02 14:37 - 11843634 _____ C:\Users\dafty\Documents\Track 2 - 412.wav
2015-08-02 14:36 - 2015-08-02 14:36 - 02885302 _____ C:\Users\dafty\Documents\Track 2 - 410.wav
2015-08-02 14:36 - 2015-08-02 14:36 - 01962362 _____ C:\Users\dafty\Documents\Track 2 - 411.wav
2015-08-02 14:36 - 2015-08-02 14:36 - 00011328 _____ C:\Users\dafty\Documents\Track 2 - 410.sfk
2015-08-02 14:36 - 2015-08-02 14:36 - 00007720 _____ C:\Users\dafty\Documents\Track 2 - 411.sfk
2015-08-02 14:36 - 2015-08-02 14:36 - 00000696 _____ C:\Users\dafty\Documents\Track 2 - 409.sfk
2015-08-02 14:35 - 2015-08-02 14:36 - 00164082 _____ C:\Users\dafty\Documents\Track 2 - 409.wav
2015-08-02 14:35 - 2015-08-02 14:35 - 03668250 _____ C:\Users\dafty\Documents\Track 2 - 406.wav
2015-08-02 14:35 - 2015-08-02 14:35 - 02642310 _____ C:\Users\dafty\Documents\Track 2 - 407.wav
2015-08-02 14:35 - 2015-08-02 14:35 - 01541258 _____ C:\Users\dafty\Documents\Track 2 - 408.wav
2015-08-02 14:35 - 2015-08-02 14:35 - 00014384 _____ C:\Users\dafty\Documents\Track 2 - 406.sfk
2015-08-02 14:35 - 2015-08-02 14:35 - 00010376 _____ C:\Users\dafty\Documents\Track 2 - 407.sfk
2015-08-02 14:35 - 2015-08-02 14:35 - 00006080 _____ C:\Users\dafty\Documents\Track 2 - 408.sfk
2015-08-02 14:22 - 2015-08-02 14:46 - 00000737 _____ C:\Users\dafty\Desktop\Neues Textdokument (4).txt
2015-08-02 12:56 - 2015-08-02 12:56 - 00000000 ____D C:\Users\dafty\Desktop\PK.08-02-2015.12-55-47.etl.NGENPDB
2015-08-02 12:55 - 2015-08-02 12:56 - 510656512 _____ C:\Users\dafty\Desktop\PK.08-02-2015.12-55-47.etl
2015-08-02 06:05 - 2015-08-02 06:05 - 00000000 _____ C:\Recovery.txt
2015-08-01 20:13 - 2015-08-01 20:13 - 00597304 _____ C:\Users\dafty\Downloads\flux-setup.exe
2015-08-01 20:13 - 2015-08-01 20:13 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-08-01 20:06 - 2015-08-01 20:06 - 00000000 _____ C:\Windows\setuperr.log
2015-08-01 18:15 - 2015-08-01 18:15 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2015-08-01 18:12 - 2015-08-01 18:12 - 00000000 ____D C:\Users\dafty\AppData\Roaming\AVG
2015-08-01 18:11 - 2015-08-01 18:12 - 00000000 ____D C:\ProgramData\AVG
2015-08-01 18:11 - 2015-08-01 18:11 - 115831096 _____ (AVG Technologies) C:\Users\dafty\Downloads\avg_tuh_stf_all_2015_604_24c28.exe
2015-08-01 17:59 - 2015-08-01 17:59 - 00000000 ____D C:\Users\dafty\AppData\Local\openvr
2015-08-01 13:40 - 2015-08-01 13:40 - 00000000 ____D C:\SymCache
2015-08-01 13:39 - 2015-08-01 13:39 - 00000000 ____D C:\Users\dafty\Documents\WPA Files
2015-08-01 13:39 - 2015-08-01 13:39 - 00000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2015-08-01 13:38 - 2015-08-01 13:40 - 00000000 ____D C:\Users\dafty\AppData\Local\Windows Performance Analyzer
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-08-01 13:37 - 2015-08-01 13:37 - 00998056 _____ (Microsoft Corporation) C:\Users\dafty\Downloads\sdksetup.exe
2015-08-01 13:31 - 2015-08-01 13:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-01 13:30 - 2015-08-01 13:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\dafty\Downloads\mbar-1.09.1.1004.exe
2015-08-01 12:54 - 2015-08-01 12:54 - 00000000 ____D C:\Users\dafty\AppData\Local\DunDefLauncher
2015-07-31 18:48 - 2015-07-31 18:48 - 00000000 ____D C:\Users\dafty\Documents\Out of the Park Developments
2015-07-31 18:48 - 2015-07-31 18:48 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Out of the Park Developments
2015-07-29 20:27 - 2015-07-23 02:46 - 00572232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-29 20:26 - 2015-07-23 06:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-29 20:26 - 2015-07-23 06:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00503592 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-07-29 19:26 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-29 19:26 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-07-29 19:26 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-07-29 19:26 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-29 19:26 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-29 19:26 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-29 19:26 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-29 19:26 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-28 11:02 - 2015-07-28 11:02 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-07-28 11:01 - 2015-07-28 11:01 - 00245680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-07-28 10:06 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:51 - 2015-07-27 12:51 - 01399536 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-07-27 12:51 - 2015-07-27 12:51 - 00881368 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-07-27 12:51 - 2015-07-27 12:51 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-07-27 12:51 - 2015-07-27 12:51 - 00000000 ____D C:\Windows\system32\DAX2
2015-07-27 12:50 - 2015-07-27 12:50 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-07-27 12:50 - 2015-07-27 12:50 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-07-27 12:50 - 2015-07-27 12:50 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-07-27 12:50 - 2015-07-27 12:50 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-07-27 12:50 - 2015-07-27 12:50 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-07-27 12:48 - 2015-08-04 06:51 - 00002864 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (dafty)
2015-07-27 12:48 - 2015-07-27 12:48 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-07-27 12:48 - 2015-07-27 12:48 - 00003222 _____ C:\Windows\System32\Tasks\Driver Booster Scan
2015-07-27 12:48 - 2015-07-27 12:48 - 00003166 _____ C:\Windows\System32\Tasks\Driver Booster Update
2015-07-27 12:48 - 2015-07-27 12:48 - 00000000 ____D C:\Users\dafty\AppData\Roaming\IObit
2015-07-27 12:48 - 2015-07-27 12:48 - 00000000 ____D C:\ProgramData\ProductData
2015-07-27 12:48 - 2015-07-27 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
2015-07-27 12:48 - 2015-07-27 12:48 - 00000000 ____D C:\ProgramData\IObit
2015-07-27 12:48 - 2015-07-27 12:48 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-27 12:47 - 2015-07-27 12:47 - 11792408 _____ (IObit ) C:\Users\dafty\Downloads\driver_booster_setup_2.4.0.19.exe
2015-07-26 17:17 - 2015-08-01 20:05 - 00002186 _____ C:\Windows\PFRO.log
2015-07-26 17:02 - 2015-08-01 13:31 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-07-26 17:02 - 2015-08-01 13:30 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-07-26 17:02 - 2015-07-26 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-07-26 17:02 - 2015-07-26 17:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-26 17:02 - 2015-07-26 17:02 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-07-26 17:02 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-07-26 17:02 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-07-25 15:21 - 2015-07-25 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-25 15:21 - 2015-07-25 15:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-25 13:29 - 2015-07-25 13:29 - 00000000 ____D C:\Users\dafty\AppData\Local\Intel
2015-07-24 19:25 - 2015-07-24 19:56 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Audacity
2015-07-24 19:24 - 2015-07-24 19:24 - 00330970 _____ C:\Users\dafty\Documents\Track 1 - 10.wav
2015-07-24 19:24 - 2015-07-24 19:24 - 00001352 _____ C:\Users\dafty\Documents\Track 1 - 10.sfk
2015-07-24 09:35 - 2015-07-24 09:35 - 00092168 _____ C:\Users\dafty\Documents\Track 2 - 405.sfk
2015-07-24 09:33 - 2015-07-24 09:35 - 23580062 _____ C:\Users\dafty\Documents\Track 2 - 405.wav
2015-07-24 09:33 - 2015-07-24 09:33 - 00020032 _____ C:\Users\dafty\Documents\Track 2 - 404.sfk
2015-07-24 09:32 - 2015-07-24 09:33 - 05113910 _____ C:\Users\dafty\Documents\Track 2 - 404.wav
2015-07-24 09:32 - 2015-07-24 09:32 - 00029648 _____ C:\Users\dafty\Documents\Track 2 - 403.sfk
2015-07-24 09:30 - 2015-07-24 09:32 - 07576530 _____ C:\Users\dafty\Documents\Track 2 - 403.wav
2015-07-24 09:30 - 2015-07-24 09:30 - 01721574 _____ C:\Users\dafty\Documents\Track 2 - 402.wav
2015-07-24 09:30 - 2015-07-24 09:30 - 00044920 _____ C:\Users\dafty\Documents\Track 2 - 401.sfk
2015-07-24 09:30 - 2015-07-24 09:30 - 00006784 _____ C:\Users\dafty\Documents\Track 2 - 402.sfk
2015-07-24 09:29 - 2015-07-24 09:30 - 11484638 _____ C:\Users\dafty\Documents\Track 2 - 401.wav
2015-07-24 09:29 - 2015-07-24 09:29 - 00010592 _____ C:\Users\dafty\Documents\Track 2 - 400.sfk
2015-07-24 09:28 - 2015-07-24 09:29 - 02698154 _____ C:\Users\dafty\Documents\Track 2 - 400.wav
2015-07-24 09:28 - 2015-07-24 09:28 - 00033840 _____ C:\Users\dafty\Documents\Track 2 - 399.sfk
2015-07-24 09:27 - 2015-07-24 09:28 - 08649734 _____ C:\Users\dafty\Documents\Track 2 - 399.wav
2015-07-24 09:27 - 2015-07-24 09:27 - 00009344 _____ C:\Users\dafty\Documents\Track 2 - 398.sfk
2015-07-24 09:26 - 2015-07-24 09:27 - 02377750 _____ C:\Users\dafty\Documents\Track 2 - 398.wav
2015-07-24 09:26 - 2015-07-24 09:26 - 01796426 _____ C:\Users\dafty\Documents\Track 2 - 397.wav
2015-07-24 09:26 - 2015-07-24 09:26 - 00007072 _____ C:\Users\dafty\Documents\Track 2 - 397.sfk
2015-07-24 03:57 - 2015-07-24 03:57 - 00030200 _____ C:\Users\dafty\Documents\Track 2 - 396.sfk
2015-07-24 03:56 - 2015-07-24 03:57 - 07717742 _____ C:\Users\dafty\Documents\Track 2 - 396.wav
2015-07-24 03:56 - 2015-07-24 03:56 - 00030936 _____ C:\Users\dafty\Documents\Track 2 - 395.sfk
2015-07-24 03:55 - 2015-07-24 03:56 - 07905982 _____ C:\Users\dafty\Documents\Track 2 - 395.wav
2015-07-24 03:55 - 2015-07-24 03:55 - 00009008 _____ C:\Users\dafty\Documents\Track 2 - 394.sfk
2015-07-24 03:49 - 2015-07-24 03:55 - 02290970 _____ C:\Users\dafty\Documents\Track 2 - 394.wav
2015-07-24 03:49 - 2015-07-24 03:49 - 00262696 _____ C:\Users\dafty\Documents\Track 2 - 393.sfk
2015-07-24 03:43 - 2015-07-24 03:49 - 67235686 _____ C:\Users\dafty\Documents\Track 2 - 393.wav
2015-07-24 03:43 - 2015-07-24 03:43 - 00013448 _____ C:\Users\dafty\Documents\Track 2 - 392.sfk
2015-07-24 03:42 - 2015-07-24 03:43 - 03428606 _____ C:\Users\dafty\Documents\Track 2 - 392.wav
2015-07-22 23:42 - 2015-07-22 23:42 - 00000000 _____ C:\Users\dafty\Desktop\zeugnis.txt
2015-07-22 09:54 - 2015-07-22 09:54 - 00000000 ____D C:\Users\dafty\AppData\Local\CEF
2015-07-22 09:37 - 2015-08-01 20:06 - 00006779 _____ C:\Windows\setupact.log
2015-07-22 09:36 - 2015-08-04 07:10 - 00811852 _____ C:\Windows\WindowsUpdate.log
2015-07-22 09:34 - 2015-07-22 09:34 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-22 09:34 - 2015-07-22 09:34 - 00000000 ____D C:\Program Files\CCleaner
2015-07-22 09:33 - 2015-08-03 23:11 - 00000000 ____D C:\Users\dafty\AppData\Local\ClassicShell
2015-07-22 09:32 - 2015-07-22 09:32 - 06677184 _____ (IvoSoft) C:\Users\dafty\Downloads\ClassicShellSetup_4_2_1-de.exe
2015-07-22 09:32 - 2015-07-22 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-07-22 09:32 - 2015-07-22 09:32 - 00000000 ____D C:\Program Files\Classic Shell
2015-07-21 15:51 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-21 15:51 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 15:48 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-21 15:48 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-21 15:48 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-21 15:48 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 23:27 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 05:41 - 2015-07-24 03:49 - 00001042 _____ C:\Users\dafty\Desktop\Neues Textdokument (3).txt
2015-07-19 18:37 - 2015-07-19 18:38 - 00000000 ____D C:\Users\dafty\AppData\Local\SpreadsheetTools
2015-07-18 14:03 - 2015-07-18 14:03 - 00002434 _____ C:\Windows\System32\Tasks\0715avUpdateInfo
2015-07-18 14:03 - 2015-07-18 14:03 - 00000334 _____ C:\Windows\Tasks\0715avUpdateInfo.job
2015-07-18 14:03 - 2015-07-18 14:03 - 00000000 ____D C:\ProgramData\Avg_Update_0715av
2015-07-17 16:45 - 2015-07-17 16:45 - 19437464 _____ C:\Users\dafty\Desktop\Im not gay but 20 is 20.mp4
2015-07-17 14:47 - 2015-07-24 09:24 - 00000875 _____ C:\Users\dafty\Desktop\all.txt
2015-07-16 23:53 - 2015-07-16 23:53 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Trove
2015-07-16 20:43 - 2015-07-24 03:04 - 00001197 _____ C:\Users\dafty\Desktop\thainuttenstory.txt
2015-07-16 15:32 - 2015-08-04 08:12 - 00001864 _____ C:\Users\dafty\Desktop\Neues Textdokument (2).txt
2015-07-15 12:41 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:41 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:41 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:41 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:41 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:41 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 12:41 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:41 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:41 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:41 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:41 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:41 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:41 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:41 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:41 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:41 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:41 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:41 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:41 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:41 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:41 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:41 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:41 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:41 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 12:41 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:41 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:41 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:41 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 12:41 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:41 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:41 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:41 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:41 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:41 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:41 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:41 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:41 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 12:41 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 12:41 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 12:41 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 12:41 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 12:41 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 12:41 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 12:41 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 12:41 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 12:41 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 12:41 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 12:40 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:40 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:40 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:40 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:40 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 12:40 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:40 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:40 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 12:40 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:40 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 12:40 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 12:40 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:40 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:40 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 12:40 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:40 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:40 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:40 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:40 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:40 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:40 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 12:40 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:40 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:40 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 12:40 