| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.08.2015, 18:28
| #1 |
 |  "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Ich habe ein Thema in der "Rund um Windows" Kategorie gepostet und nun hat mich burningice darauf hingewiesen das ich Malware drauf habe ... ich bitte um hilfe damit man mir mit meinem anderen Problem weiter helfen kann  Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015
durchgeführt von Max (Administrator) auf PC-PC (25-08-2015 18:51:06)
Gestartet von C:\Users\Max\.android\Downloads
Geladene Profile: Max (Verfügbare Profile: Max & adi)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6109776 2015-08-11] (AVAST Software)
HKLM-x32\...\Run: [IR_SERVER] => C:\PROGRA~2\Realtek\REALTE~1\IR_SERVER.exe
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DT FUS] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-12-12] ()
HKLM-x32\...\Run: [WMI Helper] => C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtWMIHelper.exe [176128 2007-12-12] ()
HKLM-x32\...\Run: [BlueStacks Agent] => "C:\Program Files (x86)\BlueStacks\HD-Agent.exe"
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2195240 2015-02-09] (Gainward Co. Ltd.)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2014-06-03]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
ProxyEnable: [.DEFAULT] => Internet Explorer proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52902;https=127.0.0.1:52902
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM -> DefaultScope {DD62CA85-3D1C-4495-963D-B0BBE2D24D2A} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {DD62CA85-3D1C-4495-963D-B0BBE2D24D2A} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> {DD62CA85-3D1C-4495-963D-B0BBE2D24D2A} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-18] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2015-07-09] (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-18] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97
Tcpip\..\Interfaces\{2D49D6FA-A296-452A-8FB2-77D347ACD17A}: [DhcpNameServer] 83.169.184.33 83.169.184.97
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Homepage: hxxp://www.startfenster.de
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-25] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2015-07-09] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-16] (Google Inc.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2015-07-22] (Coowon.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2015-07-22] (Coowon.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\searchplugins\google-avast.xml [2014-12-17]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\searchplugins\suchmaschine.xml [2014-12-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\Extensions\ich@maltegoetz.de.xpi [2014-12-09]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-28]
Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-27]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-27]
CHR Extension: (Adblock Plus) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-27]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-29]
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Max\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-05-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2015-07-09] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-12-12] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 GJServiceV5; C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe [4502200 2013-10-30] ()
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-08] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-20] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 ahcix64s; C:\Windows\System32\DRIVERS\ahcix64s.sys [158224 2008-08-05] (AMD Technologies Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [10632 2007-10-11] (Advanced Micro Devices)
S3 Asushwio; C:\Windows\SysWOW64\drivers\Asushwio.sys [5824 2000-03-29] () [Datei ist nicht signiert]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2015-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [210936 2015-08-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2015-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-29] (Disc Soft Ltd)
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42224 2014-05-13] (Visicom Media Inc.)
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [35384 2013-10-29] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [60472 2013-10-29] (SlySoft Inc.)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
R2 WinisoCDBus; C:\Windows\System32\drivers\WinisoCDBus.sys [204032 2014-02-26] (WinISO.com)
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-25 18:50 - 2015-08-25 18:51 - 00000000 ____D C:\FRST
2015-08-25 18:37 - 2015-08-25 18:38 - 00000763 _____ C:\Users\Max\Desktop\test.vbs
2015-08-25 18:31 - 2015-08-25 18:31 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-25 18:31 - 2015-08-25 18:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-25 18:31 - 2015-08-25 18:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-25 18:31 - 2015-08-25 18:31 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-24 20:41 - 2015-07-10 16:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-24 20:41 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-24 12:54 - 2015-08-24 12:54 - 00000738 _____ C:\Users\Max\Desktop\World of Tanks - Common Test.lnk
2015-08-24 12:54 - 2015-08-24 12:54 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-08-19 22:02 - 2015-08-15 01:49 - 17889792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 22:02 - 2015-08-15 01:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-19 22:02 - 2015-08-15 01:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 22:02 - 2015-08-15 01:03 - 12386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 22:02 - 2015-08-15 00:56 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-19 22:02 - 2015-08-15 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-18 15:34 - 2015-08-20 03:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-18 15:14 - 2015-08-18 15:12 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-17 23:20 - 2015-08-17 23:20 - 00000000 ____D C:\Users\Max\AppData\Roaming\Abelssoft
2015-08-17 23:20 - 2015-08-17 23:20 - 00000000 ____D C:\ProgramData\XDMessagingv4
2015-08-17 23:17 - 2015-08-19 11:16 - 00000000 ____D C:\Windows\System32\Tasks\Abelssoft
2015-08-17 23:17 - 2015-08-19 11:16 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2015-08-17 23:17 - 2015-08-18 10:18 - 00000000 ____D C:\Users\Max\AppData\Local\Abelssoft
2015-08-16 19:24 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-16 19:24 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 00001269 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2015-08-14 09:13 - 2015-08-14 09:13 - 00001076 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-08-14 09:13 - 2015-08-14 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-14 09:12 - 2015-08-14 09:13 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-14 09:11 - 2015-08-14 09:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\DVDVideoSoft
2015-08-13 12:01 - 2015-08-13 12:01 - 00000104 _____ C:\Users\Max\Desktop\Papierkorb - Verknüpfung.lnk
2015-08-13 11:46 - 2015-08-13 11:46 - 00000000 ____D C:\Users\Max\Desktop\bewerbung
2015-08-13 11:36 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-13 11:36 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-13 11:36 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-08-13 11:36 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-08-12 22:15 - 2015-07-31 22:03 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:15 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:15 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:15 - 2015-07-10 21:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:13 - 2015-07-11 19:13 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 22:13 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 22:13 - 2015-07-09 16:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:13 - 2015-07-09 16:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:13 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:12 - 2015-07-18 17:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:09 - 2015-07-21 22:59 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:09 - 2015-07-21 22:59 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:09 - 2015-07-21 17:50 - 04690880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:09 - 2015-07-21 17:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-12 22:09 - 2015-07-21 17:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:09 - 2015-07-21 17:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 22:09 - 2015-07-21 17:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-12 22:09 - 2015-07-21 17:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:09 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:09 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:09 - 2015-07-10 21:35 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:09 - 2015-07-10 21:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:01 - 2015-08-01 00:31 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:01 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-12 22:01 - 2015-07-31 23:26 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:01 - 2015-07-31 23:25 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:01 - 2015-07-31 23:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 22:01 - 2015-07-31 23:09 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-12 22:01 - 2015-07-31 23:00 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-12 22:01 - 2015-07-31 22:59 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:01 - 2015-07-31 22:59 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:01 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 22:01 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-08-12 22:01 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-12 22:01 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:01 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:01 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:01 - 2015-07-01 17:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:00 - 2015-07-09 16:31 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-12 20:13 - 2015-08-12 20:13 - 00000680 _____ C:\Users\Max\AppData\Local\d3d9caps.dat
2015-08-12 19:50 - 2015-08-12 19:51 - 00000921 _____ C:\Users\adi\Desktop\test.vbs.txt
2015-08-12 19:50 - 2015-08-12 19:50 - 00055568 _____ C:\Users\adi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Roaming\AVAST Software
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Roaming\ArcSoft
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Local\NVIDIA
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Local\ArcSoft
2015-08-12 19:49 - 2015-08-12 19:49 - 00000979 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000974 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000909 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000875 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000020 ___SH C:\Users\adi\ntuser.ini
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Vorlagen
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Startmenü
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Netzwerkumgebung
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Lokale Einstellungen
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Eigene Dateien
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Druckumgebung
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Documents\Eigene Musik
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Documents\Eigene Bilder
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Local\Verlauf
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Local\Anwendungsdaten
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Anwendungsdaten
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Roaming\Motorola Mobility
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Local\VirtualStore
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Local\Google
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi
2015-08-12 19:49 - 2008-01-21 05:20 - 00000000 ___RD C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-12 19:49 - 2008-01-21 05:20 - 00000000 ___RD C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 11:10 - 2015-07-22 23:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:10 - 2015-07-22 23:56 - 02344448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:10 - 2015-07-22 23:55 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:10 - 2015-07-22 23:50 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:10 - 2015-07-22 23:50 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:10 - 2015-07-22 23:49 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:10 - 2015-07-22 23:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:10 - 2015-07-22 23:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-12 11:10 - 2015-07-22 23:47 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-12 11:10 - 2015-07-22 23:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:10 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:10 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:10 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:10 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:10 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:10 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 11:10 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-08-12 11:10 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 11:10 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-08-12 11:10 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-08-12 11:10 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 20:37 - 2015-08-11 20:38 - 00000078 _____ C:\Users\Max\Desktop\versand.vbs.txt
2015-08-11 20:15 - 2015-08-11 20:15 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-11 20:15 - 2015-08-11 20:15 - 00210936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-08-11 20:15 - 2015-08-11 20:15 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-09 22:01 - 2015-08-09 22:02 - 00272456 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2015-08-09 16:01 - 2015-08-09 16:04 - 00000000 ____D C:\Users\Max\Desktop\handy
2015-08-09 15:58 - 2015-08-09 15:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Motorola Tools
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Tools
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\Program Files (x86)\Motorola Tools
2015-08-09 15:43 - 2015-08-09 15:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2015-08-09 15:40 - 2015-08-09 15:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2015-08-09 15:38 - 2015-08-09 15:38 - 00000000 ____D C:\ProgramData\Motorola
2015-08-09 15:37 - 2015-08-25 18:19 - 00000000 ____D C:\Temp
2015-08-09 15:37 - 2015-08-09 15:37 - 00003396 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2015-08-09 15:37 - 2015-08-09 15:37 - 00003204 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2015-08-09 15:37 - 2015-08-09 15:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\Motorola Mobility
2015-08-09 15:34 - 2015-08-09 15:36 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\Program Files (x86)\Motorola
2015-08-09 15:33 - 2015-08-09 15:33 - 00000000 ____D C:\Program Files\Motorola Mobility LLC
2015-08-09 15:33 - 2015-08-09 15:33 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared
2015-08-09 15:32 - 2015-08-09 15:32 - 00000000 ____D C:\Users\Max\AppData\Roaming\Motorola
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00872528 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00681552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-07-31 16:37 - 2015-07-31 16:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\TERA
