| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet.Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
24.08.2015, 11:26
| #1 |
| |  Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Hallo, ich benutze Windows 7 und Chrome. Beim Besuchen der ebay Seite werde ich nach ein paar Sekunden auf Werbung umgeleitet. Ich habe schon ebay.de und ebay.com versucht. Kein Unterschied. Bei anderen Internetadressen habe ich dies noch nicht festgestellt. Beim Firefox werden ich nicht umgeleitet. gefogger und FRST konnte ich ohne Probleme ausführen. Gmer hat nur im abgesicherten Modus funktioniert. Hier die Log-Files defogger Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 10:45 on 24/08/2015 (Christian)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-08-24 10:58:54
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-1 TOSHIBA_DT01ABA200 rev.MZ4OABB0 1863,02GB
Running: gmer 2.1 fgrvzqm4.exe; Driver: C:\Users\CHRIST~1\AppData\Local\Temp\fwtdyaow.sys
---- Processes - GMER 2.1 ----
Library C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (*** suspicious ***) @ C:\Windows\Explorer.EXE [1236] (TODO: <File description>/TODO: <Company name>)(2015-06-25 13:35:48) 000007fefa9f0000
Library Ì÷×à]H (*** suspicious ***) @ D:\Portable\FreeCommanderPortable\FreeCommanderPortable.exe [1616] 0000000010000000
---- Disk sectors - GMER 2.1 ----
Disk \Device\Harddisk1\DR1 unknown MBR code
---- EOF - GMER 2.1 ----
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015
durchgeführt von C***** (Administrator) auf KARAYAHOME (24-08-2015 10:16:38)
Gestartet von C:\Software\Systemtools\Scan Tools
Geladene Profile: C***** (Verfügbare Profile: C*****)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Sandboxie Holdings, LLC) D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synology Inc.) C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synology Inc.) C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Synology Inc.) C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(PortableAppZ.blogspot.com) D:\Portable\JDownloader2\JDownloader2Portable.exe
(Sun Microsystems, Inc.) D:\Portable\CommonFiles\Java\bin\javaw.exe
(fcportables.blogspot.com) D:\Portable\DivX Plus Converter\DivX Plus Converter 9.1.0.68\DivXConverterLauncher.exe
() D:\Portable\DivX Plus Converter\DivX Plus Converter 9.1.0.68\Data\DivX Converter\local\stubexe\0x8AD8B7CC0DB09573\DivXConverterLauncher.exe
() D:\Portable\DivX Plus Converter\DivX Plus Converter 9.1.0.68\Data\DivX Converter\local\stubexe\0x08442AAC94E6EB28\DivXUpdate.exe
(Marek Jasinski & contributors) D:\Portable\FreeCommanderPortable\FreeCommanderPortable.exe
(Marek Jasinski - www.FreeCommander.com) D:\Portable\FreeCommanderPortable\App\FreeCommander\FreeCommander.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(JAM Software) D:\Portable\UltraSearch\UltraSearch.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() D:\Portable\DivX Plus Converter\DivX Plus Converter 9.1.0.68\Data\DivX Converter\local\stubexe\0x8386B2B0DBBBDE41\DivXEngine.exe
(Marek Jasinski) D:\Portable\FreeCommanderPortable\App\FreeCommander\FcContextMenu64.exe
(Dominik Reichl) D:\Portable\KeePass-2.28\KeePass.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-07-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PTBSync] => C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [2013072 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe [333712 2012-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2670592 2015-06-01] (Sony Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 11\AudialsNotifier.exe
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SandboxieControl] => D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
Startup: C:\Users\C*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-05-15]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\C*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2015-04-01]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-07-18] (Gladinet, INC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.giga.de/androidnews/?utm_source=SDA&utm_medium=plugin&utm_campaign=april2015
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1697669310-943054665-3328125322-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{17F07E1A-08F0-41C8-89BF-5D91B4E1D7ED}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-03-24]
CHR Extension: (Google Slides) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-24]
CHR Extension: (Google Docs) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24]
CHR Extension: (Google Drive) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24]
CHR Extension: (uStart Notifier) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbdbbhnimnonpiopjkmekpmemfpbkbgp [2015-03-24]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-08-14]
CHR Extension: (YouTube) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Adblock Plus) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-24]
CHR Extension: (APK Downloader) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-03-24]
CHR Extension: (Google Search) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (Autocomplete = on) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh [2015-03-24]
CHR Extension: (Google Calendar) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-24]
CHR Extension: (Video Downloader professional) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-03-24]
CHR Extension: (Hola Better Internet Engine) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-24]
CHR Extension: (Foxtab Speed Dial) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2015-03-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-03-24]
CHR Extension: (Google Sheets) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-24]
CHR Extension: (Avira Browser Safety) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-26]
CHR Extension: (Plex) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-03-24]
CHR Extension: (Video Downloader Super) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-03-24]
CHR Extension: (Cr!Box) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2015-03-24]
CHR Extension: (Zalmos SSL Web Proxy for Free) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn [2015-03-24]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2015-03-24]
CHR Extension: (Clearly) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-03-24]
CHR Extension: (Google Play) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-24]
CHR Extension: (DotVPN — better than VPN.) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2015-03-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Kein Name) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-08-21]
CHR Extension: (MyPermissions Cleaner) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2015-03-24]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-04]
CHR Extension: (Google Maps) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Save to Cloud Drive) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojclbecnodddpjckkkcmamhlhpendahg [2015-03-24]
CHR Extension: (Print Edit) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2015-03-24]
CHR Extension: (chromeIPass) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2015-03-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-24]
CHR Extension: (Gmail) - C:\Users\C*****\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AcronisOSSReinstallSvc; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2232296 2007-03-09] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-07-30] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-07-30] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29592 2012-07-18] (Gladinet, INC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-06-01] (Sony Corporation)
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft) [Datei ist nicht signiert]
R2 SbieSvc; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-08-19] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 SbieDrv; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-07-10] (Oracle Corporation)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2015-03-27] (OpenLibSys.org)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-24 10:16 - 2015-08-24 10:16 - 00000000 ____D C:\FRST
2015-08-24 10:15 - 2015-08-24 10:15 - 00000000 _____ C:\Users\C*****\defogger_reenable
2015-08-23 10:34 - 2015-08-23 10:34 - 00000310 _____ C:\Windows\PFRO.log
2015-08-21 23:43 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-08-21 23:41 - 2015-08-21 23:43 - 00001186 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2015-08-21 23:41 - 2015-08-21 23:43 - 00000049 _____ C:\Windows\SysWOW64\ScrRecX.log
2015-08-21 23:41 - 2015-08-21 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-21 23:41 - 2015-08-21 23:41 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-20 19:16 - 2015-08-20 19:18 - 00000000 ____D C:\AdwCleaner
2015-08-20 03:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 03:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 19:07 - 2015-08-19 19:10 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-19 19:07 - 2015-08-19 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-19 19:07 - 2014-04-03 15:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-18 17:49 - 2015-08-18 17:49 - 00001200 _____ C:\Users\C*****\Desktop\MKVToolNix.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001581 _____ C:\Users\C*****\Desktop\DivXConverter.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001101 _____ C:\Users\C*****\Desktop\MusicBee.lnk
2015-08-18 17:26 - 2015-08-18 17:26 - 959871659 _____ C:\Windows\MEMORY.DMP
2015-08-18 17:26 - 2015-08-18 17:26 - 00313328 _____ C:\Windows\Minidump\081815-24710-01.dmp
2015-08-18 17:26 - 2015-08-18 17:26 - 00000000 ____D C:\Windows\Minidump
2015-08-16 13:25 - 2015-08-23 10:52 - 00005632 _____ C:\Users\C*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-16 12:21 - 2015-08-16 12:21 - 00272928 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 19:02 - 2015-08-14 19:02 - 00000000 _____ C:\Windows\system32\corona.dll
2015-08-14 18:54 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-14 18:52 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-14 18:52 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Users\C*****\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Program Files\WMV9_VCM
2015-08-14 14:39 - 2015-08-14 14:39 - 00003814 _____ C:\Windows\System32\Tasks\klcp_update
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-08-14 12:19 - 2015-08-14 12:19 - 00000000 ____D C:\Users\C*****\AppData\Local\Spoon
2015-08-12 22:58 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:58 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 16:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 16:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 16:55 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 16:55 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 16:55 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 16:55 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 16:55 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 16:55 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 16:55 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 16:55 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 16:55 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 16:55 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 16:55 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 16:55 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 16:55 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 16:55 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 16:55 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 16:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 16:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 16:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 16:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 16:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 16:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 16:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 16:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 16:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 16:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 16:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 16:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 16:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 16:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 16:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 16:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 16:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 16:53 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 16:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 16:53 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 16:53 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 16:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 16:53 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-03 20:53 - 2015-08-03 20:53 - 00000000 ____D C:\Users\C*****\dwhelper
2015-08-02 12:06 - 2015-08-02 12:06 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-08-02 12:06 - 2015-08-02 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-08-02 12:06 - 2015-07-10 13:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-08-02 12:06 - 2015-07-10 13:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-07-31 18:21 - 2015-08-03 20:06 - 00000000 ____D C:\Users\C*****\VirtualBox VMs
2015-07-31 16:16 - 2015-07-31 16:16 - 00000000 ___HD C:\$Windows.~WS
2015-07-30 17:23 - 2015-07-30 17:42 - 00000000 ____D C:\MP3
2015-07-30 17:23 - 2015-07-30 17:23 - 00000000 ____D C:\Musik Video
2015-07-30 14:06 - 2015-07-30 14:06 - 00001424 _____ C:\Users\C*****\Desktop\Mega USB Portable.lnk
2015-07-29 20:18 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:18 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-24 10:17 - 2015-05-01 11:56 - 00000000 ____D C:\ProgramData\TEMP
2015-08-24 10:15 - 2015-03-22 22:53 - 00000000 ____D C:\Users\C*****
2015-08-24 09:58 - 2015-03-24 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-24 09:37 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-24 09:37 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-24 09:36 - 2015-03-27 23:22 - 00002122 _____ C:\Users\C*****\Documents\PTBSync-AutoExport-C*****.ini
2015-08-24 09:27 - 2015-03-22 22:01 - 01091778 _____ C:\Windows\WindowsUpdate.log
2015-08-23 23:57 - 2015-03-25 19:04 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5013158F-DA91-4D6A-B306-50202B614723}
2015-08-23 22:58 - 2015-03-24 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-23 11:48 - 2015-03-25 23:38 - 00000000 ____D C:\Users\C*****\AppData\Roaming\vlc
2015-08-23 10:36 - 2015-04-01 15:47 - 00000000 ___RD C:\Users\C*****\Google Drive
2015-08-23 10:34 - 2015-06-20 12:37 - 00013558 _____ C:\Windows\setupact.log
2015-08-23 10:34 - 2015-03-24 22:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-23 10:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 23:46 - 2015-03-22 22:53 - 00000000 ____D C:\Users\C*****\AppData\Local\VirtualStore
2015-08-21 20:59 - 2015-03-24 20:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 15:48 - 2015-03-24 20:39 - 00000000 ____D C:\Users\C*****\AppData\Local\Google
2015-08-20 16:05 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-20 16:05 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-20 16:05 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-16 16:29 - 2015-04-01 15:45 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\C*****\AppData\Local\EmieUserList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\C*****\AppData\Local\EmieSiteList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\C*****\AppData\Local\EmieBrowserModeList
2015-08-16 13:40 - 2015-06-15 19:49 - 00000000 ____D C:\Users\C*****\AppData\Roaming\AnvSoft
2015-08-14 20:55 - 2015-03-25 19:17 - 00000000 ____D C:\Users\C*****\AppData\Roaming\Mozilla
2015-08-14 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2015-08-14 18:54 - 2015-03-24 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-14 18:54 - 2015-03-24 22:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 18:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:55 - 2015-03-27 21:41 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:50 - 2013-03-12 22:48 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 16:24 - 2015-06-11 16:57 - 00000000 ____D C:\Users\C*****\.mediathek3
2015-08-10 18:13 - 2015-05-15 10:48 - 00000000 ____D C:\Users\C*****\AppData\Local\CloudStation
2015-08-09 13:47 - 2015-03-24 20:39 - 00000000 ____D C:\Users\C*****\AppData\Local\Deployment
2015-08-08 20:53 - 2015-05-02 14:17 - 00000000 ____D C:\Users\C*****\.VirtualBox
2015-08-07 13:06 - 2015-04-13 20:22 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2015-03-25 18:59 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 06:34 - 2015-03-24 22:08 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2015-03-24 22:08 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 20:18 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-03 20:57 - 2015-06-08 08:45 - 00000000 ____D C:\Users\C*****\AppData\Roaming\Thunderbird
2015-08-03 12:12 - 2015-03-24 22:08 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-31 16:27 - 2010-06-20 21:25 - 00000000 ____D C:\Software
2015-07-31 16:22 - 2013-03-12 21:24 - 00000000 ____D C:\Windows\Panther
2015-07-31 16:17 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-07-30 22:21 - 2015-06-11 11:32 - 00001120 _____ C:\Users\Public\Desktop\Avira.lnk
2015-07-30 22:21 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 22:21 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-07-30 22:20 - 2015-03-25 19:37 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-30 22:20 - 2015-03-25 19:37 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-29 19:57 - 2015-03-24 22:09 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2015-07-25 09:35 - 2015-04-05 00:27 - 00000000 ___SD C:\Windows\system32\GWX
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-16 13:25 - 2015-08-23 10:52 - 0005632 _____ () C:\Users\C*****\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-01 11:37 - 2015-04-01 11:37 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\C*****\AppData\Local\Temp\atcMedia1101440200553.exe
C:\Users\C*****\AppData\Local\Temp\atl100.dll
C:\Users\C*****\AppData\Local\Temp\avgnt.exe
C:\Users\C*****\AppData\Local\Temp\BaseServices.dll
C:\Users\C*****\AppData\Local\Temp\mbamext.dll
C:\Users\C*****\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\C*****\AppData\Local\Temp\nvStereoApiI.dll
C:\Users\C*****\AppData\Local\Temp\nvStInst.exe
C:\Users\C*****\AppData\Local\Temp\proxy_vole1059953832749879120.dll
C:\Users\C*****\AppData\Local\Temp\sqlite3.dll
C:\Users\C*****\AppData\Local\Temp\Synology-Cloud-Station-Upgrader.exe
C:\Users\C*****\AppData\Local\Temp\USBUnplugMonitor.exe
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\System32\corona.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-22 01:41
==================== Ende von Ergebnis ============================
Geändert von karaya13 (24.08.2015 um 11:58 Uhr) |
|
24.08.2015, 11:29
| #2 |
| /// the machine /// TB-Ausbilder    | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
24.08.2015, 11:59
| #3 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Da die Addition.txt zu lang für den ersten Thread war....