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:40 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 12:40 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 12:40 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:40 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:40 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:40 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 12:40 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:40 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:39 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 12:39 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 12:39 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 12:39 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 12:39 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:39 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:39 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 12:39 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 12:38 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:38 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:38 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:38 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:38 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:38 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:38 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:38 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:38 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:38 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:38 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:38 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:38 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 12:38 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 12:38 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 12:38 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:38 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 12:38 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:38 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 12:38 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 12:38 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 12:38 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 12:38 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 12:38 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 21:33 - 2015-07-12 22:03 - 00000000 ____D C:\Users\dafty\AppData\Local\Ori and the Blind Forest
2015-07-12 16:01 - 2015-07-12 16:01 - 00000000 ____D C:\Users\dafty\AppData\Roaming\com.jackboxgames.quiplash
2015-07-10 20:34 - 2015-07-10 20:34 - 00028016 _____ C:\Users\dafty\Documents\Track 2 - 391.sfk
2015-07-10 20:33 - 2015-07-10 20:34 - 07158598 _____ C:\Users\dafty\Documents\Track 2 - 391.wav
2015-07-10 20:33 - 2015-07-10 20:33 - 01790838 _____ C:\Users\dafty\Documents\Track 2 - 390.wav
2015-07-10 20:33 - 2015-07-10 20:33 - 00044368 _____ C:\Users\dafty\Documents\Track 3 - 40.sfk
2015-07-10 20:33 - 2015-07-10 20:33 - 00007048 _____ C:\Users\dafty\Documents\Track 2 - 390.sfk
2015-07-10 20:31 - 2015-07-10 20:33 - 11343362 _____ C:\Users\dafty\Documents\Track 3 - 40.wav
2015-07-10 20:31 - 2015-07-10 20:31 - 00056208 _____ C:\Users\dafty\Documents\Track 3 - 39.sfk
2015-07-10 20:30 - 2015-07-10 20:31 - 14374722 _____ C:\Users\dafty\Documents\Track 3 - 39.wav
2015-07-10 20:30 - 2015-07-10 20:30 - 00032808 _____ C:\Users\dafty\Documents\Track 3 - 38.sfk
2015-07-10 20:29 - 2015-07-10 20:30 - 08383802 _____ C:\Users\dafty\Documents\Track 3 - 38.wav
2015-07-10 20:29 - 2015-07-10 20:29 - 00055584 _____ C:\Users\dafty\Documents\Track 3 - 37.sfk
2015-07-10 20:27 - 2015-07-10 20:29 - 14215822 _____ C:\Users\dafty\Documents\Track 3 - 37.wav
2015-07-10 20:27 - 2015-07-10 20:27 - 01172574 _____ C:\Users\dafty\Documents\Track 3 - 36.wav
2015-07-10 20:27 - 2015-07-10 20:27 - 00059952 _____ C:\Users\dafty\Documents\Track 3 - 35.sfk
2015-07-10 20:27 - 2015-07-10 20:27 - 00004632 _____ C:\Users\dafty\Documents\Track 3 - 36.sfk
2015-07-10 20:25 - 2015-07-10 20:27 - 15332534 _____ C:\Users\dafty\Documents\Track 3 - 35.wav
2015-07-10 20:25 - 2015-07-10 20:25 - 01277198 _____ C:\Users\dafty\Documents\Track 3 - 34.wav
2015-07-10 20:25 - 2015-07-10 20:25 - 00025704 _____ C:\Users\dafty\Documents\Track 3 - 33.sfk
2015-07-10 20:25 - 2015-07-10 20:25 - 00005048 _____ C:\Users\dafty\Documents\Track 3 - 34.sfk
2015-07-10 20:24 - 2015-07-10 20:25 - 06565038 _____ C:\Users\dafty\Documents\Track 3 - 33.wav
2015-07-10 20:24 - 2015-07-10 20:24 - 00004568 _____ C:\Users\dafty\Documents\Track 3 - 32.sfk
2015-07-10 20:23 - 2015-07-10 20:24 - 01154982 _____ C:\Users\dafty\Documents\Track 3 - 32.wav
2015-07-10 20:23 - 2015-07-10 20:23 - 03728874 _____ C:\Users\dafty\Documents\Track 3 - 31.wav
2015-07-10 20:23 - 2015-07-10 20:23 - 00014624 _____ C:\Users\dafty\Documents\Track 3 - 31.sfk
2015-07-10 20:23 - 2015-07-10 20:23 - 00005144 _____ C:\Users\dafty\Documents\Track 3 - 30.sfk
2015-07-10 20:22 - 2015-07-10 20:23 - 01302154 _____ C:\Users\dafty\Documents\Track 3 - 30.wav
2015-07-10 20:22 - 2015-07-10 20:22 - 03654498 _____ C:\Users\dafty\Documents\Track 3 - 29.wav
2015-07-10 20:22 - 2015-07-10 20:22 - 00014592 _____ C:\Users\dafty\Documents\Track 3 - 28.sfk
2015-07-10 20:22 - 2015-07-10 20:22 - 00014328 _____ C:\Users\dafty\Documents\Track 3 - 29.sfk
2015-07-10 20:21 - 2015-07-10 20:22 - 03721142 _____ C:\Users\dafty\Documents\Track 3 - 28.wav
2015-07-10 20:21 - 2015-07-10 20:21 - 00016400 _____ C:\Users\dafty\Documents\Track 3 - 27.sfk
2015-07-10 20:20 - 2015-07-10 20:21 - 04184842 _____ C:\Users\dafty\Documents\Track 3 - 27.wav
2015-07-10 20:20 - 2015-07-10 20:20 - 02491082 _____ C:\Users\dafty\Documents\Track 3 - 26.wav
2015-07-10 20:20 - 2015-07-10 20:20 - 00028432 _____ C:\Users\dafty\Documents\Track 3 - 25.sfk
2015-07-10 20:20 - 2015-07-10 20:20 - 00009784 _____ C:\Users\dafty\Documents\Track 3 - 26.sfk
2015-07-10 20:19 - 2015-07-10 20:20 - 07264714 _____ C:\Users\dafty\Documents\Track 3 - 25.wav
2015-07-10 20:19 - 2015-07-10 20:19 - 01390362 _____ C:\Users\dafty\Documents\Track 3 - 24.wav
2015-07-10 20:19 - 2015-07-10 20:19 - 00006784 _____ C:\Users\dafty\Documents\Track 3 - 23.sfk
2015-07-10 20:19 - 2015-07-10 20:19 - 00005488 _____ C:\Users\dafty\Documents\Track 3 - 24.sfk
2015-07-10 20:15 - 2015-07-10 20:19 - 01722894 _____ C:\Users\dafty\Documents\Track 3 - 23.wav
2015-07-10 20:15 - 2015-07-10 20:15 - 00025328 _____ C:\Users\dafty\Documents\Track 3 - 22.sfk
2015-07-10 20:14 - 2015-07-10 20:15 - 06469838 _____ C:\Users\dafty\Documents\Track 3 - 22.wav
2015-07-10 20:14 - 2015-07-10 20:14 - 00016984 _____ C:\Users\dafty\Documents\Track 3 - 21.sfk
2015-07-10 20:13 - 2015-07-10 20:14 - 04333994 _____ C:\Users\dafty\Documents\Track 3 - 21.wav
2015-07-10 20:13 - 2015-07-10 20:13 - 00046552 _____ C:\Users\dafty\Documents\Track 3 - 20.sfk
2015-07-10 20:12 - 2015-07-10 20:13 - 11903874 _____ C:\Users\dafty\Documents\Track 3 - 20.wav
2015-07-10 20:12 - 2015-07-10 20:12 - 00001464 _____ C:\Users\dafty\Documents\Track 3 - 19.sfk
2015-07-10 20:11 - 2015-07-10 20:12 - 00360406 _____ C:\Users\dafty\Documents\Track 3 - 19.wav
2015-07-10 20:11 - 2015-07-10 20:11 - 00049608 _____ C:\Users\dafty\Documents\Track 3 - 18.sfk
2015-07-10 20:09 - 2015-07-10 20:11 - 12685474 _____ C:\Users\dafty\Documents\Track 3 - 18.wav
2015-07-10 20:09 - 2015-07-10 20:09 - 03710030 _____ C:\Users\dafty\Documents\Track 3 - 17.wav
2015-07-10 20:09 - 2015-07-10 20:09 - 00019032 _____ C:\Users\dafty\Documents\Track 3 - 16.sfk
2015-07-10 20:09 - 2015-07-10 20:09 - 00014544 _____ C:\Users\dafty\Documents\Track 3 - 17.sfk
2015-07-10 20:08 - 2015-07-10 20:09 - 04857066 _____ C:\Users\dafty\Documents\Track 3 - 16.wav
2015-07-10 20:08 - 2015-07-10 20:08 - 01308074 _____ C:\Users\dafty\Documents\Track 3 - 15.wav
2015-07-10 20:08 - 2015-07-10 20:08 - 00058272 _____ C:\Users\dafty\Documents\Track 3 - 14.sfk
2015-07-10 20:08 - 2015-07-10 20:08 - 00005168 _____ C:\Users\dafty\Documents\Track 3 - 15.sfk
2015-07-10 20:05 - 2015-07-10 20:08 - 14904370 _____ C:\Users\dafty\Documents\Track 3 - 14.wav
2015-07-10 20:05 - 2015-07-10 20:05 - 00043744 _____ C:\Users\dafty\Documents\Track 3 - 13.sfk
2015-07-10 20:04 - 2015-07-10 20:05 - 11184458 _____ C:\Users\dafty\Documents\Track 3 - 13.wav
2015-07-10 20:04 - 2015-07-10 20:04 - 00024872 _____ C:\Users\dafty\Documents\Track 3 - 12.sfk
2015-07-10 20:03 - 2015-07-10 20:04 - 06353706 _____ C:\Users\dafty\Documents\Track 3 - 12.wav
2015-07-10 20:03 - 2015-07-10 20:03 - 02776510 _____ C:\Users\dafty\Documents\Track 3 - 11.wav
2015-07-10 20:03 - 2015-07-10 20:03 - 00031232 _____ C:\Users\dafty\Documents\Track 3 - 10.sfk
2015-07-10 20:03 - 2015-07-10 20:03 - 00010904 _____ C:\Users\dafty\Documents\Track 3 - 11.sfk
2015-07-10 20:02 - 2015-07-10 20:03 - 07980166 _____ C:\Users\dafty\Documents\Track 3 - 10.wav
2015-07-10 20:02 - 2015-07-10 20:02 - 00950686 _____ C:\Users\dafty\Documents\Track 3 - 9.wav
2015-07-10 20:02 - 2015-07-10 20:02 - 00708142 _____ C:\Users\dafty\Documents\Track 3 - 8.wav
2015-07-10 20:02 - 2015-07-10 20:02 - 00003768 _____ C:\Users\dafty\Documents\Track 3 - 9.sfk
2015-07-10 20:02 - 2015-07-10 20:02 - 00002992 _____ C:\Users\dafty\Documents\Track 3 - 7.sfk
2015-07-10 20:02 - 2015-07-10 20:02 - 00002824 _____ C:\Users\dafty\Documents\Track 3 - 8.sfk
2015-07-10 20:01 - 2015-07-10 20:02 - 00751774 _____ C:\Users\dafty\Documents\Track 3 - 7.wav
2015-07-10 07:31 - 2015-07-10 07:31 - 00296896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys
2015-07-10 00:26 - 2015-07-10 00:26 - 47980978 _____ C:\Users\dafty\Downloads\Black Christmas (F.K.).wav
2015-07-09 21:19 - 2015-07-09 21:19 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-09 21:19 - 2015-07-09 21:19 - 00000000 ____D C:\ProgramData\EA Core
2015-07-07 21:58 - 2015-07-07 22:05 - 00000000 ____D C:\Users\dafty\Desktop\cc
2015-07-07 13:57 - 2015-07-07 13:57 - 00563222 _____ C:\Users\dafty\Documents\Track 1 - 9.wav
2015-07-07 13:57 - 2015-07-07 13:57 - 00002256 _____ C:\Users\dafty\Documents\Track 1 - 9.sfk
2015-07-07 11:31 - 2015-07-07 13:53 - 00001005 _____ C:\Users\dafty\Desktop\Neues Textdokument.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-04 12:22 - 2014-12-11 18:12 - 00000000 ____D C:\ProgramData\MFAData
2015-08-04 12:21 - 2015-01-27 10:07 - 00001004 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-08-04 12:21 - 2014-12-11 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-08-04 12:09 - 2015-04-25 16:50 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 11:56 - 2014-12-14 20:47 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-04 11:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-04 07:26 - 2014-12-11 21:22 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-04 07:26 - 2014-12-11 20:49 - 00000000 ____D C:\Users\dafty\AppData\Local\Battle.net
2015-08-04 06:53 - 2014-12-11 18:13 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{01010920-0C12-4BAF-8173-C97CB61BBA3B}
2015-08-04 06:50 - 2015-04-25 16:50 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 06:50 - 2014-12-02 20:08 - 00027484 _____ C:\Windows\SysWOW64\Gms.log
2015-08-03 23:11 - 2014-12-11 23:03 - 00000000 ____D C:\Users\dafty\AppData\Roaming\TS3Client
2015-08-03 20:08 - 2014-12-11 18:34 - 00000000 ____D C:\Users\dafty\AppData\Roaming\vlc
2015-08-02 12:27 - 2014-12-11 18:08 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2631200458-2655560116-1998003478-1001
2015-08-01 20:14 - 2015-06-11 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2015-08-01 20:14 - 2015-06-11 18:49 - 00000000 ____D C:\Program Files (x86)\LEGO Company
2015-08-01 20:13 - 2015-06-23 21:10 - 00000000 ____D C:\ProgramData\Freemake
2015-08-01 20:13 - 2015-06-23 21:10 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-08-01 20:13 - 2015-04-07 19:34 - 00000000 ____D C:\Users\dafty\AppData\Local\FluxSoftware
2015-08-01 20:12 - 2014-09-24 01:19 - 00765378 _____ C:\Windows\system32\perfh007.dat
2015-08-01 20:12 - 2014-09-24 01:19 - 00159696 _____ C:\Windows\system32\perfc007.dat
2015-08-01 20:12 - 2014-09-24 00:34 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-01 20:06 - 2014-12-02 20:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-01 20:06 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-01 18:15 - 2015-04-17 19:45 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Skype
2015-08-01 18:15 - 2015-02-19 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-08-01 18:15 - 2015-02-14 15:23 - 00000000 ____D C:\Users\dafty\.thumbnails
2015-08-01 18:15 - 2014-12-16 21:34 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Sony
2015-08-01 18:15 - 2014-12-12 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-08-01 18:12 - 2015-05-21 08:44 - 00000000 ____D C:\Users\dafty\AppData\Local\Avg
2015-08-01 18:12 - 2014-12-11 18:21 - 00000000 ____D C:\Program Files (x86)\AVG
2015-08-01 13:38 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-31 22:17 - 2015-06-23 17:26 - 00001091 _____ C:\Users\dafty\Desktop\insane.txt
2015-07-29 20:28 - 2014-12-02 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-29 20:28 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-29 19:26 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-28 18:41 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-27 17:48 - 2015-05-26 20:48 - 00000000 ____D C:\Users\dafty\Desktop\dokum
2015-07-27 12:51 - 2014-12-21 01:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-26 17:17 - 2013-08-22 17:43 - 00000000 ____D C:\Windows\DigitalLocker
2015-07-26 17:01 - 2015-02-15 17:05 - 00007597 _____ C:\Users\dafty\AppData\Local\Resmon.ResmonCfg
2015-07-26 01:43 - 2015-04-04 18:14 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 20:23 - 2014-12-28 01:39 - 00000000 ____D C:\Users\dafty\Desktop\pr0
2015-07-25 13:30 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\Intel
2015-07-25 03:23 - 2015-03-09 23:09 - 00000000 ____D C:\Users\dafty\Desktop\frap
2015-07-24 20:04 - 2014-12-15 16:54 - 00000000 ____D C:\Users\dafty\AppData\Local\Microsoft Games
2015-07-24 19:57 - 2014-12-16 19:44 - 00000000 ____D C:\Users\dafty\AppData\Local\CrashDumps
2015-07-24 19:56 - 2014-12-23 17:59 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-07-24 06:21 - 2014-12-02 20:05 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-24 04:10 - 2015-06-30 14:22 - 00002142 _____ C:\Users\dafty\Desktop\limbo.txt
2015-07-23 06:06 - 2015-06-06 09:18 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-23 03:31 - 2014-12-02 20:05 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-23 03:31 - 2014-12-02 20:05 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 09:38 - 2014-12-11 18:03 - 00000000 ____D C:\Users\dafty
2015-07-22 09:36 - 2014-12-12 18:41 - 00000000 ____D C:\Users\dafty\AppData\Local\PDFCreator
2015-07-22 09:30 - 2014-12-11 18:24 - 00000000 ____D C:\Users\dafty\AppData\Roaming\ClassicShell
2015-07-21 15:14 - 2013-08-22 16:44 - 00376712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 16:16 - 2014-12-02 20:05 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-07-20 15:50 - 2015-01-02 23:52 - 00000000 ____D C:\Users\dafty\Documents\My Games
2015-07-17 18:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-17 14:36 - 2015-04-17 19:52 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-17 14:36 - 2015-04-17 19:52 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 14:36 - 2015-04-17 19:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-16 21:20 - 2014-12-11 18:56 - 00000000 ____D C:\Users\dafty\AppData\Local\Paint.NET
2015-07-15 23:04 - 2015-04-25 16:50 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 23:04 - 2015-04-25 16:50 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 19:41 - 2015-04-15 21:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 19:41 - 2014-11-20 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 19:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 19:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 19:39 - 2015-01-17 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 19:37 - 2014-09-24 01:08 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:40 - 2014-12-11 18:50 - 00000000 ____D C:\Users\dafty\AppData\Local\Adobe
2015-07-14 23:29 - 2015-06-07 19:41 - 00000237 _____ C:\Users\dafty\Desktop\pb.txt
2015-07-14 23:27 - 2015-06-23 18:52 - 00000000 ____D C:\Users\dafty\Desktop\SP