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-25 18:51 - 2015-01-01 19:51 - 00000000 ____D C:\Users\Max\AppData\Roaming\NetSpeedMonitor
2015-08-25 18:39 - 2014-10-19 14:43 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2015-08-25 18:31 - 2014-06-12 10:45 - 00000000 ____D C:\Users\Max\AppData\Local\Adobe
2015-08-25 18:25 - 2014-12-29 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2015-08-25 18:25 - 2014-12-29 01:27 - 00000000 ____D C:\Program Files (x86)\SlySoft
2015-08-25 18:25 - 2014-05-27 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool
2015-08-25 18:25 - 2014-05-27 19:37 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2015-08-25 18:24 - 2014-12-29 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-08-25 18:24 - 2014-12-29 01:25 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-08-25 18:24 - 2008-01-21 03:53 - 02032619 _____ C:\Windows\WindowsUpdate.log
2015-08-25 18:20 - 2014-05-27 21:05 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-25 18:19 - 2014-12-29 01:26 - 00000170 ___SH C:\ProgramData\.zreglib
2015-08-25 18:19 - 2014-06-18 16:36 - 00021288 _____ C:\Windows\system32\spsys.log
2015-08-25 18:19 - 2014-05-27 20:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-25 18:19 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-25 18:19 - 2006-11-02 17:22 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-25 18:19 - 2006-11-02 17:22 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-25 18:03 - 2014-05-27 20:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-25 17:38 - 2014-05-28 06:22 - 01542732 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-25 17:38 - 2008-01-21 13:09 - 00673454 _____ C:\Windows\system32\perfh007.dat
2015-08-25 17:38 - 2008-01-21 13:09 - 00145466 _____ C:\Windows\system32\perfc007.dat
2015-08-25 17:37 - 2008-01-21 13:10 - 01542732 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 14:49 - 2014-10-19 14:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-25 11:28 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-25 10:57 - 2014-07-27 15:39 - 00002013 _____ C:\Users\Max\Desktop\meine nummer.txt
2015-08-25 10:18 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2015-08-24 17:11 - 2014-10-11 18:18 - 00000000 ____D C:\Users\Max\Desktop\tank
2015-08-24 12:54 - 2014-05-28 00:42 - 00000000 ____D C:\Games
2015-08-22 07:11 - 2014-05-27 20:25 - 00002017 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 03:19 - 2014-05-27 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-20 03:19 - 2008-01-21 05:26 - 00067066 _____ C:\Windows\PFRO.log
2015-08-19 18:53 - 2014-05-29 23:24 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-18 15:14 - 2014-05-28 00:48 - 00000000 ____D C:\ProgramData\Oracle
2015-08-18 15:13 - 2014-08-07 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-18 15:12 - 2014-06-15 11:39 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-18 14:47 - 2015-07-23 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-08-18 14:45 - 2015-02-01 19:40 - 00000000 ____D C:\Program Files (x86)\Wolfenstein - Enemy Territory
2015-08-18 14:43 - 2014-05-27 20:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-18 14:40 - 2014-11-08 13:58 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-18 14:40 - 2014-11-04 19:36 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-18 10:13 - 2006-11-02 17:21 - 00260216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-17 23:20 - 2014-05-27 19:18 - 00057608 _____ C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-16 19:38 - 2014-05-27 19:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-16 19:38 - 2014-05-27 19:17 - 00000000 ____D C:\Users\Max
2015-08-16 19:34 - 2014-05-27 19:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-15 15:21 - 2014-12-29 02:20 - 00000000 ____D C:\Users\Max\AppData\Roaming\vlc
2015-08-13 20:16 - 2014-05-27 21:05 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-13 12:15 - 2014-09-17 18:46 - 00009216 _____ C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-13 02:33 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-08-12 22:09 - 2014-05-28 05:39 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:02 - 2006-11-02 14:35 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-12 21:56 - 2014-05-27 19:17 - 00001460 _____ C:\Users\Max\AppData\Local\d3d9caps64.dat
2015-08-12 19:40 - 2014-11-26 17:01 - 00000763 _____ C:\Users\Max\test.vbs.txt
2015-08-11 20:15 - 2014-05-27 21:05 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00064712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-09 15:58 - 2006-11-02 17:27 - 00091738 _____ C:\Windows\setupact.log
2015-08-09 14:57 - 2015-07-02 20:04 - 00000420 _____ C:\Users\Max\Desktop\verkaufe.txt
2015-08-08 12:03 - 2014-05-27 20:24 - 00000000 ____D C:\Users\Max\AppData\Local\Deployment
2015-08-07 13:06 - 2014-11-05 19:41 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 13:06 - 2014-05-27 19:42 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-05-27 19:49 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 09:54 - 2015-07-23 21:33 - 00000000 ____D C:\Users\Max\Documents\Gameforge Live
2015-08-03 12:12 - 2014-05-28 00:59 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-30 22:20 - 2015-07-08 14:42 - 00000000 ____D C:\Users\Max\.android
2015-07-29 20:48 - 2014-06-11 13:18 - 00155136 _____ C:\Windows\SysWOW64\unrar.dll
2015-07-29 20:48 - 2014-06-11 13:18 - 00034308 _____ C:\Windows\SysWOW64\bassmod.dll
2015-07-28 15:42 - 2015-07-23 23:01 - 00000000 ___HD C:\Users\Max\Documents\Runes of Magic
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-12 20:13 - 2015-08-12 20:13 - 0000680 _____ () C:\Users\Max\AppData\Local\d3d9caps.dat
2014-05-27 19:17 - 2015-08-12 21:56 - 0001460 _____ () C:\Users\Max\AppData\Local\d3d9caps64.dat
2014-09-17 18:46 - 2015-08-13 12:15 - 0009216 _____ () C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-04 20:56 - 2014-11-04 20:56 - 0365922 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1418.txt
2014-12-29 00:02 - 2014-12-29 00:02 - 0363708 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1DDD.txt
2014-05-28 00:43 - 2014-05-28 00:43 - 0439916 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1E1E.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0394938 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI41DA.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0382928 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI41FE.txt
2015-02-18 20:10 - 2015-02-18 20:12 - 0440002 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI4ADF.txt
2015-02-18 20:12 - 2015-02-18 20:13 - 0448546 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI4C25.txt
2014-11-04 20:56 - 2014-11-04 20:56 - 0011198 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1418.txt
2014-12-29 00:02 - 2014-12-29 00:02 - 0011124 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1DDD.txt
2014-05-28 00:43 - 2014-05-28 00:43 - 0020150 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1E1E.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0011446 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI41DA.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0011382 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI41FE.txt
2015-02-18 20:10 - 2015-02-18 20:12 - 0011660 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI4ADF.txt
2015-02-18 20:12 - 2015-02-18 20:13 - 0011692 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI4C25.txt
2014-12-29 01:26 - 2015-08-25 18:19 - 0000170 ___SH () C:\ProgramData\.zreglib
Einige Dateien in TEMP:
====================
C:\Users\Max\AppData\Local\Temp\4q9eno6v.dll
C:\Users\Max\AppData\Local\Temp\abelssoft.setup.exe
C:\Users\Max\AppData\Local\Temp\amazonicon_v10.exe
C:\Users\Max\AppData\Local\Temp\amazoninstallernircmdc.exe
C:\Users\Max\AppData\Local\Temp\Apache_OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Max\AppData\Local\Temp\atcMedia6301419815269.exe
C:\Users\Max\AppData\Local\Temp\bdfilters.dll
C:\Users\Max\AppData\Local\Temp\comver.dll
C:\Users\Max\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpiqqs5i.dll
C:\Users\Max\AppData\Local\Temp\gwn7_-vq.dll
C:\Users\Max\AppData\Local\Temp\ICReinstall_CR_Downloader_fuer_wwe-all-stars.exe
C:\Users\Max\AppData\Local\Temp\iiuninst.exe
C:\Users\Max\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Max\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Max\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Max\AppData\Local\Temp\nvStereoApiI64.dll
C:\Users\Max\AppData\Local\Temp\nvStInst.exe
C:\Users\Max\AppData\Local\Temp\ochelper.exe
C:\Users\Max\AppData\Local\Temp\sdan.exe
C:\Users\Max\AppData\Local\Temp\sdapk.exe
C:\Users\Max\AppData\Local\Temp\sdaspwn.exe
C:\Users\Max\AppData\Local\Temp\Setup.exe
C:\Users\Max\AppData\Local\Temp\SiedlerPatch.exe
C:\Users\Max\AppData\Local\Temp\utils.dll
C:\Users\Max\AppData\Local\Temp\_is297F.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-25 18:25
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-08-2015
durchgeführt von Max (2015-08-25 18:52:06)
Gestartet von C:\Users\Max\.android\Downloads
Start-Modus: Normal
==========================================================
==================== Konten: =============================
adi (S-1-5-21-3169981157-1337817569-149642379-1002 - Administrator - Enabled) => C:\Users\adi
Administrator (S-1-5-21-3169981157-1337817569-149642379-500 - Administrator - Disabled)
Gast (S-1-5-21-3169981157-1337817569-149642379-501 - Limited - Disabled)
Max (S-1-5-21-3169981157-1337817569-149642379-1000 - Administrator - Enabled) => C:\Users\Max
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.5.155 - Adobe Systems, Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.9668 - Perfect World Entertainment)
ArcSoft TotalMedia 3.5 (HKLM-x32\...\{74292F90-895A-4FC6-A692-9641532B1B63}) (Version: 3.5.28.322 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{5D7BAD7E-490F-44CD-CD17-DBBA0459A7D1}) (Version: 3.0.704.0 - ATI Technologies, Inc.)
aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.0.3.674 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.5000 - CDBurnerXP)
Curse Client (HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.844 - Curse)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Die Siedler IV (HKLM-x32\...\S4Uninst) (Version: - )
DisplayView Click (HKLM-x32\...\{7B2E26A2-84CF-4B58-86ED-DE8E73391BDB}) (Version: 3.52.004 - Portrait Displays, Inc.)
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.05.0.0 - Electronic Arts)
Dropbox (HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
EXPERTool v9.10 (HKLM-x32\...\{551D9481-9487-4D0C-9A1D-6BC3E7B6D991}_is1) (Version: 9.10.0.0 - Gainward Co. Ltd.)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Free Alarm Clock 3.1.0 (HKLM-x32\...\{8ED5A2F1-338F-4608-8AF7-BCD1ADC1E1F7}_is1) (Version: 3.1 - Comfort Software Group)
Free Audio Converter version 5.0.61.805 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.61.805 - DVDVideoSoft Ltd.)
Game Jackal v5.2.0.0 (64 bit) (HKLM\...\Game Jackal v5_is1) (Version: - SlySoft Inc.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
ManyCam 4.0.97 (HKLM-x32\...\ManyCam) (Version: 4.0.97 - Visicom Media Inc.)
M-Explorer (HKLM-x32\...\MExplorer) (Version: 0.9.6 - www.Motorola-Tools.com)
Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.5.4 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
Motorola Mobile Drivers Installation 6.4.0 (HKLM\...\{27986EDD-C9EC-4B52-B92F-06D073F0AA52}) (Version: 6.4.0 - Motorola Mobility LLC)
Mozilla Firefox 40.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 de)) (Version: 40.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 30.0.1835.125 (HKLM-x32\...\Opera 30.0.1835.125) (Version: 30.0.1835.125 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r4600) (Version: - )
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek 8169 8168 8101E 8102E Ethernet Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0000 - Realtek)
REALTEK DTV USB DEVICE (HKLM-x32\...\{DDBB7C89-1A09-441E-AA0F-6AA465755C17}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5772 - Realtek Semiconductor Corp.)
Runes of Magic (HKLM-x32\...\{F57FBE91-C48B-4A86-91C8-A9C3D744E459}_is1) (Version: 6.3.0.2742 - Gameforge Productions GmbH)
SDK (x32 Version: 1.40.002 - Portrait Displays, Inc.) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SleepTimer Ultimate 1.2 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: - Christian Handorf)
South Park™: The Stick of Truth™ (HKLM-x32\...\Steam App 213670) (Version: - Obsidian Entertainment)
Star Realms version 1.13 (HKLM-x32\...\{F4DEB22F-AC61-4111-89B2-CF434A2BABFB}_is1) (Version: 1.13 - White Wizard Games)
Startfenster (HKLM\...\Startfenster) (Version: - Startfenster)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\UnityWebPlayer) (Version: 5.0.3f2 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version: - Nelson Sexton)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
War Thunder Launcher 1.0.1.361 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment)
Wecker für Windows 6.5 (HKLM-x32\...\{FFDC4005-E968-498D-93C8-CC148742167D}}_is1) (Version: 6.5 - Christoph Bünger Software)
Windows Media Center Edition MPEG Codec Plug-in (HKLM-x32\...\{94F3D243-2006-4B2D-9160-C2A33F74BB84}) (Version: - ArcSoft)
WinISO (HKLM-x32\...\WinISO) (Version: 6.4.0.5170 - WinISO Computing Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.10 Beta 4 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.4 - win.rar GmbH)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version: - Noble Empire Corp.)
World of Tanks - Common Test (HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812ct}_is1) (Version: - Wargaming.net)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
World of Warships (HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C814eu}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{045b1e2d-4e12-4786-8252-3a7aa33997e9}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{0B52EBBD-0D42-4824-B1A8-980CA4C48640}\localserver32 -> C:\Users\Max\AppData\Local\Coowon\Update\CoowonUpdate.exe (Coowon.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{0CD315E5-B75F-41A8-A047-CDA454343216}\localserver32 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\CoowonUpdateOnDemand.exe (Coowon.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{75ABC8DC-ACFF-466D-B6DD-7125698469F1}\localserver32 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\CoowonUpdateOnDemand.exe (Coowon.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{ADC37745-9907-4663-ABB5-508AF6F8A4B2}\localserver32 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\CoowonUpdateOnDemand.exe (Coowon.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{C8E50220-7B02-4407-B438-3DB18101BA27}\localserver32 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\CoowonUpdateOnDemand.exe (Coowon.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3169981157-1337817569-149642379-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Max\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
==================== Wiederherstellungspunkte =========================
19-08-2015 18:45:03 Removed BlueStacks Notification Center
19-08-2015 22:00:37 Windows Update
23-08-2015 07:51:43 Geplanter Prüfpunkt
24-08-2015 03:48:19 Geplanter Prüfpunkt
24-08-2015 20:23:22 Windows Update
25-08-2015 17:31:28 Windows Update
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
::1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {065CDD3C-0A02-4FE2-AD24-CD022E817A7C} - System32\Tasks\Abelssoft\StartBackgroundguardWithWindows => C:\Program Files (x86)\CheckDrive\CheckDrive.exe
Task: {1E47DAF6-FC4C-4820-AB73-3A81AF1E4C9D} - System32\Tasks\EXPERTool => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2015-02-09] (Gainward Co. Ltd.)