__________________hier: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-08-2015
durchgeführt von C***** (2015-08-24 10:17:20)
Gestartet von C:\Software\Systemtools\Scan Tools
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1697669310-943054665-3328125322-500 - Administrator - Disabled)
C***** (S-1-5-21-1697669310-943054665-3328125322-1000 - Administrator - Enabled) => C:\Users\C*****
Gast (S-1-5-21-1697669310-943054665-3328125322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1697669310-943054665-3328125322-1002 - Limited - Enabled)
XBMC (S-1-5-21-1697669310-943054665-3328125322-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acronis*Disk Director Suite (HKLM-x32\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2161 - Acronis)
Amazon Cloud Drive (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
Amazon Kindle (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Amazon Kindle) (Version: - Amazon)
ASF-AVI-RM-WMV Repair 1.82 (HKLM-x32\...\ASF-AVI-RM-WMV Repair_is1) (Version: - Repair Video, Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audials (HKLM-x32\...\{0E9EBAF3-67F8-430A-9852-D02E5F20031A}) (Version: 10.2.30900.0 - Audials AG)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.408 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
MergeModule_x64 (Version: 9.0.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
MyHarmony (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nuance Cloud Connector (HKLM-x32\...\{AB9D03EA-4365-4C03-89B9-F77F798102D3}) (Version: 3.2.912 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM-x32\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O DiskRecovery (HKLM-x32\...\{53480880-18E0-4097-A460-F22DD3AC6D70}) (Version: 4.0.1231 - O&O Software GmbH)
Oracle VM VirtualBox 4.3.30 (HKLM\...\{5E7BEDD4-397D-4537-A290-AB012A45D771}) (Version: 4.3.30 - Oracle Corporation)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.01.06011 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.3.01 - Sony Corporation) Hidden
PTBSync (Atomuhr Synchronisation & Terminkalender) (HKLM-x32\...\PTBSync) (Version: 5.8 - ElmueSoft)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Synology Cloud Station (HKLM-x32\...\{DB4EE1F5-EAAC-44AF-A254-119C1866CCC4}) (Version: 3.2.3475 - Synology)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Transcend SSD Scope version 2.7.0.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 2.7.0.0 - Transcend Information, Inc.)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VirtualDub Plugin Pack 1.0.0.6 US (HKLM-x32\...\{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1) (Version: 1.0.0.6 - Trad-Fr)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
World of Tanks (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
==================== Wiederherstellungspunkte =========================
23-08-2015 10:51:28 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5E3E4C6D-95B2-453E-9162-2E485BC8193B} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {6AF00244-D8C5-4667-BBD1-F04E1706A15C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-03] ()
Task: {93145680-81B9-4CE0-ACDA-7A548850EAC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {9D9D8B8E-2C6D-4D7A-99D3-DB7E3CCD75B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {AD3E86A0-D71B-4DEC-8995-3641BFE7E398} - System32\Tasks\{BFDB4A09-ACFB-438F-99F4-8B617A05EA67} => pcalua.exe -a "I:\Download\System Tools\O_O_Programmbundle\10 O&O Programme + alle keygens\Datenrettung\O&O FormatRecovery v4.1.1146 German\OOFormatRecovery4Ger.exe" -d "I:\Download\System Tools\O_O_Programmbundle\10 O&O Programme + alle keygens\Datenrettung\O&O FormatRecovery v4.1.1146 German"
Task: {D1BACCF7-BFB8-4A9F-A815-E7B259F903E1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-24 22:08 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-18 22:13 - 2012-07-18 22:13 - 00222104 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2013-08-20 14:03 - 2011-03-02 12:40 - 00164864 _____ () D:\Portable\WinRARPortable\App\WinRAR-x64\rarext.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01047552 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2012-07-18 22:02 - 2012-07-18 22:02 - 00292760 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2012-07-18 22:02 - 2012-07-18 22:02 - 00079768 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2012-07-18 22:02 - 2012-07-18 22:02 - 00016280 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-03-30 20:14 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-21 20:59 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-21 20:59 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-23 10:35 - 2015-08-23 10:35 - 00098816 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32api.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00110080 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\pywintypes27.dll
2015-08-23 10:35 - 2015-08-23 10:35 - 00364544 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\pythoncom27.dll
2015-08-23 10:35 - 2015-08-23 10:35 - 00045568 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_socket.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 01161216 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_ssl.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00320512 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32com.shell.shell.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00713216 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_hashlib.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 01176576 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._core_.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00806400 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._gdi_.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00816128 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._windows_.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 01067008 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._controls_.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00733184 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._misc_.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00682496 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\pysqlite2._sqlite.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00087552 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_ctypes.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00119808 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32file.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00108544 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32security.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00007168 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\hashobjs_ext.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00068096 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\usb_ext.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00167936 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32gui.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00018432 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32event.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00128512 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_elementtree.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00127488 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\pyexpat.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00013824 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\common.time34.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00036864 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_psutil_windows.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00038912 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32inet.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00011264 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32crypt.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00077312 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._html2.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00027136 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_multiprocessing.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00020480 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\_yappi.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00035840 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32process.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00686080 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\unicodedata.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00123392 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._wizard.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00024064 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32pipe.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00010240 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\select.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00025600 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32pdh.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00525640 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\windows._lib_cacheinvalidation.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00017408 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32profile.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00022528 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\win32ts.pyd
2015-08-23 10:35 - 2015-08-23 10:35 - 00078848 _____ () C:\Users\C*****\AppData\Local\Temp\_MEI44082\wx._animate.pyd
2015-06-25 15:35 - 2015-06-25 15:35 - 00123918 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00524460 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00115214 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01026062 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 03095505 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01798570 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 21565192 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 02874155 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00712704 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00031744 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00046080 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00032768 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00516608 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00243200 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00431616 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00115214 _____ () C:\Users\C*****\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll
2015-08-23 10:51 - 2015-08-23 10:51 - 00008704 _____ () C:\Users\C*****\AppData\Local\Temp\nsr47CB.tmp\newadvsplash.dll
2015-08-23 10:52 - 2015-08-23 10:52 - 02593168 _____ () D:\Portable\JDownloader2\App\JDownloader2\tmp\7zip\SevenZipJBinding-N8q7X\lib7-Zip-JBinding.dll
2015-08-23 10:52 - 2015-08-23 10:52 - 00008704 _____ () C:\Users\C*****\AppData\Local\Temp\nsb19A8.tmp\newadvsplash.dll
2013-08-20 14:03 - 2011-03-02 12:40 - 00140288 _____ () D:\Portable\WinRARPortable\App\WinRAR-x64\rarext32.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Classes\.exe: => <===== ACHTUNG
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\C*****\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nuance Cloud Connector.lnk => C:\Windows\pss\Nuance Cloud Connector.lnk.CommonStartup
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{E49AD1A7-3823-4F0E-B065-019A84795342}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{26C9C7F6-6A14-427F-8C77-05909213D18A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{0CB9D0D7-C45C-45A8-B807-0037B5247599}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36EB54B6-F152-4A58-8318-232662C5F23B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{F80E2961-F6B1-4DD8-A022-9CED134B3D7D}D:\portable\firefoxportable\app\firefox\firefox.exe] => (Allow) D:\portable\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{2AC378F1-758E-4559-9B34-528CBA8327F4}D:\portable\firefoxportable\app\firefox\firefox.exe] => (Allow) D:\portable\firefoxportable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{B46EB605-CE45-442F-9AF7-BC1361D82BB7}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{87DB5F5D-C5D1-4B57-BFE0-92CCF9B22085}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{AB6A246D-3DFE-4F5F-BFD5-9BAAF424DD4D}] => (Allow) LPort=12972
FirewallRules: [{71CDFDB3-F902-431E-84A8-492C0650C989}] => (Allow) LPort=14714
FirewallRules: [{5C2B5BB1-5608-4EB8-9ACD-6D83D368EB13}] => (Allow) LPort=31931
FirewallRules: [{30AC2F49-C365-4856-88F9-DCE712CFB57C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{1B713F37-92F5-4FA6-8E48-8FA36D54D903}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{1B31A979-CBD4-4233-8E9E-3DDB32F44A13}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{11AA11D8-4490-4497-A060-2CF33414CAB7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{6099D8DD-68CF-424E-886D-85275C2A04C1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3E3A7A6B-AD4A-4D53-8443-1A7EB2F2D3C4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{413E2585-0A36-49CC-BFD0-151FC11CFD50}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{D1048808-F53D-4012-8DFD-0F6428F1F275}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{32D08204-BF60-4414-9613-2BB52399876A}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{A5C2180A-D169-4E90-AC13-A5B7546A078C}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{76D9223E-F141-4CC5-9F68-92F71AA166C5}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{A9302B2D-B4EE-45A6-8A00-B045342F91F8}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{40135B6D-6FDC-4F0F-B729-261BF5DDEEFD}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [TCP Query User{85E39A5B-AD45-4EFF-ABDC-B74F734DDED0}C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe] => (Allow) C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe
FirewallRules: [UDP Query User{D5074EE4-DB9E-403F-BF56-7696443B0221}C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe] => (Allow) C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe
FirewallRules: [TCP Query User{66C76EB5-5450-43C5-BC09-F5C244651691}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{86C1AD43-C70A-4FAF-8297-D89D7A492C00}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{AAEB4D38-3BA8-4AFC-B55A-3D3D656AE668}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{DE2CA6AE-90FB-4723-A2F7-652618014881}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{EAB123A1-7996-4CAF-A4D6-3ADA320231DA}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{7116B75C-BC80-4EED-B511-9E5E05245A46}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{2E41470D-2FC1-4FB0-A95B-79B4DB93E484}D:\portable\winampportable\app\winamp\winamp.exe] => (Allow) D:\portable\winampportable\app\winamp\winamp.exe
FirewallRules: [UDP Query User{9CF15C02-F53D-4912-AE30-61C160A1F042}D:\portable\winampportable\app\winamp\winamp.exe] => (Allow) D:\portable\winampportable\app\winamp\winamp.exe
FirewallRules: [TCP Query User{346A423F-C960-4B9E-9E9C-A75E4039C7BF}C:\users\C*****\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\C*****\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{CDFA7EA4-5629-49E0-810F-B433A5ABAEF0}C:\users\C*****\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\C*****\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6C144309-8A22-437C-B905-B6820E8D1FED}C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe] => (Allow) C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe
FirewallRules: [UDP Query User{562CBE1E-A0B2-4ECC-BEE8-ACBC64D087E2}C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe] => (Allow) C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe
FirewallRules: [{E79739DE-5A17-48E6-A4C9-0A469597349D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E3A94BFA-B865-4E7F-80AA-E53646DA241E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{99EBC06B-453E-471D-B0E2-F70014345FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F7CB1591-4D2B-4CAD-AC68-399A08DC4FA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51564EB2-D84B-4E50-A683-C685ADB79C64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F18579C-2042-4B97-B720-709EB453436F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [D:\Portable\CommonFiles\Java\bin\javaw.exe] => Enabled:Java(TM) Platform SE binary
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/23/2015 10:35:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 03:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 07:21:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 03:18:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 04:36:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2015 05:26:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 01:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVCPro.exe, Version: 5.8.3.0, Zeitstempel: 0x55cafced
Name des fehlerhaften Moduls: avcdrm.dll, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003624
ID des fehlerhaften Prozesses: 0x1fa8
Startzeit der fehlerhaften Anwendung: 0xAVCPro.exe0
Pfad der fehlerhaften Anwendung: AVCPro.exe1
Pfad des fehlerhaften Moduls: AVCPro.exe2
Berichtskennung: AVCPro.exe3
Error: (08/16/2015 01:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVCPro.exe, Version: 5.8.3.0, Zeitstempel: 0x55cafced
Name des fehlerhaften Moduls: avcdrm.dll, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003624
ID des fehlerhaften Prozesses: 0x2138
Startzeit der fehlerhaften Anwendung: 0xAVCPro.exe0
Pfad der fehlerhaften Anwendung: AVCPro.exe1
Pfad des fehlerhaften Moduls: AVCPro.exe2
Berichtskennung: AVCPro.exe3
Error: (08/16/2015 01:34:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AVCPro.exe, Version: 5.8.3.0, Zeitstempel: 0x55cafced
Name des fehlerhaften Moduls: avcdrm.dll, Version: 0.0.0.0, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00003624
ID des fehlerhaften Prozesses: 0x2208
Startzeit der fehlerhaften Anwendung: 0xAVCPro.exe0
Pfad der fehlerhaften Anwendung: AVCPro.exe1
Pfad des fehlerhaften Moduls: AVCPro.exe2
Berichtskennung: AVCPro.exe3
Error: (08/16/2015 01:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DivXEngine.exe, Version: 0.0.0.0, Zeitstempel: 0x515328cb
Name des fehlerhaften Moduls: MSVCR80.dll, Version: 8.0.50727.6195, Zeitstempel: 0x4dcddbf3
Ausnahmecode: 0x40000015
Fehleroffset: 0x000046b4
ID des fehlerhaften Prozesses: 0x238c
Startzeit der fehlerhaften Anwendung: 0xDivXEngine.exe0
Pfad der fehlerhaften Anwendung: DivXEngine.exe1
Pfad des fehlerhaften Moduls: DivXEngine.exe2
Berichtskennung: DivXEngine.exe3
Systemfehler:
=============
Error: (08/24/2015 04:27:24 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (08/23/2015 10:51:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (08/22/2015 12:14:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (08/21/2015 03:48:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (08/20/2015 07:19:13 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (08/20/2015 07:18:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2015 07:18:43 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2015 07:18:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/20/2015 07:18:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/20/2015 07:18:42 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SAMSUNG Mobile Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (08/23/2015 10:35:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/21/2015 03:30:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 07:21:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/20/2015 03:18:48 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/19/2015 04:36:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/18/2015 05:26:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/16/2015 01:40:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVCPro.exe5.8.3.055cafcedavcdrm.dll0.0.0.02a425e19c0000005000036241fa801d0d81861563f0bD:\Portable\VideoConverterPortable\App\VideoConverter\AVCPro.exeD:\Portable\VideoConverterPortable\App\VideoConverter\avcdrm.dlla0c4b46a-440b-11e5-bf56-002564f433af
Error: (08/16/2015 01:34:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVCPro.exe5.8.3.055cafcedavcdrm.dll0.0.0.02a425e19c000000500003624213801d0d8178a6a026bD:\Portable\VideoConverterPortable\App\VideoConverter\AVCPro.exeD:\Portable\VideoConverterPortable\App\VideoConverter\avcdrm.dllc83f824d-440a-11e5-bf56-002564f433af
Error: (08/16/2015 01:34:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: AVCPro.exe5.8.3.055cafcedavcdrm.dll0.0.0.02a425e19c000000500003624220801d0d81781317e0aD:\Portable\VideoConverterPortable\App\VideoConverter\AVCPro.exeD:\Portable\VideoConverterPortable\App\VideoConverter\avcdrm.dllc142c57c-440a-11e5-bf56-002564f433af
Error: (08/16/2015 01:29:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: DivXEngine.exe0.0.0.0515328cbMSVCR80.dll8.0.50727.61954dcddbf340000015000046b4238c01d0d816d4b97dedC:\Program Files (x86)\DivX\DivX Transcode Engine\DivXEngine.exeC:\Users\C*****\AppData\Local\Temp\SPOON\CACHE\0x9D813F8F3934F7BB\sxs\x86_Microsoft.VC80.CRT@8.0.50727.6195\MSVCR80.dll131baf7f-440a-11e5-bf56-002564f433af
CodeIntegrity:
===================================
Date: 2013-03-12 22:33:59.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.287
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.053
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:24:53.442
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:11:01.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:03:37.717
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:00:16.407
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 20:34:15.940
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 20439.12 MB
Verfügbarer physikalischer RAM: 14415.21 MB
Summe virtueller Speicher: 40876.44 MB
Verfügbarer virtueller Speicher: 35089.24 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1863.01 GB) (Free:1110.35 GB) NTFS
Drive d: (Toshiba 2 TB) (Fixed) (Total:1863.02 GB) (Free:434.13 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DADA4235)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 000BC058)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Ergebnis ============================
|
|
25.08.2015, 05:39
| #4 |
| /// the machine /// TB-Ausbilder | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.08.2015, 10:53
| #5 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Hallo, hier das Log, genau nach Deiner Anweisung erstellt: Code:
ATTFilter Combofix Logfile: |
|
26.08.2015, 06:40
| #6 |
| /// the machine /// TB-Ausbilder | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. |
|
26.08.2015, 18:33
| #7 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Hi Schrauber, hier das Log-File von Malwarebytes.... Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Protection, 26.08.2015 16:57:31, SYSTEM, KARAYAHOME, Protection, Malware Protection, Starting, Protection, 26.08.2015 16:57:31, SYSTEM, KARAYAHOME, Protection, Malware Protection, Started, Protection, 26.08.2015 16:57:31, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Starting, Protection, 26.08.2015 16:57:31, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Started, Protection, 26.08.2015 16:58:39, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Stopping, Protection, 26.08.2015 16:58:39, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Stopped, Protection, 26.08.2015 16:58:39, SYSTEM, KARAYAHOME, Protection, Malware Protection, Stopping, Protection, 26.08.2015 16:58:40, SYSTEM, KARAYAHOME, Protection, Malware Protection, Stopped, Protection, 26.08.2015 18:12:29, SYSTEM, KARAYAHOME, Protection, Malware Protection, Starting, Protection, 26.08.2015 18:12:29, SYSTEM, KARAYAHOME, Protection, Malware Protection, Started, Protection, 26.08.2015 18:12:29, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Starting, Protection, 26.08.2015 18:12:44, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Started, Error, 26.08.2015 18:13:38, SYSTEM, KARAYAHOME, Update, Bad md5 or size: akadomains, 11, Error, 26.08.2015 18:13:38, SYSTEM, KARAYAHOME, Update, Bad md5 or size: akaips, 11, Update, 26.08.2015 18:13:38, SYSTEM, KARAYAHOME, Manual, IP Database, 0.0.0.0, 2015.7.24.3, Update, 26.08.2015 18:13:38, SYSTEM, KARAYAHOME, Manual, Remediation Database, 2015.5.13.1, 2015.8.25.1, Update, 26.08.2015 18:13:38, SYSTEM, KARAYAHOME, Manual, Rootkit Database, 2015.6.2.1, 2015.8.16.1, Update, 26.08.2015 18:13:38, SYSTEM, KARAYAHOME, Manual, Domain Database, 0.0.0.0, 2015.7.24.2, Update, 26.08.2015 18:13:39, SYSTEM, KARAYAHOME, Manual, AKA Domain Database, 0.0.0.0, 2015.8.25.1, Update, 26.08.2015 18:13:39, SYSTEM, KARAYAHOME, Manual, AKA IP Database, 0.0.0.0, 2015.8.25.1, Update, 26.08.2015 18:13:47, SYSTEM, KARAYAHOME, Manual, Malware Database, 2015.6.3.3, 2015.8.26.6, Protection, 26.08.2015 18:13:47, SYSTEM, KARAYAHOME, Protection, Refresh, Starting, Protection, 26.08.2015 18:13:47, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Stopping, Protection, 26.08.2015 18:13:47, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Stopped, Protection, 26.08.2015 18:13:51, SYSTEM, KARAYAHOME, Protection, Refresh, Success, Protection, 26.08.2015 18:13:51, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Starting, Protection, 26.08.2015 18:13:53, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Started, Protection, 26.08.2015 18:15:56, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Stopping, Protection, 26.08.2015 18:15:57, SYSTEM, KARAYAHOME, Protection, Malicious Website Protection, Stopped, Protection, 26.08.2015 18:15:57, SYSTEM, KARAYAHOME, Protection, Malware Protection, Stopping, Protection, 26.08.2015 18:15:57, SYSTEM, KARAYAHOME, Protection, Malware Protection, Stopped, (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v5.003 - Bericht erstellt 26/08/2015 um 18:19:46
# Aktualisiert 20/08/2015 von Xplode
# Datenbank : 2015-08-25.1 [Server]
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (x64)
# Benutzername : Christian - KARAYAHOME
# Gestarted von : C:\Users\Christian\Desktop\AdwCleaner_5.003.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Ordner ] *****
Ordner Gefunden : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [694 Bytes] ##########
[/CODE] Jetzt noch JRT Log.... JRT Logfile: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Ultimate x64
Ran by Christian on 26.08.2015 at 18:23:14,04
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~ Chrome
Successfully deleted: [Folder] C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil
[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
elicpjhcidhpjomhibiffojpinpmmpil
[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Christian\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
dgpdioedihjhncjafcpgbbjdpbbkikmi,
elicpjhcidhpjomhibiffojpinpmmpil
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26.08.2015 at 18:25:47,84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Jetzt noch die FRST Logs.... FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015 02
durchgeführt von Christian (Administrator) auf KARAYAHOME (26-08-2015 18:28:44)
Gestartet von C:\Users\Christian\Desktop
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PTBSync] => C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [2013072 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe [333712 2012-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2670592 2015-06-01] (Sony Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SandboxieControl] => D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-05-15]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2015-04-01]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-07-18] (Gladinet, INC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.giga.de/androidnews/?utm_source=SDA&utm_medium=plugin&utm_campaign=april2015
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{17F07E1A-08F0-41C8-89BF-5D91B4E1D7ED}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-03-24]
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-24]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24]
CHR Extension: (uStart Notifier) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbdbbhnimnonpiopjkmekpmemfpbkbgp [2015-03-24]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-08-14]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-24]
CHR Extension: (APK Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (Autocomplete = on) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh [2015-03-24]
CHR Extension: (Google Calendar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-24]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-08-26]
CHR Extension: (Hola Better Internet Engine) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-24]
CHR Extension: (Foxtab Speed Dial) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2015-03-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-03-24]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-26]
CHR Extension: (Plex) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-03-24]
CHR Extension: (Video Downloader Super) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-03-24]
CHR Extension: (Cr!Box) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2015-03-24]
CHR Extension: (Zalmos SSL Web Proxy for Free) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn [2015-03-24]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2015-03-24]
CHR Extension: (Clearly) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-03-24]
CHR Extension: (Google Play) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-24]
CHR Extension: (DotVPN — better than VPN.) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2015-03-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Kein Name) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-08-21]
CHR Extension: (MyPermissions Cleaner) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2015-03-24]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-04]
CHR Extension: (Google Maps) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Save to Cloud Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojclbecnodddpjckkkcmamhlhpendahg [2015-03-24]
CHR Extension: (Print Edit) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2015-03-24]
CHR Extension: (chromeIPass) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2015-03-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-24]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AcronisOSSReinstallSvc; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2232296 2007-03-09] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
S2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29592 2012-07-18] (Gladinet, INC)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc.)