2015-07-14 17:01 - 2014-12-11 21:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 17:00 - 2014-12-25 14:47 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 14:03 - 2015-04-04 18:14 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 23:10 - 2015-05-14 13:48 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2015-05-14 13:48 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 21:19 - 2014-12-11 18:03 - 00000000 ____D C:\Users\dafty\AppData\Local\VirtualStore
2015-07-09 18:35 - 2015-02-16 04:30 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-07-09 18:35 - 2015-02-16 04:30 - 00000978 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-07-09 15:56 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-07-07 22:20 - 2014-12-13 20:33 - 00000000 ____D C:\Users\dafty\Desktop\beats
2015-07-07 22:16 - 2015-03-20 22:46 - 00000000 ____D C:\Users\dafty\Desktop\tape
2015-07-06 15:22 - 2014-12-13 19:23 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Xfire
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-06-08 01:49 - 2015-06-08 01:49 - 0000832 _____ () C:\Users\dafty\AppData\Local\recently-used.xbel
2015-02-15 17:05 - 2015-07-26 17:01 - 0007597 _____ () C:\Users\dafty\AppData\Local\Resmon.ResmonCfg
2014-12-02 20:16 - 2014-12-02 20:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\dafty\fraps.exe
C:\Users\dafty\fraps32.dll
C:\Users\dafty\fraps64.dat
C:\Users\dafty\fraps64.dll
C:\Users\dafty\frapslcd.dll
C:\Users\dafty\uninstall.exe
Einige Dateien in TEMP:
====================
C:\Users\dafty\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\dafty\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\dafty\AppData\Local\Temp\nvStInst.exe
C:\Users\dafty\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\dafty\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\dafty\AppData\Local\Temp\TUUUninstallHelper.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-31 06:33
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von dafty (2015-08-04 12:22:40)
Gestartet von C:\Users\dafty\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2631200458-2655560116-1998003478-500 - Administrator - Disabled)
Gast (S-1-5-21-2631200458-2655560116-1998003478-501 - Limited - Disabled)
dafty (S-1-5-21-2631200458-2655560116-1998003478-1001 - Administrator - Enabled) => C:\Users\dafty
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Out of date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Out of date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6122 - AVG Technologies)
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6122 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Cosmic DJ (HKLM-x32\...\Steam App 297110) (Version: - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Drive Any Track (HKLM-x32\...\Steam App 351990) (Version: - FOAM Entertainment)
Driver Booster 2.4 (HKLM-x32\...\Driver Booster_is1) (Version: 2.4 - IObit)
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
f.lux (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Flux) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version: - Telltale Games)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.4.1000 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Access 2007 (HKLM-x32\...\Access) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.7.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Out of the Park Baseball 15 (HKLM-x32\...\Steam App 272670) (Version: - Out of the Park Developments)
Paint.NET v3.5.9 (HKLM\...\{7A61142C-CA19-4F3C-BA66-FF8F131501FA}) (Version: 3.59.0 - dotPDN LLC)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ACHTUNG
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Startfenster (HKLM-x32\...\Startfenster) (Version: - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Unity Web Player (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Vegas Pro 10.0 (64-bit) (HKLM\...\{C71D49C0-11F5-11E0-B8FB-0013D3D69929}) (Version: 10.0.470 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26936 - Microsoft) Hidden
Xfire (HKLM-x32\...\Xfire) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
25-07-2015 13:29:05 Intel Driver Update Utility
27-07-2015 12:50:38 Driver Booster : Intel(R) 4th Gen Core processor DRAM Controller - 0C00
01-08-2015 18:12:01 AVG PC TuneUp 2015 wird installiert
04-08-2015 12:21:16 Installed AVG 2015
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {062C1A9C-EBE7-4A16-A89A-9F4A87845A51} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {228A5ACB-A0B5-4529-A85B-128400097654} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2015-07-06] (IObit)
Task: {26159DD5-2359-4DBE-AEB5-BBB3B9FFDF29} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2AB3746C-64A8-4A52-A4EF-7A7633D33586} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {3B7DB6B4-AE88-46F8-AC0F-9BFF9B08C3B5} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe [2015-07-06] (IObit)
Task: {5243611D-184F-4F92-8EF9-D02DC10590C3} - System32\Tasks\Driver Booster SkipUAC (dafty) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2015-07-06] (IObit)
Task: {55B5C86B-B747-492A-9BA4-7E92AE715E61} - System32\Tasks\0715avUpdateInfo => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe [2015-07-07] ()
Task: {70AADACD-010E-4B24-9352-679E90C8F94D} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {9638ACF4-8134-4B27-89E2-882C0D46E307} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {98610F4B-F4F0-442D-AFD7-D37962F9BA68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {DA49990E-1479-4AC8-A844-3DE5C07F4577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\0715avUpdateInfo.job => C:\ProgramData\Avg_Update_0715av\0715av_AVG-Secure-Search-Update.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-12-11 19:07 - 2013-07-04 04:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2014-12-02 20:05 - 2015-07-23 03:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-11 19:07 - 2015-08-01 20:06 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-12-11 19:07 - 2012-05-08 09:04 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2014-03-20 21:43 - 2014-03-20 21:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-16 20:34 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C24B070-1F70-4829-8227-81E638D64DE7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{259BAFE7-DFBA-44E1-9CE9-345FC9F28374}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{612F14A7-8D8A-487A-B5C5-123D0E72FEBF}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{337511E4-F66D-41C8-BB93-37A638D23E36}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [{128E619C-D5A5-4682-8539-C70E12F343C5}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{F1A0238E-F62F-4454-B0AF-60164CD69A25}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{5324CDF2-D84D-4AF1-A9D2-E7E6BDF16EBA}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{1744CF8D-6DD3-4EB9-BF8C-C0994A3563BF}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCB005B0-1022-426F-A4D0-D40DB2EC1B2D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D94338D8-53A0-4729-90A2-75D5E9A8BC8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6ED5B567-610F-4445-B68C-1AEB071F6220}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41475297-DE10-4925-9244-166A9684B50A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43327DCD-722E-41FB-89E4-3A8FE33B3322}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50678CAC-82B6-4BB2-A41D-B91AA195DB86}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{93094BF3-B274-4A22-B6A2-E840BEAF4D01}] => (Allow) E:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{3B477DE3-42C4-426C-8218-94E707C77094}] => (Allow) E:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C99365DE-114B-40DC-94DB-D6BDCE4F5F60}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2A39D611-1ABE-456C-A774-48ACFE9CA795}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{825600EB-06FE-4843-801B-40B591CC2971}] => (Allow) E:\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{105F16EE-4D5B-46CA-B037-ABE617E51414}] => (Allow) E:\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{6728D28F-8248-43C4-8E74-82D137D3CA5C}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{5B77052A-FAE2-4617-BAAB-539AE3A91909}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{10A56769-86F5-4768-86B0-E60A0BFC392A}] => (Allow) E:\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C9E4A5A7-4767-4592-B029-64AE76B73FC6}] => (Allow) E:\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{1D0820DA-6905-40D6-A9B6-BF160F436DA3}] => (Allow) E:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{688A081B-34C3-4F43-8052-70FFF9F27086}] => (Allow) E:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{012817A9-C94A-41AC-8D5B-D85A76770642}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A55A42E4-9D2A-42D1-8981-17A94E5547AA}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{65668050-4342-446D-9596-91A58E8BD952}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38A52330-8353-4725-88E4-3F9CA12ED38B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{598491ED-D1F2-48EA-983D-B0CCD88B2710}] => (Allow) E:\diablo\Diablo III\Diablo III.exe
FirewallRules: [{4B3B4223-C347-457F-BAF6-60B66CF02C0F}] => (Allow) E:\diablo\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{96644349-142F-4E5A-B539-941FA30C041A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AA19499E-CA1F-483C-9EDB-002AEFC5379E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{B7D096CB-988F-4D69-947A-28981F53DD40}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{9166F1D7-9D4B-42F0-8854-31C6C1005783}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Allow) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{B7FD7E69-0292-48D9-BF5D-BE25314F4AFE}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{0E1EEE3C-AC88-4D9B-8320-3B0D9379DC1A}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{07604364-079B-415E-B025-F4D1D709CFDF}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{C97808D2-7D23-47BF-AD18-8354D8B29074}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{491380B2-0C2D-4FD2-85D8-F6C18D00396C}C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{14D43A18-5DBA-4819-A56B-9B33F7534631}C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C8BCC37F-7881-411C-B319-E07DEAB6788B}] => (Allow) E:\Steam\steamapps\common\Drive Any Track\Game.exe
FirewallRules: [{1BC462F9-32F8-4859-AF65-8360619CF179}] => (Allow) E:\Steam\steamapps\common\Drive Any Track\Game.exe
FirewallRules: [{2D7BBE1A-EE2B-4339-A4DA-9FC9E2A7E225}] => (Allow) E:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{86D278DD-10A2-4C9A-9B33-FCB1677AF05F}] => (Allow) E:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{7981230B-A540-44E1-97BD-8DB04652B55F}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0717A968-D7E4-45B0-A77E-EC0B1BC7C1A9}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BC602D55-2D7D-49AD-9831-BEC4F1773DF3}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{EBF905AC-7C79-44D8-B335-9AEDE19FA98C}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B1A63470-6542-42F9-8E6B-BFC517900FDB}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{7C8A0858-B600-42B7-B5C1-B4C4D91DBDED}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0E9197BB-12C2-415E-9CCA-F152E949BEFB}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{38A99A4B-CB79-4E3E-A266-82F655FE0023}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{677666BE-A61B-458B-A60B-6410F8A4A3E5}] => (Allow) E:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{E61A7172-02D6-4A77-94CE-11663EC7F18B}] => (Allow) E:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{60852B25-CA30-4779-A6CD-3BAB56889915}] => (Allow) E:\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{A1DF2AEF-8C13-45F1-9160-4683E195B8BB}] => (Allow) E:\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E699BCF3-FBE3-4F8E-9D18-DD6E2D799296}] => (Allow) E:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D2E0EE71-110E-4F8B-BEC4-B748CA0DCEB5}] => (Allow) E:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{F819B539-CCAF-44F6-9AA2-7D873C852F06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7DD8DA7C-B014-4EDA-A3F3-F3923F51EB1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2D43169B-BE88-4E0D-A783-E94A25A8017E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD1E4005-10D7-4AC1-991C-AD71CFBF6D2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EF7F6849-CBDC-4EDD-8F38-23ECF92BE4F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DCEF2CCE-5013-4F89-A7C9-B2C725C27C60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{127C2654-091F-4048-AB63-28352E972F9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5B7FD887-0E77-4FAD-AD32-E2B02398A275}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BBD732B-C775-4E5E-9B79-A03E24AAB431}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1AB3403C-3DF6-436C-B23C-26E70C91E2CB}] => (Allow) E:\Steam\steamapps\common\OOTP Baseball 15\ootp15.exe
FirewallRules: [{8E7563D3-D46F-495B-9E33-02E68812274A}] => (Allow) E:\Steam\steamapps\common\OOTP Baseball 15\ootp15.exe
FirewallRules: [{BF112708-CAC7-4076-AA5B-716E9E03AE87}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6851030E-0003-41BB-A5D6-8DD8B2ACF928}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{BB28D737-CAF9-4D64-992A-8246CC80C35A}] => (Allow) E:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{F8239C16-692E-4C59-A087-6C9A8C9C4BC3}] => (Allow) E:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{506BD925-FA40-4199-801F-0B8BBA638139}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{33CE761B-EB37-427A-93C0-0740F66CB890}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{749E0DC3-D037-4D51-9926-C3E712F3798D}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{6BD3FD2A-37E7-4A24-8289-0A9A03869167}] => (Allow) E:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{B6C10A85-A808-4B38-92DA-395D236D21EB}] => (Allow) E:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{5487603C-A155-428E-BA04-0DC343D0747A}] => (Allow) E:\Steam\steamapps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{ADBE53C9-F0DE-4C58-A41B-014ACFEA3DD1}] => (Allow) E:\Steam\steamapps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{5E6E87ED-3CC9-47F0-B459-865C0B964B51}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{118D23C2-4ACA-45C0-B219-8C1445ADEC8A}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E80C62A2-B72A-42EE-A181-2CED73B965AF}] => (Allow) E:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{72D71521-2A9E-413C-823A-F79839833895}] => (Allow) E:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{D6A2C60D-E023-4E06-B842-1931601E4EE8}] => (Allow) E:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{F0947861-1EA5-46AC-B981-477826C52832}] => (Allow) E:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{FBC6EF95-9EB7-4B12-A0D3-9EC324A6C314}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2CA57EDF-CF02-4135-84F2-D601CE511120}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{9E9519C1-0A34-43C7-BDBE-C78A272ED57A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{221312D7-2C7A-41DA-B668-403C904AE5B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6E3097F9-BFBC-447A-AC47-167F656A7AED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7825C020-F9C8-47A5-BA26-71DD529CA0AA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/04/2015 07:01:23 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/03/2015 08:54:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1788
Startzeit: 01d0ce1d4acd6961
Endzeit: 4294967295
Anwendungspfad: E:\Steam\steamapps\common\Half-Life 2\hl2.exe
Berichts-ID: 004ed44c-3a11-11e5-82b6-ac9e17ec65ea
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 10 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PK.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 12 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PK-2.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 10 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.C.B.4.0.0.C.C.0.9.0.1.8.2.0.A.2.ip6.arpa. PTR PK.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 12 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.C.B.4.0.0.C.C.0.9.0.1.8.2.0.A.2.ip6.arpa. PTR PK-2.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 10 123.0.168.192.in-addr.arpa. PTR PK.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 12 123.0.168.192.in-addr.arpa. PTR PK-2.local.