Task: {29BA6EC7-A550-432C-A40A-EF1B6A247CB5} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {2DB7B17A-DE54-4CD6-BA9F-1DE4F93AF680} - System32\Tasks\avastBCLRestartS-1-5-21-3169981157-1337817569-149642379-1000 => Chrome.exe
Task: {55FD1738-5B63-42F3-BC9E-E13520ED225D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-25] (Adobe Systems Incorporated)
Task: {5A810D99-B513-45C4-8E96-2438D5DFAED7} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2014-10-30] ()
Task: {7068DC5B-CF6A-4DE4-83B1-5F2E2EB7C0BC} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-11] (AVAST Software)
Task: {9DCC73A0-2187-40F5-A57E-EC5B55F4B594} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)
Task: {C2890D35-4C28-4ECA-9F76-EAAB81B9B055} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27] (Google Inc.)
Task: {EE759488-8B13-4C57-8B72-BDA7E4BFA105} - System32\Tasks\Opera scheduled Autoupdate 1415907572 => C:\Program Files (x86)\Opera\launcher.exe [2015-07-10] (Opera Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-01-08 19:08 - 2007-12-12 13:34 - 00065536 _____ () C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
2014-12-29 01:29 - 2013-10-30 10:41 - 04502200 _____ () C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
2014-06-18 22:03 - 2015-05-20 22:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-28 11:14 - 2015-08-25 14:49 - 00179176 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-08-04 15:43 - 2015-08-25 14:49 - 00103400 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-08-04 15:43 - 2015-08-25 14:49 - 00108008 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-08-04 15:46 - 2015-08-25 14:49 - 00312296 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-08-04 15:46 - 2015-08-25 14:49 - 00483816 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-06-05 15:48 - 2015-08-25 14:49 - 00318976 _____ () C:\Program Files\TeamSpeak 3 Client\ssleay32.dll
2014-06-05 15:48 - 2015-08-25 14:49 - 01718784 _____ () C:\Program Files\TeamSpeak 3 Client\LIBEAY32.dll
2015-04-29 10:01 - 2015-08-11 20:15 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-04-29 10:01 - 2015-08-11 20:15 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-08-25 10:02 - 2015-08-25 10:02 - 02960896 _____ () C:\Program Files\AVAST Software\Avast\defs\15082500\algo.dll
2015-06-21 03:16 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-06-03 21:17 - 2007-04-19 09:33 - 00035584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\uPiApi.dll
2014-05-27 20:46 - 2009-04-10 23:28 - 00368640 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-06-03 21:17 - 2008-11-26 16:59 - 00131584 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\AbilisWinUsb.dll
2014-06-03 21:17 - 2008-10-22 16:01 - 00200704 _____ () C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\VendorCmdRW.dll
2014-04-07 16:31 - 2014-04-07 16:31 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-05-27 21:05 - 2015-04-29 10:02 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-08-18 15:12 - 2015-08-18 15:12 - 00019040 _____ () C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2native.dll
2015-08-25 18:31 - 2015-08-25 18:31 - 17482952 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\TEMP:B606BA34
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Max\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
DNS Servers: 83.169.184.33 - 83.169.184.97
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{7EAA8A96-D9BD-4188-853E-1990CFF763A1}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{FB0914B5-2038-4939-97BC-5D39110C907F}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{54E975F3-0ADF-4617-84F9-AE4EBD5BB758}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{571954B4-C976-4B03-B9DB-2EBA1A6C938E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{45A6FEDB-524C-4040-AB17-E930278EC744}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E17B60BB-B77C-4371-9B2F-0C7550D3414E}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [{92450092-D230-4F75-B395-B8B87A667E37}] => (Allow) LPort=80
FirewallRules: [{0667B6BD-7C3E-49D4-8AE1-6585F813FAAD}] => (Allow) LPort=80
FirewallRules: [{967EE2F9-3B33-4C94-8C7E-6361E8C9D472}] => (Allow) LPort=80
FirewallRules: [{DCA30F34-D8EA-4DC0-AB77-D4456F0B7DEB}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [{127987DF-35D2-423F-A47D-C067812C2AA7}] => (Allow) C:\Program Files (x86)\WarThunder\launcher.exe
FirewallRules: [TCP Query User{83BAF5F8-B3F9-4931-ADFB-475E7F7EF82C}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [UDP Query User{6ACD5D53-4002-4A5E-8ED6-FCB47C59D85F}C:\program files (x86)\warthunder\aces.exe] => (Allow) C:\program files (x86)\warthunder\aces.exe
FirewallRules: [{F5432A75-411E-4C11-A302-F12CC23E38D4}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{33AE414E-26B4-434C-97C3-5683CE7F5651}] => (Allow) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TotalMedia.exe
FirewallRules: [{7BED33C9-9CE3-42D9-83BD-08528AE56F28}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{5713419A-53FF-445D-A860-231DAEC45D5C}] => (Allow) C:\Program Files (x86)\Origin Games\Peggle Deluxe\Peggle.exe
FirewallRules: [{C63F11D5-4BEA-4961-B605-63510682909F}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{CFD64CF2-BA54-4718-AE6C-7777504E2271}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{AFDB8F75-E2D8-4FC7-9700-C8BFA5230409}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{C0E0DE97-797D-4EAC-901B-9FE6BA17A7DC}] => (Allow) C:\Program Files (x86)\Origin Games\Plants vs. Zombies\PlantsVsZombies.exe
FirewallRules: [{207BC3D3-5A19-4F36-BB30-3BB8CA7D2385}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{77385F36-D363-4845-95D6-F0648FEC387B}] => (Allow) C:\Program Files (x86)\Heroes & Generals\live\hng.exe
FirewallRules: [{00CB00AD-E7DE-4653-A241-D52C4BD36A66}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{3200E0E9-0E55-4E0B-83C6-54A57B236C8E}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{D7BC1CA1-3212-478C-8D41-C566DB7A8E08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F6B57A17-61CF-4AE0-9FF3-1F909AF814D0}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{68EBCE07-FEB2-480F-952C-85C9D5FB0699}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{FD51B933-6682-4EBA-9A08-476E5AAAACF9}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{273DE1DB-4338-46DF-88DF-326DA275B531}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{B4893C44-B700-44A2-B5C2-DBBF2029331E}] => (Allow) C:\Program Files (x86)\Origin Games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{D8195733-3F5A-4648-B897-FFC0585DE43E}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [{A734DE57-CFD0-45AE-81E6-025E10D961B0}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age\bin_ship\daorigins.exe
FirewallRules: [TCP Query User{17750C93-43A2-4BFA-B8B4-B82E5BD99CB4}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [UDP Query User{1168E91D-6784-4E58-A858-03DE034D27CA}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe
FirewallRules: [{F4F0E8C7-9BA7-439D-B5BB-A75AF5F3CE4D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{D36BB071-D136-4FC5-B8C1-CBA534114F48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Unturned\Unturned.exe
FirewallRules: [{DBC99AA3-6C2B-49FA-8247-576AA44EB313}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7CDFE38-D47C-4B5F-9AD4-59641311BAA8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1A179D86-9223-4CFD-B018-48A02442F148}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [UDP Query User{7CFF3151-7A70-4CAB-B87E-A49AA77A7834}C:\program files (x86)\wolfenstein - enemy territory\et.exe] => (Allow) C:\program files (x86)\wolfenstein - enemy territory\et.exe
FirewallRules: [TCP Query User{ADAFE001-DC0C-46F4-9241-53C777D6FA32}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{385D6BA5-4DA5-45D0-B160-C0F9783EE5F3}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{A33252B3-F37C-440F-A382-8A4176076E03}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{17F08626-2605-4A2C-A293-AABB37B797F1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{6F96018B-C396-459B-9584-400DC9948C23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{580E4A76-FF36-49B0-A1F5-29C749A40EF7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\South Park - The Stick of Truth\South Park - The Stick of Truth.exe
FirewallRules: [{32555F9E-97DB-4F94-B740-31679FBCDCB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WOG\disasm.exe
FirewallRules: [{9F175F5C-6FB1-4BC8-B367-835A0C4BE60E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\WOG\disasm.exe
FirewallRules: [{04DEA77A-E581-411A-A2B8-1F6E6342D4EE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{83A62633-51BB-4B13-B48E-4F1E2BC64989}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{2FF53FB3-7A8F-428A-9F2C-BBEA7FE77AF5}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{9B16E053-A656-4A72-8A4A-8291F9EC84F4}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1CC1DB56-0EB4-4576-BFD6-26AC36CFB12D}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{697C4B77-5EAD-433B-802B-C8C59DD8410B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{B8051494-D156-44D6-BD73-E1EFCEDD54DD}C:\program files (x86)\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{EA28492F-A9B8-46F4-8EDB-AD0673985EA7}C:\program files (x86)\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [TCP Query User{E15405C4-8CDD-4D3E-945B-06FB4A37CBFC}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [UDP Query User{812E6195-3DBA-49C5-8094-C1D95DEC5B39}C:\games\world_of_warships\wowslauncher.exe] => (Allow) C:\games\world_of_warships\wowslauncher.exe
FirewallRules: [TCP Query User{AC5D98BF-2878-4833-A43F-A898E4ECA629}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [UDP Query User{0B2140F6-9768-4FE5-A4FC-F95DD9AA8E2E}C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\tera\tera-launcher.exe
FirewallRules: [{03620904-11E4-45DC-BAEB-E8E6ABEF55AE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{0DF3622E-047F-42AF-83B3-7600B68A11AA}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [UDP Query User{40A479B2-B7E5-4354-B83D-AE4BD4902775}C:\games\world_of_tanks_ct\wotlauncher.exe] => (Allow) C:\games\world_of_tanks_ct\wotlauncher.exe
FirewallRules: [TCP Query User{439A0E80-1162-4DB7-8D0A-E045A88DADAB}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
FirewallRules: [UDP Query User{E41A5D43-8530-4008-8B09-2C1B8483A569}C:\games\world_of_tanks_ct\worldoftanks.exe] => (Allow) C:\games\world_of_tanks_ct\worldoftanks.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/25/2015 06:19:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 12:38:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 10:01:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 12:14:42 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020
Error: (08/24/2015 08:12:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 05:15:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 05:08:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 05:03:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 03:19:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 03:17:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Systemfehler:
=============
Error: (08/25/2015 06:19:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (08/25/2015 06:19:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 25.08.2015 um 18:16:04 unerwartet heruntergefahren.
Error: (08/25/2015 12:38:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (08/25/2015 11:28:37 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (08/25/2015 10:01:47 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (08/24/2015 08:12:53 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (08/24/2015 08:12:31 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 24.08.2015 um 20:10:42 unerwartet heruntergefahren.
Error: (08/23/2015 08:18:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Error: (08/23/2015 08:17:49 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 23.08.2015 um 20:15:41 unerwartet heruntergefahren.
Error: (08/23/2015 06:38:03 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
Microsoft Office:
=========================
Error: (08/25/2015 06:19:55 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 12:38:26 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 10:01:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/25/2015 12:14:42 AM) (Source: .NET Runtime Optimization Service) (EventID: 1101) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - 1>Failed to compile: System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070020
System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089
Error: (08/24/2015 08:12:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (08/24/2015 05:15:59 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 05:08:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 05:03:24 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 03:19:16 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
Error: (08/24/2015 03:17:25 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: Smellyriver.TankInspector.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.