S2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-06-01] (Sony Corporation)
S2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft) [Datei ist nicht signiert]
S2 SbieSvc; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
S2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 SbieDrv; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-07-10] (Oracle Corporation)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2015-03-27] (OpenLibSys.org)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-26 18:28 - 2015-08-26 18:28 - 02186752 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2015-08-26 18:28 - 2015-08-26 18:28 - 00024121 _____ C:\Users\Christian\Desktop\FRST.txt
2015-08-26 18:28 - 2015-08-26 18:28 - 00000000 ____D C:\Users\Christian\Desktop\FRST-OlderVersion
2015-08-26 18:25 - 2015-08-26 18:25 - 00001596 _____ C:\Users\Christian\Desktop\JRT.txt
2015-08-26 18:22 - 2015-08-24 15:42 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Christian\Desktop\JRT.exe
2015-08-26 18:19 - 2015-08-20 19:15 - 01605632 _____ C:\Users\Christian\Desktop\AdwCleaner_5.003.exe
2015-08-26 16:57 - 2015-08-26 18:13 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-26 11:25 - 2015-08-26 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 11:25 - 2015-08-26 16:58 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-26 11:25 - 2015-08-26 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-26 11:25 - 2015-08-26 16:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-25 11:34 - 2015-08-25 11:50 - 00000000 ____D C:\Qoobox
2015-08-25 11:34 - 2015-08-25 11:49 - 00000000 ____D C:\Windows\erdnt
2015-08-25 11:34 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-25 11:34 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-25 11:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-24 10:16 - 2015-08-26 18:28 - 00000000 ____D C:\FRST
2015-08-24 10:15 - 2015-08-24 10:15 - 00000000 _____ C:\Users\Christian\defogger_reenable
2015-08-23 10:34 - 2015-08-26 18:12 - 00002660 _____ C:\Windows\PFRO.log
2015-08-21 23:43 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-08-21 23:41 - 2015-08-21 23:43 - 00001186 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2015-08-21 23:41 - 2015-08-21 23:43 - 00000049 _____ C:\Windows\SysWOW64\ScrRecX.log
2015-08-21 23:41 - 2015-08-21 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-21 23:41 - 2015-08-21 23:41 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-20 19:16 - 2015-08-26 18:19 - 00000000 ____D C:\AdwCleaner
2015-08-20 03:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 03:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:49 - 2015-08-18 17:49 - 00001200 _____ C:\Users\Christian\Desktop\MKVToolNix.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001581 _____ C:\Users\Christian\Desktop\DivXConverter.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001101 _____ C:\Users\Christian\Desktop\MusicBee.lnk
2015-08-18 17:26 - 2015-08-18 17:26 - 959871659 _____ C:\Windows\MEMORY.DMP
2015-08-18 17:26 - 2015-08-18 17:26 - 00313328 _____ C:\Windows\Minidump\081815-24710-01.dmp
2015-08-18 17:26 - 2015-08-18 17:26 - 00000000 ____D C:\Windows\Minidump
2015-08-16 13:25 - 2015-08-24 15:11 - 00005632 _____ C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-16 12:21 - 2015-08-16 12:21 - 00272928 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 19:02 - 2015-08-14 19:02 - 00000000 _____ C:\Windows\system32\corona.dll
2015-08-14 18:54 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-14 18:52 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-14 18:52 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Program Files\WMV9_VCM
2015-08-14 14:39 - 2015-08-14 14:39 - 00003814 _____ C:\Windows\System32\Tasks\klcp_update
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-08-14 12:19 - 2015-08-14 12:19 - 00000000 ____D C:\Users\Christian\AppData\Local\Spoon
2015-08-12 22:58 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:58 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 16:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 16:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 16:55 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 16:55 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 16:55 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 16:55 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 16:55 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 16:55 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 16:55 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 16:55 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 16:55 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 16:55 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 16:55 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 16:55 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 16:55 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 16:55 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 16:55 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 16:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 16:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 16:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 16:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 16:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 16:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 16:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 16:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 16:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 16:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 16:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 16:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 16:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 16:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 16:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 16:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 16:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 16:53 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 16:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 16:53 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 16:53 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 16:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 16:53 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-03 20:53 - 2015-08-03 20:53 - 00000000 ____D C:\Users\Christian\dwhelper
2015-08-02 12:06 - 2015-08-02 12:06 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-08-02 12:06 - 2015-08-02 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-08-02 12:06 - 2015-07-10 13:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-08-02 12:06 - 2015-07-10 13:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-07-31 18:21 - 2015-08-03 20:06 - 00000000 ____D C:\Users\Christian\VirtualBox VMs
2015-07-31 16:16 - 2015-07-31 16:16 - 00000000 ____D C:\$Windows.~WS
2015-07-30 17:23 - 2015-07-30 17:42 - 00000000 ____D C:\MP3
2015-07-30 17:23 - 2015-07-30 17:23 - 00000000 ____D C:\Musik Video
2015-07-30 14:06 - 2015-07-30 14:06 - 00001424 _____ C:\Users\Christian\Desktop\Mega USB Portable.lnk
2015-07-29 20:18 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:18 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-26 18:23 - 2015-05-01 11:56 - 00000000 ____D C:\ProgramData\TEMP
2015-08-26 18:22 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-26 18:22 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-26 18:17 - 2015-03-22 22:01 - 01393248 _____ C:\Windows\WindowsUpdate.log
2015-08-26 18:14 - 2015-04-01 15:47 - 00000000 ___RD C:\Users\Christian\Google Drive
2015-08-26 18:14 - 2015-03-27 23:22 - 00002122 _____ C:\Users\Christian\Documents\PTBSync-AutoExport-Christian.ini
2015-08-26 18:13 - 2015-03-24 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-26 18:12 - 2015-06-20 12:37 - 00014398 _____ C:\Windows\setupact.log
2015-08-26 18:12 - 2015-03-24 22:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-26 18:12 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-26 17:58 - 2015-03-24 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-26 12:32 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-26 11:09 - 2015-03-25 19:04 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5013158F-DA91-4D6A-B306-50202B614723}
2015-08-25 17:19 - 2015-03-25 23:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-08-25 11:50 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Apps\2.0
2015-08-25 11:50 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-25 11:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-25 11:23 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-25 11:23 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-25 11:23 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 11:48 - 2015-03-25 19:17 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mozilla
2015-08-24 10:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-24 10:15 - 2015-03-22 22:53 - 00000000 ____D C:\Users\Christian
2015-08-21 23:46 - 2015-03-22 22:53 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-08-21 20:59 - 2015-03-24 20:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 15:48 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2015-08-16 16:29 - 2015-04-01 15:45 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieUserList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieSiteList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieBrowserModeList
2015-08-16 13:40 - 2015-06-15 19:49 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AnvSoft
2015-08-14 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2015-08-14 18:54 - 2015-03-24 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-14 18:54 - 2015-03-24 22:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 18:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:55 - 2015-03-27 21:41 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:50 - 2013-03-12 22:48 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 16:24 - 2015-06-11 16:57 - 00000000 ____D C:\Users\Christian\.mediathek3
2015-08-10 18:13 - 2015-05-15 10:48 - 00000000 ____D C:\Users\Christian\AppData\Local\CloudStation
2015-08-09 13:47 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Deployment
2015-08-08 20:53 - 2015-05-02 14:17 - 00000000 ____D C:\Users\Christian\.VirtualBox
2015-08-07 13:06 - 2015-04-13 20:22 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2015-03-25 18:59 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 06:34 - 2015-03-24 22:08 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2015-03-24 22:08 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 20:18 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-03 20:57 - 2015-06-08 08:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Thunderbird
2015-08-03 12:12 - 2015-03-24 22:08 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-31 16:27 - 2010-06-20 21:25 - 00000000 ____D C:\Software
2015-07-31 16:22 - 2013-03-12 21:24 - 00000000 ____D C:\Windows\Panther
2015-07-31 16:17 - 2015-07-10 19:29 - 00000000 ____D C:\$Windows.~BT
2015-07-30 22:21 - 2015-06-11 11:32 - 00001120 _____ C:\Users\Public\Desktop\Avira.lnk
2015-07-30 22:21 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 22:20 - 2015-03-25 19:37 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-30 22:20 - 2015-03-25 19:37 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-29 19:57 - 2015-03-24 22:09 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-16 13:25 - 2015-08-24 15:11 - 0005632 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-01 11:37 - 2015-04-01 11:37 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\System32\corona.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-22 01:41
==================== Ende von FRST.txt ============================
und zuletzt noch die Addition.txt als Log..... FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
durchgeführt von Christian (2015-08-26 18:29:11)
Gestartet von C:\Users\Christian\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1697669310-943054665-3328125322-500 - Administrator - Disabled)
Christian (S-1-5-21-1697669310-943054665-3328125322-1000 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-1697669310-943054665-3328125322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1697669310-943054665-3328125322-1002 - Limited - Enabled)
XBMC (S-1-5-21-1697669310-943054665-3328125322-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acronis*Disk Director Suite (HKLM-x32\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2161 - Acronis)
Amazon Cloud Drive (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
Amazon Kindle (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Amazon Kindle) (Version: - Amazon)
ASF-AVI-RM-WMV Repair 1.82 (HKLM-x32\...\ASF-AVI-RM-WMV Repair_is1) (Version: - Repair Video, Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audials (HKLM-x32\...\{0E9EBAF3-67F8-430A-9852-D02E5F20031A}) (Version: 10.2.30900.0 - Audials AG)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MergeModule_x64 (Version: 9.0.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
MyHarmony (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nuance Cloud Connector (HKLM-x32\...\{AB9D03EA-4365-4C03-89B9-F77F798102D3}) (Version: 3.2.912 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM-x32\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O DiskRecovery (HKLM-x32\...\{53480880-18E0-4097-A460-F22DD3AC6D70}) (Version: 4.0.1231 - O&O Software GmbH)
Oracle VM VirtualBox 4.3.30 (HKLM\...\{5E7BEDD4-397D-4537-A290-AB012A45D771}) (Version: 4.3.30 - Oracle Corporation)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.01.06011 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.3.01 - Sony Corporation) Hidden
PTBSync (Atomuhr Synchronisation & Terminkalender) (HKLM-x32\...\PTBSync) (Version: 5.8 - ElmueSoft)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Synology Cloud Station (HKLM-x32\...\{DB4EE1F5-EAAC-44AF-A254-119C1866CCC4}) (Version: 3.2.3475 - Synology)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Transcend SSD Scope version 2.7.0.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 2.7.0.0 - Transcend Information, Inc.)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VirtualDub Plugin Pack 1.0.0.6 US (HKLM-x32\...\{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1) (Version: 1.0.0.6 - Trad-Fr)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
World of Tanks (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
==================== Wiederherstellungspunkte =========================
23-08-2015 10:51:28 Windows Update
24-08-2015 15:42:58 JRT Pre-Junkware Removal
26-08-2015 15:25:12 Windows Update
26-08-2015 18:23:18 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-08-25 11:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5E3E4C6D-95B2-453E-9162-2E485BC8193B} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {6AF00244-D8C5-4667-BBD1-F04E1706A15C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-03] ()
Task: {93145680-81B9-4CE0-ACDA-7A548850EAC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {9D9D8B8E-2C6D-4D7A-99D3-DB7E3CCD75B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {AD3E86A0-D71B-4DEC-8995-3641BFE7E398} - System32\Tasks\{BFDB4A09-ACFB-438F-99F4-8B617A05EA67} => pcalua.exe -a "I:\Download\System Tools\O_O_Programmbundle\10 O&O Programme + alle keygens\Datenrettung\O&O FormatRecovery v4.1.1146 German\OOFormatRecovery4Ger.exe" -d "I:\Download\System Tools\O_O_Programmbundle\10 O&O Programme + alle keygens\Datenrettung\O&O FormatRecovery v4.1.1146 German"
Task: {D1BACCF7-BFB8-4A9F-A815-E7B259F903E1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-08-20 14:03 - 2011-03-02 12:40 - 00164864 _____ () D:\Portable\WinRARPortable\App\WinRAR-x64\rarext.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01047552 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2015-08-21 20:59 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-21 20:59 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nuance Cloud Connector.lnk => C:\Windows\pss\Nuance Cloud Connector.lnk.CommonStartup
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{E49AD1A7-3823-4F0E-B065-019A84795342}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{26C9C7F6-6A14-427F-8C77-05909213D18A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{0CB9D0D7-C45C-45A8-B807-0037B5247599}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36EB54B6-F152-4A58-8318-232662C5F23B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{F80E2961-F6B1-4DD8-A022-9CED134B3D7D}D:\portable\firefoxportable\app\firefox\firefox.exe] => (Allow) D:\portable\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{2AC378F1-758E-4559-9B34-528CBA8327F4}D:\portable\firefoxportable\app\firefox\firefox.exe] => (Allow) D:\portable\firefoxportable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{B46EB605-CE45-442F-9AF7-BC1361D82BB7}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{87DB5F5D-C5D1-4B57-BFE0-92CCF9B22085}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{AB6A246D-3DFE-4F5F-BFD5-9BAAF424DD4D}] => (Allow) LPort=12972
FirewallRules: [{71CDFDB3-F902-431E-84A8-492C0650C989}] => (Allow) LPort=14714
FirewallRules: [{5C2B5BB1-5608-4EB8-9ACD-6D83D368EB13}] => (Allow) LPort=31931