Error: (08/03/2015 06:48:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 PK.local. AAAA FE80:0000:0000:0000:E0C7:5AA2:D6C6:57FD
Error: (08/03/2015 06:48:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 16 PK.local. AAAA 2A02:8109:0CC0:04BC:08E3:C563:0F4F:9E99
Systemfehler:
=============
Error: (08/04/2015 07:02:11 AM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/04/2015 07:01:41 AM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/03/2015 06:58:39 AM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/03/2015 06:58:09 AM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/02/2015 12:28:57 PM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (08/02/2015 12:28:27 PM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/01/2015 08:06:18 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect 2 Creator" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/01/2015 12:08:09 PM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Error: (08/01/2015 12:07:39 PM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
Error: (07/31/2015 06:34:22 AM) (Source: DCOM) (EventID: 10010) (User: PK)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Microsoft Office:
=========================
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 29%
Total physical RAM: 8135.07 MB
Available physical RAM: 5721.14 MB
Total Virtual: 9415.07 MB
Available Virtual: 6599.28 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:105.8 GB) (Free:45.45 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:701.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 1ADB6A34)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 503117A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
|
|
04.08.2015, 11:50
| #2 |
| /// TB-Ausbilder   | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
04.08.2015, 13:13
| #3 |
| | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten AdwCleaner
__________________Code:
ATTFilter # AdwCleaner v4.208 - Bericht erstellt 04/08/2015 um 13:33:23
# Aktualisiert 09/07/2015 von Xplode
# Datenbank : 2015-08-01.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : dafty - PK
# Gestarted von : C:\Users\dafty\Downloads\AdwCleaner_4.208.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : e1edc438-f640-4184-a443-d2a7c37a01dc
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\AVG Security Toolbar
Ordner Gelöscht : C:\Users\dafty\AppData\Local\pdfforge
Ordner Gelöscht : C:\Users\dafty\AppData\Local\Hola
Ordner Gelöscht : C:\Users\dafty\AppData\Roaming\pdfforge
Datei Gelöscht : C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\foxydeal.sqlite
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml
Datei Gelöscht : C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\user.js
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules [TCP Query User{B7D096CB-988F-4D69-947A-28981F53DD40}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe]
Wert Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules [UDP Query User{9166F1D7-9D4B-42F0-8854-31C6C1005783}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe]
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\Avg Secure Update
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Avg Secure Update
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Avg Secure Update
Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
-\\ Mozilla Firefox v38.0.5 (x86 de)
[4rtgormt.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.selectedEngine", "AVG Secure Search");
-\\ Google Chrome v44.0.2403.125
*************************
AdwCleaner[R0].txt - [2987 Bytes] - [04/08/2015 13:32:39]
AdwCleaner[S0].txt - [2756 Bytes] - [04/08/2015 13:33:23]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2815 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 04.08.2015 Suchlaufzeit: 13:41 Protokolldatei: mbam.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.04.02 Rootkit-Datenbank: v2015.08.03.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: dafty Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 362151 Abgelaufene Zeit: 5 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.4 (07.27.2015:1)
OS: Windows 8.1 x64
Ran by Tobias on 04.08.2015 at 13:50:55,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
Successfully deleted: [Task] C:\Windows\system32\tasks\0715avUpdateInfo
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Scan
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster SkipUAC (Tobias)
Successfully deleted: [Task] C:\Windows\system32\tasks\Driver Booster Update
Successfully deleted: [Task] C:\Windows\Tasks\0715avUpdateInfo.job
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{691B33B0-B86E-47F3-81C7-56E4FE3B929C}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\IObit\Driver Booster
Successfully deleted: [Folder] C:\ProgramData\IObit\Driver Booster
Successfully deleted: [Folder] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver booster 2
Successfully deleted: [Folder] C:\ProgramData\productdata
Successfully deleted: [Folder] C:\Users\Tobias\AppData\Roaming\IObit\Driver Booster
Successfully deleted: [Folder] C:\Users\Tobias\AppData\Roaming\out of the park developments
Successfully deleted: [Folder] C:\ProgramData\Avg_Update_0715av
~~~ FireFox
Emptied folder: C:\Users\Tobias\AppData\Roaming\mozilla\firefox\profiles\4rtgormt.default\minidumps [3 files]
~~~ Chrome
[C:\Users\Tobias\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Tobias\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Tobias\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Tobias\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.08.2015 at 13:53:19,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von dafty (Administrator) auf PK (04-08-2015 13:57:42)
Gestartet von C:\Users\dafty\Desktop
Geladene Profile: dafty (Verfügbare Profile: dafty)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-08-04] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-07-27] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3960744 2015-07-28] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Run: [f.lux] => C:\Users\dafty\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
Startup: C:\Users\dafty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2014-12-22]
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001 -> {482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{941AEFEA-8166-45C3-858D-5AF6F8104886}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default
FF Homepage: www.google.de
FF NetworkProxy: "autoconfig_url", "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gaXNZb3VUdWJlVmlkZW8odXJsKXsgcmV0dXJuIG5ldyBSZWdFeHAoIl4oPzpodHRwfGh0dHBzKTpcXC9cXC8oPzouKikoPzouZ29vZ2xldmlkZW8uY29tfC5jLnlvdXR1YmUuY29tKSg/Oi4qKVxcL3ZpZGVvcGxheWJhY2soPzouKikoPzpnY3I9dXN8XFwvZ2NyXFwvdXNcXC8pKD86LiopJCIsJ2knKS50ZXN0KHVybCk7fWZ1bmN0aW9uIGlzWW91VHViZVZpZGVvUGFnZSh1cmwsIGhvc3QsIHZpZHVybCkgeyByZXR1cm4gaG9zdC5pbmRleE9mKCd5b3V0dWJlLmNvbScpICE9IC0xICYmIHVybC5pbmRleE9mKHZpZHVybCkgIT0gLTE7fWZ1bmN0aW9uIEZpbmRQcm94eUZvclVSTCh1cmwsIGhvc3QpIHtpZihpc1lvdVR1YmVWaWRlbyh1cmwpICB8fCBpc1lvdVR1YmVWaWRlb1BhZ2UodXJsLCBob3N0LCAnaHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1PaHBhRFJFZkxKQScpKXsgcmV0dXJuICdQUk9YWSAyMDkuMjM5LjExNC4yMDU6MzEzMSc7fWVsc2V7IHJldHVybiAnRElSRUNUJzt9fQ=="
FF NetworkProxy: "ftp", "183.220.172.208"
FF NetworkProxy: "ftp_port", 8123
FF NetworkProxy: "gopher", "183.220.172.208"
FF NetworkProxy: "gopher_port", 8123
FF NetworkProxy: "http", "183.220.172.208"
FF NetworkProxy: "http_port", 8123
FF NetworkProxy: "socks", "183.220.172.208"
FF NetworkProxy: "socks_port", 8123
FF NetworkProxy: "ssl", "183.220.172.208"
FF NetworkProxy: "ssl_port", 8123
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2631200458-2655560116-1998003478-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\dafty\AppData\Local\Hola\firefox\app\vlc [2015-08-04] ()
FF Plugin HKU\S-1-5-21-2631200458-2655560116-1998003478-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\dafty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: ProxTube - Unblock YouTube - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\ich@maltegoetz.de.xpi [2015-04-21]
FF Extension: Thumbnail Zoom Plus - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2015-04-10]
FF Extension: {130be971-3417-47de-96ec-516c35ebd41c} - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{130be971-3417-47de-96ec-516c35ebd41c}.xpi [2014-12-11]
FF Extension: FlashGot - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-12-11]
FF Extension: ReloadEvery - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-01-31]
FF Extension: adblock manager - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{8b82b85e-1cb8-4fd7-baf2-f76c28f4e93a}.xpi [2014-12-15]
FF Extension: Adblock Plus - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-11]
FF Extension: Greasemonkey - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-04-10]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-12]
Chrome:
=======
CHR Profile: C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Google Docs) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Drive) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25]
CHR Extension: (YouTube) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25]
CHR Extension: (Google Search) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25]
CHR Extension: (Google Sheets) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-08]
CHR Extension: (Google Wallet) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25]
CHR Extension: (Gmail) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3719592 2015-07-28] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [356888 2015-07-28] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-20] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-08-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [245680 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [296896 2015-07-10] (AVG Technologies CZ, s.r.o.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-27] (REALiX(tm))
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-04 13:57 - 2015-08-04 13:57 - 00018527 _____ C:\Users\dafty\Desktop\FRST.txt
2015-08-04 13:55 - 2015-08-04 13:55 - 00000000 ____D C:\Users\dafty\AppData\Local\Hola
2015-08-04 13:53 - 2015-08-04 13:53 - 00002579 _____ C:\Users\dafty\Desktop\JRT.txt
2015-08-04 13:48 - 2015-08-04 13:49 - 00001195 _____ C:\Users\dafty\Desktop\mbam.txt
2015-08-04 13:39 - 2015-08-04 13:40 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 13:36 - 2015-08-04 13:37 - 00002894 _____ C:\Users\dafty\Desktop\AdwCleaner[S0].txt
2015-08-04 13:31 - 2015-08-04 13:40 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-04 13:31 - 2015-08-04 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-04 13:31 - 2015-08-04 13:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-04 13:31 - 2015-08-04 13:31 - 01798176 _____ (Malwarebytes Corporation) C:\Users\dafty\Downloads\JRT.exe
2015-08-04 13:31 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 13:31 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 13:31 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 13:30 - 2015-08-04 13:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\dafty\Downloads\mbam-setup-2.1.6.1022.exe
2015-08-04 13:29 - 2015-08-04 13:33 - 00000000 ____D C:\AdwCleaner
2015-08-04 13:29 - 2015-08-04 13:29 - 02248704 _____ C:\Users\dafty\Downloads\AdwCleaner_4.208.exe
2015-08-04 12:22 - 2015-08-04 13:57 - 00000000 ____D C:\FRST
2015-08-04 12:21 - 2015-08-04 12:21 - 02169856 _____ (Farbar) C:\Users\dafty\Desktop\FRST64.exe
2015-08-02 12:56 - 2015-08-02 12:56 - 00000000 ____D C:\Users\dafty\Desktop\PK.08-02-2015.12-55-47.etl.NGENPDB
2015-08-02 12:55 - 2015-08-02 12:56 - 510656512 _____ C:\Users\dafty\Desktop\PK.08-02-2015.12-55-47.etl
2015-08-02 06:05 - 2015-08-02 06:05 - 00000000 _____ C:\Recovery.txt
2015-08-01 20:13 - 2015-08-01 20:13 - 00597304 _____ C:\Users\dafty\Downloads\flux-setup.exe
2015-08-01 20:13 - 2015-08-01 20:13 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-08-01 20:06 - 2015-08-01 20:06 - 00000000 _____ C:\Windows\setuperr.log
2015-08-01 18:15 - 2015-08-01 18:15 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2015-08-01 18:12 - 2015-08-01 18:12 - 00000000 ____D C:\Users\dafty\AppData\Roaming\AVG
2015-08-01 18:11 - 2015-08-01 18:12 - 00000000 ____D C:\ProgramData\AVG
2015-08-01 18:11 - 2015-08-01 18:11 - 115831096 _____ (AVG Technologies) C:\Users\dafty\Downloads\avg_tuh_stf_all_2015_604_24c28.exe
2015-08-01 17:59 - 2015-08-01 17:59 - 00000000 ____D C:\Users\dafty\AppData\Local\openvr
2015-08-01 13:40 - 2015-08-01 13:40 - 00000000 ____D C:\SymCache
2015-08-01 13:39 - 2015-08-01 13:39 - 00000000 ____D C:\Users\dafty\Documents\WPA Files
2015-08-01 13:39 - 2015-08-01 13:39 - 00000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2015-08-01 13:38 - 2015-08-01 13:40 - 00000000 ____D C:\Users\dafty\AppData\Local\Windows Performance Analyzer
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-08-01 13:37 - 2015-08-01 13:37 - 00998056 _____ (Microsoft Corporation) C:\Users\dafty\Downloads\sdksetup.exe
2015-08-01 13:31 - 2015-08-01 13:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-01 13:30 - 2015-08-01 13:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\dafty\Downloads\mbar-1.09.1.1004.exe
2015-08-01 12:54 - 2015-08-01 12:54 - 00000000 ____D C:\Users\dafty\AppData\Local\DunDefLauncher
2015-07-31 18:48 - 2015-07-31 18:48 - 00000000 ____D C:\Users\dafty\Documents\Out of the Park Developments
2015-07-29 20:27 - 2015-07-23 02:46 - 00572232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-29 20:26 - 2015-07-23 06:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-29 20:26 - 2015-07-23 06:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00503592 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-07-29 19:26 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-29 19:26 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-07-29 19:26 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-07-29 19:26 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-29 19:26 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-29 19:26 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-29 19:26 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-29 19:26 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-28 11:02 - 2015-07-28 11:02 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-07-28 11:01 - 2015-07-28 11:01 - 00245680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-07-28 10:06 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:51 - 2015-07-27 12:51 - 01399536 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-07-27 12:51 - 2015-07-27 12:51 - 00881368 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-07-27 12:51 - 2015-07-27 12:51 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-07-27 12:51 - 2015-07-27 12:51 - 00000000 ____D C:\Windows\system32\DAX2
2015-07-27 12:50 - 2015-07-27 12:50 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-07-27 12:50 - 2015-07-27 12:50 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-07-27 12:50 - 2015-07-27 12:50 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-07-27 12:50 - 2015-07-27 12:50 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-07-27 12:50 - 2015-07-27 12:50 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-07-27 12:48 - 2015-08-04 13:51 - 00000000 ____D C:\Users\dafty\AppData\Roaming\IObit
2015-07-27 12:48 - 2015-08-04 13:51 - 00000000 ____D C:\ProgramData\IObit
2015-07-27 12:48 - 2015-08-04 13:51 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-27 12:48 - 2015-07-27 12:48 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-07-27 12:47 - 2015-07-27 12:47 - 11792408 _____ (IObit ) C:\Users\dafty\Downloads\driver_booster_setup_2.4.0.19.exe
2015-07-26 17:17 - 2015-08-04 13:34 - 00004530 _____ C:\Windows\PFRO.log
2015-07-26 17:02 - 2015-07-26 17:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-25 15:21 - 2015-07-25 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-25 15:21 - 2015-07-25 15:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-25 13:29 - 2015-07-25 13:29 - 00000000 ____D C:\Users\dafty\AppData\Local\Intel
2015-07-24 19:25 - 2015-07-24 19:56 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Audacity
2015-07-22 09:54 - 2015-07-22 09:54 - 00000000 ____D C:\Users\dafty\AppData\Local\CEF
2015-07-22 09:37 - 2015-08-04 13:34 - 00007127 _____ C:\Windows\setupact.log
2015-07-22 09:36 - 2015-08-04 07:10 - 00811852 _____ C:\Windows\WindowsUpdate.log
2015-07-22 09:34 - 2015-07-22 09:34 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-22 09:34 - 2015-07-22 09:34 - 00000000 ____D C:\Program Files\CCleaner
2015-07-22 09:33 - 2015-08-04 13:57 - 00000000 ____D C:\Users\dafty\AppData\Local\ClassicShell
2015-07-22 09:32 - 2015-07-22 09:32 - 06677184 _____ (IvoSoft) C:\Users\dafty\Downloads\ClassicShellSetup_4_2_1-de.exe
2015-07-22 09:32 - 2015-07-22 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-07-22 09:32 - 2015-07-22 09:32 - 00000000 ____D C:\Program Files\Classic Shell
2015-07-21 15:51 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-21 15:51 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 15:48 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-21 15:48 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-21 15:48 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-21 15:48 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 23:27 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 05:41 - 2015-07-24 03:49 - 00001042 _____ C:\Users\dafty\Desktop\Neues Textdokument (3).txt
2015-07-16 23:53 - 2015-07-16 23:53 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Trove
2015-07-15 12:41 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:41 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:41 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:41 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:41 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:41 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 12:41 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:41 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:41 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:41 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:41 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:41 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:41 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:41 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:41 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:41 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:41 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:41 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:41 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:41 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:41 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:41 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:41 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:41 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 12:41 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:41 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:41 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:41 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 12:41 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:41 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:41 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:41 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:41 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:41 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:41 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:41 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:41 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 12:41 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 12:41 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 12:41 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 12:41 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 12:41 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 12:41 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 12:41 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 12:41 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 12:41 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 12:41 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 12:40 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:40 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:40 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:40 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:40 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 12:40 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:40 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:40 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 12:40 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:40 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 12:40 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 12:40 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:40 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:40 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 12:40 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:40 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:40 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:40 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:40 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:40 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:40 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 12:40 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:40 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:40 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 12:40 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:40 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 12:40 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 12:40 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:40 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:40 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:40 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 12:40 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:40 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:39 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 12:39 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 12:39 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 12:39 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 12:39 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:39 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:39 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 12:39 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 12:38 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:38 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:38 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:38 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:38 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:38 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:38 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:38 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:38 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:38 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:38 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:38 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:38 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 12:38 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 12:38 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 12:38 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:38 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 12:38 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:38 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 12:38 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 12:38 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 12:38 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 12:38 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 12:38 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 21:33 - 2015-07-12 22:03 - 00000000 ____D C:\Users\dafty\AppData\Local\Ori and the Blind Forest
2015-07-12 16:01 - 2015-07-12 16:01 - 00000000 ____D C:\Users\dafty\AppData\Roaming\com.jackboxgames.quiplash
2015-07-10 07:31 - 2015-07-10 07:31 - 00296896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys
2015-07-09 21:19 - 2015-07-09 21:19 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-09 21:19 - 2015-07-09 21:19 - 00000000 ____D C:\ProgramData\EA Core
2015-07-07 21:58 - 2015-07-07 22:05 - 00000000 ____D C:\Users\dafty\Desktop\cc
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-04 13:56 - 2014-12-11 18:08 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2631200458-2655560116-1998003478-1001
2015-08-04 13:40 - 2014-09-24 01:19 - 00765378 _____ C:\Windows\system32\perfh007.dat
2015-08-04 13:40 - 2014-09-24 01:19 - 00159696 _____ C:\Windows\system32\perfc007.dat