Ausnahmeinformationen: System.InvalidOperationException
Stapel:
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.DispatcherOperation.InvokeImpl()
bei System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
bei System.Windows.Threading.DispatcherOperation.Invoke()
bei System.Windows.Threading.Dispatcher.ProcessQueue()
bei System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
bei MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
bei System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
bei MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
bei System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
bei MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
bei MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
bei System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
bei System.Windows.Threading.Dispatcher.Run()
bei System.Windows.Application.RunDispatcher(System.Object)
bei System.Windows.Application.RunInternal(System.Windows.Window)
bei System.Windows.Application.Run(System.Windows.Window)
bei Smellyriver.TankInspector.App.Main()
==================== Speicherinformationen ===========================
Processor: AMD Athlon(tm) 7750 Dual-Core Processor
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 4094.39 MB
Verfügbarer physikalischer RAM: 1451.04 MB
Summe virtueller Speicher: 8407.26 MB
Verfügbarer virtueller Speicher: 5627.44 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:465.76 GB) (Free:201.96 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (32_00_00) (Fixed) (Total:465.76 GB) (Free:106.56 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: D4464571)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: B066007E)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
25.08.2015, 18:54
| #2 |
| /// the machine /// TB-Ausbilder    | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ |
|
26.08.2015, 12:49
| #3 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" hat lange gedauert aber es hat "leider" nichts gefunden
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.2.1008
www.malwarebytes.org
Database version:
main: v2015.08.26.05
rootkit: v2015.08.16.01
Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 9.0.8112.16421
Max :: PC-PC [administrator]
26.08.2015 13:11:46
mbar-log-2015-08-26 (13-11-46).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 393771
Time elapsed: 32 minute(s), 9 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
27.08.2015, 07:42
| #4 |
| /// the machine /// TB-Ausbilder | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.08.2015, 13:57
| #5 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" So das Programm ist fast ohne Probleme durchgelaufen nur am Ende bei dem Neustart hat es Probleme mit den erstellen des Regestry Backup's gegeben wegen ein paar Dateien wie win32/ SECURITY!. Konnte leider nur Auswählen ob ich die Restoration der Dateien zustimme... Internet ging nicht sonst hätte ich gefragt was ich machen soll... hab alles somit auf Ja zur Restoration geantwortet ... waren um die 4 Dateien! Hier der Logfile : Code:
ATTFilter ComboFix 15-08-27.01 - Max 27.08.2015 14:26:34.1.2 - x64
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.4094.3006 [GMT 2:00]
ausgeführt von:: c:\users\Max\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\1964.lnk
c:\windows\IsUn0407.exe
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_WINISOCDBUS
-------\Service_WinisoCDBus
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-07-27 bis 2015-08-27 ))))))))))))))))))))))))))))))
.
.
2015-08-27 12:38 . 2015-08-27 12:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-08-26 11:11 . 2015-08-26 11:11 -------- d-----w- c:\programdata\Malwarebytes
2015-08-26 11:11 . 2015-08-26 11:43 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-08-26 11:11 . 2015-08-26 11:11 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-08-26 11:11 . 2015-08-26 11:11 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-08-25 16:50 . 2015-08-26 11:52 -------- d-----w- C:\FRST
2015-08-25 16:31 . 2015-08-25 16:31 778440 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-08-25 16:31 . 2015-08-25 16:31 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-08-24 18:41 . 2015-07-10 14:31 2048 ----a-w- c:\windows\system32\tzres.dll
2015-08-24 18:41 . 2015-07-10 14:21 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2015-08-19 20:02 . 2015-08-14 23:37 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2015-08-19 20:02 . 2015-08-14 22:55 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2015-08-19 20:02 . 2015-08-14 23:55 183024 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2015-08-19 20:02 . 2015-08-14 23:38 2158080 ----a-w- c:\windows\system32\iertutil.dll
2015-08-19 20:02 . 2015-08-14 23:07 151184 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2015-08-19 20:02 . 2015-08-14 23:55 765072 ----a-w- c:\program files\Internet Explorer\iexplore.exe
2015-08-19 20:02 . 2015-08-14 23:07 758000 ----a-w- c:\program files (x86)\Internet Explorer\iexplore.exe
2015-08-19 20:02 . 2015-08-14 23:49 17889792 ----a-w- c:\windows\system32\mshtml.dll
2015-08-18 13:14 . 2015-08-18 13:14 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-08-18 13:14 . 2015-08-18 13:12 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-08-17 21:20 . 2015-08-17 21:20 -------- d-----w- c:\users\Max\AppData\Roaming\Abelssoft
2015-08-17 21:20 . 2015-08-17 21:20 -------- d-----w- c:\programdata\XDMessagingv4
2015-08-17 21:17 . 2015-08-18 08:18 -------- d-----w- c:\users\Max\AppData\Local\Abelssoft
2015-08-17 21:17 . 2015-08-19 09:16 -------- d-----w- c:\program files (x86)\CheckDrive
2015-08-14 07:12 . 2015-08-14 07:13 -------- d-----w- c:\program files (x86)\DVDVideoSoft
2015-08-14 07:12 . 2015-08-14 07:12 -------- d-----w- c:\program files (x86)\Common Files\DVDVideoSoft
2015-08-14 07:11 . 2015-08-14 07:13 -------- d-----w- c:\users\Max\AppData\Roaming\DVDVideoSoft
2015-08-13 09:36 . 2015-08-07 11:06 14673920 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2015-08-13 09:36 . 2015-07-23 04:06 1557648 ----a-w- c:\windows\system32\nvdispgenco6435362.dll
2015-08-13 09:36 . 2015-07-23 04:06 1898128 ----a-w- c:\windows\system32\nvdispco6435362.dll
2015-08-13 09:36 . 2015-08-07 11:06 12513288 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2015-08-12 20:15 . 2015-07-31 20:03 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:15 . 2015-07-31 19:27 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 20:15 . 2015-07-10 19:37 2067968 ----a-w- c:\windows\SysWow64\mstscax.dll
2015-08-12 20:15 . 2015-07-10 19:35 2425344 ----a-w- c:\windows\system32\mstscax.dll
2015-08-12 20:13 . 2015-07-11 17:13 12901888 ----a-w- c:\windows\system32\shell32.dll
2015-08-12 20:13 . 2015-07-09 14:39 169472 ----a-w- c:\windows\system32\notepad.exe
2015-08-12 20:13 . 2015-07-09 14:39 169472 ----a-w- c:\windows\notepad.exe
2015-08-12 20:13 . 2015-07-09 14:25 151040 ----a-w- c:\windows\SysWow64\notepad.exe
2015-08-12 20:12 . 2015-07-18 15:41 80384 ----a-w- c:\windows\system32\basesrv.dll
2015-08-12 20:09 . 2015-07-10 19:37 1402368 ----a-w- c:\windows\SysWow64\msxml6.dll
2015-08-12 20:09 . 2015-07-10 19:37 1253376 ----a-w- c:\windows\SysWow64\msxml3.dll
2015-08-12 20:09 . 2015-07-10 19:35 1875968 ----a-w- c:\windows\system32\msxml3.dll
2015-08-12 20:09 . 2015-07-10 19:35 1796096 ----a-w- c:\windows\system32\msxml6.dll
2015-08-12 20:09 . 2015-07-21 15:50 68544 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-08-12 20:09 . 2015-07-21 20:59 1586304 ----a-w- c:\windows\system32\ntdll.dll
2015-08-12 20:09 . 2015-07-21 20:59 1168600 ----a-w- c:\windows\SysWow64\ntdll.dll
2015-08-12 20:09 . 2015-07-21 15:50 4690880 ----a-w- c:\windows\system32\ntoskrnl.exe
2015-08-12 20:09 . 2015-07-21 15:50 154048 ----a-w- c:\windows\system32\drivers\ecache.sys
2015-08-12 20:09 . 2015-07-21 15:41 11264 ----a-w- c:\windows\system32\msmmsp.dll
2015-08-12 20:09 . 2015-07-21 15:40 399360 ----a-w- c:\windows\system32\emdmgmt.dll
2015-08-12 20:09 . 2015-07-21 15:40 85504 ----a-w- c:\windows\system32\csrsrv.dll
2015-08-12 20:00 . 2015-07-09 14:31 450560 ----a-w- c:\windows\system32\drivers\srv.sys
2015-08-12 17:49 . 2015-08-12 17:49 -------- d-----w- c:\users\adi
2015-08-11 18:15 . 2015-08-11 18:15 210936 ----a-w- c:\windows\system32\drivers\aswStmXP.sys
2015-08-11 18:15 . 2015-08-11 18:15 378880 ----a-w- c:\windows\system32\aswBoot.exe
2015-08-11 18:15 . 2015-08-11 18:15 43112 ----a-w- c:\windows\avastSS.scr
2015-08-09 13:55 . 2015-08-09 13:55 -------- d-----w- c:\program files (x86)\Motorola Tools
2015-08-09 13:38 . 2015-08-09 13:38 -------- d-----w- c:\programdata\Motorola
2015-08-09 13:37 . 2015-08-27 12:43 -------- d-----w- C:\Temp
2015-08-09 13:37 . 2015-08-09 13:37 -------- d-----w- c:\users\Max\AppData\Roaming\Motorola Mobility
2015-08-09 13:34 . 2015-08-09 13:36 -------- d-----w- c:\program files (x86)\Motorola Mobility
2015-08-09 13:34 . 2015-08-09 13:34 -------- d-----w- c:\program files (x86)\Motorola
2015-08-09 13:34 . 2015-08-09 13:34 -------- d-----w- c:\program files (x86)\MSXML 4.0
2015-08-09 13:33 . 2015-08-09 13:33 -------- d-----w- c:\program files\Motorola Mobility LLC
2015-08-09 13:33 . 2015-08-09 13:33 -------- d-----w- c:\program files\Common Files\Motorola Shared
2015-08-09 13:32 . 2015-08-09 13:32 -------- d-----w- c:\users\Max\AppData\Roaming\Motorola
2015-08-04 22:03 . 2015-08-04 22:03 877152 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2015-08-04 22:03 . 2015-08-04 22:03 538208 ----a-w- c:\windows\SysWow64\msvcp120_clr0400.dll
2015-08-04 21:53 . 2015-08-04 21:53 872528 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2015-08-04 21:53 . 2015-08-04 21:53 681552 ----a-w- c:\windows\system32\msvcp120_clr0400.dll
2015-07-31 14:37 . 2015-07-31 14:37 -------- d-----w- c:\users\Max\AppData\Roaming\TERA
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-08-13 18:16 . 2014-05-27 19:05 1048344 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2015-08-12 20:02 . 2006-11-02 12:35 132483416 ----a-w- c:\windows\system32\mrt.exe
2015-08-11 18:15 . 2014-05-27 19:05 65224 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2015-08-11 18:15 . 2014-05-27 19:05 274808 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2015-08-11 18:15 . 2014-05-27 19:05 447944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2015-08-11 18:15 . 2014-05-27 19:05 65224 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2015-08-11 18:15 . 2014-05-27 19:05 90968 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2015-08-11 18:15 . 2014-05-27 19:05 28656 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2015-08-11 18:15 . 2014-05-27 19:05 64712 ----a-w- c:\windows\system32\drivers\aswRdr.sys
2015-08-07 11:06 . 2014-05-27 17:42 3106384 ----a-w- c:\windows\SysWow64\nvapi.dll
2015-08-07 04:34 . 2014-05-27 17:49 937592 ----a-w- c:\windows\system32\nvvsvc.exe
2015-08-07 04:34 . 2014-05-27 17:49 62768 ----a-w- c:\windows\system32\nvshext.dll
2015-08-07 04:34 . 2014-05-27 17:49 2558768 ----a-w- c:\windows\system32\nvsvcr.dll
2015-08-07 04:34 . 2014-05-27 17:49 385328 ----a-w- c:\windows\system32\nvmctray.dll
2015-08-07 04:34 . 2014-05-27 17:49 6883448 ----a-w- c:\windows\system32\nvcpl.dll
2015-08-07 04:34 . 2014-05-27 17:49 3492144 ----a-w- c:\windows\system32\nvsvc64.dll
2015-08-03 10:12 . 2014-05-27 22:59 5133709 ----a-w- c:\windows\system32\nvcoproc.bin
2015-07-31 09:21 . 2015-08-25 15:32 11745192 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{C3C5D1B8-1CBE-4B40-9892-A36A8BC1E545}\mpengine.dll
2015-07-29 18:48 . 2014-06-11 11:18 155136 ----a-w- c:\windows\SysWow64\unrar.dll
2015-07-03 16:04 . 2015-07-15 20:19 1316864 ----a-w- c:\windows\SysWow64\ole32.dll
2015-07-03 15:41 . 2015-07-15 20:19 1916416 ----a-w- c:\windows\system32\ole32.dll
2015-06-27 16:03 . 2015-07-15 20:19 77312 ----a-w- c:\windows\SysWow64\secur32.dll
2015-06-27 16:03 . 2015-07-15 20:19 678400 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2015-06-27 16:02 . 2015-07-15 20:19 218112 ----a-w- c:\windows\SysWow64\msv1_0.dll
2015-06-27 16:02 . 2015-07-15 20:19 501248 ----a-w- c:\windows\SysWow64\kerberos.dll
2015-06-27 16:01 . 2015-07-15 20:19 801280 ----a-w- c:\windows\SysWow64\advapi32.dll
2015-06-27 15:40 . 2015-07-15 20:19 1304576 ----a-w- c:\windows\system32\rpcrt4.dll
2015-06-27 15:40 . 2015-07-15 20:19 269824 ----a-w- c:\windows\system32\msv1_0.dll
2015-06-27 15:40 . 2015-07-15 20:19 658944 ----a-w- c:\windows\system32\kerberos.dll
2015-06-27 15:39 . 2015-07-15 20:19 1065472 ----a-w- c:\windows\system32\advapi32.dll
2015-06-27 14:30 . 2015-07-15 20:19 278016 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2015-06-27 14:30 . 2015-07-15 20:19 109056 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys
2015-06-23 11:30 . 2014-05-28 04:26 300704 ------w- c:\windows\system32\MpSigStub.exe
2015-06-17 16:50 . 2015-07-15 20:17 2264576 ----a-w- c:\windows\SysWow64\msi.dll
2015-06-17 16:23 . 2015-07-15 20:17 3137536 ----a-w- c:\windows\system32\msi.dll
2015-06-17 15:18 . 2015-07-15 20:17 125440 ----a-w- c:\windows\system32\msiexec.exe
2015-06-17 15:09 . 2015-07-15 20:17 73216 ----a-w- c:\windows\SysWow64\msiexec.exe
2015-06-17 09:10 . 2015-06-24 10:07 40280 ----a-w- c:\windows\system32\nvhdap64.dll
2015-06-17 09:10 . 2015-06-24 10:07 204648 ----a-w- c:\windows\system32\drivers\nvhda64v.sys
2015-06-17 09:10 . 2015-06-24 10:07 1898128 ----a-w- c:\windows\system32\nvdispco6435330.dll
2015-06-17 09:10 . 2015-06-24 10:07 1557832 ----a-w- c:\windows\system32\nvdispgenco6435330.dll
2015-06-17 09:10 . 2014-05-27 17:42 1567576 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2015-06-12 16:03 . 2015-07-15 20:17 304640 ----a-w- c:\windows\SysWow64\gdi32.dll
2015-06-12 15:46 . 2015-07-15 20:17 390656 ----a-w- c:\windows\system32\gdi32.dll
2015-06-12 13:13 . 2015-07-15 20:19 516544 ----a-w- c:\windows\system32\drivers\ksecdd.sys
2015-05-31 08:11 . 2015-07-15 20:19 225792 ----a-w- c:\windows\SysWow64\cewmdm.dll