FirewallRules: [{30AC2F49-C365-4856-88F9-DCE712CFB57C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{1B713F37-92F5-4FA6-8E48-8FA36D54D903}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{1B31A979-CBD4-4233-8E9E-3DDB32F44A13}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{11AA11D8-4490-4497-A060-2CF33414CAB7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{6099D8DD-68CF-424E-886D-85275C2A04C1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3E3A7A6B-AD4A-4D53-8443-1A7EB2F2D3C4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{413E2585-0A36-49CC-BFD0-151FC11CFD50}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{D1048808-F53D-4012-8DFD-0F6428F1F275}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{32D08204-BF60-4414-9613-2BB52399876A}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{A5C2180A-D169-4E90-AC13-A5B7546A078C}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{76D9223E-F141-4CC5-9F68-92F71AA166C5}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{A9302B2D-B4EE-45A6-8A00-B045342F91F8}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{40135B6D-6FDC-4F0F-B729-261BF5DDEEFD}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [TCP Query User{85E39A5B-AD45-4EFF-ABDC-B74F734DDED0}C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe] => (Allow) C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe
FirewallRules: [UDP Query User{D5074EE4-DB9E-403F-BF56-7696443B0221}C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe] => (Allow) C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe
FirewallRules: [TCP Query User{66C76EB5-5450-43C5-BC09-F5C244651691}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{86C1AD43-C70A-4FAF-8297-D89D7A492C00}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{AAEB4D38-3BA8-4AFC-B55A-3D3D656AE668}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{DE2CA6AE-90FB-4723-A2F7-652618014881}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{EAB123A1-7996-4CAF-A4D6-3ADA320231DA}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{7116B75C-BC80-4EED-B511-9E5E05245A46}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{2E41470D-2FC1-4FB0-A95B-79B4DB93E484}D:\portable\winampportable\app\winamp\winamp.exe] => (Allow) D:\portable\winampportable\app\winamp\winamp.exe
FirewallRules: [UDP Query User{9CF15C02-F53D-4912-AE30-61C160A1F042}D:\portable\winampportable\app\winamp\winamp.exe] => (Allow) D:\portable\winampportable\app\winamp\winamp.exe
FirewallRules: [TCP Query User{346A423F-C960-4B9E-9E9C-A75E4039C7BF}C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{CDFA7EA4-5629-49E0-810F-B433A5ABAEF0}C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6C144309-8A22-437C-B905-B6820E8D1FED}C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe] => (Allow) C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe
FirewallRules: [UDP Query User{562CBE1E-A0B2-4ECC-BEE8-ACBC64D087E2}C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe] => (Allow) C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe
FirewallRules: [{E79739DE-5A17-48E6-A4C9-0A469597349D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E3A94BFA-B865-4E7F-80AA-E53646DA241E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{99EBC06B-453E-471D-B0E2-F70014345FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F7CB1591-4D2B-4CAD-AC68-399A08DC4FA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51564EB2-D84B-4E50-A683-C685ADB79C64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F18579C-2042-4B97-B720-709EB453436F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [D:\Portable\CommonFiles\Java\bin\javaw.exe] => Enabled:Java(TM) Platform SE binary
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/26/2015 06:12:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/26/2015 04:12:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam-setup.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2a20
Startzeit: 01d0e0092ceb635c
Endzeit: 3
Anwendungspfad: C:\Users\CHRIST~1\AppData\Local\Temp\Anti-MalwarePortableTemp\is-FCT2B.tmp\mbam-setup.tmp
Berichts-ID:
Error: (08/26/2015 11:27:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.55.0, Zeitstempel: 0x557a2a02
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x424
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (08/26/2015 11:27:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam-setup.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b30
Startzeit: 01d0dfe122b249a7
Endzeit: 4
Anwendungspfad: C:\Users\CHRIST~1\AppData\Local\Temp\Anti-MalwarePortableTemp\is-V6DQC.tmp\mbam-setup.tmp
Berichts-ID:
Error: (08/26/2015 11:26:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbam.exe, Version: 2.3.55.0, Zeitstempel: 0x557a2a02
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x1844
Startzeit der fehlerhaften Anwendung: 0xmbam.exe0
Pfad der fehlerhaften Anwendung: mbam.exe1
Pfad des fehlerhaften Moduls: mbam.exe2
Berichtskennung: mbam.exe3
Error: (08/26/2015 11:00:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 11:44:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 11:01:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 11:00:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_stisvc, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc3c1
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0xa5c
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_stisvc0
Pfad der fehlerhaften Anwendung: svchost.exe_stisvc1
Pfad des fehlerhaften Moduls: svchost.exe_stisvc2
Berichtskennung: svchost.exe_stisvc3
Error: (08/24/2015 10:56:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Systemfehler:
=============
Error: (08/26/2015 06:23:54 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/26/2015 06:23:53 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CyberGhost 5 Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SAMSUNG Mobile Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Atomuhr Synchronisation" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PMBDeviceInfoProvider" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PDFProFiltSrv" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/26/2015 06:23:51 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (08/26/2015 06:12:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/26/2015 04:12:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam-setup.tmp51.52.0.02a2001d0e0092ceb635c3C:\Users\CHRIST~1\AppData\Local\Temp\Anti-MalwarePortableTemp\is-FCT2B.tmp\mbam-setup.tmp
Error: (08/26/2015 11:27:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe2.3.55.0557a2a02MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd42401d0dfe1782eee89C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllb5ebdcff-4bd4-11e5-8d6f-002564f433af
Error: (08/26/2015 11:27:41 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam-setup.tmp51.52.0.01b3001d0dfe122b249a74C:\Users\CHRIST~1\AppData\Local\Temp\Anti-MalwarePortableTemp\is-V6DQC.tmp\mbam-setup.tmp
Error: (08/26/2015 11:26:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe2.3.55.0557a2a02MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd184401d0dfe159eef565C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll982b27d8-4bd4-11e5-8d6f-002564f433af
Error: (08/26/2015 11:00:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 11:44:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 11:01:35 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 11:00:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_stisvc6.1.7600.163854a5bc3c1unknown0.0.0.000000000c00000050000000000000000a5c01d0de4b3c57cadfC:\Windows\system32\svchost.exeunknown87a310dc-4a3e-11e5-80ab-002564f433af
Error: (08/24/2015 10:56:03 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity:
===================================
Date: 2015-08-25 11:42:46.237
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-08-25 11:42:46.203
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-12 22:33:59.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.287
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.053
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:24:53.442
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:11:01.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:03:37.717
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 20439.12 MB
Verfügbarer physikalischer RAM: 17290.63 MB
Summe virtueller Speicher: 40876.44 MB
Verfügbarer virtueller Speicher: 37414.33 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1863.01 GB) (Free:1107.26 GB) NTFS
Drive d: (Toshiba 2 TB) (Fixed) (Total:1863.02 GB) (Free:440.42 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DADA4235)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 000BC058)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Ich hoffe, ich hab Deine Anweisungen richtig befolgt, und wir kommen damit dem Problem näher  Danke & Gruß Christian |
|
27.08.2015, 15:10
| #8 |
| /// the machine /// TB-Ausbilder | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Noch Kontrollscans ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.08.2015, 09:33
| #9 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Die Scans habe ich durchgeführt. Aber sollte beim Eset online Scan unter erweiterte Einstellungen nicht auch bei - entdeckte Bedrohungen enfernen und bei - auf potenziell unsichere Anwendungen prüfen auch ein Hacken gesetzt werden ? Ich hab's jetzt erst mal nach Deinen Einstellungen gemacht. Hier das Log: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1d22714877dd084091530df90598f137
# end=init
# utc_time=2015-08-27 03:11:36
# local_time=2015-08-27 05:11:36 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25478
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1d22714877dd084091530df90598f137
# end=updated
# utc_time=2015-08-27 03:14:23
# local_time=2015-08-27 05:14:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1d22714877dd084091530df90598f137
# engine=25478
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-08-27 10:09:52
# local_time=2015-08-28 12:09:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 12807450 192343242 0 0
# scanned=1114907
# found=44
# cleaned=0
# scan_time=24929
sh=B2C94FB26EC6527D2E849503E5F9B63D6271C00C ft=1 fh=f2687ec86a6cd638 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\PTBSync - CHIP-Installer.exe"
sh=ADC3923DDCB497AF062FC3C2462D8B1D1A08BC69 ft=1 fh=0eeccbee65b6572c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Brenner & Drucker & Scanner\Virtual CloneDrive - CHIP-Installer.exe"
sh=C6B39949C5A3AA993883706EAA6A9AC2F9C4ECFE ft=0 fh=0000000000000000 vn="Win32/DriverGenius.A evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Driver Genius 12\Driver.Genius.v12.0.0.1211-crk-REPT-HAPPY.XMAS-Genial78\Driver.Genius.v12.0.0.1211-crk-REPACK-REPT-HAPPY.XMAS.zip"
sh=A26589E95931B8AAE7B3246522920C226C28A958 ft=1 fh=5f6f10f1ac1ce92b vn="Win32/SoftonicDownloader.D evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Internet\Jdownloader-portable.exe"
sh=5E978A72A159CCB6C142B7AD491393E9A90C2B82 ft=1 fh=5f1201ba56862c6e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Internet\MediathekView - CHIP-Installer.exe"
sh=1EE4E207640FE17FDE98D2D310627FEB3B7F60B7 ft=1 fh=bf09fcbaf3b8a6bb vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Internet\StreamTransport - CHIP-Installer.exe"
sh=8BABD7C473AF495CDB90ED9E755447DE6C2B2E3B ft=1 fh=3addc6cab1865469 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\MP3\Audials One - CHIP-Installer Version 12.0.63100.exe"
sh=3279CC8A6CC02E5A2F6FA95FAFB31D0CEB341052 ft=1 fh=f4f7a674e4023b9c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Samsung S4 mini\Odin3 - CHIP-Installer.exe"
sh=D58509350A7B0858D6FE790777A432EF5BD2D062 ft=1 fh=2b20e75cfce94b71 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Systemtools\HP USB Disk Storage Format Tool - CHIP-Installer.exe"
sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Systemtools\Unlocker1.9.2.exe"
sh=DD96273DC804DB946A99E1E6AC27680184D41EDA ft=1 fh=a8cc88795654b083 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Systemtools\VirtualBox\VirtualBox Extension Pack - CHIP-Installer.exe"
sh=E3C3C648F3783E1918A71EE73561B6DFD9E0C6FF ft=1 fh=031add60de2b5a8f vn="Variante von Win32/Hao123.A evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Video\FormatFactorySetup3.5.0.0.exe"
sh=5826CF918CC573ECC7010F8BAB4C1DA5466967B5 ft=1 fh=abec4a2065ef10a0 vn="Variante von Win32/Vittalia.J evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Video\installer_ac3_acm_decompressor_2_1_Deutsch.exe"
sh=90C0EE05E2159BC1A5EBB3538309CB9F16D83B5C ft=1 fh=9b0256072fca33b3 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Video\K Lite Mega Codec Pack - CHIP-Installer.exe"
sh=4E426D6FF7E02B9AAD9C21D3F699733B33EB661F ft=1 fh=7ece2f2cea3d52ea vn="Variante von Win32/Toolbar.Conduit.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Video\TS Doctor\bs_Cypheros_TS-Doctor 1.2.7.exe"
sh=C8EF57C4588FF30435DFEF526EB87E9CB2C15F36 ft=1 fh=de8d08a529a2492a vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Video\TS Doctor\TSDoctor_v1.2.29_TSA373BMO.exe"
sh=6EF633B9BF4CCF254CBB2F8DECB8899D243AAC51 ft=1 fh=3f3875e125c4d52a vn="Variante von Win32/Adware.RegistryNuke.A Anwendung" ac=I fn="C:\Software\Windows\AdvancedFix_Setup.exe"
sh=DE6DC13D1B36AAEA636209710FF254F0BAD7FD49 ft=1 fh=4983eb27b470fa45 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Windows\Magical Jelly Bean Keyfinder - CHIP-Installer.exe"
sh=864C2696AC5FFBAE1959693C465B82A0154B13A5 ft=1 fh=c94f2be1d0b16560 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Software\Windows\Windows 10 Final 64 Bit - CHIP-Installer.exe"
sh=075478ED256C74207FB1540F41BE4934B47D549B ft=1 fh=5a1a58d6a5023955 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Mediathek\streamtransport_chrome_setup1.1.6.2.exe"
sh=E18B5242B0C893DF09E34A9E89DE551503F31591 ft=1 fh=5a1a58d6d884f372 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Mediathek\Streamtransport IE10\streamtransport_setup.exe"
sh=BAB855A03BBEF2D44E46423595385BB778004956 ft=1 fh=025f03d1167777e3 vn="Win32/Packed.MultiPacker.A verdächtige Datei" ac=I fn="D:\Drivers\Driver Genius Pro Edition v10.0.0.712 (multi,portable).exe"
sh=2C6CDB11378C41B60F4DE3F3FDBA92C3D059DAEC ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2013-11-17 190002\Backup Files 2013-11-17 190002\Backup files 1.zip"
sh=EFB466779E5BCA487ED0B77398AE04567350D0BD ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2013-11-24 190001\Backup Files 2013-11-24 190001\Backup files 1.zip"
sh=16987EB5617B130F549A041CD4DEF970E333BDB9 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2013-12-29 190001\Backup Files 2013-12-29 190001\Backup files 1.zip"
sh=06EAD11FD594B5683190E4E8B9A1030117EF81C5 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-01-05 190002\Backup Files 2014-01-05 190002\Backup files 1.zip"
sh=6068EC38AB1D89D599266981B187F2CD84FFC264 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 1.zip"
sh=4D53B46B58C4D733044EC92A3511755DB32C47E5 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-02-23 190002\Backup Files 2014-02-23 190002\Backup files 1.zip"
sh=759E1694C92CB23BEF6573F37270EBFF837A35A7 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-03-23 190002\Backup Files 2014-03-23 190002\Backup files 1.zip"
sh=3CFA65730C4E4699BB642F8A2D5E024557C8A06F ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-04-27 190001\Backup Files 2014-04-27 190001\Backup files 1.zip"
sh=946D7FA13EA5FA792761CD49A057C5EE38759FE6 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-06-08 190004\Backup Files 2014-06-08 190004\Backup files 1.zip"
sh=B582EE7DB90BCEB030F4907028C18E35C5DF5499 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-07-13 190002\Backup Files 2014-07-13 190002\Backup files 1.zip"
sh=08FB04B4B74B8981098541177BB3982395F6E47E ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-03 190001\Backup files 1.zip"
sh=D76A0AA4AA405D639566A9694CC4A3948DD86208 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-31 190002\Backup files 1.zip"
sh=841E5D6CF00AAEC2A6148DD494BDBD9F6EECBD30 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-09-21 190001\Backup Files 2014-09-21 190001\Backup files 1.zip"
sh=E866BC9AECABBD790080EAF22B462C8934A5B486 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-10-12 190002\Backup Files 2014-10-12 190002\Backup files 1.zip"
sh=6316169086784DC2011DE6E99AB9FA963A697775 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-11-02 190002\Backup Files 2014-11-02 190002\Backup files 1.zip"
sh=C28650B9AA134FF483DA4E2B6C27A84ED945E5A9 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-11-23 190002\Backup Files 2014-11-23 190002\Backup files 1.zip"
sh=39C42580CA78F1152A4CE21D25F5496BBF1DFDA4 ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 1.zip"
sh=D864DAA19688D1D6B6AC6F52CF2B0ED2BA2A2F1C ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2015-01-04 190009\Backup Files 2015-01-04 190009\Backup files 1.zip"
sh=A1A53145BF7A2BDC5FBDF27A0B0469BE1E699EBB ft=0 fh=0000000000000000 vn="Win32/Adware.Synatix Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2015-01-25 190002\Backup Files 2015-01-25 190002\Backup files 1.zip"
sh=F67929C83BF321A57A3E11F870294562AEAD6882 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-15 190006\Backup files 1.zip"
sh=5E1D47453EDC39113184A98EC21294EE3BE48F1E ft=0 fh=0000000000000000 vn="JS/Adware.Steganos.A Anwendung" ac=I fn="D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-22 190002\Backup files 1.zip"
sh=AFE0594655D8717F878B6E9CCFDE5CC423755277 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\KARAYAHOME\Backup Set 2015-03-01 190002\Backup Files 2015-03-01 190002\Backup files 1.zip"
Code:
ATTFilter Results of screen317's Security Check version 1.006
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 45
Java version 32-bit out of Date!