2015-08-04 13:40 - 2014-09-24 00:34 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-04 13:36 - 2014-12-02 20:08 - 00006464 _____ C:\Windows\SysWOW64\Gms.log
2015-08-04 13:34 - 2015-04-25 16:50 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-04 13:34 - 2014-12-11 18:12 - 00000000 ____D C:\ProgramData\MFAData
2015-08-04 13:34 - 2014-12-02 20:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-04 13:34 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-04 13:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-04 13:27 - 2014-12-28 01:39 - 00000000 ____D C:\Users\dafty\Desktop\pr0
2015-08-04 13:22 - 2014-12-11 18:13 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{01010920-0C12-4BAF-8173-C97CB61BBA3B}
2015-08-04 13:09 - 2015-04-25 16:50 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-04 13:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-04 12:56 - 2014-12-11 20:49 - 00000000 ____D C:\Users\dafty\AppData\Local\Battle.net
2015-08-04 12:21 - 2015-01-27 10:07 - 00001004 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-08-04 12:21 - 2014-12-11 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-08-04 11:56 - 2014-12-14 20:47 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-04 07:26 - 2014-12-11 21:22 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-03 23:11 - 2014-12-11 23:03 - 00000000 ____D C:\Users\dafty\AppData\Roaming\TS3Client
2015-08-03 20:08 - 2014-12-11 18:34 - 00000000 ____D C:\Users\dafty\AppData\Roaming\vlc
2015-08-01 20:14 - 2015-06-11 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2015-08-01 20:14 - 2015-06-11 18:49 - 00000000 ____D C:\Program Files (x86)\LEGO Company
2015-08-01 20:13 - 2015-06-23 21:10 - 00000000 ____D C:\ProgramData\Freemake
2015-08-01 20:13 - 2015-06-23 21:10 - 00000000 ____D C:\Program Files (x86)\Freemake
2015-08-01 20:13 - 2015-04-07 19:34 - 00000000 ____D C:\Users\dafty\AppData\Local\FluxSoftware
2015-08-01 18:15 - 2015-04-17 19:45 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Skype
2015-08-01 18:15 - 2015-02-19 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-08-01 18:15 - 2015-02-14 15:23 - 00000000 ____D C:\Users\dafty\.thumbnails
2015-08-01 18:15 - 2014-12-16 21:34 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Sony
2015-08-01 18:15 - 2014-12-12 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-08-01 18:12 - 2015-05-21 08:44 - 00000000 ____D C:\Users\dafty\AppData\Local\Avg
2015-08-01 18:12 - 2014-12-11 18:21 - 00000000 ____D C:\Program Files (x86)\AVG
2015-08-01 13:38 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-31 22:17 - 2015-06-23 17:26 - 00001091 _____ C:\Users\dafty\Desktop\insane.txt
2015-07-29 20:28 - 2014-12-02 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-29 20:28 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-29 19:26 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-28 18:41 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-07-27 17:48 - 2015-05-26 20:48 - 00000000 ____D C:\Users\dafty\Desktop\dokum
2015-07-27 12:51 - 2014-12-21 01:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-26 17:17 - 2013-08-22 17:43 - 00000000 ____D C:\Windows\DigitalLocker
2015-07-26 17:01 - 2015-02-15 17:05 - 00007597 _____ C:\Users\dafty\AppData\Local\Resmon.ResmonCfg
2015-07-26 01:43 - 2015-04-04 18:14 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 13:30 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\Intel
2015-07-25 03:23 - 2015-03-09 23:09 - 00000000 ____D C:\Users\dafty\Desktop\frap
2015-07-24 20:04 - 2014-12-15 16:54 - 00000000 ____D C:\Users\dafty\AppData\Local\Microsoft Games
2015-07-24 19:57 - 2014-12-16 19:44 - 00000000 ____D C:\Users\dafty\AppData\Local\CrashDumps
2015-07-24 19:56 - 2014-12-23 17:59 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-07-24 06:21 - 2014-12-02 20:05 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-24 04:10 - 2015-06-30 14:22 - 00002142 _____ C:\Users\dafty\Desktop\limbo.txt
2015-07-23 06:06 - 2015-06-06 09:18 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-23 03:31 - 2014-12-02 20:05 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-23 03:31 - 2014-12-02 20:05 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 09:38 - 2014-12-11 18:03 - 00000000 ____D C:\Users\dafty
2015-07-22 09:36 - 2014-12-12 18:41 - 00000000 ____D C:\Users\dafty\AppData\Local\PDFCreator
2015-07-22 09:30 - 2014-12-11 18:24 - 00000000 ____D C:\Users\dafty\AppData\Roaming\ClassicShell
2015-07-21 15:14 - 2013-08-22 16:44 - 00376712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 16:16 - 2014-12-02 20:05 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-07-20 15:50 - 2015-01-02 23:52 - 00000000 ____D C:\Users\dafty\Documents\My Games
2015-07-17 18:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-17 14:36 - 2015-04-17 19:52 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-17 14:36 - 2015-04-17 19:52 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 14:36 - 2015-04-17 19:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-16 21:20 - 2014-12-11 18:56 - 00000000 ____D C:\Users\dafty\AppData\Local\Paint.NET
2015-07-15 23:04 - 2015-04-25 16:50 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 23:04 - 2015-04-25 16:50 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 19:41 - 2015-04-15 21:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 19:41 - 2014-11-20 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 19:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 19:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 19:39 - 2015-01-17 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 19:37 - 2014-09-24 01:08 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:40 - 2014-12-11 18:50 - 00000000 ____D C:\Users\dafty\AppData\Local\Adobe
2015-07-14 23:29 - 2015-06-07 19:41 - 00000237 _____ C:\Users\dafty\Desktop\pb.txt
2015-07-14 23:27 - 2015-06-23 18:52 - 00000000 ____D C:\Users\dafty\Desktop\SP
2015-07-14 17:01 - 2014-12-11 21:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 17:00 - 2014-12-25 14:47 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 14:03 - 2015-04-04 18:14 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 23:10 - 2015-05-14 13:48 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2015-05-14 13:48 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 21:19 - 2014-12-11 18:03 - 00000000 ____D C:\Users\dafty\AppData\Local\VirtualStore
2015-07-09 18:35 - 2015-02-16 04:30 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-07-09 18:35 - 2015-02-16 04:30 - 00000978 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-07-07 22:20 - 2014-12-13 20:33 - 00000000 ____D C:\Users\dafty\Desktop\beats
2015-07-07 22:16 - 2015-03-20 22:46 - 00000000 ____D C:\Users\dafty\Desktop\tape
2015-07-06 15:22 - 2014-12-13 19:23 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Xfire
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-06-08 01:49 - 2015-06-08 01:49 - 0000832 _____ () C:\Users\dafty\AppData\Local\recently-used.xbel
2015-02-15 17:05 - 2015-07-26 17:01 - 0007597 _____ () C:\Users\dafty\AppData\Local\Resmon.ResmonCfg
2014-12-02 20:16 - 2014-12-02 20:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\dafty\fraps.exe
C:\Users\dafty\fraps32.dll
C:\Users\dafty\fraps64.dat
C:\Users\dafty\fraps64.dll
C:\Users\dafty\frapslcd.dll
C:\Users\dafty\uninstall.exe
Einige Dateien in TEMP:
====================
C:\Users\dafty\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\dafty\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\dafty\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.8.649.exe
C:\Users\dafty\AppData\Local\Temp\nvStInst.exe
C:\Users\dafty\AppData\Local\Temp\Quarantine.exe
C:\Users\dafty\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\dafty\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\dafty\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-31 06:33
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von dafty (2015-08-04 13:57:59)
Gestartet von C:\Users\dafty\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2631200458-2655560116-1998003478-500 - Administrator - Disabled)
Gast (S-1-5-21-2631200458-2655560116-1998003478-501 - Limited - Disabled)
dafty (S-1-5-21-2631200458-2655560116-1998003478-1001 - Administrator - Enabled) => C:\Users\dafty
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6122 - AVG Technologies)
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6122 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Cosmic DJ (HKLM-x32\...\Steam App 297110) (Version: - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Drive Any Track (HKLM-x32\...\Steam App 351990) (Version: - FOAM Entertainment)
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
f.lux (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Flux) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version: - Telltale Games)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.4.1000 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Access 2007 (HKLM-x32\...\Access) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.7.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Out of the Park Baseball 15 (HKLM-x32\...\Steam App 272670) (Version: - Out of the Park Developments)
Paint.NET v3.5.9 (HKLM\...\{7A61142C-CA19-4F3C-BA66-FF8F131501FA}) (Version: 3.59.0 - dotPDN LLC)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ACHTUNG
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Startfenster (HKLM-x32\...\Startfenster) (Version: - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Unity Web Player (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Vegas Pro 10.0 (64-bit) (HKLM\...\{C71D49C0-11F5-11E0-B8FB-0013D3D69929}) (Version: 10.0.470 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26936 - Microsoft) Hidden
Xfire (HKLM-x32\...\Xfire) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
25-07-2015 13:29:05 Intel Driver Update Utility
27-07-2015 12:50:38 Driver Booster : Intel(R) 4th Gen Core processor DRAM Controller - 0C00
01-08-2015 18:12:01 AVG PC TuneUp 2015 wird installiert
04-08-2015 12:21:16 Installed AVG 2015
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26159DD5-2359-4DBE-AEB5-BBB3B9FFDF29} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2AB3746C-64A8-4A52-A4EF-7A7633D33586} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {70AADACD-010E-4B24-9352-679E90C8F94D} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {83F78F33-C108-4975-80BE-38274F953AD8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {9638ACF4-8134-4B27-89E2-882C0D46E307} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {98610F4B-F4F0-442D-AFD7-D37962F9BA68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {DA49990E-1479-4AC8-A844-3DE5C07F4577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-03-20 21:43 - 2014-03-20 21:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C24B070-1F70-4829-8227-81E638D64DE7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{259BAFE7-DFBA-44E1-9CE9-345FC9F28374}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{612F14A7-8D8A-487A-B5C5-123D0E72FEBF}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{337511E4-F66D-41C8-BB93-37A638D23E36}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [{128E619C-D5A5-4682-8539-C70E12F343C5}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{F1A0238E-F62F-4454-B0AF-60164CD69A25}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{5324CDF2-D84D-4AF1-A9D2-E7E6BDF16EBA}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{1744CF8D-6DD3-4EB9-BF8C-C0994A3563BF}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCB005B0-1022-426F-A4D0-D40DB2EC1B2D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D94338D8-53A0-4729-90A2-75D5E9A8BC8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6ED5B567-610F-4445-B68C-1AEB071F6220}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41475297-DE10-4925-9244-166A9684B50A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43327DCD-722E-41FB-89E4-3A8FE33B3322}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50678CAC-82B6-4BB2-A41D-B91AA195DB86}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{93094BF3-B274-4A22-B6A2-E840BEAF4D01}] => (Allow) E:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{3B477DE3-42C4-426C-8218-94E707C77094}] => (Allow) E:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C99365DE-114B-40DC-94DB-D6BDCE4F5F60}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2A39D611-1ABE-456C-A774-48ACFE9CA795}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{825600EB-06FE-4843-801B-40B591CC2971}] => (Allow) E:\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{105F16EE-4D5B-46CA-B037-ABE617E51414}] => (Allow) E:\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{6728D28F-8248-43C4-8E74-82D137D3CA5C}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{5B77052A-FAE2-4617-BAAB-539AE3A91909}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{10A56769-86F5-4768-86B0-E60A0BFC392A}] => (Allow) E:\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C9E4A5A7-4767-4592-B029-64AE76B73FC6}] => (Allow) E:\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{1D0820DA-6905-40D6-A9B6-BF160F436DA3}] => (Allow) E:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{688A081B-34C3-4F43-8052-70FFF9F27086}] => (Allow) E:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{012817A9-C94A-41AC-8D5B-D85A76770642}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A55A42E4-9D2A-42D1-8981-17A94E5547AA}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{65668050-4342-446D-9596-91A58E8BD952}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38A52330-8353-4725-88E4-3F9CA12ED38B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{598491ED-D1F2-48EA-983D-B0CCD88B2710}] => (Allow) E:\diablo\Diablo III\Diablo III.exe
FirewallRules: [{4B3B4223-C347-457F-BAF6-60B66CF02C0F}] => (Allow) E:\diablo\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{96644349-142F-4E5A-B539-941FA30C041A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AA19499E-CA1F-483C-9EDB-002AEFC5379E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B7FD7E69-0292-48D9-BF5D-BE25314F4AFE}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{0E1EEE3C-AC88-4D9B-8320-3B0D9379DC1A}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{07604364-079B-415E-B025-F4D1D709CFDF}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{C97808D2-7D23-47BF-AD18-8354D8B29074}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{491380B2-0C2D-4FD2-85D8-F6C18D00396C}C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{14D43A18-5DBA-4819-A56B-9B33F7534631}C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C8BCC37F-7881-411C-B319-E07DEAB6788B}] => (Allow) E:\Steam\steamapps\common\Drive Any Track\Game.exe
FirewallRules: [{1BC462F9-32F8-4859-AF65-8360619CF179}] => (Allow) E:\Steam\steamapps\common\Drive Any Track\Game.exe
FirewallRules: [{2D7BBE1A-EE2B-4339-A4DA-9FC9E2A7E225}] => (Allow) E:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{86D278DD-10A2-4C9A-9B33-FCB1677AF05F}] => (Allow) E:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{7981230B-A540-44E1-97BD-8DB04652B55F}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0717A968-D7E4-45B0-A77E-EC0B1BC7C1A9}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BC602D55-2D7D-49AD-9831-BEC4F1773DF3}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{EBF905AC-7C79-44D8-B335-9AEDE19FA98C}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B1A63470-6542-42F9-8E6B-BFC517900FDB}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{7C8A0858-B600-42B7-B5C1-B4C4D91DBDED}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0E9197BB-12C2-415E-9CCA-F152E949BEFB}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{38A99A4B-CB79-4E3E-A266-82F655FE0023}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{677666BE-A61B-458B-A60B-6410F8A4A3E5}] => (Allow) E:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{E61A7172-02D6-4A77-94CE-11663EC7F18B}] => (Allow) E:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{60852B25-CA30-4779-A6CD-3BAB56889915}] => (Allow) E:\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{A1DF2AEF-8C13-45F1-9160-4683E195B8BB}] => (Allow) E:\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E699BCF3-FBE3-4F8E-9D18-DD6E2D799296}] => (Allow) E:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D2E0EE71-110E-4F8B-BEC4-B748CA0DCEB5}] => (Allow) E:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{F819B539-CCAF-44F6-9AA2-7D873C852F06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7DD8DA7C-B014-4EDA-A3F3-F3923F51EB1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2D43169B-BE88-4E0D-A783-E94A25A8017E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD1E4005-10D7-4AC1-991C-AD71CFBF6D2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EF7F6849-CBDC-4EDD-8F38-23ECF92BE4F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DCEF2CCE-5013-4F89-A7C9-B2C725C27C60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{127C2654-091F-4048-AB63-28352E972F9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5B7FD887-0E77-4FAD-AD32-E2B02398A275}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BBD732B-C775-4E5E-9B79-A03E24AAB431}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1AB3403C-3DF6-436C-B23C-26E70C91E2CB}] => (Allow) E:\Steam\steamapps\common\OOTP Baseball 15\ootp15.exe
FirewallRules: [{8E7563D3-D46F-495B-9E33-02E68812274A}] => (Allow) E:\Steam\steamapps\common\OOTP Baseball 15\ootp15.exe
FirewallRules: [{BF112708-CAC7-4076-AA5B-716E9E03AE87}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6851030E-0003-41BB-A5D6-8DD8B2ACF928}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{BB28D737-CAF9-4D64-992A-8246CC80C35A}] => (Allow) E:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{F8239C16-692E-4C59-A087-6C9A8C9C4BC3}] => (Allow) E:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{506BD925-FA40-4199-801F-0B8BBA638139}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{33CE761B-EB37-427A-93C0-0740F66CB890}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{749E0DC3-D037-4D51-9926-C3E712F3798D}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{6BD3FD2A-37E7-4A24-8289-0A9A03869167}] => (Allow) E:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{B6C10A85-A808-4B38-92DA-395D236D21EB}] => (Allow) E:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{5487603C-A155-428E-BA04-0DC343D0747A}] => (Allow) E:\Steam\steamapps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{ADBE53C9-F0DE-4C58-A41B-014ACFEA3DD1}] => (Allow) E:\Steam\steamapps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{5E6E87ED-3CC9-47F0-B459-865C0B964B51}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{118D23C2-4ACA-45C0-B219-8C1445ADEC8A}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E80C62A2-B72A-42EE-A181-2CED73B965AF}] => (Allow) E:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{72D71521-2A9E-413C-823A-F79839833895}] => (Allow) E:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{D6A2C60D-E023-4E06-B842-1931601E4EE8}] => (Allow) E:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{F0947861-1EA5-46AC-B981-477826C52832}] => (Allow) E:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{FBC6EF95-9EB7-4B12-A0D3-9EC324A6C314}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2CA57EDF-CF02-4135-84F2-D601CE511120}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{9E9519C1-0A34-43C7-BDBE-C78A272ED57A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{221312D7-2C7A-41DA-B668-403C904AE5B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6E3097F9-BFBC-447A-AC47-167F656A7AED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7825C020-F9C8-47A5-BA26-71DD529CA0AA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/04/2015 12:41:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/04/2015 07:01:23 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/03/2015 08:54:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1788
Startzeit: 01d0ce1d4acd6961
Endzeit: 4294967295
Anwendungspfad: E:\Steam\steamapps\common\Half-Life 2\hl2.exe
Berichts-ID: 004ed44c-3a11-11e5-82b6-ac9e17ec65ea
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 10 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PK.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 12 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.0.0.0.0.0.0.0.0.0.0.0.0.0.8.E.F.ip6.arpa. PTR PK-2.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 10 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.C.B.4.0.0.C.C.0.9.0.1.8.2.0.A.2.ip6.arpa. PTR PK.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 12 D.F.7.5.6.C.6.D.2.A.A.5.7.C.0.E.C.B.4.0.0.C.C.0.9.0.1.8.2.0.A.2.ip6.arpa. PTR PK-2.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding 10 123.0.168.192.in-addr.arpa. PTR PK.local.
Error: (08/03/2015 06:49:02 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.0.123:5353 12 123.0.168.192.in-addr.arpa. PTR PK-2.local.
Error: (08/03/2015 06:48:59 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 PK.local. AAAA FE80:0000:0000:0000:E0C7:5AA2:D6C6:57FD
Systemfehler:
=============
Error: (08/04/2015 01:51:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Dienst "Bonjour"" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ASUS Com Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Stereoscopic 3D Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/04/2015 01:51:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 27%
Total physical RAM: 8135.07 MB
Available physical RAM: 5894.85 MB
Total Virtual: 9415.07 MB
Available Virtual: 6780.84 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:105.8 GB) (Free:45.17 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:701.22 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 1ADB6A34)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 503117A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
|
|
04.08.2015, 18:13
| #4 |
| /// TB-Ausbilder | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten Servus,
|
|
04.08.2015, 20:56
| #5 |
| | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten nach dem ersten durchlauf der programme kam es bisher nicht wieder zu dem vorfall, sieht bisher schonmal gut aus. Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von dafty (2015-08-04 21:53:27)
Gestartet von C:\Users\dafty\Desktop
Start-Modus: Normal
================== Registry-Suche: "Avg Secure Update;AvgSecureUpdate;Avg Secure Search;AvgSecureSearch" ===========
===================== Suchergebnis für "Avg Secure Search" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}]
"AppPath"="C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\18.2.0"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\18.2.0\DriverInstaller.exe"="0x534143500100000000000000070000002800000018360200C5DD020001000000000000000000010600010000B395E7CF049FCE01000000000000000002000000280000000000000000000000000000000000000000000000000000003E000000000000000100000001000000"
====== Ende von Suche ======
|
|
05.08.2015, 10:10
| #6 |
| /// TB-Ausbilder | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten Wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern. Im Anschluss entfernen wir alle verwendeten Tools und ich gebe dir noch ein paar Tipps mit auf den Weg. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001 -> {482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231} URL =
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
FF Extension: {130be971-3417-47de-96ec-516c35ebd41c} - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{130be971-3417-47de-96ec-516c35ebd41c}.xpi [2014-12-11]
FirewallRules: [TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
RemoveProxy:
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 ESET Online Scanner
Schritt 3 Downloade Dir bitte  SecurityCheck und:
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
05.08.2015, 12:06
| #7 |
| | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten fix Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von dafty (2015-08-05 11:50:53) Run:1
Gestartet von C:\Users\dafty\Desktop
Geladene Profile: dafty (Verfügbare Profile: dafty)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
SearchScopes: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001 -> {482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231} URL =
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
FF Extension: {130be971-3417-47de-96ec-516c35ebd41c} - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{130be971-3417-47de-96ec-516c35ebd41c}.xpi [2014-12-11]
FirewallRules: [TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
RemoveProxy:
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
"HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231}" => Schlüssel erfolgreich entfernt
HKCR\CLSID\{482B5EB7-24E6-4F39-8FDA-B2CB7E4F3231} => Schlüssel nicht gefunden.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} => Schlüssel erfolgreich entfernt
C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{130be971-3417-47de-96ec-516c35ebd41c}.xpi nicht gefunden.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe => Wert nicht gefunden.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe => Wert nicht gefunden.