2015-05-31 07:54 . 2015-07-15 20:19 259584 ----a-w- c:\windows\system32\cewmdm.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"FreeAC"="c:\program files (x86)\FreeAlarmClock\FreeAlarmClock.exe" [2014-02-20 1553688]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2014-03-04 3696912]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2015-08-25 6111824]
"ArcSoft Connection Service"="c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-10-27 207424]
"VirtualCloneDrive"="c:\program files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2013-03-10 88984]
"DT FUS"="c:\program files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe" [2007-12-12 81920]
"WMI Helper"="c:\program files (x86)\Common Files\Portrait Displays\Plugins\AM\dtWMIHelper.exe" [2007-12-12 176128]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-06-08 334896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
TMMonitor.lnk - c:\program files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe [2014-6-3 258048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
@="Service"
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
Themes
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2015-08-22 05:04 993608 ----a-w- c:\program files (x86)\Google\Chrome\Application\44.0.2403.157\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2015-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-25 16:31]
.
2015-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 18:24]
.
2015-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-05-27 18:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2015-08-11 18:15 778056 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2009-01-06 6962720]
"Skytel"="c:\program files\Realtek\Audio\HDA\Skytel.exe" [2009-01-06 1833504]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2015-07-24 2634896]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.com/?trackid=sp-006
mStart Page = https://www.google.com/?trackid=sp-006
mSearch Page = https://www.google.com/search?trackid=sp-006&q={searchTerms}
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Bar = https://www.google.com/?trackid=sp-006
uInternet Settings,ProxyOverride = <-loopback>;192.168.*.*
IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\Max\AppData\Local\Temp\ie_script.htm
TCP: DhcpNameServer = 83.169.184.33 83.169.184.97
FF - ProfilePath - c:\users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.startup.homepage - hxxp://www.startfenster.de
FF - prefs.js: keyword.URL - hxxps://www.google.com/search/?trackid=sp-006
.
.
------- Dateityp-Verknüpfung -------
.
JSEFile=%SystemRoot%\SysWow64\CScript.exe "%1" %*
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-TBPanel - c:\program files (x86)\EXPERTool\TBPanel.exe
Wow6432Node-HKLM-Run-IR_SERVER - c:\progra~2\Realtek\REALTE~1\IR_SERVER.exe
Wow6432Node-HKLM-Run-BlueStacks Agent - c:\program files (x86)\BlueStacks\HD-Agent.exe
SafeBoot-WudfPf
SafeBoot-WudfRd
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-S4Uninst - c:\windows\IsUn0407.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes]
"SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
c:\program files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\program files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
c:\program files (x86)\SlySoft\Game Jackal v5\Server.exe
c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
c:\program files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-08-27 14:50:43 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-08-27 12:50
.
Vor Suchlauf: 12 Verzeichnis(se), 214.995.857.408 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 229.136.699.392 Bytes frei
.
- - End Of File - - F9E24CCFB6A93E29891A7ADF70722BA4
|
|
28.08.2015, 07:26
| #6 |
| /// the machine /// TB-Ausbilder | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" |
|
28.08.2015, 12:07
| #7 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Hat alles soweit geklappt nur bei dem Neustart nach dem AdwCleaner ging mein Antiviren Programm nicht an. Hier die Log's: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 28.08.2015 Suchlaufzeit: 12:06:43 Protokolldatei: MAMH.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.08.28.02 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Testversion Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x64 Dateisystem: NTFS Benutzer: Max Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 399039 Abgelaufene Zeit: 27 Min., 9 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.004 - Bericht erstellt 28/08/2015 um 12:42:10
# Aktualisiert 26/08/2015 von Xplode
# Datenbank : 2015-08-25.1 [Server]
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (x64)
# Benutzername : Max - PC-PC
# Gestarted von : C:\Users\Max\.android\Downloads\AdwCleaner_5.004.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
[-] Dienst Gelöscht : mcaudrv_simple
[-] Dienst Gelöscht : ManyCam
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage
[-] Datei Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_primeshare.tv_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
[-] Datei Gelöscht : C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal
[-] Datei Gelöscht : C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Startfenster.lnk
[-] Datei Gelöscht : C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\foxydeal.sqlite
[-] Datei Gelöscht : C:\Users\Max\Desktop\Startfenster.lnk
[-] Datei Gelöscht : C:\Windows\Sysnative\drivers\mcaudrv_x64.sys
[-] Datei Gelöscht : C:\Windows\Sysnative\drivers\mcvidrv.sys
***** [ Verknüpfungen ] *****
[-] Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Opera.lnk
[-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
[-] Verknüpfung Desinfiziert : C:\Users\Max\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Opera.lnk
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\WInterEnhance
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DD62CA85-3D1C-4495-963D-B0BBE2D24D2A}
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{DD62CA85-3D1C-4495-963D-B0BBE2D24D2A}
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DD62CA85-3D1C-4495-963D-B0BBE2D24D2A}
[-] Daten Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DD62CA85-3D1C-4495-963D-B0BBE2D24D2A}
***** [ Internetbrowser ] *****
[-] [C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxp://www.startfenster.de");
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [3183 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.9 (08.27.2015:1)
OS: Windows (TM) Vista Home Premium x64
Ran by Max on 28.08.2015 at 12:47:48,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Max\AppData\Roaming\mozilla\firefox\profiles\5f23b28q.default\minidumps [125 files]
~~~ Chrome
[C:\Users\Max\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Max\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Max\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Max\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.08.2015 at 12:53:17,27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-08-2015
durchgeführt von Max (Administrator) auf PC-PC (28-08-2015 12:54:24)
Gestartet von C:\Users\Max\.android\Downloads
Geladene Profile: Max (Verfügbare Profile: Max & adi)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DT FUS] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-12-12] ()
HKLM-x32\...\Run: [WMI Helper] => C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtWMIHelper.exe [176128 2007-12-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2014-06-03]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-18] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2015-07-09] (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-18] (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97
Tcpip\..\Interfaces\{2D49D6FA-A296-452A-8FB2-77D347ACD17A}: [DhcpNameServer] 83.169.184.33 83.169.184.97
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-25] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1215155.dll [2014-12-02] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-18] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2015-07-09] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2015-07-22] (Coowon.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2015-07-22] (Coowon.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\searchplugins\google-avast.xml [2014-12-17]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\searchplugins\suchmaschine.xml [2014-12-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\Extensions\ich@maltegoetz.de.xpi [2014-12-09]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-28]
Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-27]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-27]
CHR Extension: (Adblock Plus) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-27]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-29]
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Max\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-05-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2015-07-09] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
S2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-12-12] () [Datei ist nicht signiert]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S2 GJServiceV5; C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe [4502200 2013-10-30] ()
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-08] (Electronic Arts)
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-20] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 ahcix64s; C:\Windows\System32\DRIVERS\ahcix64s.sys [158224 2008-08-05] (AMD Technologies Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [10632 2007-10-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
S3 Asushwio; C:\Windows\SysWOW64\drivers\Asushwio.sys [5824 2000-03-29] () [Datei ist nicht signiert]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2015-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
S3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [210936 2015-08-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2015-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
S1 Beep; kein ImagePath
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-29] (Disc Soft Ltd)
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [35384 2013-10-29] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [60472 2013-10-29] (SlySoft Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-28 12:53 - 2015-08-28 12:53 - 00001297 _____ C:\Users\Max\Desktop\JRT.txt
2015-08-28 12:45 - 2015-08-28 12:45 - 00003278 _____ C:\Users\Max\Desktop\AdwCleaner[C1].txt
2015-08-28 12:37 - 2015-08-28 12:42 - 00000000 ____D C:\AdwCleaner
2015-08-28 12:36 - 2015-08-28 12:36 - 00001207 _____ C:\Users\Max\Desktop\MAMH.txt
2015-08-28 11:58 - 2015-08-28 11:58 - 00000941 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-28 11:58 - 2015-08-28 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-28 11:58 - 2015-08-28 11:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-28 11:58 - 2015-06-18 08:41 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-28 11:58 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-27 14:50 - 2015-08-27 14:50 - 00018215 _____ C:\ComboFix.txt
2015-08-27 14:22 - 2015-08-27 14:50 - 00000000 ____D C:\Qoobox
2015-08-27 14:22 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-27 14:22 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-27 14:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-27 14:21 - 2015-08-27 14:49 - 00000000 ____D C:\Windows\erdnt
2015-08-27 14:19 - 2015-08-27 14:20 - 05636265 ____R (Swearware) C:\Users\Max\Desktop\ComboFix.exe
2015-08-26 13:11 - 2015-08-28 12:48 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 13:11 - 2015-08-28 11:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 13:11 - 2015-08-26 13:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-26 13:11 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-25 21:11 - 2015-08-26 13:43 - 00000000 ____D C:\Users\Max\Desktop\mbar
2015-08-25 18:50 - 2015-08-28 12:54 - 00000000 ____D C:\FRST
2015-08-25 18:37 - 2015-08-25 18:38 - 00000763 _____ C:\Users\Max\Desktop\test.vbs
2015-08-25 18:31 - 2015-08-28 12:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 18:31 - 2015-08-25 18:31 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-25 18:31 - 2015-08-25 18:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-25 18:31 - 2015-08-25 18:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-24 20:41 - 2015-07-10 16:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-24 20:41 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-24 12:54 - 2015-08-24 12:54 - 00000738 _____ C:\Users\Max\Desktop\World of Tanks - Common Test.lnk
2015-08-24 12:54 - 2015-08-24 12:54 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-08-19 22:02 - 2015-08-15 01:49 - 17889792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 22:02 - 2015-08-15 01:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-19 22:02 - 2015-08-15 01:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 22:02 - 2015-08-15 01:03 - 12386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 22:02 - 2015-08-15 00:56 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-19 22:02 - 2015-08-15 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-18 15:34 - 2015-08-28 11:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-18 15:14 - 2015-08-18 15:12 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-17 23:20 - 2015-08-17 23:20 - 00000000 ____D C:\Users\Max\AppData\Roaming\Abelssoft
2015-08-17 23:20 - 2015-08-17 23:20 - 00000000 ____D C:\ProgramData\XDMessagingv4
2015-08-17 23:17 - 2015-08-19 11:16 - 00000000 ____D C:\Windows\System32\Tasks\Abelssoft
2015-08-17 23:17 - 2015-08-19 11:16 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2015-08-17 23:17 - 2015-08-18 10:18 - 00000000 ____D C:\Users\Max\AppData\Local\Abelssoft