Google Chrome (44.0.2403.155)
Google Chrome (44.0.2403.157)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015 02
durchgeführt von Christian (Administrator) auf KARAYAHOME (28-08-2015 10:16:33)
Gestartet von C:\Users\Christian\Desktop
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sandboxie Holdings, LLC) D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Portable\PortableGoogleChrome\Chrome\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synology Inc.) C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synology Inc.) C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Marek Jasinski & contributors) D:\Portable\FreeCommanderPortable\FreeCommanderPortable.exe
(Marek Jasinski - www.FreeCommander.com) D:\Portable\FreeCommanderPortable\App\FreeCommander\FreeCommander.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PTBSync] => C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [2013072 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe [333712 2012-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2670592 2015-06-01] (Sony Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SandboxieControl] => D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [1684EF12A97A65C711186DE8DC6C33B8584808BE._service_run] => D:\Portable\PortableGoogleChrome\Chrome\chrome.exe [854344 2014-10-10] (Google Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-05-15]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2015-04-01]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-07-18] (Gladinet, INC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.giga.de/androidnews/?utm_source=SDA&utm_medium=plugin&utm_campaign=april2015
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{17F07E1A-08F0-41C8-89BF-5D91B4E1D7ED}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-03-24]
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-24]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24]
CHR Extension: (uStart Notifier) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbdbbhnimnonpiopjkmekpmemfpbkbgp [2015-03-24]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-08-14]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-24]
CHR Extension: (APK Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (Autocomplete = on) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh [2015-03-24]
CHR Extension: (Google Calendar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-24]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-08-26]
CHR Extension: (Hola Better Internet Engine) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-24]
CHR Extension: (Foxtab Speed Dial) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2015-03-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-03-24]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-26]
CHR Extension: (Plex) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-03-24]
CHR Extension: (Video Downloader Super) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-03-24]
CHR Extension: (Cr!Box) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2015-03-24]
CHR Extension: (Zalmos SSL Web Proxy for Free) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn [2015-03-24]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2015-03-24]
CHR Extension: (Clearly) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-03-24]
CHR Extension: (Google Play) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-24]
CHR Extension: (DotVPN — better than VPN.) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2015-03-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Kein Name) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-08-21]
CHR Extension: (MyPermissions Cleaner) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2015-03-24]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-04]
CHR Extension: (Google Maps) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Save to Cloud Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojclbecnodddpjckkkcmamhlhpendahg [2015-03-24]
CHR Extension: (Print Edit) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2015-03-24]
CHR Extension: (chromeIPass) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2015-03-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-24]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AcronisOSSReinstallSvc; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2232296 2007-03-09] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29592 2012-07-18] (Gladinet, INC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-06-01] (Sony Corporation)
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft) [Datei ist nicht signiert]
R2 SbieSvc; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 SbieDrv; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-07-10] (Oracle Corporation)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2015-03-27] (OpenLibSys.org)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-28 10:16 - 2015-08-28 10:16 - 00028348 _____ C:\Users\Christian\Desktop\FRST.txt
2015-08-28 09:51 - 2015-08-27 19:54 - 00852684 _____ C:\Users\Christian\Desktop\SecurityCheck.exe
2015-08-27 20:29 - 2015-08-27 20:29 - 00001468 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2015-08-27 20:29 - 2015-08-27 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-08-27 20:28 - 2015-08-27 20:29 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2015-08-27 17:11 - 2015-08-27 17:11 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-26 18:28 - 2015-08-26 18:28 - 02186752 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2015-08-26 18:22 - 2015-08-24 15:42 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Christian\Desktop\JRT.exe
2015-08-26 18:19 - 2015-08-20 19:15 - 01605632 _____ C:\Users\Christian\Desktop\AdwCleaner_5.003.exe
2015-08-26 16:57 - 2015-08-26 18:13 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-26 11:25 - 2015-08-26 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 11:25 - 2015-08-26 16:58 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-26 11:25 - 2015-08-26 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-26 11:25 - 2015-08-26 16:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-25 11:34 - 2015-08-25 11:50 - 00000000 ____D C:\Qoobox
2015-08-25 11:34 - 2015-08-25 11:49 - 00000000 ____D C:\Windows\erdnt
2015-08-25 11:34 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-25 11:34 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-25 11:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-24 10:16 - 2015-08-28 10:16 - 00000000 ____D C:\FRST
2015-08-24 10:15 - 2015-08-24 10:15 - 00000000 _____ C:\Users\Christian\defogger_reenable
2015-08-23 10:34 - 2015-08-26 18:12 - 00002660 _____ C:\Windows\PFRO.log
2015-08-22 20:20 - 2015-08-22 20:20 - 00970912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120.dll
2015-08-22 20:20 - 2015-08-22 20:20 - 00455328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120.dll
2015-08-22 20:20 - 2015-08-22 20:20 - 00247984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib120.dll
2015-08-21 23:43 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-08-21 23:41 - 2015-08-21 23:43 - 00001186 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2015-08-21 23:41 - 2015-08-21 23:43 - 00000049 _____ C:\Windows\SysWOW64\ScrRecX.log
2015-08-21 23:41 - 2015-08-21 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-21 23:41 - 2015-08-21 23:41 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-20 19:16 - 2015-08-26 18:19 - 00000000 ____D C:\AdwCleaner
2015-08-20 03:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 03:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:49 - 2015-08-18 17:49 - 00001200 _____ C:\Users\Christian\Desktop\MKVToolNix.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001581 _____ C:\Users\Christian\Desktop\DivXConverter.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001101 _____ C:\Users\Christian\Desktop\MusicBee.lnk
2015-08-18 17:26 - 2015-08-18 17:26 - 959871659 _____ C:\Windows\MEMORY.DMP
2015-08-18 17:26 - 2015-08-18 17:26 - 00313328 _____ C:\Windows\Minidump\081815-24710-01.dmp
2015-08-18 17:26 - 2015-08-18 17:26 - 00000000 ____D C:\Windows\Minidump
2015-08-16 13:25 - 2015-08-24 15:11 - 00005632 _____ C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-16 12:21 - 2015-08-28 09:30 - 00333648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 19:02 - 2015-08-14 19:02 - 00000000 _____ C:\Windows\system32\corona.dll
2015-08-14 18:54 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-14 18:52 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-14 18:52 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Program Files\WMV9_VCM
2015-08-14 14:39 - 2015-08-14 14:39 - 00003814 _____ C:\Windows\System32\Tasks\klcp_update
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-08-14 12:19 - 2015-08-14 12:19 - 00000000 ____D C:\Users\Christian\AppData\Local\Spoon
2015-08-12 22:58 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:58 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 16:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 16:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 16:55 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 16:55 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 16:55 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 16:55 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 16:55 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 16:55 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 16:55 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 16:55 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 16:55 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 16:55 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 16:55 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 16:55 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 16:55 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 16:55 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 16:55 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 16:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 16:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 16:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 16:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 16:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 16:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 16:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 16:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 16:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 16:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 16:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 16:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 16:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 16:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 16:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 16:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 16:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 16:53 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 16:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 16:53 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 16:53 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 16:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 16:53 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-03 20:53 - 2015-08-03 20:53 - 00000000 ____D C:\Users\Christian\dwhelper
2015-08-02 12:06 - 2015-08-02 12:06 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-08-02 12:06 - 2015-08-02 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-08-02 12:06 - 2015-07-10 13:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-08-02 12:06 - 2015-07-10 13:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-07-31 18:21 - 2015-08-03 20:06 - 00000000 ____D C:\Users\Christian\VirtualBox VMs
2015-07-31 16:16 - 2015-07-31 16:16 - 00000000 ____D C:\$Windows.~WS
2015-07-30 17:23 - 2015-07-30 17:42 - 00000000 ____D C:\MP3
2015-07-30 17:23 - 2015-07-30 17:23 - 00000000 ____D C:\Musik Video
2015-07-30 14:06 - 2015-07-30 14:06 - 00001424 _____ C:\Users\Christian\Desktop\Mega USB Portable.lnk
2015-07-29 20:18 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:18 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-28 10:16 - 2015-05-01 11:56 - 00000000 ____D C:\ProgramData\TEMP
2015-08-28 09:58 - 2015-03-24 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 09:51 - 2015-03-22 22:01 - 01676969 _____ C:\Windows\WindowsUpdate.log
2015-08-28 09:46 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-28 09:46 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-28 09:36 - 2015-03-24 20:28 - 00075160 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-28 09:35 - 2015-04-01 15:47 - 00000000 ___RD C:\Users\Christian\Google Drive
2015-08-28 09:35 - 2015-03-27 23:22 - 00002122 _____ C:\Users\Christian\Documents\PTBSync-AutoExport-Christian.ini
2015-08-28 09:32 - 2015-03-24 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 09:31 - 2015-06-20 12:37 - 00014734 _____ C:\Windows\setupact.log
2015-08-28 09:31 - 2015-03-24 22:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-28 09:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-27 20:29 - 2015-03-25 23:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-08-27 12:55 - 2013-03-12 21:24 - 00000000 ____D C:\Windows\Panther
2015-08-27 12:51 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 11:50 - 2015-03-25 19:04 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5013158F-DA91-4D6A-B306-50202B614723}
2015-08-26 12:32 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-25 11:50 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Apps\2.0
2015-08-25 11:50 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-25 11:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-25 11:23 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-25 11:23 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-25 11:23 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 11:48 - 2015-03-25 19:17 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mozilla
2015-08-24 10:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-24 10:15 - 2015-03-22 22:53 - 00000000 ____D C:\Users\Christian
2015-08-21 23:46 - 2015-03-22 22:53 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-08-21 20:59 - 2015-03-24 20:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 15:48 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2015-08-16 16:29 - 2015-04-01 15:45 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieUserList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieSiteList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieBrowserModeList
2015-08-16 13:40 - 2015-06-15 19:49 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AnvSoft
2015-08-14 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2015-08-14 18:54 - 2015-03-24 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-14 18:54 - 2015-03-24 22:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 18:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:55 - 2015-03-27 21:41 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:50 - 2013-03-12 22:48 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 16:24 - 2015-06-11 16:57 - 00000000 ____D C:\Users\Christian\.mediathek3
2015-08-10 18:13 - 2015-05-15 10:48 - 00000000 ____D C:\Users\Christian\AppData\Local\CloudStation
2015-08-09 13:47 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Deployment
2015-08-08 20:53 - 2015-05-02 14:17 - 00000000 ____D C:\Users\Christian\.VirtualBox
2015-08-07 13:06 - 2015-04-13 20:22 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2015-03-25 18:59 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 06:34 - 2015-03-24 22:08 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2015-03-24 22:08 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 20:18 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-03 20:57 - 2015-06-08 08:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Thunderbird
2015-08-03 12:12 - 2015-03-24 22:08 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-31 16:27 - 2010-06-20 21:25 - 00000000 ____D C:\Software
2015-07-30 22:21 - 2015-06-11 11:32 - 00001120 _____ C:\Users\Public\Desktop\Avira.lnk
2015-07-30 22:21 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 22:20 - 2015-03-25 19:37 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-30 22:20 - 2015-03-25 19:37 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-29 19:57 - 2015-03-24 22:09 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-16 13:25 - 2015-08-24 15:11 - 0005632 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-01 11:37 - 2015-04-01 11:37 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\proxy_vole2698356262695805402.dll
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\System32\corona.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-22 01:41
==================== Ende von FRST.txt ============================
|
|
28.08.2015, 09:35
| #10 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Und zum Schluß natürlich noch die beiden FRST Logs: FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015 02
durchgeführt von Christian (Administrator) auf KARAYAHOME (28-08-2015 10:16:33)
Gestartet von C:\Users\Christian\Desktop
Geladene Profile: Christian (Verfügbare Profile: Christian)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sandboxie Holdings, LLC) D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Sandboxie Holdings, LLC) D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) D:\Portable\PortableGoogleChrome\Chrome\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(ElmüSoft) C:\Program Files (x86)\PTBSync\PTBSync.exe
(Hewlett-Packard) C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 8\PdfPro8Hook.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Synology Inc.) C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\cloud-ui.exe
(Synology Inc.) C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\cloud-connect.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Synology Inc.) C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\cloud-daemon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Marek Jasinski & contributors) D:\Portable\FreeCommanderPortable\FreeCommanderPortable.exe
(Marek Jasinski - www.FreeCommander.com) D:\Portable\FreeCommanderPortable\App\FreeCommander\FreeCommander.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [PTBSync] => C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2068856 2011-10-12] (Flexera Software LLC.)
HKLM-x32\...\Run: [PDF8 Registry Controller] => C:\Program Files (x86)\Nuance\PDF Professional 8\RegistryController.exe [178576 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 8\pdfpro8hook.exe [2013072 2012-10-23] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe [333712 2012-10-11] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [2670592 2015-06-01] (Sony Corporation)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe [134368 2015-07-02] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SandboxieControl] => D:\Portable\SandboxiePortable\App\Sandboxie64\SbieCtrl.exe [784392 2014-05-29] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22344224 2015-07-29] (Google)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [GoogleChromeAutoLaunch_F95133299531DA24C7CB703BC8432DCE] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-18] (Google Inc.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Run: [1684EF12A97A65C711186DE8DC6C33B8584808BE._service_run] => D:\Portable\PortableGoogleChrome\Chrome\chrome.exe [854344 2014-10-10] (Google Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Synology Cloud Station.lnk [2015-05-15]
ShortcutTarget: Synology Cloud Station.lnk -> C:\Program Files (x86)\Synology\CloudStation\bin\launcher.exe (Synology Inc.)