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
EmptyTemp: => 500.6 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 11:51:01 ====
Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4012f59260453245a7a7ff3cbed9b4e9
# end=init
# utc_time=2015-08-05 10:02:28
# local_time=2015-08-05 12:02:28 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 25130
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=4012f59260453245a7a7ff3cbed9b4e9
# end=updated
# utc_time=2015-08-05 10:03:49
# local_time=2015-08-05 12:03:49 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=4012f59260453245a7a7ff3cbed9b4e9
# engine=25130
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-05 10:36:26
# local_time=2015-08-05 12:36:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='AVG AntiVirus Free Edition 2015'
# compatibility_mode=1055 16777213 100 98 2614 125904970 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 12659699 23872526 0 0
# scanned=346638
# found=9
# cleaned=0
# scan_time=1956
sh=F659145EC3AE2128DFD51FAE8128EC7932C0726F ft=1 fh=cce1d111b935f89a vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\dafty\Desktop\vlc-2.1.5-win32.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\dafty\Downloads\progs\Unlocker1.9.2.exe"
sh=D8B5FBA0238440B59E166ADCAFB4D9B7C83F9BED ft=1 fh=8e95f06f0a537b3b vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\dafty\Downloads\progs\xfire_installer_46139.exe"
sh=E2C028A886AA7352539DEE32CBB38770C529A76E ft=1 fh=d2aeb2930bcba9f7 vn="Win32/InstallMonetizer.AQ evtl. unerwünschte Anwendung" ac=I fn="E:\self\progs\PDFCreator-1_7_3_setup.exe"
sh=0BFF84AA6CC4CCF580EAE2FBF4C129FA6EA612C4 ft=1 fh=9fe1a4845276fe8f vn="Win32/Adware.ADON evtl. unerwünschte Anwendung" ac=I fn="E:\self\progs\Unlocker1.9.1-x64.exe"
sh=F659145EC3AE2128DFD51FAE8128EC7932C0726F ft=1 fh=cce1d111b935f89a vn="NSIS/StartPage.CC Trojaner" ac=I fn="E:\self\progs\vlc-2.1.5-win32.exe"
sh=770220041FDC47C4D09573C726C46981E1101199 ft=1 fh=ae7ccec21b7f238d vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="E:\self\progs\zaSetupWeb_120_121_000.exe"
sh=0EDF83D4D3226A1180235E11E0EF50350D05E707 ft=1 fh=b0699ebfde14b5da vn="Variante von Win32/Toolbar.Conduit.H evtl. unerwünschte Anwendung" ac=I fn="E:\self\progs\musicedit, picedit usw\wp50setup.exe"
sh=796A27023EDF48AA5999843F94BDCDD4E101C385 ft=1 fh=f3b93f3a44f30344 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\self\progs\voice&cam&medien\CamStudio_20.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.006
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
AVG AntiVirus Free Edition 2015
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 51
Adobe Flash Player 18.0.0.209
Adobe Reader XI
Mozilla Firefox 38.0.5 Firefox out of Date!
Google Chrome (44.0.2403.107)
Google Chrome (44.0.2403.125)
````````Process Check: objlist.exe by Laurent````````
AVG avgwdsvc.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
durchgeführt von dafty (Administrator) auf PK (05-08-2015 12:52:45)
Gestartet von C:\Users\dafty\Desktop
Geladene Profile: dafty (Verfügbare Profile: dafty)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Flux Software LLC) C:\Users\dafty\AppData\Local\FluxSoftware\Flux\flux.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
==================== Registry (Nicht auf der Ausnahmeliste) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320360 2014-08-04] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-07-27] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780520 2015-07-31] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-17] (Apple Inc.)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Run: [f.lux] => C:\Users\dafty\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
Startup: C:\Users\dafty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk [2014-12-22]
ShortcutTarget: Xfire.lnk -> C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-09] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - PDF Architect Toolbar - {DEEB13D7-CEA9-45FB-B77C-E039BEC85221} - C:\Program Files (x86)\PDF Architect 2\creator-ie-plugin.dll [2014-10-10] (pdfforge GmbH)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{941AEFEA-8166-45C3-858D-5AF6F8104886}: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default
FF Homepage: www.google.de
FF NetworkProxy: "autoconfig_url", "data:application/x-ns-proxy-autoconfig;base64,ZnVuY3Rpb24gaXNZb3VUdWJlVmlkZW8odXJsKXsgcmV0dXJuIG5ldyBSZWdFeHAoIl4oPzpodHRwfGh0dHBzKTpcXC9cXC8oPzouKikoPzouZ29vZ2xldmlkZW8uY29tfC5jLnlvdXR1YmUuY29tKSg/Oi4qKVxcL3ZpZGVvcGxheWJhY2soPzouKikoPzpnY3I9dXN8XFwvZ2NyXFwvdXNcXC8pKD86LiopJCIsJ2knKS50ZXN0KHVybCk7fWZ1bmN0aW9uIGlzWW91VHViZVZpZGVvUGFnZSh1cmwsIGhvc3QsIHZpZHVybCkgeyByZXR1cm4gaG9zdC5pbmRleE9mKCd5b3V0dWJlLmNvbScpICE9IC0xICYmIHVybC5pbmRleE9mKHZpZHVybCkgIT0gLTE7fWZ1bmN0aW9uIEZpbmRQcm94eUZvclVSTCh1cmwsIGhvc3QpIHtpZihpc1lvdVR1YmVWaWRlbyh1cmwpICB8fCBpc1lvdVR1YmVWaWRlb1BhZ2UodXJsLCBob3N0LCAnaHR0cHM6Ly93d3cueW91dHViZS5jb20vd2F0Y2g/dj1PaHBhRFJFZkxKQScpKXsgcmV0dXJuICdQUk9YWSAyMDkuMjM5LjExNC4yMDU6MzEzMSc7fWVsc2V7IHJldHVybiAnRElSRUNUJzt9fQ=="
FF NetworkProxy: "ftp", "183.220.172.208"
FF NetworkProxy: "ftp_port", 8123
FF NetworkProxy: "gopher", "183.220.172.208"
FF NetworkProxy: "gopher_port", 8123
FF NetworkProxy: "http", "183.220.172.208"
FF NetworkProxy: "http_port", 8123
FF NetworkProxy: "socks", "183.220.172.208"
FF NetworkProxy: "socks_port", 8123
FF NetworkProxy: "ssl", "183.220.172.208"
FF NetworkProxy: "ssl_port", 8123
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-03-20] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-17] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-07-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> E:\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2631200458-2655560116-1998003478-1001: @hola.org/vlc,version=1.8.649 -> C:\Users\dafty\AppData\Local\Hola\firefox\app\vlc [2015-08-04] ()
FF Plugin HKU\S-1-5-21-2631200458-2655560116-1998003478-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\dafty\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS)
FF Extension: ProxTube - Unblock YouTube - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\ich@maltegoetz.de.xpi [2015-04-21]
FF Extension: Thumbnail Zoom Plus - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\thumbnailZoom@dadler.github.com.xpi [2015-04-10]
FF Extension: {130be971-3417-47de-96ec-516c35ebd41c} - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{130be971-3417-47de-96ec-516c35ebd41c}.xpi [2014-12-11]
FF Extension: FlashGot - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34}.xpi [2014-12-11]
FF Extension: ReloadEvery - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2015-01-31]
FF Extension: adblock manager - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{8b82b85e-1cb8-4fd7-baf2-f76c28f4e93a}.xpi [2014-12-15]
FF Extension: Adblock Plus - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-11]
FF Extension: Greasemonkey - C:\Users\dafty\AppData\Roaming\Mozilla\Firefox\Profiles\4rtgormt.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2015-04-10]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_2_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension
FF Extension: PDF Architect 2 Creator - C:\Program Files (x86)\PDF Architect 2\resources\pdfarchitect2firefoxextension [2014-12-12]
Chrome:
=======
CHR Profile: C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-25]
CHR Extension: (Google Docs) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-25]
CHR Extension: (Google Drive) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-04-25]
CHR Extension: (YouTube) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-25]
CHR Extension: (Google Search) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-25]
CHR Extension: (Google Sheets) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-25]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-08]
CHR Extension: (Google Wallet) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-25]
CHR Extension: (Gmail) - C:\Users\dafty\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-25]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3633576 2015-07-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-07-31] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-11-20] (Microsoft Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-08-04] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 PDF Architect 2 Creator; C:\Program Files (x86)\PDF Architect 2\creator-ws.exe [738856 2014-10-10] (pdfforge GmbH)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [245680 2015-07-28] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [296896 2015-07-10] (AVG Technologies CZ, s.r.o.)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-07-27] (REALiX(tm))
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [39056 2015-07-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
R3 SensorsHIDClassDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
R3 SensorsServiceDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-11-20] (Microsoft Corporation)
S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-05 12:52 - 2015-08-05 12:52 - 00019519 _____ C:\Users\dafty\Desktop\FRST.txt
2015-08-05 12:52 - 2015-08-05 12:52 - 00000857 _____ C:\Users\dafty\Desktop\checkup.txt
2015-08-05 12:49 - 2015-08-05 12:49 - 00852684 _____ C:\Users\dafty\Downloads\SecurityCheck.exe
2015-08-05 11:59 - 2015-08-05 11:59 - 02870984 _____ (ESET) C:\Users\dafty\Downloads\esetsmartinstaller_deu.exe
2015-08-04 13:55 - 2015-08-04 13:55 - 00000000 ____D C:\Users\dafty\AppData\Local\Hola
2015-08-04 13:39 - 2015-08-04 13:40 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-04 13:31 - 2015-08-04 13:40 - 00001125 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-04 13:31 - 2015-08-04 13:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-04 13:31 - 2015-08-04 13:40 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-04 13:31 - 2015-08-04 13:31 - 01798176 _____ (Malwarebytes Corporation) C:\Users\dafty\Downloads\JRT.exe
2015-08-04 13:31 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-04 13:31 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-04 13:31 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-04 13:30 - 2015-08-04 13:30 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\dafty\Downloads\mbam-setup-2.1.6.1022.exe
2015-08-04 13:29 - 2015-08-04 13:33 - 00000000 ____D C:\AdwCleaner
2015-08-04 13:29 - 2015-08-04 13:29 - 02248704 _____ C:\Users\dafty\Downloads\AdwCleaner_4.208.exe
2015-08-04 12:22 - 2015-08-05 12:52 - 00000000 ____D C:\FRST
2015-08-04 12:21 - 2015-08-04 12:21 - 02169856 _____ (Farbar) C:\Users\dafty\Desktop\FRST64.exe
2015-08-02 12:56 - 2015-08-02 12:56 - 00000000 ____D C:\Users\dafty\Desktop\PK.08-02-2015.12-55-47.etl.NGENPDB
2015-08-02 12:55 - 2015-08-02 12:56 - 510656512 _____ C:\Users\dafty\Desktop\PK.08-02-2015.12-55-47.etl
2015-08-02 06:05 - 2015-08-02 06:05 - 00000000 _____ C:\Recovery.txt
2015-08-01 20:13 - 2015-08-01 20:13 - 00597304 _____ C:\Users\dafty\Downloads\flux-setup.exe
2015-08-01 20:13 - 2015-08-01 20:13 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
2015-08-01 20:06 - 2015-08-01 20:06 - 00000000 _____ C:\Windows\setuperr.log
2015-08-01 18:15 - 2015-08-01 18:15 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2015-08-01 18:12 - 2015-08-01 18:12 - 00000000 ____D C:\Users\dafty\AppData\Roaming\AVG
2015-08-01 18:11 - 2015-08-01 18:12 - 00000000 ____D C:\ProgramData\AVG
2015-08-01 18:11 - 2015-08-01 18:11 - 115831096 _____ (AVG Technologies) C:\Users\dafty\Downloads\avg_tuh_stf_all_2015_604_24c28.exe
2015-08-01 17:59 - 2015-08-01 17:59 - 00000000 ____D C:\Users\dafty\AppData\Local\openvr
2015-08-01 13:40 - 2015-08-01 13:40 - 00000000 ____D C:\SymCache
2015-08-01 13:39 - 2015-08-01 13:39 - 00000000 ____D C:\Users\dafty\Documents\WPA Files
2015-08-01 13:39 - 2015-08-01 13:39 - 00000000 ____D C:\ProgramData\WindowsPerformanceRecorder
2015-08-01 13:38 - 2015-08-01 13:40 - 00000000 ____D C:\Users\dafty\AppData\Local\Windows Performance Analyzer
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2015-08-01 13:38 - 2015-08-01 13:38 - 00000000 ____D C:\Program Files (x86)\Windows Kits
2015-08-01 13:37 - 2015-08-01 13:37 - 00998056 _____ (Microsoft Corporation) C:\Users\dafty\Downloads\sdksetup.exe
2015-08-01 13:31 - 2015-08-01 13:35 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-01 13:30 - 2015-08-01 13:30 - 16502728 _____ (Malwarebytes Corp.) C:\Users\dafty\Downloads\mbar-1.09.1.1004.exe
2015-08-01 12:54 - 2015-08-01 12:54 - 00000000 ____D C:\Users\dafty\AppData\Local\DunDefLauncher
2015-07-31 18:48 - 2015-07-31 18:48 - 00000000 ____D C:\Users\dafty\Documents\Out of the Park Developments
2015-07-29 20:27 - 2015-07-23 02:46 - 00572232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-07-29 20:26 - 2015-07-23 06:06 - 42730128 _____ C:\Windows\system32\nvcompiler.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 37748880 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 30487880 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 22950544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 16151688 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 15892200 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 14503880 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 13268712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 11836680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 11055248 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-07-29 20:26 - 2015-07-23 06:06 - 02933576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 02600592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01101856 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01061008 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 01053000 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00983368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00976528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00940104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00879000 _____ C:\Windows\system32\nvmcumd.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00503592 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00408208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00407296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00364176 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00176904 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00155280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00150832 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00117576 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2015-07-29 20:26 - 2015-07-23 06:06 - 00039056 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2015-07-29 19:26 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-07-29 19:26 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-07-29 19:26 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-07-29 19:26 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-07-29 19:26 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-07-29 19:26 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-07-29 19:26 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-07-29 19:26 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-07-28 11:02 - 2015-07-28 11:02 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-07-28 11:01 - 2015-07-28 11:01 - 00245680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-07-28 10:06 - 2015-07-25 15:34 - 01084928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-27 12:51 - 2015-07-27 12:51 - 01399536 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStorA.sys
2015-07-27 12:51 - 2015-07-27 12:51 - 00881368 _____ (Realtek ) C:\Windows\system32\Drivers\Rt630x64.sys
2015-07-27 12:51 - 2015-07-27 12:51 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2015-07-27 12:51 - 2015-07-27 12:51 - 00000000 ____D C:\Windows\system32\DAX2
2015-07-27 12:50 - 2015-07-27 12:50 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2015-07-27 12:50 - 2015-07-27 12:50 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2015-07-27 12:50 - 2015-07-27 12:50 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2015-07-27 12:50 - 2015-07-27 12:50 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2015-07-27 12:50 - 2015-07-27 12:50 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL
2015-07-27 12:50 - 2015-07-27 12:50 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2015-07-27 12:50 - 2015-07-27 12:50 - 00096568 _____ C:\Windows\system32\audioLibVc.dll
2015-07-27 12:48 - 2015-08-04 13:51 - 00000000 ____D C:\Users\dafty\AppData\Roaming\IObit
2015-07-27 12:48 - 2015-08-04 13:51 - 00000000 ____D C:\ProgramData\IObit
2015-07-27 12:48 - 2015-08-04 13:51 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-27 12:48 - 2015-07-27 12:48 - 00026528 _____ (REALiX(tm)) C:\Windows\SysWOW64\Drivers\HWiNFO64A.SYS
2015-07-27 12:47 - 2015-07-27 12:47 - 11792408 _____ (IObit ) C:\Users\dafty\Downloads\driver_booster_setup_2.4.0.19.exe
2015-07-26 17:17 - 2015-08-05 11:52 - 00006232 _____ C:\Windows\PFRO.log
2015-07-26 17:02 - 2015-07-26 17:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-07-25 15:21 - 2015-07-25 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-07-25 15:21 - 2015-07-25 15:21 - 00000000 ____D C:\Program Files (x86)\QuickTime
2015-07-25 13:29 - 2015-07-25 13:29 - 00000000 ____D C:\Users\dafty\AppData\Local\Intel
2015-07-24 19:25 - 2015-07-24 19:56 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Audacity
2015-07-22 09:54 - 2015-07-22 09:54 - 00000000 ____D C:\Users\dafty\AppData\Local\CEF
2015-07-22 09:37 - 2015-08-05 11:53 - 00007475 _____ C:\Windows\setupact.log
2015-07-22 09:36 - 2015-08-05 10:55 - 00866815 _____ C:\Windows\WindowsUpdate.log
2015-07-22 09:34 - 2015-07-22 09:34 - 00002780 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-07-22 09:34 - 2015-07-22 09:34 - 00000000 ____D C:\Program Files\CCleaner
2015-07-22 09:33 - 2015-08-05 12:48 - 00000000 ____D C:\Users\dafty\AppData\Local\ClassicShell
2015-07-22 09:32 - 2015-07-22 09:32 - 06677184 _____ (IvoSoft) C:\Users\dafty\Downloads\ClassicShellSetup_4_2_1-de.exe
2015-07-22 09:32 - 2015-07-22 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell
2015-07-22 09:32 - 2015-07-22 09:32 - 00000000 ____D C:\Program Files\Classic Shell
2015-07-21 15:51 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-21 15:51 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2015-07-21 15:48 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-07-21 15:48 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2015-07-21 15:48 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2015-07-21 15:48 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\Windows\system32\sppwinob.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-20 23:27 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 23:27 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 05:41 - 2015-07-24 03:49 - 00001042 _____ C:\Users\dafty\Desktop\Neues Textdokument (3).txt
2015-07-19 18:37 - 2015-07-19 18:38 - 00000000 ____D C:\Users\dafty\AppData\Local\SpreadsheetTools
2015-07-16 23:53 - 2015-07-16 23:53 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Trove
2015-07-16 15:32 - 2015-08-04 08:12 - 00001864 _____ C:\Users\dafty\Desktop\Neues Textdokument (2).txt