2015-08-16 19:24 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-16 19:24 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 00001269 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2015-08-14 09:13 - 2015-08-14 09:13 - 00001076 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-08-14 09:13 - 2015-08-14 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-14 09:12 - 2015-08-14 09:13 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-14 09:11 - 2015-08-14 09:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\DVDVideoSoft
2015-08-13 12:01 - 2015-08-13 12:01 - 00000104 _____ C:\Users\Max\Desktop\Papierkorb - Verknüpfung.lnk
2015-08-13 11:46 - 2015-08-13 11:46 - 00000000 ____D C:\Users\Max\Desktop\bewerbung
2015-08-13 11:36 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-13 11:36 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-13 11:36 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-08-13 11:36 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-08-12 22:15 - 2015-07-31 22:03 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:15 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:15 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:15 - 2015-07-10 21:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:13 - 2015-07-11 19:13 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 22:13 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 22:13 - 2015-07-09 16:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:13 - 2015-07-09 16:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:13 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:12 - 2015-07-18 17:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:09 - 2015-07-21 22:59 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:09 - 2015-07-21 22:59 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:09 - 2015-07-21 17:50 - 04690880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:09 - 2015-07-21 17:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-12 22:09 - 2015-07-21 17:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:09 - 2015-07-21 17:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 22:09 - 2015-07-21 17:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-12 22:09 - 2015-07-21 17:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:09 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:09 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:09 - 2015-07-10 21:35 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:09 - 2015-07-10 21:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:01 - 2015-08-01 00:31 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:01 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-12 22:01 - 2015-07-31 23:26 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:01 - 2015-07-31 23:25 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:01 - 2015-07-31 23:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 22:01 - 2015-07-31 23:09 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-12 22:01 - 2015-07-31 23:00 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-12 22:01 - 2015-07-31 22:59 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:01 - 2015-07-31 22:59 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:01 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 22:01 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-08-12 22:01 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-12 22:01 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:01 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:01 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:01 - 2015-07-01 17:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:00 - 2015-07-09 16:31 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-12 20:13 - 2015-08-12 20:13 - 00000680 _____ C:\Users\Max\AppData\Local\d3d9caps.dat
2015-08-12 19:50 - 2015-08-12 19:51 - 00000921 _____ C:\Users\adi\Desktop\test.vbs.txt
2015-08-12 19:50 - 2015-08-12 19:50 - 00055568 _____ C:\Users\adi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Roaming\AVAST Software
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Roaming\ArcSoft
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Local\NVIDIA
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Local\ArcSoft
2015-08-12 19:49 - 2015-08-12 19:49 - 00000979 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000974 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000909 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000875 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000020 ___SH C:\Users\adi\ntuser.ini
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Vorlagen
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Startmenü
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Netzwerkumgebung
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Lokale Einstellungen
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Eigene Dateien
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Druckumgebung
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Documents\Eigene Musik
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Documents\Eigene Bilder
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Local\Verlauf
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Local\Anwendungsdaten
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Anwendungsdaten
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Roaming\Motorola Mobility
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Local\VirtualStore
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Local\Google
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi
2015-08-12 19:49 - 2008-01-21 05:20 - 00000000 ___RD C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-12 19:49 - 2008-01-21 05:20 - 00000000 ___RD C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 11:10 - 2015-07-22 23:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:10 - 2015-07-22 23:56 - 02344448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:10 - 2015-07-22 23:55 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:10 - 2015-07-22 23:50 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:10 - 2015-07-22 23:50 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:10 - 2015-07-22 23:49 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:10 - 2015-07-22 23:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:10 - 2015-07-22 23:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-12 11:10 - 2015-07-22 23:47 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-12 11:10 - 2015-07-22 23:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:10 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:10 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:10 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:10 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:10 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:10 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 11:10 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-08-12 11:10 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 11:10 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-08-12 11:10 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-08-12 11:10 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 20:37 - 2015-08-11 20:38 - 00000078 _____ C:\Users\Max\Desktop\versand.vbs.txt
2015-08-11 20:15 - 2015-08-11 20:15 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-11 20:15 - 2015-08-11 20:15 - 00210936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-08-11 20:15 - 2015-08-11 20:15 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-09 22:01 - 2015-08-09 22:02 - 00272456 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2015-08-09 16:01 - 2015-08-09 16:04 - 00000000 ____D C:\Users\Max\Desktop\handy
2015-08-09 15:58 - 2015-08-09 15:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Motorola Tools
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Tools
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\Program Files (x86)\Motorola Tools
2015-08-09 15:43 - 2015-08-09 15:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2015-08-09 15:40 - 2015-08-09 15:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2015-08-09 15:38 - 2015-08-09 15:38 - 00000000 ____D C:\ProgramData\Motorola
2015-08-09 15:37 - 2015-08-28 12:49 - 00000000 ____D C:\Temp
2015-08-09 15:37 - 2015-08-09 15:37 - 00003396 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2015-08-09 15:37 - 2015-08-09 15:37 - 00003204 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2015-08-09 15:37 - 2015-08-09 15:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\Motorola Mobility
2015-08-09 15:34 - 2015-08-09 15:36 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\Program Files (x86)\Motorola
2015-08-09 15:33 - 2015-08-09 15:33 - 00000000 ____D C:\Program Files\Motorola Mobility LLC
2015-08-09 15:33 - 2015-08-09 15:33 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared
2015-08-09 15:32 - 2015-08-09 15:32 - 00000000 ____D C:\Users\Max\AppData\Roaming\Motorola
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00872528 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00681552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-07-31 16:37 - 2015-07-31 16:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\TERA
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-28 12:54 - 2015-01-01 19:51 - 00000000 ____D C:\Users\Max\AppData\Roaming\NetSpeedMonitor
2015-08-28 12:51 - 2006-11-02 17:22 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-28 12:51 - 2006-11-02 17:22 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-28 12:49 - 2008-01-21 03:53 - 01050611 _____ C:\Windows\WindowsUpdate.log
2015-08-28 12:44 - 2014-05-27 20:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-28 12:43 - 2014-12-29 01:26 - 00000170 ___SH C:\ProgramData\.zreglib
2015-08-28 12:43 - 2008-01-21 05:26 - 00068302 _____ C:\Windows\PFRO.log
2015-08-28 12:43 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-28 12:42 - 2014-11-13 21:39 - 00000745 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-28 12:42 - 2014-11-13 21:39 - 00000733 _____ C:\Users\Public\Desktop\Opera.lnk
2015-08-28 12:42 - 2006-11-02 17:42 - 00032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-28 12:10 - 2014-05-27 20:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-27 19:05 - 2014-05-27 20:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-27 19:05 - 2014-05-27 20:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 17:38 - 2014-05-27 21:05 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-27 14:50 - 2014-05-27 20:24 - 00000000 ____D C:\Users\Max\AppData\Local\Apps\2.0
2015-08-27 14:50 - 2006-11-02 15:33 - 00000000 __RHD C:\Users\Default
2015-08-27 14:43 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2015-08-27 01:42 - 2014-10-19 14:43 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2015-08-26 13:42 - 2014-09-17 18:46 - 00012288 _____ C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-26 13:05 - 2014-06-18 16:36 - 00021544 _____ C:\Windows\system32\spsys.log
2015-08-26 09:37 - 2014-05-27 19:37 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2015-08-25 18:31 - 2014-06-12 10:45 - 00000000 ____D C:\Users\Max\AppData\Local\Adobe
2015-08-25 18:25 - 2014-12-29 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2015-08-25 18:25 - 2014-12-29 01:27 - 00000000 ____D C:\Program Files (x86)\SlySoft
2015-08-25 18:25 - 2014-05-27 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool
2015-08-25 18:24 - 2014-12-29 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-08-25 18:24 - 2014-12-29 01:25 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-08-25 17:38 - 2014-05-28 06:22 - 01542732 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-25 17:38 - 2008-01-21 13:09 - 00673454 _____ C:\Windows\system32\perfh007.dat
2015-08-25 17:38 - 2008-01-21 13:09 - 00145466 _____ C:\Windows\system32\perfc007.dat
2015-08-25 17:37 - 2008-01-21 13:10 - 01542732 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 14:49 - 2014-10-19 14:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-25 10:57 - 2014-07-27 15:39 - 00002013 _____ C:\Users\Max\Desktop\meine nummer.txt
2015-08-25 10:18 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2015-08-24 17:11 - 2014-10-11 18:18 - 00000000 ____D C:\Users\Max\Desktop\tank
2015-08-24 12:54 - 2014-05-28 00:42 - 00000000 ____D C:\Games
2015-08-22 07:11 - 2014-05-27 20:25 - 00002017 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-20 03:19 - 2014-05-27 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-19 18:53 - 2014-05-29 23:24 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-18 15:14 - 2014-05-28 00:48 - 00000000 ____D C:\ProgramData\Oracle
2015-08-18 15:13 - 2014-08-07 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-18 15:12 - 2014-06-15 11:39 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-18 14:47 - 2015-07-23 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-08-18 14:45 - 2015-02-01 19:40 - 00000000 ____D C:\Program Files (x86)\Wolfenstein - Enemy Territory
2015-08-18 14:43 - 2014-05-27 20:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-18 14:40 - 2014-11-08 13:58 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-18 14:40 - 2014-11-04 19:36 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-18 10:13 - 2006-11-02 17:21 - 00260216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-17 23:20 - 2014-05-27 19:18 - 00057608 _____ C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-16 19:38 - 2014-05-27 19:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-16 19:38 - 2014-05-27 19:17 - 00000000 ____D C:\Users\Max
2015-08-16 19:34 - 2014-05-27 19:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-15 15:21 - 2014-12-29 02:20 - 00000000 ____D C:\Users\Max\AppData\Roaming\vlc