Startup: C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk [2015-04-01]
ShortcutTarget: Tintenwarnungen überwachen - HP Officejet Pro 8600 (Netzwerk).lnk -> C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2015-07-29] (Google)
ShellIconOverlayIdentifiers: [01UnsuppModule] -> {AEB16659-2125-4ADA-A4AB-45EE21E86469} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [02SyncingModule] -> {48AB5ADA-36B1-4137-99C9-2BD97F8788AB} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [03SyncedModule] -> {472CE1AD-5D53-4BCF-A1FB-3982A5F55138} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [04ReadOnlyModule] -> {A433C3E0-8B24-40EB-93C3-4B10D9959F58} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [05NoPermModule] -> {C701AD67-3DF0-47C9-89CB-DFA6207BE229} => C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll [2015-06-25] (TODO: <Company name>)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-07-18] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-07-18] (Gladinet, INC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.giga.de/androidnews/?utm_source=SDA&utm_medium=plugin&utm_campaign=april2015
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-18] (Oracle Corporation)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-18] (Oracle Corporation)
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\SysWOW64\mscoree.dll [2010-11-21] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{17F07E1A-08F0-41C8-89BF-5D91B4E1D7ED}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-18] (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 8\bin\nppdf.dll [2012-07-31] (Zeon Corporation)
Chrome:
=======
CHR Profile: C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2015-03-24]
CHR Extension: (Google Slides) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-24]
CHR Extension: (Google Docs) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-24]
CHR Extension: (Google Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-24]
CHR Extension: (uStart Notifier) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbdbbhnimnonpiopjkmekpmemfpbkbgp [2015-03-24]
CHR Extension: (Video AdBlock for Chrome) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bknbnapaddjdnbilpmlacdkjdkjmbjhd [2015-08-14]
CHR Extension: (YouTube) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-24]
CHR Extension: (Adblock Plus) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-03-24]
CHR Extension: (APK Downloader) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgihflhdpokeobcfimliamffejfnmfii [2015-03-24]
CHR Extension: (Google Search) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-24]
CHR Extension: (Autocomplete = on) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecpgkdflcnofdbbkiggklcfmgbnbabhh [2015-03-24]
CHR Extension: (Google Calendar) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2015-03-24]
CHR Extension: (Video Downloader professional) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\elicpjhcidhpjomhibiffojpinpmmpil [2015-08-26]
CHR Extension: (Hola Better Internet Engine) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\epbfmioobedknooiakdehepogalbgkng [2015-03-24]
CHR Extension: (Foxtab Speed Dial) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fcoecifcadmambfikillppkoafmgachp [2015-03-24]
CHR Extension: (ZenMate Security, Privacy & Unblock VPN) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-03-24]
CHR Extension: (Google Sheets) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-24]
CHR Extension: (Avira Browser Safety) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-03-26]
CHR Extension: (Plex) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpniocchabmgenibceglhnfeimmdhdfm [2015-03-24]
CHR Extension: (Video Downloader Super) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghciphhakbampjemlfbahnhhaemoeolf [2015-03-24]
CHR Extension: (Cr!Box) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjodchcocbnbhfkjeapbdoflbiibnapp [2015-03-24]
CHR Extension: (Zalmos SSL Web Proxy for Free) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idefjamndcpplnamdlbodoebjgkpdmpn [2015-03-24]
CHR Extension: (EverSync - Sync bookmarks, backup favorites) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iohcojnlgnfbmjfjfkbhahhmppcggdog [2015-03-24]
CHR Extension: (Clearly) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2015-03-24]
CHR Extension: (Google Play) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-03-24]
CHR Extension: (DotVPN — better than VPN.) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpiecbcckbofpmkkkdibbllpinceiihk [2015-03-24]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-24]
CHR Extension: (Kein Name) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfmhcpmkbdkbgbmkjoiopeeegenkdikp [2015-08-21]
CHR Extension: (MyPermissions Cleaner) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\liiikhhbkpmpomjmdofandjmdgapiahi [2015-03-24]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2015-03-24]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-04-04]
CHR Extension: (Google Maps) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2015-03-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-24]
CHR Extension: (Save to Cloud Drive) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojclbecnodddpjckkkcmamhlhpendahg [2015-03-24]
CHR Extension: (Print Edit) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnblpmehglpcallpnbgmikjblmkopia [2015-03-24]
CHR Extension: (chromeIPass) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae [2015-03-24]
CHR Extension: (Evernote Web Clipper) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2015-03-24]
CHR Extension: (Gmail) - C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1697669310-943054665-3328125322-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [bknbnapaddjdnbilpmlacdkjdkjmbjhd] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AcronisOSSReinstallSvc; C:\Program Files (x86)\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2232296 2007-03-09] () [Datei ist nicht signiert]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [887128 2015-07-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [218816 2015-07-02] (Avira Operations GmbH & Co. KG)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64616 2014-11-03] (CyberGhost S.R.L)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29592 2012-07-18] (Gladinet, INC)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [89840 2015-03-28] (Hewlett-Packard Company)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
R2 PDFProFiltSrv; C:\Program Files (x86)\Nuance\PDF Professional 8\PDFProFiltSrv.exe [135056 2012-10-23] (Nuance Communications, Inc.)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [494592 2015-06-01] (Sony Corporation)
R2 PTBSync; C:\Program Files (x86)\PTBSync\PTBSync.exe [1586688 2015-03-27] (ElmüSoft) [Datei ist nicht signiert]
R2 SbieSvc; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162528 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-17] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2013-07-23] (RapidSolution Software AG)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
R3 SbieDrv; D:\Portable\SandboxiePortable\App\Sandboxie64\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [115208 2015-07-10] (Oracle Corporation)
R2 WinRing0_1_2_0; C:\Windows\system32\Drivers\ptbring0.sys [14544 2015-03-27] (OpenLibSys.org)
S3 athr; system32\DRIVERS\athrx.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-28 10:16 - 2015-08-28 10:16 - 00028348 _____ C:\Users\Christian\Desktop\FRST.txt
2015-08-28 09:51 - 2015-08-27 19:54 - 00852684 _____ C:\Users\Christian\Desktop\SecurityCheck.exe
2015-08-27 20:29 - 2015-08-27 20:29 - 00001468 _____ C:\Users\Public\Desktop\LibreOffice 5.0.lnk
2015-08-27 20:29 - 2015-08-27 20:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-08-27 20:28 - 2015-08-27 20:29 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2015-08-27 17:11 - 2015-08-27 17:11 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-26 18:28 - 2015-08-26 18:28 - 02186752 _____ (Farbar) C:\Users\Christian\Desktop\FRST64.exe
2015-08-26 18:22 - 2015-08-24 15:42 - 01798576 _____ (Malwarebytes Corporation) C:\Users\Christian\Desktop\JRT.exe
2015-08-26 18:19 - 2015-08-20 19:15 - 01605632 _____ C:\Users\Christian\Desktop\AdwCleaner_5.003.exe
2015-08-26 16:57 - 2015-08-26 18:13 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-26 16:57 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-26 11:25 - 2015-08-26 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 11:25 - 2015-08-26 16:58 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-26 11:25 - 2015-08-26 16:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-26 11:25 - 2015-08-26 16:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-25 11:34 - 2015-08-25 11:50 - 00000000 ____D C:\Qoobox
2015-08-25 11:34 - 2015-08-25 11:49 - 00000000 ____D C:\Windows\erdnt
2015-08-25 11:34 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-25 11:34 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-25 11:34 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-25 11:34 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-24 10:16 - 2015-08-28 10:16 - 00000000 ____D C:\FRST
2015-08-24 10:15 - 2015-08-24 10:15 - 00000000 _____ C:\Users\Christian\defogger_reenable
2015-08-23 10:34 - 2015-08-26 18:12 - 00002660 _____ C:\Windows\PFRO.log
2015-08-22 20:20 - 2015-08-22 20:20 - 00970912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120.dll
2015-08-22 20:20 - 2015-08-22 20:20 - 00455328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120.dll
2015-08-22 20:20 - 2015-08-22 20:20 - 00247984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vccorlib120.dll
2015-08-21 23:43 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\Windows\SysWOW64\fmcodec.DLL
2015-08-21 23:41 - 2015-08-21 23:43 - 00001186 _____ C:\Users\Public\Desktop\aTube Catcher.lnk
2015-08-21 23:41 - 2015-08-21 23:43 - 00000049 _____ C:\Windows\SysWOW64\ScrRecX.log
2015-08-21 23:41 - 2015-08-21 23:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aTube Catcher
2015-08-21 23:41 - 2015-08-21 23:41 - 00000000 ____D C:\Program Files (x86)\DsNET Corp
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-21 16:36 - 2015-08-21 16:36 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2015-08-20 19:16 - 2015-08-26 18:19 - 00000000 ____D C:\AdwCleaner
2015-08-20 03:00 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 03:00 - 2015-08-11 03:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:00 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-18 17:49 - 2015-08-18 17:49 - 00001200 _____ C:\Users\Christian\Desktop\MKVToolNix.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001581 _____ C:\Users\Christian\Desktop\DivXConverter.lnk
2015-08-18 17:48 - 2015-08-18 17:48 - 00001101 _____ C:\Users\Christian\Desktop\MusicBee.lnk
2015-08-18 17:26 - 2015-08-18 17:26 - 959871659 _____ C:\Windows\MEMORY.DMP
2015-08-18 17:26 - 2015-08-18 17:26 - 00313328 _____ C:\Windows\Minidump\081815-24710-01.dmp
2015-08-18 17:26 - 2015-08-18 17:26 - 00000000 ____D C:\Windows\Minidump
2015-08-16 13:25 - 2015-08-24 15:11 - 00005632 _____ C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-16 12:21 - 2015-08-28 09:30 - 00333648 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-14 19:02 - 2015-08-14 19:02 - 00000000 _____ C:\Windows\system32\corona.dll
2015-08-14 18:54 - 2015-08-07 06:22 - 00573048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-08-14 18:52 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-14 18:52 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01104440 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01063216 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 01059960 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00985208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00942688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00931448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00512720 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00421544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00408184 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00364152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00177088 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00155792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-08-14 18:52 - 2015-08-07 13:06 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WMV9 VCM
2015-08-14 15:10 - 2015-08-14 15:10 - 00000000 ____D C:\Program Files\WMV9_VCM
2015-08-14 14:39 - 2015-08-14 14:39 - 00003814 _____ C:\Windows\System32\Tasks\klcp_update
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2015-08-14 14:39 - 2015-08-14 14:39 - 00000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2015-08-14 12:19 - 2015-08-14 12:19 - 00000000 ____D C:\Users\Christian\AppData\Local\Spoon
2015-08-12 22:58 - 2015-07-30 15:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:58 - 2015-07-30 15:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 16:55 - 2015-07-28 22:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 16:55 - 2015-07-28 22:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 16:55 - 2015-07-28 22:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 16:55 - 2015-07-28 21:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 16:55 - 2015-07-21 02:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 16:55 - 2015-07-21 02:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 16:55 - 2015-07-16 22:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 16:55 - 2015-07-16 22:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 16:55 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 16:55 - 2015-07-16 22:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 16:55 - 2015-07-16 22:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 22:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 16:55 - 2015-07-16 22:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 16:55 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 22:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 22:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 16:55 - 2015-07-16 22:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 16:55 - 2015-07-16 22:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 22:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 16:55 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 16:55 - 2015-07-16 21:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 16:55 - 2015-07-16 21:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 16:55 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 16:55 - 2015-07-16 21:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 16:55 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 16:55 - 2015-07-16 21:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 16:55 - 2015-07-16 21:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 16:55 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 16:55 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 16:55 - 2015-07-16 21:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 16:55 - 2015-07-16 21:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 16:55 - 2015-07-16 21:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 16:55 - 2015-07-16 21:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 16:55 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 16:55 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 16:55 - 2015-07-16 21:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 16:55 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 16:55 - 2015-07-16 21:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 16:55 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 16:55 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 16:55 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 16:55 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 16:55 - 2015-07-15 20:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 20:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 16:55 - 2015-07-15 20:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 16:55 - 2015-07-15 20:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 16:55 - 2015-07-15 20:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 16:55 - 2015-07-15 20:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 20:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 16:55 - 2015-07-15 20:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 16:55 - 2015-07-15 20:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 16:55 - 2015-07-15 20:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 16:55 - 2015-07-15 20:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 20:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 16:55 - 2015-07-15 19:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 16:55 - 2015-07-15 19:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 16:55 - 2015-07-15 19:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 16:55 - 2015-07-15 19:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 16:55 - 2015-07-15 19:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 16:55 - 2015-07-15 19:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 16:55 - 2015-07-15 19:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 16:55 - 2015-07-15 19:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 16:55 - 2015-07-15 19:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 19:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 16:55 - 2015-07-15 18:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 16:55 - 2015-07-15 18:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 16:55 - 2015-07-15 18:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 16:55 - 2015-07-15 18:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 18:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 16:55 - 2015-07-15 05:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 16:53 - 2015-07-30 20:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 16:53 - 2015-07-30 19:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 16:53 - 2015-07-30 19:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 16:53 - 2015-07-30 18:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 16:53 - 2015-07-30 18:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 16:53 - 2015-07-30 18:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 16:53 - 2015-07-20 20:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 16:53 - 2015-07-20 20:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 16:53 - 2015-07-20 19:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 16:53 - 2015-07-20 19:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 05779456 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 16:53 - 2015-07-16 21:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 16:53 - 2015-07-15 05:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 16:53 - 2015-07-15 05:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 05:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 16:53 - 2015-07-15 04:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 16:53 - 2015-07-15 04:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 16:53 - 2015-07-10 19:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 16:53 - 2015-07-10 19:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 16:53 - 2015-07-09 19:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 16:53 - 2015-07-01 22:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 16:53 - 2015-07-01 22:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 16:53 - 2015-05-09 20:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-03 20:53 - 2015-08-03 20:53 - 00000000 ____D C:\Users\Christian\dwhelper
2015-08-02 12:06 - 2015-08-02 12:06 - 00001076 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk
2015-08-02 12:06 - 2015-08-02 12:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-08-02 12:06 - 2015-07-10 13:22 - 00922704 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-08-02 12:06 - 2015-07-10 13:21 - 00128592 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-07-31 18:21 - 2015-08-03 20:06 - 00000000 ____D C:\Users\Christian\VirtualBox VMs
2015-07-31 16:16 - 2015-07-31 16:16 - 00000000 ____D C:\$Windows.~WS
2015-07-30 17:23 - 2015-07-30 17:42 - 00000000 ____D C:\MP3
2015-07-30 17:23 - 2015-07-30 17:23 - 00000000 ____D C:\Musik Video
2015-07-30 14:06 - 2015-07-30 14:06 - 00001424 _____ C:\Users\Christian\Desktop\Mega USB Portable.lnk
2015-07-29 20:18 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-07-29 20:18 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00065896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2015-07-29 19:56 - 2015-07-03 06:28 - 00047976 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-28 10:16 - 2015-05-01 11:56 - 00000000 ____D C:\ProgramData\TEMP
2015-08-28 09:58 - 2015-03-24 20:40 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-28 09:51 - 2015-03-22 22:01 - 01676969 _____ C:\Windows\WindowsUpdate.log
2015-08-28 09:46 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-28 09:46 - 2009-07-14 06:45 - 00026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-28 09:36 - 2015-03-24 20:28 - 00075160 _____ C:\Users\Christian\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-28 09:35 - 2015-04-01 15:47 - 00000000 ___RD C:\Users\Christian\Google Drive
2015-08-28 09:35 - 2015-03-27 23:22 - 00002122 _____ C:\Users\Christian\Documents\PTBSync-AutoExport-Christian.ini
2015-08-28 09:32 - 2015-03-24 20:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 09:31 - 2015-06-20 12:37 - 00014734 _____ C:\Windows\setupact.log
2015-08-28 09:31 - 2015-03-24 22:08 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-28 09:31 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-27 20:29 - 2015-03-25 23:38 - 00000000 ____D C:\Users\Christian\AppData\Roaming\vlc
2015-08-27 12:55 - 2013-03-12 21:24 - 00000000 ____D C:\Windows\Panther
2015-08-27 12:51 - 2015-07-10 19:29 - 00000000 ___HD C:\$Windows.~BT
2015-08-27 11:50 - 2015-03-25 19:04 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5013158F-DA91-4D6A-B306-50202B614723}
2015-08-26 12:32 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-08-25 11:50 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Apps\2.0
2015-08-25 11:50 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-08-25 11:46 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-08-25 11:23 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat
2015-08-25 11:23 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat
2015-08-25 11:23 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-24 11:48 - 2015-03-25 19:17 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Mozilla
2015-08-24 10:59 - 2009-07-14 07:08 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-24 10:15 - 2015-03-22 22:53 - 00000000 ____D C:\Users\Christian
2015-08-21 23:46 - 2015-03-22 22:53 - 00000000 ____D C:\Users\Christian\AppData\Local\VirtualStore
2015-08-21 20:59 - 2015-03-24 20:41 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 15:48 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Google
2015-08-16 16:29 - 2015-04-01 15:45 - 00002042 _____ C:\Users\Public\Desktop\Google Slides.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002040 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00002030 _____ C:\Users\Public\Desktop\Google Docs.lnk
2015-08-16 16:29 - 2015-04-01 15:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieUserList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieSiteList
2015-08-16 13:48 - 2015-05-23 16:41 - 00000000 __SHD C:\Users\Christian\AppData\Local\EmieBrowserModeList
2015-08-16 13:40 - 2015-06-15 19:49 - 00000000 ____D C:\Users\Christian\AppData\Roaming\AnvSoft
2015-08-14 19:06 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system
2015-08-14 18:54 - 2015-03-24 22:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-08-14 18:54 - 2015-03-24 22:07 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-13 18:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-13 15:48 - 2015-03-25 17:35 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 22:55 - 2015-03-27 21:41 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:50 - 2013-03-12 22:48 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 16:24 - 2015-06-11 16:57 - 00000000 ____D C:\Users\Christian\.mediathek3
2015-08-10 18:13 - 2015-05-15 10:48 - 00000000 ____D C:\Users\Christian\AppData\Local\CloudStation
2015-08-09 13:47 - 2015-03-24 20:39 - 00000000 ____D C:\Users\Christian\AppData\Local\Deployment
2015-08-08 20:53 - 2015-05-02 14:17 - 00000000 ____D C:\Users\Christian\.VirtualBox
2015-08-07 13:06 - 2015-04-13 20:22 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 13:06 - 2015-03-25 18:59 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00112760 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00105080 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-08-07 13:06 - 2015-03-24 22:07 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 06:34 - 2015-03-24 22:08 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2015-03-24 22:08 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2015-03-24 22:08 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 20:18 - 2009-07-14 07:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-08-03 20:57 - 2015-06-08 08:45 - 00000000 ____D C:\Users\Christian\AppData\Roaming\Thunderbird
2015-08-03 12:12 - 2015-03-24 22:08 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-31 16:27 - 2010-06-20 21:25 - 00000000 ____D C:\Software
2015-07-30 22:21 - 2015-06-11 11:32 - 00001120 _____ C:\Users\Public\Desktop\Avira.lnk
2015-07-30 22:21 - 2015-03-25 19:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-30 22:20 - 2015-03-25 19:37 - 00162528 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-07-30 22:20 - 2015-03-25 19:37 - 00141416 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-07-29 19:57 - 2015-03-24 22:09 - 00001377 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-16 13:25 - 2015-08-24 15:11 - 0005632 _____ () C:\Users\Christian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-04-01 11:37 - 2015-04-01 11:37 - 0000057 _____ () C:\ProgramData\Ament.ini
Einige Dateien in TEMP:
====================
C:\Users\Christian\AppData\Local\Temp\avgnt.exe
C:\Users\Christian\AppData\Local\Temp\proxy_vole2698356262695805402.dll
Einige mit null Byte Größe Dateien/Ordner:
==========================
C:\Windows\System32\corona.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-22 01:41
==================== Ende von FRST.txt ============================
|
|
28.08.2015, 09:38
| #11 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Hier noch Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
durchgeführt von Christian (2015-08-28 10:17:06)
Gestartet von C:\Users\Christian\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1697669310-943054665-3328125322-500 - Administrator - Disabled)
Christian (S-1-5-21-1697669310-943054665-3328125322-1000 - Administrator - Enabled) => C:\Users\Christian
Gast (S-1-5-21-1697669310-943054665-3328125322-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1697669310-943054665-3328125322-1002 - Limited - Enabled)
XBMC (S-1-5-21-1697669310-943054665-3328125322-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Acronis*Disk Director Suite (HKLM-x32\...\{2300EE96-0A41-4FAB-BD03-989EC44577A0}) (Version: 10.0.2161 - Acronis)
Amazon Cloud Drive (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Amazon Cloud Drive) (Version: 2.4.2.25 - Amazon Digital Services, LLC.)