2015-07-15 12:41 - 2015-07-09 21:51 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-15 12:41 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-15 12:41 - 2015-07-09 18:03 - 03701760 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-15 12:41 - 2015-07-09 17:54 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-15 12:41 - 2015-07-09 17:53 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-15 12:41 - 2015-07-09 17:50 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-07-15 12:41 - 2015-07-09 17:50 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-15 12:41 - 2015-07-09 17:48 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-15 12:41 - 2015-07-09 17:46 - 02229248 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-15 12:41 - 2015-07-09 17:38 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-15 12:41 - 2015-07-09 17:37 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 12:41 - 2015-07-09 17:35 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-15 12:41 - 2015-07-09 17:34 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-15 12:41 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-15 12:41 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-15 12:41 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-15 12:41 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 12:41 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 12:41 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-15 12:41 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-15 12:41 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-15 12:41 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-15 12:41 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-15 12:41 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-15 12:41 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-15 12:41 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-15 12:41 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-15 12:41 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-15 12:41 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-15 12:41 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-15 12:41 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-15 12:41 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-15 12:41 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-15 12:41 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-15 12:41 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-15 12:41 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-15 12:41 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-15 12:41 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-15 12:41 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-15 12:41 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-15 12:41 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-15 12:41 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-15 12:41 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-15 12:41 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-15 12:41 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-15 12:41 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-15 12:41 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-15 12:40 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-15 12:40 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-15 12:40 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-15 12:40 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-15 12:40 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-15 12:40 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-15 12:40 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-15 12:40 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-07-15 12:40 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-15 12:40 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-07-15 12:40 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-07-15 12:40 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-15 12:40 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-15 12:40 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-07-15 12:40 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-15 12:40 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-15 12:40 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 12:40 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-15 12:40 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-15 12:40 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-15 12:40 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-15 12:40 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-15 12:40 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 12:40 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-15 12:40 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 12:40 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-07-15 12:40 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-15 12:40 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 12:40 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 12:40 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 12:40 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-07-15 12:40 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-15 12:40 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 12:39 - 2015-06-30 00:43 - 00026288 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-15 12:39 - 2015-06-29 17:07 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00764928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00433152 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-15 12:39 - 2015-06-29 17:07 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-15 12:39 - 2015-06-27 01:21 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-15 12:39 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-15 12:39 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-15 12:39 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-15 12:39 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-15 12:39 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-15 12:38 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-15 12:38 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-15 12:38 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-15 12:38 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-15 12:38 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-15 12:38 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-15 12:38 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-15 12:38 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-15 12:38 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-15 12:38 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-15 12:38 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-15 12:38 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-15 12:38 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-15 12:38 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-15 12:38 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-15 12:38 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:38 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-15 12:38 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-15 12:38 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-15 12:38 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-15 12:38 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-15 12:38 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-15 12:38 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-15 12:38 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-12 21:33 - 2015-07-12 22:03 - 00000000 ____D C:\Users\dafty\AppData\Local\Ori and the Blind Forest
2015-07-12 16:01 - 2015-07-12 16:01 - 00000000 ____D C:\Users\dafty\AppData\Roaming\com.jackboxgames.quiplash
2015-07-10 07:31 - 2015-07-10 07:31 - 00296896 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgwfpa.sys
2015-07-09 21:19 - 2015-07-09 21:19 - 00000000 ____D C:\ProgramData\Electronic Arts
2015-07-09 21:19 - 2015-07-09 21:19 - 00000000 ____D C:\ProgramData\EA Core
2015-07-07 21:58 - 2015-07-07 22:05 - 00000000 ____D C:\Users\dafty\Desktop\cc
2015-07-07 11:31 - 2015-07-07 13:53 - 00001005 _____ C:\Users\dafty\Desktop\Neues Textdokument.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-05 12:42 - 2014-12-14 20:47 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-08-05 12:09 - 2015-04-25 16:50 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-05 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-05 11:59 - 2014-09-24 01:19 - 00765378 _____ C:\Windows\system32\perfh007.dat
2015-08-05 11:59 - 2014-09-24 01:19 - 00159696 _____ C:\Windows\system32\perfc007.dat
2015-08-05 11:59 - 2014-09-24 00:34 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-05 11:55 - 2014-12-02 20:08 - 00006464 _____ C:\Windows\SysWOW64\Gms.log
2015-08-05 11:53 - 2015-04-25 16:50 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-05 11:52 - 2014-12-11 18:12 - 00000000 ____D C:\ProgramData\MFAData
2015-08-05 11:52 - 2014-12-02 20:05 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-05 11:52 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-05 09:36 - 2014-12-11 18:08 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2631200458-2655560116-1998003478-1001
2015-08-05 09:31 - 2015-01-27 10:07 - 00001004 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-08-05 09:31 - 2014-12-11 18:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-08-05 06:58 - 2014-12-11 20:49 - 00000000 ____D C:\Users\dafty\AppData\Local\Battle.net
2015-08-05 06:51 - 2014-12-11 18:13 - 00003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{01010920-0C12-4BAF-8173-C97CB61BBA3B}
2015-08-05 06:51 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-08-04 22:55 - 2014-12-11 18:34 - 00000000 ____D C:\Users\dafty\AppData\Roaming\vlc
2015-08-04 13:33 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-08-04 13:27 - 2014-12-28 01:39 - 00000000 ____D C:\Users\dafty\Desktop\pr0
2015-08-04 07:26 - 2014-12-11 21:22 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-03 23:11 - 2014-12-11 23:03 - 00000000 ____D C:\Users\dafty\AppData\Roaming\TS3Client
2015-08-01 20:14 - 2015-06-11 18:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LEGO Company
2015-08-01 20:14 - 2015-06-11 18:49 - 00000000 ____D C:\Program Files (x86)\LEGO Company
2015-08-01 20:13 - 2015-06-23 21:10 - 00000000 ____D C:\ProgramData\Freemake
2015-08-01 20:13 - 2015-04-07 19:34 - 00000000 ____D C:\Users\dafty\AppData\Local\FluxSoftware
2015-08-01 18:15 - 2015-04-17 19:45 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Skype
2015-08-01 18:15 - 2015-02-19 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2015-08-01 18:15 - 2015-02-14 15:23 - 00000000 ____D C:\Users\dafty\.thumbnails
2015-08-01 18:15 - 2014-12-16 21:34 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Sony
2015-08-01 18:15 - 2014-12-12 18:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDFCreator
2015-08-01 18:12 - 2015-05-21 08:44 - 00000000 ____D C:\Users\dafty\AppData\Local\Avg
2015-08-01 18:12 - 2014-12-11 18:21 - 00000000 ____D C:\Program Files (x86)\AVG
2015-08-01 13:38 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-29 20:28 - 2014-12-02 20:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-07-29 20:28 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-07-29 19:26 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-07-27 17:48 - 2015-05-26 20:48 - 00000000 ____D C:\Users\dafty\Desktop\dokum
2015-07-27 12:51 - 2014-12-21 01:17 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2015-07-26 17:17 - 2013-08-22 17:43 - 00000000 ____D C:\Windows\DigitalLocker
2015-07-26 17:01 - 2015-02-15 17:05 - 00007597 _____ C:\Users\dafty\AppData\Local\Resmon.ResmonCfg
2015-07-26 01:43 - 2015-04-04 18:14 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-25 13:30 - 2014-12-02 20:04 - 00000000 ____D C:\ProgramData\Intel
2015-07-25 03:23 - 2015-03-09 23:09 - 00000000 ____D C:\Users\dafty\Desktop\frap
2015-07-24 20:04 - 2014-12-15 16:54 - 00000000 ____D C:\Users\dafty\AppData\Local\Microsoft Games
2015-07-24 19:57 - 2014-12-16 19:44 - 00000000 ____D C:\Users\dafty\AppData\Local\CrashDumps
2015-07-24 19:56 - 2014-12-23 17:59 - 00000000 ____D C:\Program Files (x86)\Audacity
2015-07-24 06:21 - 2014-12-02 20:05 - 01756608 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01710568 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01423304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2015-07-24 06:21 - 2014-12-02 20:05 - 01316000 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2015-07-24 04:10 - 2015-06-30 14:22 - 00002142 _____ C:\Users\dafty\Desktop\limbo.txt
2015-07-23 06:06 - 2015-06-06 09:18 - 15129192 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 17615408 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 12876336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 03407144 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 03008880 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-07-23 06:06 - 2014-12-02 20:04 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-07-23 03:31 - 2014-12-02 20:05 - 06873744 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 03493008 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 00937616 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-07-23 03:31 - 2014-12-02 20:05 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-07-23 03:31 - 2014-12-02 20:05 - 00062792 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-07-22 09:38 - 2014-12-11 18:03 - 00000000 ____D C:\Users\dafty
2015-07-22 09:36 - 2014-12-12 18:41 - 00000000 ____D C:\Users\dafty\AppData\Local\PDFCreator
2015-07-22 09:30 - 2014-12-11 18:24 - 00000000 ____D C:\Users\dafty\AppData\Roaming\ClassicShell
2015-07-21 15:14 - 2013-08-22 16:44 - 00376712 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-20 16:16 - 2014-12-02 20:05 - 05121613 _____ C:\Windows\system32\nvcoproc.bin
2015-07-20 15:50 - 2015-01-02 23:52 - 00000000 ____D C:\Users\dafty\Documents\My Games
2015-07-17 18:32 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-07-17 14:36 - 2015-04-17 19:52 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-07-17 14:36 - 2015-04-17 19:52 - 00000000 ____D C:\ProgramData\Oracle
2015-07-17 14:36 - 2015-04-17 19:52 - 00000000 ____D C:\Program Files (x86)\Java
2015-07-16 21:20 - 2014-12-11 18:56 - 00000000 ____D C:\Users\dafty\AppData\Local\Paint.NET
2015-07-15 23:04 - 2015-04-25 16:50 - 00004096 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 23:04 - 2015-04-25 16:50 - 00003860 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 19:41 - 2015-04-15 21:28 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 19:41 - 2014-11-20 10:18 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-07-15 19:41 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-15 19:41 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-15 19:39 - 2015-01-17 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-07-15 19:37 - 2014-09-24 01:08 - 00000000 ____D C:\Windows\system32\MRT
2015-07-15 12:40 - 2014-12-11 18:50 - 00000000 ____D C:\Users\dafty\AppData\Local\Adobe
2015-07-14 23:27 - 2015-06-23 18:52 - 00000000 ____D C:\Users\dafty\Desktop\SP
2015-07-14 17:01 - 2014-12-11 21:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-14 17:00 - 2014-12-25 14:47 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-14 14:03 - 2015-04-04 18:14 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-13 23:10 - 2015-05-14 13:48 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-13 23:10 - 2015-05-14 13:48 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-09 21:19 - 2014-12-11 18:03 - 00000000 ____D C:\Users\dafty\AppData\Local\VirtualStore
2015-07-09 18:35 - 2015-02-16 04:30 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-07-09 18:35 - 2015-02-16 04:30 - 00000978 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2015-07-07 22:20 - 2014-12-13 20:33 - 00000000 ____D C:\Users\dafty\Desktop\beats
2015-07-07 22:16 - 2015-03-20 22:46 - 00000000 ____D C:\Users\dafty\Desktop\tape
2015-07-06 15:22 - 2014-12-13 19:23 - 00000000 ____D C:\Users\dafty\AppData\Roaming\Xfire
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-06-08 01:49 - 2015-06-08 01:49 - 0000832 _____ () C:\Users\dafty\AppData\Local\recently-used.xbel
2015-02-15 17:05 - 2015-07-26 17:01 - 0007597 _____ () C:\Users\dafty\AppData\Local\Resmon.ResmonCfg
2014-12-02 20:16 - 2014-12-02 20:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\dafty\fraps.exe
C:\Users\dafty\fraps32.dll
C:\Users\dafty\fraps64.dat
C:\Users\dafty\fraps64.dll
C:\Users\dafty\frapslcd.dll
C:\Users\dafty\uninstall.exe
==================== Bamital & volsnap Check =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-07-31 06:33
==================== Ende von log ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von dafty (2015-08-05 12:53:02)
Gestartet von C:\Users\dafty\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2631200458-2655560116-1998003478-500 - Administrator - Disabled)
Gast (S-1-5-21-2631200458-2655560116-1998003478-501 - Limited - Disabled)
dafty (S-1-5-21-2631200458-2655560116-1998003478-1001 - Administrator - Enabled) => C:\Users\dafty
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Disabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe Digital Editions 4.0 (HKLM-x32\...\Adobe Digital Editions 4.0) (Version: 4.0.3 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version: - Spicy Horse Games)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6125 - AVG Technologies)
AVG 2015 (Version: 15.0.4401 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6125 - AVG Technologies) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
Cosmic DJ (HKLM-x32\...\Steam App 297110) (Version: - Gl33k)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Drive Any Track (HKLM-x32\...\Steam App 351990) (Version: - FOAM Entertainment)
Dungeon Defenders II (HKLM-x32\...\Steam App 236110) (Version: - Trendy Entertainment)
f.lux (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\Flux) (Version: - )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Obsidian Entertainment)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version: - Subset Games)
Game of Thrones - A Telltale Games Series (HKLM-x32\...\Steam App 330840) (Version: - Telltale Games)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Sony Online Entertainment)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version: - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version: - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Intel(R) Chipset Device Software (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.2.4.1000 - Intel Corporation)
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
LEGO® Worlds (HKLM-x32\...\Steam App 332310) (Version: - TT Games)
Life Is Strange™ (HKLM-x32\...\Steam App 319630) (Version: - DONTNOD Entertainment)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.1005 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Access 2007 (HKLM-x32\...\Access) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.7.0 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.62 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.62 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 353.62 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 353.62 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Ori and the Blind Forest (HKLM-x32\...\Steam App 261570) (Version: - Moon Studios GmbH)
Out of the Park Baseball 15 (HKLM-x32\...\Steam App 272670) (Version: - Out of the Park Developments)
Paint.NET v3.5.9 (HKLM\...\{7A61142C-CA19-4F3C-BA66-FF8F131501FA}) (Version: 3.59.0 - dotPDN LLC)
PDF Architect 2 Create Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDF Architect 2 Edit Module (x32 Version: 2.1.6.19758 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.0.0 - pdfforge)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Rocket League (HKLM-x32\...\Steam App 252950) (Version: - Psyonix) <==== ACHTUNG