2015-08-13 20:16 - 2014-05-27 21:05 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-13 02:33 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-08-12 22:09 - 2014-05-28 05:39 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:02 - 2006-11-02 14:35 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-12 21:56 - 2014-05-27 19:17 - 00001460 _____ C:\Users\Max\AppData\Local\d3d9caps64.dat
2015-08-12 19:40 - 2014-11-26 17:01 - 00000763 _____ C:\Users\Max\test.vbs.txt
2015-08-11 20:15 - 2014-05-27 21:05 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00064712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-09 15:58 - 2006-11-02 17:27 - 00091738 _____ C:\Windows\setupact.log
2015-08-09 14:57 - 2015-07-02 20:04 - 00000420 _____ C:\Users\Max\Desktop\verkaufe.txt
2015-08-08 12:03 - 2014-05-27 20:24 - 00000000 ____D C:\Users\Max\AppData\Local\Deployment
2015-08-07 13:06 - 2014-11-05 19:41 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 13:06 - 2014-05-27 19:42 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-05-27 19:49 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 09:54 - 2015-07-23 21:33 - 00000000 ____D C:\Users\Max\Documents\Gameforge Live
2015-08-03 12:12 - 2014-05-28 00:59 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
2015-07-30 22:20 - 2015-07-08 14:42 - 00000000 ____D C:\Users\Max\.android
2015-07-29 20:48 - 2014-06-11 13:18 - 00155136 _____ C:\Windows\SysWOW64\unrar.dll
2015-07-29 20:48 - 2014-06-11 13:18 - 00034308 _____ C:\Windows\SysWOW64\bassmod.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-12 20:13 - 2015-08-12 20:13 - 0000680 _____ () C:\Users\Max\AppData\Local\d3d9caps.dat
2014-05-27 19:17 - 2015-08-12 21:56 - 0001460 _____ () C:\Users\Max\AppData\Local\d3d9caps64.dat
2014-09-17 18:46 - 2015-08-26 13:42 - 0012288 _____ () C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-04 20:56 - 2014-11-04 20:56 - 0365922 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1418.txt
2014-12-29 00:02 - 2014-12-29 00:02 - 0363708 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1DDD.txt
2014-05-28 00:43 - 2014-05-28 00:43 - 0439916 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1E1E.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0394938 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI41DA.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0382928 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI41FE.txt
2015-02-18 20:10 - 2015-02-18 20:12 - 0440002 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI4ADF.txt
2015-02-18 20:12 - 2015-02-18 20:13 - 0448546 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI4C25.txt
2014-11-04 20:56 - 2014-11-04 20:56 - 0011198 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1418.txt
2014-12-29 00:02 - 2014-12-29 00:02 - 0011124 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1DDD.txt
2014-05-28 00:43 - 2014-05-28 00:43 - 0020150 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1E1E.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0011446 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI41DA.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0011382 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI41FE.txt
2015-02-18 20:10 - 2015-02-18 20:12 - 0011660 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI4ADF.txt
2015-02-18 20:12 - 2015-02-18 20:13 - 0011692 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI4C25.txt
2014-12-29 01:26 - 2015-08-28 12:43 - 0000170 ___SH () C:\ProgramData\.zreglib
Einige Dateien in TEMP:
====================
C:\Users\Max\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-28 12:53
==================== Ende von FRST.txt ============================
|
|
29.08.2015, 08:29
| #8 |
| /// the machine /// TB-Ausbilder | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner"ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
30.08.2015, 16:38
| #9 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" ein wenig spät aber hier die logs und Leider hab ich das Problem immer noch und es tritt zu 90% bei Videos auf.... Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0c5f59f3ea90ee4cb700f052fe2167a2
# end=init
# utc_time=2015-08-29 01:06:40
# local_time=2015-08-29 03:06:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
Update Init
Update Download
Update Finalize
Updated modules version: 25508
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0c5f59f3ea90ee4cb700f052fe2167a2
# end=updated
# utc_time=2015-08-29 01:09:39
# local_time=2015-08-29 03:09:39 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=0c5f59f3ea90ee4cb700f052fe2167a2
# end=restart
# utc_time=2015-08-29 04:43:34
# local_time=2015-08-29 06:43:34 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.0.6002 NT Service Pack 2
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 92 291956 39649089 0 0
# compatibility_mode_1=''
# compatibility_mode=5892 16776574 100 100 0 278390519 0 0
# scanned=233377
# found=13
# cleaned=0
# scan_time=12833
sh=D0AF7316FE6D268B8C0E3DE34593ECE89A23376E ft=1 fh=65f31d0699c1323e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\CheckDrive 2014 - CHIP-Installer.exe"
sh=E8B22C48DA7BFA61E19350F98BA5ADA1178C27FA ft=1 fh=4926c2907e3cc086 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\Coowon Browser - CHIP-Installer.exe"
sh=A4C782CF0E3EDF00D317708C94247A381CB1BF3B ft=1 fh=9af030fb89f322bb vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\CR_Downloader_fuer_ultrahle.exe"
sh=DAC778B74944A4B7EA9B320E891DA5C5C4870813 ft=1 fh=9af030fb9e5d5da3 vn="Variante von Win32/InstallCore.UE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\CR_Downloader_fuer_wwe-all-stars.exe"
sh=E750C443A83F9B135B499E7917C5A93120384BB3 ft=1 fh=4eedbac881d1fc72 vn="Win32/DownWare.L evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\DTLite4491-0356 (1).exe"
sh=6B3A8930F35333AFB11EF3FC23035A9A98A6B4F3 ft=1 fh=c899daf7865ccf14 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\FRAPS - CHIP-Installer.exe"
sh=188A04F076F8A7DEB645C92B9657BE59AA923F72 ft=1 fh=ddb28138af987839 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\ManyCam - CHIP-Installer.exe"
sh=4FB693A7B6B19BB7319DEAF16FDDBD7E92EEFE0F ft=1 fh=875806e6e9b8be39 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe"
sh=52ADA8C4ED896ABC83F16E00CE5279B994349398 ft=1 fh=ad90c46a95327e80 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\OpenOffice-lnstall.exe"
sh=9A27F4D5A41F1F4C4985AF00033DDF5EE7952806 ft=1 fh=c71c0011b4dea09f vn="Variante von Win32/InstallCore.PO evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\PC_Wecker_by_IP-MAN_v4.00_CB-DL-Manager (1).exe"
sh=EF5A026FC5109802646CF11B2BF9F8B75E07BCED ft=1 fh=e99130624760c140 vn="Variante von Win32/WinloadSDA.I evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\Router-Reconnect-lnstall.exe"
sh=C3937102B74AAE33C7725020F68D998A99CD044B ft=1 fh=6e4c94e4e7dedc70 vn="Win32/Somoto.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Max\.android\Downloads\setup_Project64_2.1-2.exe"
sh=FCDC48707066F599DFC101E4D65498B52062A573 ft=1 fh=1b790cc9c1a68901 vn="NSIS/StartPage.CC Trojaner" ac=I fn="C:\Users\Max\.android\Downloads\vlc-2.1.5-win64.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.008
Windows Vista Service Pack 2 x64 (UAC is enabled)
Internet Explorer 9
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
avast! Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 51
Java 8 Update 60
Adobe Flash Player 18.0.0.232
Mozilla Firefox (40.0.3)
Google Chrome (44.0.2403.155)
Google Chrome (44.0.2403.157)
````````Process Check: objlist.exe by Laurent````````
AVAST Software Avast AvastSvc.exe
AVAST Software Avast avastui.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-08-2015
durchgeführt von Max (Administrator) auf PC-PC (30-08-2015 17:39:09)
Gestartet von C:\Users\Max\.android\Downloads
Geladene Profile: Max (Verfügbare Profile: Max & adi)
Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 9 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Comfort Software Group) C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.13\GoogleCrashHandler64.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
() C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(ArcSoft Inc.) C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\Max\.android\Downloads\SecurityCheck.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\conime.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [6962720 2009-01-06] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2009-01-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-25] (AVAST Software)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [207424 2010-10-27] (ArcSoft Inc.)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [DT FUS] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [81920 2007-12-12] ()
HKLM-x32\...\Run: [WMI Helper] => C:\Program Files (x86)\Common Files\Portrait Displays\Plugins\AM\dtWMIHelper.exe [176128 2007-12-12] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [FreeAC] => C:\Program Files (x86)\FreeAlarmClock\FreeAlarmClock.exe [1553688 2014-02-20] (Comfort Software Group)
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-11] (AVAST Software)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk [2014-06-03]
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\ArcSoft\TotalMedia 3.5\TMMonitor.exe (ArcSoft, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
Tcpip\Parameters: [DhcpNameServer] 83.169.184.33 83.169.184.97
Tcpip\..\Interfaces\{2D49D6FA-A296-452A-8FB2-77D347ACD17A}: [DhcpNameServer] 83.169.184.33 83.169.184.97
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3169981157-1337817569-149642379-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3169981157-1337817569-149642379-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-29] (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll [2015-07-09] (Perfect World Entertainment Inc)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-11] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-29] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search/?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF Keyword.URL: hxxps://www.google.com/search/?trackid=sp-006
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-25] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1219160.dll [2015-07-23] (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-29] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll [2015-07-09] (Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-27] (Google Inc.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @tools.coowon.com/Coowon Update;version=3 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2015-07-22] (Coowon.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @tools.coowon.com/Coowon Update;version=9 -> C:\Users\Max\AppData\Local\Coowon\Update\1.3.33.0\npCoowonUpdate3.dll [2015-07-22] (Coowon.)
FF Plugin HKU\S-1-5-21-3169981157-1337817569-149642379-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Max\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\searchplugins\google-avast.xml [2014-12-17]
FF SearchPlugin: C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\searchplugins\suchmaschine.xml [2014-12-29]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\Extensions\ich@maltegoetz.de.xpi [2014-12-09]
FF Extension: Adblock Plus - C:\Users\Max\AppData\Roaming\Mozilla\Firefox\Profiles\5f23b28q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-05-27]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-05-28]
Chrome:
=======
CHR Profile: C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-27]
CHR Extension: (Google Drive) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-27]
CHR Extension: (Adblock Plus) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-31]
CHR Extension: (Google Search) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-13]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-27]
CHR Extension: (Gmail) - C:\Users\Max\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-27]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-29]
Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Max\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-05-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2015-07-09] (Perfect World Entertainment Inc)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-11] (AVAST Software)
R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe [65536 2007-12-12] () [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 GJServiceV5; C:\Program Files (x86)\SlySoft\Game Jackal v5\Server.exe [4502200 2013-10-30] ()
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2014-04-08] (Motorola Mobility LLC)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2004488 2015-07-08] (Electronic Arts)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2015-05-20] ()
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [Datei ist nicht signiert]
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 ahcix64s; C:\Windows\System32\DRIVERS\ahcix64s.sys [158224 2008-08-05] (AMD Technologies Inc.)
R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [10632 2007-10-11] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation)
S3 Asushwio; C:\Windows\SysWOW64\drivers\Asushwio.sys [5824 2000-03-29] () [Datei ist nicht signiert]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-11] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-11] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr.sys [64712 2015-08-11] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-11] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-11] (AVAST Software)
R3 aswStmXP; C:\Windows\system32\drivers\aswStmXP.sys [210936 2015-08-11] (AVAST Software)
S3 aswTdi; C:\Windows\system32\drivers\aswTdi.sys [65224 2015-08-11] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-11] (AVAST Software)
S1 Beep; kein ImagePath
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-12-29] (Disc Soft Ltd)
R3 Maplom; C:\Windows\System32\Drivers\Maplom.sys [35384 2013-10-29] (SlySoft Inc.)