Amazon Kindle (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\Amazon Kindle) (Version: - Amazon)
ASF-AVI-RM-WMV Repair 1.82 (HKLM-x32\...\ASF-AVI-RM-WMV Repair_is1) (Version: - Repair Video, Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Audials (HKLM-x32\...\{0E9EBAF3-67F8-430A-9852-D02E5F20031A}) (Version: 10.2.30900.0 - Audials AG)
Avira (HKLM-x32\...\{a5e00a72-db4a-4f77-8874-d1265b8fcd7e}) (Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.42.10415 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Drive (HKLM-x32\...\{12ADFB82-D5A3-43E4-B2F4-FCD9B690315B}) (Version: 1.24.9931.5480 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Officejet Pro 8600 - Grundlegende Software für das Gerät (HKLM\...\{D2D05FDB-4EDA-462D-8DB6-E0B9AD4FA25F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet Pro 8600 Hilfe (HKLM-x32\...\{FDE820DD-CC88-4395-AD5C-801365B8F316}) (Version: 28.0.0 - Hewlett Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
Image Composite Editor (HKLM\...\{92AB5708-1AAA-4B1B-A8D5-45CF3AD77519}) (Version: 2.0.3 - Microsoft Corporation)
Java 8 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218045F0}) (Version: 8.0.450 - Oracle Corporation)
K-Lite Codec Pack 11.3.6 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.6 - )
LibreOffice 5.0.1.2 (HKLM-x32\...\{927AE35D-72BC-437D-BAC7-EE47D03DEE54}) (Version: 5.0.1.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
MergeModule_x64 (Version: 9.0.00 - Sony Corporation) Hidden
MergeModule_x86 (x32 Version: 9.3.00 - Sony Corporation) Hidden
Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Minimal ADB and Fastboot version 1.2 (HKLM-x32\...\{06C90FCC-4C95-4142-A0AF-D3A4C12882DE}_is1) (Version: 1.2 - Sam Rodberg)
MyHarmony (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\036a0e4fc6a247ec) (Version: 1.0.1.257 - Logitech)
Nuance Cloud Connector (HKLM-x32\...\{AB9D03EA-4365-4C03-89B9-F77F798102D3}) (Version: 3.2.912 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.)
Nuance PDF Converter Professional 8 (HKLM-x32\...\{BCE93D4F-0E1C-495D-8710-C753FE5924A3}) (Version: 8.10.6242 - Nuance Communications, Inc.)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
O&O DiskRecovery (HKLM-x32\...\{53480880-18E0-4097-A460-F22DD3AC6D70}) (Version: 4.0.1231 - O&O Software GmbH)
Oracle VM VirtualBox 4.3.30 (HKLM\...\{5E7BEDD4-397D-4537-A290-AB012A45D771}) (Version: 4.3.30 - Oracle Corporation)
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 4.3.01.06011 - Sony Corporation)
PMB_ModeEditor (x32 Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (x32 Version: 9.3.01 - Sony Corporation) Hidden
PTBSync (Atomuhr Synchronisation & Terminkalender) (HKLM-x32\...\PTBSync) (Version: 5.8 - ElmueSoft)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.15041.2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Scansoft PDF Professional (x32 Version: - ) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Synology Cloud Station (HKLM-x32\...\{DB4EE1F5-EAAC-44AF-A254-119C1866CCC4}) (Version: 3.2.3475 - Synology)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Transcend SSD Scope version 2.7.0.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 2.7.0.0 - Transcend Information, Inc.)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VirtualDub Plugin Pack 1.0.0.6 US (HKLM-x32\...\{D6E6B04E-0498-4794-B272-2EDE12E02837}_is1) (Version: 1.0.0.6 - Trad-Fr)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
World of Tanks (HKU\S-1-5-21-1697669310-943054665-3328125322-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{2C4A5D61-009C-4561-9A33-6AFD542FD237}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll ()
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{472CE1AD-5D53-4BCF-A1FB-3982A5F55138}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{48AB5ADA-36B1-4137-99C9-2BD97F8788AB}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{A433C3E0-8B24-40EB-93C3-4B10D9959F58}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{AEB16659-2125-4ADA-A4AB-45EE21E86469}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
CustomCLSID: HKU\S-1-5-21-1697669310-943054665-3328125322-1000_Classes\CLSID\{C701AD67-3DF0-47C9-89CB-DFA6207BE229}\InprocServer32 -> C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\iconOverlay.dll (TODO: <Company name>)
==================== Wiederherstellungspunkte =========================
23-08-2015 10:51:28 Windows Update
24-08-2015 15:42:58 JRT Pre-Junkware Removal
26-08-2015 15:25:12 Windows Update
26-08-2015 18:23:18 JRT Pre-Junkware Removal
27-08-2015 20:26:22 Installed LibreOffice 5.0.1.2
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-08-25 11:43 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {5E3E4C6D-95B2-453E-9162-2E485BC8193B} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {6AF00244-D8C5-4667-BBD1-F04E1706A15C} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2015-08-03] ()
Task: {93145680-81B9-4CE0-ACDA-7A548850EAC3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {9D9D8B8E-2C6D-4D7A-99D3-DB7E3CCD75B1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-03-24] (Google Inc.)
Task: {AD3E86A0-D71B-4DEC-8995-3641BFE7E398} - System32\Tasks\{BFDB4A09-ACFB-438F-99F4-8B617A05EA67} => pcalua.exe -a "I:\Download\System Tools\O_O_Programmbundle\10 O&O Programme + alle keygens\Datenrettung\O&O FormatRecovery v4.1.1146 German\OOFormatRecovery4Ger.exe" -d "I:\Download\System Tools\O_O_Programmbundle\10 O&O Programme + alle keygens\Datenrettung\O&O FormatRecovery v4.1.1146 German"
Task: {D1BACCF7-BFB8-4A9F-A815-E7B259F903E1} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-03-24 22:08 - 2015-08-07 06:34 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-07-18 22:13 - 2012-07-18 22:13 - 00222104 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
2013-08-20 14:03 - 2011-03-02 12:40 - 00164864 _____ () D:\Portable\WinRARPortable\App\WinRAR-x64\rarext.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01047552 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\icon-overlay\13\x64\ContextMenu.dll
2012-07-18 22:02 - 2012-07-18 22:02 - 00292760 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\sqlite3.dll
2012-07-18 22:02 - 2012-07-18 22:02 - 00079768 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\zlib125.dll
2012-07-18 22:02 - 2012-07-18 22:02 - 00016280 _____ () C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSMui.dll
2015-03-30 20:14 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-08-21 20:59 - 2015-08-18 07:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll
2015-08-21 20:59 - 2015-08-18 07:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll
2015-08-28 09:33 - 2015-08-28 09:33 - 00098816 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32api.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00110080 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\pywintypes27.dll
2015-08-28 09:33 - 2015-08-28 09:33 - 00364544 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\pythoncom27.dll
2015-08-28 09:33 - 2015-08-28 09:33 - 00045568 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_socket.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 01161216 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_ssl.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00320512 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32com.shell.shell.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00713216 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_hashlib.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 01176576 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._core_.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00806400 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._gdi_.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00816128 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._windows_.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 01067008 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._controls_.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00733184 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._misc_.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00682496 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\pysqlite2._sqlite.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00087552 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_ctypes.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00119808 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32file.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00108544 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32security.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00007168 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\hashobjs_ext.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00068096 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\usb_ext.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00167936 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32gui.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00018432 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32event.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00128512 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_elementtree.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00127488 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\pyexpat.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00013824 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\common.time34.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00036864 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_psutil_windows.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00038912 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32inet.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00011264 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32crypt.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00077312 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._html2.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00027136 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_multiprocessing.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00020480 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\_yappi.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00035840 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32process.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00686080 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\unicodedata.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00123392 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._wizard.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00024064 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32pipe.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00010240 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\select.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00025600 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32pdh.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00525640 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\windows._lib_cacheinvalidation.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00017408 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32profile.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00022528 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\win32ts.pyd
2015-08-28 09:33 - 2015-08-28 09:33 - 00078848 _____ () C:\Users\Christian\AppData\Local\Temp\_MEI43362\wx._animate.pyd
2015-06-25 15:35 - 2015-06-25 15:35 - 00123918 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\libgcc_s_dw2-1.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00524460 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\libcurl-4.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00115214 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\zlib1.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01026062 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\libstdc++-6.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 03095505 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\icuin53.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 01798570 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\icuuc53.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 21565192 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\icudt53.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 02874155 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\libsqlite3-0.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00712704 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\platforms\qwindows.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00031744 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qgif.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00046080 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qicns.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00032768 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qico.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00516608 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjp2.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00243200 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qjpeg.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00431616 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\imageformats\qtiff.dll
2015-06-25 15:35 - 2015-06-25 15:35 - 00115214 _____ () C:\Users\Christian\AppData\Local\CloudStation\CloudStation.app\bin\ZLIB1.dll
2015-08-28 10:15 - 2015-08-28 10:15 - 00008704 _____ () C:\Users\Christian\AppData\Local\Temp\nsrEE46.tmp\newadvsplash.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:AEC0AC81
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1697669310-943054665-3328125322-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Christian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nuance Cloud Connector.lnk => C:\Windows\pss\Nuance Cloud Connector.lnk.CommonStartup
MSCONFIG\startupreg: CyberGhost => "C:\Program Files\CyberGhost 5\CyberGhost.EXE" /autostart
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{E49AD1A7-3823-4F0E-B065-019A84795342}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{26C9C7F6-6A14-427F-8C77-05909213D18A}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{0CB9D0D7-C45C-45A8-B807-0037B5247599}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{36EB54B6-F152-4A58-8318-232662C5F23B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{F80E2961-F6B1-4DD8-A022-9CED134B3D7D}D:\portable\firefoxportable\app\firefox\firefox.exe] => (Allow) D:\portable\firefoxportable\app\firefox\firefox.exe
FirewallRules: [UDP Query User{2AC378F1-758E-4559-9B34-528CBA8327F4}D:\portable\firefoxportable\app\firefox\firefox.exe] => (Allow) D:\portable\firefoxportable\app\firefox\firefox.exe
FirewallRules: [TCP Query User{B46EB605-CE45-442F-9AF7-BC1361D82BB7}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{87DB5F5D-C5D1-4B57-BFE0-92CCF9B22085}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{AB6A246D-3DFE-4F5F-BFD5-9BAAF424DD4D}] => (Allow) LPort=12972
FirewallRules: [{71CDFDB3-F902-431E-84A8-492C0650C989}] => (Allow) LPort=14714
FirewallRules: [{5C2B5BB1-5608-4EB8-9ACD-6D83D368EB13}] => (Allow) LPort=31931
FirewallRules: [{30AC2F49-C365-4856-88F9-DCE712CFB57C}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\FaxApplications.exe
FirewallRules: [{1B713F37-92F5-4FA6-8E48-8FA36D54D903}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\DigitalWizards.exe
FirewallRules: [{1B31A979-CBD4-4233-8E9E-3DDB32F44A13}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\bin\SendAFax.exe
FirewallRules: [{11AA11D8-4490-4497-A060-2CF33414CAB7}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\DeviceSetup.exe
FirewallRules: [{6099D8DD-68CF-424E-886D-85275C2A04C1}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
FirewallRules: [{3E3A7A6B-AD4A-4D53-8443-1A7EB2F2D3C4}] => (Allow) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{413E2585-0A36-49CC-BFD0-151FC11CFD50}] => (Allow) C:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{D1048808-F53D-4012-8DFD-0F6428F1F275}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{32D08204-BF60-4414-9613-2BB52399876A}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
FirewallRules: [{A5C2180A-D169-4E90-AC13-A5B7546A078C}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{76D9223E-F141-4CC5-9F68-92F71AA166C5}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
FirewallRules: [{A9302B2D-B4EE-45A6-8A00-B045342F91F8}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [{40135B6D-6FDC-4F0F-B729-261BF5DDEEFD}] => (Allow) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr2003.exe
FirewallRules: [TCP Query User{85E39A5B-AD45-4EFF-ABDC-B74F734DDED0}C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe] => (Allow) C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe
FirewallRules: [UDP Query User{D5074EE4-DB9E-403F-BF56-7696443B0221}C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe] => (Allow) C:\program files (x86)\nuance\nuance cloud connector\gladinetclient.exe
FirewallRules: [TCP Query User{66C76EB5-5450-43C5-BC09-F5C244651691}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{86C1AD43-C70A-4FAF-8297-D89D7A492C00}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{AAEB4D38-3BA8-4AFC-B55A-3D3D656AE668}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{DE2CA6AE-90FB-4723-A2F7-652618014881}] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{EAB123A1-7996-4CAF-A4D6-3ADA320231DA}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{7116B75C-BC80-4EED-B511-9E5E05245A46}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [TCP Query User{2E41470D-2FC1-4FB0-A95B-79B4DB93E484}D:\portable\winampportable\app\winamp\winamp.exe] => (Allow) D:\portable\winampportable\app\winamp\winamp.exe
FirewallRules: [UDP Query User{9CF15C02-F53D-4912-AE30-61C160A1F042}D:\portable\winampportable\app\winamp\winamp.exe] => (Allow) D:\portable\winampportable\app\winamp\winamp.exe
FirewallRules: [TCP Query User{346A423F-C960-4B9E-9E9C-A75E4039C7BF}C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [UDP Query User{CDFA7EA4-5629-49E0-810F-B433A5ABAEF0}C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe] => (Allow) C:\users\christian\appdata\local\cloudstation\cloudstation.app\bin\cloud-connect.exe
FirewallRules: [TCP Query User{6C144309-8A22-437C-B905-B6820E8D1FED}C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe] => (Allow) C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe
FirewallRules: [UDP Query User{562CBE1E-A0B2-4ECC-BEE8-ACBC64D087E2}C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe] => (Allow) C:\software\mega.portable.usb-stick.2015-pentium\programme\dateien\audials one 12.1.3100.0\audials.exe
FirewallRules: [{E79739DE-5A17-48E6-A4C9-0A469597349D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E3A94BFA-B865-4E7F-80AA-E53646DA241E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{99EBC06B-453E-471D-B0E2-F70014345FAF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F7CB1591-4D2B-4CAD-AC68-399A08DC4FA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{51564EB2-D84B-4E50-A683-C685ADB79C64}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7F18579C-2042-4B97-B720-709EB453436F}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TAP-Windows Adapter V9
Description: TAP-Windows Adapter V9
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: tap0901
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/28/2015 09:51:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (08/28/2015 09:31:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2015 09:31:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.2.13.0, Zeitstempel: 0x558200e9
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.2.13.0, Zeitstempel: 0x558200e9
Ausnahmecode: 0x40000015
Fehleroffset: 0x000ace66
ID des fehlerhaften Prozesses: 0xa7c
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (08/28/2015 09:31:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 3.1.3.0, Zeitstempel: 0x55252bff
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x990
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (08/27/2015 05:11:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.