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version: - Coffee Stain Studios)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Startfenster (HKLM-x32\...\Startfenster) (Version: - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.43879 - TeamViewer)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version: - Edmund McMillen and Florian Himsl)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
Trine 2 (HKLM-x32\...\Steam App 35720) (Version: - Frozenbyte)
Unity Web Player (HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\UnityWebPlayer) (Version: 4.6.1f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0015-0000-0000-0000000FF1CE}_Access_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
Vegas Pro 10.0 (64-bit) (HKLM\...\{C71D49C0-11F5-11E0-B8FB-0013D3D69929}) (Version: 10.0.470 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VTFEdit 1.2.5 (HKLM-x32\...\VTFEdit_is1) (Version: - Neil Jedrzejewski & Ryan Gregg)
Windows Software Development Kit for Windows 8.1 (HKLM-x32\...\{ed3a6e6d-9661-4357-abe4-fcc03dc57a07}) (Version: 8.100.26936 - Microsoft Corporation)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.100.26936 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26936 - Microsoft) Hidden
Xfire (HKLM-x32\...\Xfire) (Version: - )
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
25-07-2015 13:29:05 Intel Driver Update Utility
27-07-2015 12:50:38 Driver Booster : Intel(R) 4th Gen Core processor DRAM Controller - 0C00
01-08-2015 18:12:01 AVG PC TuneUp 2015 wird installiert
04-08-2015 12:21:16 Installed AVG 2015
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {26159DD5-2359-4DBE-AEB5-BBB3B9FFDF29} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2AB3746C-64A8-4A52-A4EF-7A7633D33586} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
Task: {70AADACD-010E-4B24-9352-679E90C8F94D} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {8887699A-7651-4E95-B209-29DDB40C9724} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {9638ACF4-8134-4B27-89E2-882C0D46E307} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {98610F4B-F4F0-442D-AFD7-D37962F9BA68} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)
Task: {DA49990E-1479-4AC8-A844-3DE5C07F4577} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-25] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-12-02 20:05 - 2015-07-23 03:31 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-12-11 19:07 - 2013-07-04 04:32 - 00936728 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-06-01 19:28 - 2015-06-01 19:28 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2014-12-11 19:07 - 2015-08-05 11:52 - 00034960 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2014-12-11 19:07 - 2012-05-08 09:04 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-16 20:34 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-03-20 21:43 - 2014-03-20 21:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer trusted/restricted ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\sony.com -> sony.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2631200458-2655560116-1998003478-1001\...\StartupApproved\StartupFolder: => "Xfire.lnk"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{5C24B070-1F70-4829-8227-81E638D64DE7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{259BAFE7-DFBA-44E1-9CE9-345FC9F28374}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{612F14A7-8D8A-487A-B5C5-123D0E72FEBF}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [UDP Query User{337511E4-F66D-41C8-BB93-37A638D23E36}C:\program files (x86)\xfire\xfire.exe] => (Block) C:\program files (x86)\xfire\xfire.exe
FirewallRules: [{128E619C-D5A5-4682-8539-C70E12F343C5}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{F1A0238E-F62F-4454-B0AF-60164CD69A25}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{5324CDF2-D84D-4AF1-A9D2-E7E6BDF16EBA}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{1744CF8D-6DD3-4EB9-BF8C-C0994A3563BF}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{DCB005B0-1022-426F-A4D0-D40DB2EC1B2D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D94338D8-53A0-4729-90A2-75D5E9A8BC8C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{6ED5B567-610F-4445-B68C-1AEB071F6220}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{41475297-DE10-4925-9244-166A9684B50A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{43327DCD-722E-41FB-89E4-3A8FE33B3322}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{50678CAC-82B6-4BB2-A41D-B91AA195DB86}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{93094BF3-B274-4A22-B6A2-E840BEAF4D01}] => (Allow) E:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{3B477DE3-42C4-426C-8218-94E707C77094}] => (Allow) E:\Hearthstone\Hearthstone\Hearthstone.exe
FirewallRules: [{C99365DE-114B-40DC-94DB-D6BDCE4F5F60}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{2A39D611-1ABE-456C-A774-48ACFE9CA795}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{825600EB-06FE-4843-801B-40B591CC2971}] => (Allow) E:\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{105F16EE-4D5B-46CA-B037-ABE617E51414}] => (Allow) E:\Steam\steamapps\common\The Walking Dead Season Two\TheWalkingDead2.exe
FirewallRules: [{6728D28F-8248-43C4-8E74-82D137D3CA5C}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{5B77052A-FAE2-4617-BAAB-539AE3A91909}] => (Allow) E:\Steam\steamapps\common\Alice Madness Returns\Binaries\Win32\AliceMadnessReturns.exe
FirewallRules: [{10A56769-86F5-4768-86B0-E60A0BFC392A}] => (Allow) E:\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{C9E4A5A7-4767-4592-B029-64AE76B73FC6}] => (Allow) E:\Steam\steamapps\common\Sanctum2\Binaries\Win32\SanctumGame-Win32-Shipping.exe
FirewallRules: [{1D0820DA-6905-40D6-A9B6-BF160F436DA3}] => (Allow) E:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{688A081B-34C3-4F43-8052-70FFF9F27086}] => (Allow) E:\Steam\steamapps\common\The Binding Of Isaac\Isaac.exe
FirewallRules: [{012817A9-C94A-41AC-8D5B-D85A76770642}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{A55A42E4-9D2A-42D1-8981-17A94E5547AA}] => (Allow) E:\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{65668050-4342-446D-9596-91A58E8BD952}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{38A52330-8353-4725-88E4-3F9CA12ED38B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{598491ED-D1F2-48EA-983D-B0CCD88B2710}] => (Allow) E:\diablo\Diablo III\Diablo III.exe
FirewallRules: [{4B3B4223-C347-457F-BAF6-60B66CF02C0F}] => (Allow) E:\diablo\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{96644349-142F-4E5A-B539-941FA30C041A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{AA19499E-CA1F-483C-9EDB-002AEFC5379E}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{B7FD7E69-0292-48D9-BF5D-BE25314F4AFE}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{0E1EEE3C-AC88-4D9B-8320-3B0D9379DC1A}] => (Allow) E:\Steam\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [TCP Query User{07604364-079B-415E-B025-F4D1D709CFDF}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [UDP Query User{C97808D2-7D23-47BF-AD18-8354D8B29074}E:\steam\steamapps\common\h1z1\h1z1.exe] => (Allow) E:\steam\steamapps\common\h1z1\h1z1.exe
FirewallRules: [TCP Query User{491380B2-0C2D-4FD2-85D8-F6C18D00396C}C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{14D43A18-5DBA-4819-A56B-9B33F7534631}C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\dafty\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{C8BCC37F-7881-411C-B319-E07DEAB6788B}] => (Allow) E:\Steam\steamapps\common\Drive Any Track\Game.exe
FirewallRules: [{1BC462F9-32F8-4859-AF65-8360619CF179}] => (Allow) E:\Steam\steamapps\common\Drive Any Track\Game.exe
FirewallRules: [{2D7BBE1A-EE2B-4339-A4DA-9FC9E2A7E225}] => (Allow) E:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{86D278DD-10A2-4C9A-9B33-FCB1677AF05F}] => (Allow) E:\Steam\steamapps\common\Game of Thrones\Thrones.exe
FirewallRules: [{7981230B-A540-44E1-97BD-8DB04652B55F}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{0717A968-D7E4-45B0-A77E-EC0B1BC7C1A9}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{BC602D55-2D7D-49AD-9831-BEC4F1773DF3}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{EBF905AC-7C79-44D8-B335-9AEDE19FA98C}] => (Allow) E:\Steam\steamapps\common\Prison Architect\Prison Architect.exe
FirewallRules: [{B1A63470-6542-42F9-8E6B-BFC517900FDB}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{7C8A0858-B600-42B7-B5C1-B4C4D91DBDED}] => (Allow) E:\Steam\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{0E9197BB-12C2-415E-9CCA-F152E949BEFB}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{38A99A4B-CB79-4E3E-A266-82F655FE0023}] => (Allow) E:\Steam\steamapps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{677666BE-A61B-458B-A60B-6410F8A4A3E5}] => (Allow) E:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{E61A7172-02D6-4A77-94CE-11663EC7F18B}] => (Allow) E:\Steam\steamapps\common\Ori\ori.exe
FirewallRules: [{60852B25-CA30-4779-A6CD-3BAB56889915}] => (Allow) E:\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{A1DF2AEF-8C13-45F1-9160-4683E195B8BB}] => (Allow) E:\Steam\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E699BCF3-FBE3-4F8E-9D18-DD6E2D799296}] => (Allow) E:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{D2E0EE71-110E-4F8B-BEC4-B748CA0DCEB5}] => (Allow) E:\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{F819B539-CCAF-44F6-9AA2-7D873C852F06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{7DD8DA7C-B014-4EDA-A3F3-F3923F51EB1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{2D43169B-BE88-4E0D-A783-E94A25A8017E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{CD1E4005-10D7-4AC1-991C-AD71CFBF6D2D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EF7F6849-CBDC-4EDD-8F38-23ECF92BE4F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DCEF2CCE-5013-4F89-A7C9-B2C725C27C60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{127C2654-091F-4048-AB63-28352E972F9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5B7FD887-0E77-4FAD-AD32-E2B02398A275}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4BBD732B-C775-4E5E-9B79-A03E24AAB431}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{1AB3403C-3DF6-436C-B23C-26E70C91E2CB}] => (Allow) E:\Steam\steamapps\common\OOTP Baseball 15\ootp15.exe
FirewallRules: [{8E7563D3-D46F-495B-9E33-02E68812274A}] => (Allow) E:\Steam\steamapps\common\OOTP Baseball 15\ootp15.exe
FirewallRules: [{BF112708-CAC7-4076-AA5B-716E9E03AE87}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{6851030E-0003-41BB-A5D6-8DD8B2ACF928}] => (Allow) E:\Steam\steamapps\common\FTL Faster Than Light\FTLGame.exe
FirewallRules: [{BB28D737-CAF9-4D64-992A-8246CC80C35A}] => (Allow) E:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{F8239C16-692E-4C59-A087-6C9A8C9C4BC3}] => (Allow) E:\Steam\steamapps\common\Trine 2\trine2_launcher.exe
FirewallRules: [{506BD925-FA40-4199-801F-0B8BBA638139}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{33CE761B-EB37-427A-93C0-0740F66CB890}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{749E0DC3-D037-4D51-9926-C3E712F3798D}] => (Allow) E:\Steam\steamapps\common\Life Is Strange\Binaries\Win32\LifeIsStrange.exe
FirewallRules: [{6BD3FD2A-37E7-4A24-8289-0A9A03869167}] => (Allow) E:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{B6C10A85-A808-4B38-92DA-395D236D21EB}] => (Allow) E:\Steam\steamapps\common\Dungeon Defenders 2\DunDefLauncher.exe
FirewallRules: [{5487603C-A155-428E-BA04-0DC343D0747A}] => (Allow) E:\Steam\steamapps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{ADBE53C9-F0DE-4C58-A41B-014ACFEA3DD1}] => (Allow) E:\Steam\steamapps\common\Cosmic DJ\CosmicDJ.exe
FirewallRules: [{5E6E87ED-3CC9-47F0-B459-865C0B964B51}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{118D23C2-4ACA-45C0-B219-8C1445ADEC8A}] => (Allow) E:\Steam\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{E80C62A2-B72A-42EE-A181-2CED73B965AF}] => (Allow) E:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{72D71521-2A9E-413C-823A-F79839833895}] => (Allow) E:\Steam\steamapps\common\LEGO Lord of the Rings\LEGOLOTR.exe
FirewallRules: [{D6A2C60D-E023-4E06-B842-1931601E4EE8}] => (Allow) E:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{F0947861-1EA5-46AC-B981-477826C52832}] => (Allow) E:\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{6E3097F9-BFBC-447A-AC47-167F656A7AED}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{7825C020-F9C8-47A5-BA26-71DD529CA0AA}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [{FBC6EF95-9EB7-4B12-A0D3-9EC324A6C314}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{2CA57EDF-CF02-4135-84F2-D601CE511120}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{9E9519C1-0A34-43C7-BDBE-C78A272ED57A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{221312D7-2C7A-41DA-B668-403C904AE5B9}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/05/2015 12:51:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (08/05/2015 12:42:31 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (08/05/2015 12:02:21 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (08/05/2015 12:02:20 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (08/05/2015 12:02:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (08/05/2015 12:02:15 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_6240b9c7ecbd0bda.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17810_none_a9edf09f013934e0.manifest.
Error: (08/05/2015 07:05:42 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/04/2015 12:41:50 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/04/2015 07:01:23 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (08/03/2015 08:54:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm hl2.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1788
Startzeit: 01d0ce1d4acd6961
Endzeit: 4294967295
Anwendungspfad: E:\Steam\steamapps\common\Half-Life 2\hl2.exe
Berichts-ID: 004ed44c-3a11-11e5-82b6-ac9e17ec65ea
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (08/05/2015 12:03:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/05/2015 12:03:06 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\dafty\AppData\Local\Temp\ehdrv.sys
Error: (08/05/2015 12:03:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/05/2015 12:03:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\dafty\AppData\Local\Temp\ehdrv.sys
Error: (08/05/2015 12:03:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/05/2015 12:03:05 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\dafty\AppData\Local\Temp\ehdrv.sys
Error: (08/05/2015 11:53:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDF Architect 2 Creator" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/05/2015 11:51:23 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (08/05/2015 11:50:53 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
Error: (08/05/2015 11:50:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office:
=========================
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 23%
Total physical RAM: 8135.07 MB
Available physical RAM: 6202.33 MB
Total Virtual: 9415.07 MB
Available Virtual: 7140.25 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:105.8 GB) (Free:44.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive e: (New Volume) (Fixed) (Total:931.51 GB) (Free:701.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 1ADB6A34)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=105.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=13 GB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 503117A8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von log ============================
|
|
05.08.2015, 12:36
| #8 | ||||||||||
| /// TB-Ausbilder | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten Reste entfernen Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
C:\Users\dafty\Desktop\vlc-2.1.5-win32.exe
C:\Users\dafty\AppData\Local\Hola
FirewallRules: [TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird! Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber.  Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.  Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...  und/oder das Forum mit einer kleinen Spende  unterstützen.   Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:
Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Ghostery Erkennt und blockiert Tracker, Web Bugs, Pixel und Beacons und weitere Scripte, die das Surfverhalten ausspähen/beobachten. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
|
05.08.2015, 13:54
| #9 |
| | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten das problem tauchte bisher nicht wieder auf, werde meinen computer heute abend mal ein bisschen ausreizen und schauen was passiert. an sich ist alles geklärt und eure tools haben einiges gefunden was man als "normalsterblicher" nicht finden könnte, vielen dank für die hilfe! die weiteren tools werde ich mir gleich auch noch anschauen. den thread könnte man bis zum späten abend noch auflassen, ich werde dann eine rückmeldung nach dem "test" geben als signal zur - vermutlichen - schließung. hier noch der code: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
durchgeführt von dafty (2015-08-05 14:25:08) Run:2
Gestartet von C:\Users\dafty\Desktop
Geladene Profile: dafty (Verfügbare Profile: dafty)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
C:\Users\dafty\Desktop\vlc-2.1.5-win32.exe
C:\Users\dafty\AppData\Local\Hola
FirewallRules: [TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
FirewallRules: [UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe] => (Block) C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
"C:\Users\dafty\Desktop\vlc-2.1.5-win32.exe" => Datei/Ordner nicht gefunden.
"C:\Users\dafty\AppData\Local\Hola" => Datei/Ordner nicht gefunden.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{B59334AC-E177-43DD-8CD7-BE5E0F99D175}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe => Wert nicht gefunden.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{CBE858FF-AF13-4F77-8892-ABFDBCC1B5F5}C:\users\dafty\appdata\local\hola\firefox\app\hola_plugin.exe => Wert nicht gefunden.
EmptyTemp: => 15.5 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 14:25:15 ====
|
|
05.08.2015, 22:13
| #10 |
| /// TB-Ausbilder | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten Ich bin froh, dass wir helfen konnten  In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank!  Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
05.08.2015, 22:18
| #11 |
| | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten läuft wieder einwandfrei  |
|
08.08.2015, 19:31
| #12 |
| | Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten mh kann den letzten post leider nicht editieren. als info für alle die mitlesen sollten: das problem wurde danach doch nicht behoben, ich hatte blos glück das es eine zeit lang ausblieb. allerdings war es bei mir irgendwo ein fehler mit windows 8.1, denn nachdem ich nun auf windows 10 aufgestockt habe läuft alles problemlos. nochmal danke an M-K-D-B! Bin ja trotzdem einiges an zeugs losgeworden. |
|
| Themen zu Win 8.1 - Systemunterbrechungen; CPU-Auslastung für 2-5 Minuten |
| antivirus, auslastung, avg, bonjour, computer, defender, dnsapi.dll, driver booster, excel, firefox, flash player, ftp, helper, homepage, mozilla, port, problem, prozesse, realtek, registry, rundll, scan, services.exe, software, udp, usb, windows |
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