Error: (08/27/2015 11:04:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/27/2015 11:04:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamservice.exe, Version: 3.2.13.0, Zeitstempel: 0x558200e9
Name des fehlerhaften Moduls: mbamservice.exe, Version: 3.2.13.0, Zeitstempel: 0x558200e9
Ausnahmecode: 0x40000015
Fehleroffset: 0x000ace66
ID des fehlerhaften Prozesses: 0xa7c
Startzeit der fehlerhaften Anwendung: 0xmbamservice.exe0
Pfad der fehlerhaften Anwendung: mbamservice.exe1
Pfad des fehlerhaften Moduls: mbamservice.exe2
Berichtskennung: mbamservice.exe3
Error: (08/27/2015 11:04:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: mbamscheduler.exe, Version: 3.1.3.0, Zeitstempel: 0x55252bff
Name des fehlerhaften Moduls: MSVCR100.dll, Version: 10.0.40219.325, Zeitstempel: 0x4df2be1e
Ausnahmecode: 0x40000015
Fehleroffset: 0x0008d6fd
ID des fehlerhaften Prozesses: 0x9c8
Startzeit der fehlerhaften Anwendung: 0xmbamscheduler.exe0
Pfad der fehlerhaften Anwendung: mbamscheduler.exe1
Pfad des fehlerhaften Moduls: mbamscheduler.exe2
Berichtskennung: mbamscheduler.exe3
Error: (08/26/2015 06:12:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/26/2015 04:12:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm mbam-setup.tmp, Version 51.52.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2a20
Startzeit: 01d0e0092ceb635c
Endzeit: 3
Anwendungspfad: C:\Users\CHRIST~1\AppData\Local\Temp\Anti-MalwarePortableTemp\is-FCT2B.tmp\mbam-setup.tmp
Berichts-ID:
Systemfehler:
=============
Error: (08/28/2015 09:48:54 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade auf Windows 10 Pro
Error: (08/28/2015 09:31:49 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/28/2015 09:31:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "MBAMScheduler" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (08/28/2015 09:31:26 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst MBAMScheduler erreicht.
Error: (08/27/2015 05:14:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/27/2015 05:14:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/27/2015 05:14:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/27/2015 05:14:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (08/27/2015 05:14:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1275
Error: (08/27/2015 05:14:18 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\CHRIST~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office:
=========================
Error: (08/28/2015 09:51:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Software\Systemtools\Scan Tools\esetsmartinstaller_deu.exe
Error: (08/28/2015 09:31:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/28/2015 09:31:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.2.13.0558200e9mbamservice.exe3.2.13.0558200e940000015000ace66a7c01d0e1638c514627C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exed3241b15-4d56-11e5-9acf-002564f433af
Error: (08/28/2015 09:31:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe3.1.3.055252bffMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd99001d0e16382033537C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dllc8f59849-4d56-11e5-9acf-002564f433af
Error: (08/27/2015 05:11:27 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Software\Systemtools\Scan Tools\esetsmartinstaller_deu.exe
Error: (08/27/2015 11:04:38 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/27/2015 11:04:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamservice.exe3.2.13.0558200e9mbamservice.exe3.2.13.0558200e940000015000ace66a7c01d0e0a753e04ab9C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe9ad472eb-4c9a-11e5-a2cd-002564f433af
Error: (08/27/2015 11:04:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbamscheduler.exe3.1.3.055252bffMSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd9c801d0e0a74941e740C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exeC:\Program Files (x86)\ Malwarebytes Anti-Malware \MSVCR100.dll90529ff5-4c9a-11e5-a2cd-002564f433af
Error: (08/26/2015 06:12:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/26/2015 04:12:48 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: mbam-setup.tmp51.52.0.02a2001d0e0092ceb635c3C:\Users\CHRIST~1\AppData\Local\Temp\Anti-MalwarePortableTemp\is-FCT2B.tmp\mbam-setup.tmp
CodeIntegrity:
===================================
Date: 2015-08-25 11:42:46.237
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-08-25 11:42:46.203
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-03-12 22:33:59.564
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.380
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.287
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.177
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:30:00.053
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:24:53.442
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:11:01.356
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2013-03-12 22:03:37.717
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\DisplaySwitch.exe" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Processor: Intel(R) Core(TM) i5 CPU 750 @ 2.67GHz
Prozentuale Nutzung des RAM: 20%
Installierter physikalischer RAM: 20439.12 MB
Verfügbarer physikalischer RAM: 16328.39 MB
Summe virtueller Speicher: 40876.44 MB
Verfügbarer virtueller Speicher: 36143.83 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:1863.01 GB) (Free:1096.45 GB) NTFS
Drive d: (Toshiba 2 TB) (Fixed) (Total:1863.02 GB) (Free:437.27 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: DADA4235)
Partition 1: (Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 000BC058)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Mit Chrome Portable bleibe ich bei ebay. Mit installiertem Chrome werde ich weiter umgeleitet....  Gruß Christian |
|
28.08.2015, 16:19
| #12 |
| /// the machine /// TB-Ausbilder | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Java updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Software\PTBSync - CHIP-Installer.exe
C:\Software\Brenner & Drucker & Scanner\Virtual CloneDrive - CHIP-Installer.exe
C:\Software\Driver Genius 12\Driver.Genius.v12.0.0.1211-crk-REPT-HAPPY.XMAS-Genial78\Driver.Genius.v12.0.0.1211-crk-REPACK-REPT-HAPPY.XMAS.zip
C:\Software\Internet\Jdownloader-portable.exe
C:\Software\Internet\MediathekView - CHIP-Installer.exe
C:\Software\Internet\StreamTransport - CHIP-Installer.exe
C:\Software\MP3\Audials One - CHIP-Installer Version 12.0.63100.exe
C:\Software\Samsung S4 mini\Odin3 - CHIP-Installer.exe
C:\Software\Systemtools\HP USB Disk Storage Format Tool - CHIP-Installer.exe
C:\Software\Systemtools\Unlocker1.9.2.exe
C:\Software\Systemtools\VirtualBox\VirtualBox Extension Pack - CHIP-Installer.exe
C:\Software\Video\FormatFactorySetup3.5.0.0.exe
C:\Software\Video\installer_ac3_acm_decompressor_2_1_Deutsch.exe
C:\Software\Video\K Lite Mega Codec Pack - CHIP-Installer.exe
C:\Software\Video\TS Doctor\bs_Cypheros_TS-Doctor 1.2.7.exe
C:\Software\Video\TS Doctor\TSDoctor_v1.2.29_TSA373BMO.exe
C:\Software\Windows\AdvancedFix_Setup.exe
C:\Software\Windows\Magical Jelly Bean Keyfinder - CHIP-Installer.exe
C:\Software\Windows\Windows 10 Final 64 Bit - CHIP-Installer.exe
D:\Downloads\Mediathek\streamtransport_chrome_setup1.1.6.2.exe
D:\Downloads\Mediathek\Streamtransport IE10\streamtransport_setup.exe
D:\Drivers\Driver Genius Pro Edition v10.0.0.712 (multi,portable).exe
D:\KARAYAHOME\Backup Set 2013-11-17 190002\Backup Files 2013-11-17 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2013-11-24 190001\Backup Files 2013-11-24 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2013-12-29 190001\Backup Files 2013-12-29 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-01-05 190002\Backup Files 2014-01-05 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-02-23 190002\Backup Files 2014-02-23 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-03-23 190002\Backup Files 2014-03-23 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-04-27 190001\Backup Files 2014-04-27 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-06-08 190004\Backup Files 2014-06-08 190004\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-07-13 190002\Backup Files 2014-07-13 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-03 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-31 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-09-21 190001\Backup Files 2014-09-21 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-10-12 190002\Backup Files 2014-10-12 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-11-02 190002\Backup Files 2014-11-02 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-11-23 190002\Backup Files 2014-11-23 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-01-04 190009\Backup Files 2015-01-04 190009\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-01-25 190002\Backup Files 2015-01-25 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-15 190006\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-22 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-03-01 190002\Backup Files 2015-03-01 190002\Backup files 1.zip
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.08.2015, 19:13
| #13 |
| | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. "Done" Wie George R.R. Martin so schön sagte, als sein letztes Buch fertig war. Hier das letzte Logfile: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-08-2015 02
durchgeführt von Christian (2015-08-28 19:21:13) Run:1
Gestartet von C:\Users\Christian\Desktop
Geladene Profile: Christian (Verfügbare Profile: Christian)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Software\PTBSync - CHIP-Installer.exe
C:\Software\Brenner & Drucker & Scanner\Virtual CloneDrive - CHIP-Installer.exe
C:\Software\Driver Genius 12\Driver.Genius.v12.0.0.1211-crk-REPT-HAPPY.XMAS-Genial78\Driver.Genius.v12.0.0.1211-crk-REPACK-REPT-HAPPY.XMAS.zip
C:\Software\Internet\Jdownloader-portable.exe
C:\Software\Internet\MediathekView - CHIP-Installer.exe
C:\Software\Internet\StreamTransport - CHIP-Installer.exe
C:\Software\MP3\Audials One - CHIP-Installer Version 12.0.63100.exe
C:\Software\Samsung S4 mini\Odin3 - CHIP-Installer.exe
C:\Software\Systemtools\HP USB Disk Storage Format Tool - CHIP-Installer.exe
C:\Software\Systemtools\Unlocker1.9.2.exe
C:\Software\Systemtools\VirtualBox\VirtualBox Extension Pack - CHIP-Installer.exe
C:\Software\Video\FormatFactorySetup3.5.0.0.exe
C:\Software\Video\installer_ac3_acm_decompressor_2_1_Deutsch.exe
C:\Software\Video\K Lite Mega Codec Pack - CHIP-Installer.exe
C:\Software\Video\TS Doctor\bs_Cypheros_TS-Doctor 1.2.7.exe
C:\Software\Video\TS Doctor\TSDoctor_v1.2.29_TSA373BMO.exe
C:\Software\Windows\AdvancedFix_Setup.exe
C:\Software\Windows\Magical Jelly Bean Keyfinder - CHIP-Installer.exe
C:\Software\Windows\Windows 10 Final 64 Bit - CHIP-Installer.exe
D:\Downloads\Mediathek\streamtransport_chrome_setup1.1.6.2.exe
D:\Downloads\Mediathek\Streamtransport IE10\streamtransport_setup.exe
D:\Drivers\Driver Genius Pro Edition v10.0.0.712 (multi,portable).exe
D:\KARAYAHOME\Backup Set 2013-11-17 190002\Backup Files 2013-11-17 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2013-11-24 190001\Backup Files 2013-11-24 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2013-12-29 190001\Backup Files 2013-12-29 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-01-05 190002\Backup Files 2014-01-05 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-02-23 190002\Backup Files 2014-02-23 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-03-23 190002\Backup Files 2014-03-23 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-04-27 190001\Backup Files 2014-04-27 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-06-08 190004\Backup Files 2014-06-08 190004\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-07-13 190002\Backup Files 2014-07-13 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-03 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-31 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-09-21 190001\Backup Files 2014-09-21 190001\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-10-12 190002\Backup Files 2014-10-12 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-11-02 190002\Backup Files 2014-11-02 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-11-23 190002\Backup Files 2014-11-23 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-01-04 190009\Backup Files 2015-01-04 190009\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-01-25 190002\Backup Files 2015-01-25 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-15 190006\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-22 190002\Backup files 1.zip
D:\KARAYAHOME\Backup Set 2015-03-01 190002\Backup Files 2015-03-01 190002\Backup files 1.zip
Emptytemp:
*****************
C:\Software\PTBSync - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Brenner & Drucker & Scanner\Virtual CloneDrive - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Driver Genius 12\Driver.Genius.v12.0.0.1211-crk-REPT-HAPPY.XMAS-Genial78\Driver.Genius.v12.0.0.1211-crk-REPACK-REPT-HAPPY.XMAS.zip => erfolgreich verschoben
C:\Software\Internet\Jdownloader-portable.exe => erfolgreich verschoben
C:\Software\Internet\MediathekView - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Internet\StreamTransport - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\MP3\Audials One - CHIP-Installer Version 12.0.63100.exe => erfolgreich verschoben
C:\Software\Samsung S4 mini\Odin3 - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Systemtools\HP USB Disk Storage Format Tool - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Systemtools\Unlocker1.9.2.exe => erfolgreich verschoben
C:\Software\Systemtools\VirtualBox\VirtualBox Extension Pack - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Video\FormatFactorySetup3.5.0.0.exe => erfolgreich verschoben
C:\Software\Video\installer_ac3_acm_decompressor_2_1_Deutsch.exe => erfolgreich verschoben
C:\Software\Video\K Lite Mega Codec Pack - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Video\TS Doctor\bs_Cypheros_TS-Doctor 1.2.7.exe => erfolgreich verschoben
C:\Software\Video\TS Doctor\TSDoctor_v1.2.29_TSA373BMO.exe => erfolgreich verschoben
C:\Software\Windows\AdvancedFix_Setup.exe => erfolgreich verschoben
C:\Software\Windows\Magical Jelly Bean Keyfinder - CHIP-Installer.exe => erfolgreich verschoben
C:\Software\Windows\Windows 10 Final 64 Bit - CHIP-Installer.exe => erfolgreich verschoben
D:\Downloads\Mediathek\streamtransport_chrome_setup1.1.6.2.exe => erfolgreich verschoben
D:\Downloads\Mediathek\Streamtransport IE10\streamtransport_setup.exe => erfolgreich verschoben
D:\Drivers\Driver Genius Pro Edition v10.0.0.712 (multi,portable).exe => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2013-11-17 190002\Backup Files 2013-11-17 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2013-11-24 190001\Backup Files 2013-11-24 190001\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2013-12-29 190001\Backup Files 2013-12-29 190001\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-01-05 190002\Backup Files 2014-01-05 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-02-02 190002\Backup Files 2014-02-02 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-02-23 190002\Backup Files 2014-02-23 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-03-23 190002\Backup Files 2014-03-23 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-04-27 190001\Backup Files 2014-04-27 190001\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-06-08 190004\Backup Files 2014-06-08 190004\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-07-13 190002\Backup Files 2014-07-13 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-03 190001\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-08-03 190001\Backup Files 2014-08-31 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-09-21 190001\Backup Files 2014-09-21 190001\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-10-12 190002\Backup Files 2014-10-12 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-11-02 190002\Backup Files 2014-11-02 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-11-23 190002\Backup Files 2014-11-23 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2014-12-14 190002\Backup Files 2014-12-14 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2015-01-04 190009\Backup Files 2015-01-04 190009\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2015-01-25 190002\Backup Files 2015-01-25 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-15 190006\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2015-02-15 190006\Backup Files 2015-02-22 190002\Backup files 1.zip => erfolgreich verschoben
D:\KARAYAHOME\Backup Set 2015-03-01 190002\Backup Files 2015-03-01 190002\Backup files 1.zip => erfolgreich verschoben
EmptyTemp: => 1.1 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 19:22:34 ====
 Super - ein Riesendankeschön an Dich Schrauber - hätte ich ohne Deine Hilfe nicht geschafft.   |
|
29.08.2015, 12:38
| #14 |
| /// the machine /// TB-Ausbilder | Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Cleanup: (Die Reihenfolge ist hier entscheidend) Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken. Falls Combofix verwendet wurde:  Combofix deinstallieren .
Alle Logs gepostet? Dann lade Dir bitte  DelFix herunter.
Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst... und/oder das Forum mit einer kleinen Spende  unterstützen.  Absicherung:Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank. Meine Empfehlung:  Emsisoft Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional:  NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.Lade Software von einem sauberen Portal wie  .Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner . Abschließend noch ein paar grundsätzliche Bemerkungen: Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems. Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Windows 7: ebay.de & ebay.com werden unerwünschte Werbung umgeleitet. |
| abgesicherten, adresse, anderen, appdata, autostart, c:\windows, chrome, code, cyberghost, device, dnsapi.dll, ebay, explorer.exe, firefox, gmer, harddisk, ide, modus, officejet, probleme, scan, seite, sekunden, super, synology, temp, toshiba, umgeleitet, weiterleitung, werbung, windows, windows 7 |
WARNUNG an die MITLESER: 
+ R Taste und schreibe Combofix /Uninstall in das 
Linear-Darstellung