R3 MaplomL; C:\Windows\System32\Drivers\MaplomL.sys [60472 2013-10-29] (SlySoft Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 PdiPorts; C:\Windows\System32\DRIVERS\PdiPorts.sys [19248 2006-11-16] (Portrait Displays, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-29 19:38 - 2015-08-29 19:38 - 00000000 ____D C:\Users\Max\AppData\Roaming\Sun
2015-08-29 19:38 - 2015-08-29 19:38 - 00000000 ____D C:\Users\Max\.oracle_jre_usage
2015-08-29 19:23 - 2015-08-29 19:23 - 00000000 ____H C:\Users\Max\AppData\Local\BIT8C28.tmp
2015-08-29 19:22 - 2015-08-29 19:22 - 00000000 _____ C:\Users\Max\AppData\Local\{62B4C10C-5919-439B-A555-141064086D4A}
2015-08-29 15:06 - 2015-08-29 15:06 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-28 12:55 - 2015-08-28 12:55 - 00051852 _____ C:\Users\Max\Desktop\FRST.txt
2015-08-28 12:53 - 2015-08-28 12:53 - 00001297 _____ C:\Users\Max\Desktop\JRT.txt
2015-08-28 12:45 - 2015-08-28 12:45 - 00003278 _____ C:\Users\Max\Desktop\AdwCleaner[C1].txt
2015-08-28 12:37 - 2015-08-28 12:42 - 00000000 ____D C:\AdwCleaner
2015-08-28 12:36 - 2015-08-28 12:36 - 00001207 _____ C:\Users\Max\Desktop\MAMH.txt
2015-08-28 11:58 - 2015-08-28 11:58 - 00000941 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-08-28 11:58 - 2015-08-28 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-08-28 11:58 - 2015-08-28 11:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-08-28 11:58 - 2015-06-18 08:41 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-28 11:58 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-28 11:46 - 2015-08-29 14:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-08-27 14:50 - 2015-08-27 14:50 - 00018215 _____ C:\ComboFix.txt
2015-08-27 14:22 - 2015-08-27 14:50 - 00000000 ____D C:\Qoobox
2015-08-27 14:22 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-08-27 14:22 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-08-27 14:22 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-08-27 14:22 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-08-27 14:21 - 2015-08-27 14:49 - 00000000 ____D C:\Windows\erdnt
2015-08-27 14:19 - 2015-08-27 14:20 - 05636265 ____R (Swearware) C:\Users\Max\Desktop\ComboFix.exe
2015-08-26 13:11 - 2015-08-30 08:29 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-26 13:11 - 2015-08-28 11:58 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-26 13:11 - 2015-08-26 13:43 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-26 13:11 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-25 21:11 - 2015-08-26 13:43 - 00000000 ____D C:\Users\Max\Desktop\mbar
2015-08-25 18:50 - 2015-08-30 17:39 - 00000000 ____D C:\FRST
2015-08-25 18:37 - 2015-08-25 18:38 - 00000763 _____ C:\Users\Max\Desktop\test.vbs
2015-08-25 18:31 - 2015-08-30 17:07 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-25 18:31 - 2015-08-25 18:31 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-25 18:31 - 2015-08-25 18:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-25 18:31 - 2015-08-25 18:31 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-08-24 20:41 - 2015-07-10 16:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-08-24 20:41 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-08-24 12:54 - 2015-08-24 12:54 - 00000738 _____ C:\Users\Max\Desktop\World of Tanks - Common Test.lnk
2015-08-24 12:54 - 2015-08-24 12:54 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\World of Tanks - Common Test
2015-08-19 22:02 - 2015-08-15 01:49 - 17889792 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 22:02 - 2015-08-15 01:38 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-19 22:02 - 2015-08-15 01:37 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-19 22:02 - 2015-08-15 01:03 - 12386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-19 22:02 - 2015-08-15 00:56 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-19 22:02 - 2015-08-15 00:55 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-18 15:14 - 2015-08-29 19:36 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-08-17 23:20 - 2015-08-17 23:20 - 00000000 ____D C:\Users\Max\AppData\Roaming\Abelssoft
2015-08-17 23:20 - 2015-08-17 23:20 - 00000000 ____D C:\ProgramData\XDMessagingv4
2015-08-17 23:17 - 2015-08-19 11:16 - 00000000 ____D C:\Windows\System32\Tasks\Abelssoft
2015-08-17 23:17 - 2015-08-19 11:16 - 00000000 ____D C:\Program Files (x86)\CheckDrive
2015-08-17 23:17 - 2015-08-18 10:18 - 00000000 ____D C:\Users\Max\AppData\Local\Abelssoft
2015-08-16 19:24 - 2015-08-07 13:06 - 42840184 _____ C:\Windows\system32\nvcompiler.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 37819000 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 22520624 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 18540336 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 17124832 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 16630096 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 15510112 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 14928048 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 13656016 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 12179496 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 11076216 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-08-16 19:24 - 2015-08-07 13:06 - 03518248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 02937648 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 02624816 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 01898104 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435560.dll
2015-08-16 19:24 - 2015-08-07 13:06 - 01558832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435560.dll
2015-08-14 09:13 - 2015-08-14 09:13 - 00001269 _____ C:\Users\Public\Desktop\Free Audio Converter.lnk
2015-08-14 09:13 - 2015-08-14 09:13 - 00001076 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk
2015-08-14 09:13 - 2015-08-14 09:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-08-14 09:12 - 2015-08-14 09:13 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft
2015-08-14 09:11 - 2015-08-14 09:13 - 00000000 ____D C:\Users\Max\AppData\Roaming\DVDVideoSoft
2015-08-13 12:01 - 2015-08-13 12:01 - 00000104 _____ C:\Users\Max\Desktop\Papierkorb - Verknüpfung.lnk
2015-08-13 11:46 - 2015-08-13 11:46 - 00000000 ____D C:\Users\Max\Desktop\bewerbung
2015-08-13 11:36 - 2015-08-07 13:06 - 14673920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-08-13 11:36 - 2015-08-07 13:06 - 12513288 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-08-13 11:36 - 2015-07-23 06:06 - 01898128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435362.dll
2015-08-13 11:36 - 2015-07-23 06:06 - 01557648 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435362.dll
2015-08-12 22:15 - 2015-07-31 22:03 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:15 - 2015-07-31 21:27 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 22:15 - 2015-07-10 21:37 - 02067968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 22:15 - 2015-07-10 21:35 - 02425344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 22:13 - 2015-07-11 19:13 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 22:13 - 2015-07-11 17:56 - 11587584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 22:13 - 2015-07-09 16:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 22:13 - 2015-07-09 16:39 - 00169472 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 22:13 - 2015-07-09 16:25 - 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 22:12 - 2015-07-18 17:41 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 22:09 - 2015-07-21 22:59 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 22:09 - 2015-07-21 22:59 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 22:09 - 2015-07-21 17:50 - 04690880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 22:09 - 2015-07-21 17:50 - 00154048 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ecache.sys
2015-08-12 22:09 - 2015-07-21 17:50 - 00068544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 22:09 - 2015-07-21 17:41 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 22:09 - 2015-07-21 17:40 - 00399360 _____ (Microsoft Corporation) C:\Windows\system32\emdmgmt.dll
2015-08-12 22:09 - 2015-07-21 17:40 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 22:09 - 2015-07-10 21:37 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 22:09 - 2015-07-10 21:37 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 22:09 - 2015-07-10 21:35 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 22:09 - 2015-07-10 21:35 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 22:01 - 2015-08-01 00:31 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 22:01 - 2015-08-01 00:08 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2015-08-12 22:01 - 2015-07-31 23:46 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2015-08-12 22:01 - 2015-07-31 23:44 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2015-08-12 22:01 - 2015-07-31 23:26 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 22:01 - 2015-07-31 23:25 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 22:01 - 2015-07-31 23:10 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 22:01 - 2015-07-31 23:09 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2015-08-12 22:01 - 2015-07-31 23:00 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-08-12 22:01 - 2015-07-31 22:59 - 01561088 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 22:01 - 2015-07-31 22:59 - 01154560 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 22:01 - 2015-07-31 22:41 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 22:01 - 2015-07-31 22:40 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2015-08-12 22:01 - 2015-07-31 22:35 - 00682496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-08-12 22:01 - 2015-07-31 22:33 - 01072640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 22:01 - 2015-07-31 22:33 - 00297472 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 22:01 - 2015-07-01 17:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 22:01 - 2015-07-01 17:43 - 00218112 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 22:00 - 2015-07-09 16:31 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2015-08-12 20:13 - 2015-08-12 20:13 - 00000680 _____ C:\Users\Max\AppData\Local\d3d9caps.dat
2015-08-12 19:50 - 2015-08-12 19:51 - 00000921 _____ C:\Users\adi\Desktop\test.vbs.txt
2015-08-12 19:50 - 2015-08-12 19:50 - 00055568 _____ C:\Users\adi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Roaming\AVAST Software
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Roaming\ArcSoft
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Local\NVIDIA
2015-08-12 19:50 - 2015-08-12 19:50 - 00000000 ____D C:\Users\adi\AppData\Local\ArcSoft
2015-08-12 19:49 - 2015-08-12 19:49 - 00000979 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000974 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000909 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000875 _____ C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Mail.lnk
2015-08-12 19:49 - 2015-08-12 19:49 - 00000020 ___SH C:\Users\adi\ntuser.ini
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Vorlagen
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Startmenü
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Netzwerkumgebung
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Lokale Einstellungen
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Eigene Dateien
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Druckumgebung
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Documents\Eigene Musik
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Documents\Eigene Bilder
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Local\Verlauf
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\AppData\Local\Anwendungsdaten
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 _SHDL C:\Users\adi\Anwendungsdaten
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Roaming\Motorola Mobility
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Local\VirtualStore
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi\AppData\Local\Google
2015-08-12 19:49 - 2015-08-12 19:49 - 00000000 ____D C:\Users\adi
2015-08-12 19:49 - 2008-01-21 05:20 - 00000000 ___RD C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-08-12 19:49 - 2008-01-21 05:20 - 00000000 ___RD C:\Users\adi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 11:10 - 2015-07-22 23:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:10 - 2015-07-22 23:56 - 02344448 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:10 - 2015-07-22 23:55 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:10 - 2015-07-22 23:50 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:10 - 2015-07-22 23:50 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:10 - 2015-07-22 23:49 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:10 - 2015-07-22 23:48 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-08-12 11:10 - 2015-07-22 23:48 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 11:10 - 2015-07-22 23:48 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-08-12 11:10 - 2015-07-22 23:47 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-08-12 11:10 - 2015-07-22 23:47 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-08-12 11:10 - 2015-07-22 23:46 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:10 - 2015-07-22 22:54 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:10 - 2015-07-22 22:51 - 01810432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:10 - 2015-07-22 22:47 - 09751040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:10 - 2015-07-22 22:46 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:10 - 2015-07-22 22:46 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:10 - 2015-07-22 22:45 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 11:10 - 2015-07-22 22:45 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2015-08-12 11:10 - 2015-07-22 22:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00718336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00421888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:10 - 2015-07-22 22:44 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 11:10 - 2015-07-22 22:43 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-12 11:10 - 2015-07-22 22:43 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2015-08-12 11:10 - 2015-07-22 22:43 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2015-08-12 11:10 - 2015-07-22 22:42 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-11 20:37 - 2015-08-11 20:38 - 00000078 _____ C:\Users\Max\Desktop\versand.vbs.txt
2015-08-11 20:15 - 2015-08-11 20:15 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-08-11 20:15 - 2015-08-11 20:15 - 00210936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStmXP.sys
2015-08-11 20:15 - 2015-08-11 20:15 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-08-09 22:01 - 2015-08-09 22:02 - 00272456 _____ C:\Windows\msxml4-KB2758694-enu.LOG
2015-08-09 16:01 - 2015-08-09 16:04 - 00000000 ____D C:\Users\Max\Desktop\handy
2015-08-09 15:58 - 2015-08-09 15:58 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_motccgp_01009.Wdf
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Motorola Tools
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Tools
2015-08-09 15:55 - 2015-08-09 15:55 - 00000000 ____D C:\Program Files (x86)\Motorola Tools
2015-08-09 15:43 - 2015-08-09 15:43 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2015-08-09 15:40 - 2015-08-09 15:40 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_motmodem_01009.Wdf
2015-08-09 15:38 - 2015-08-09 15:38 - 00000000 ____D C:\ProgramData\Motorola
2015-08-09 15:37 - 2015-08-30 08:28 - 00000000 ____D C:\Temp
2015-08-09 15:37 - 2015-08-09 15:37 - 00003396 _____ C:\Windows\System32\Tasks\Motorola Device Manager Update
2015-08-09 15:37 - 2015-08-09 15:37 - 00003204 _____ C:\Windows\System32\Tasks\Motorola Device Manager Initial Update
2015-08-09 15:37 - 2015-08-09 15:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\Motorola Mobility
2015-08-09 15:34 - 2015-08-09 15:36 - 00000000 ____D C:\Program Files (x86)\Motorola Mobility
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Motorola Device Manager
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-08-09 15:34 - 2015-08-09 15:34 - 00000000 ____D C:\Program Files (x86)\Motorola
2015-08-09 15:33 - 2015-08-09 15:33 - 00000000 ____D C:\Program Files\Motorola Mobility LLC
2015-08-09 15:33 - 2015-08-09 15:33 - 00000000 ____D C:\Program Files\Common Files\Motorola Shared
2015-08-09 15:32 - 2015-08-09 15:32 - 00000000 ____D C:\Users\Max\AppData\Roaming\Motorola
2015-08-05 00:03 - 2015-08-05 00:03 - 00877152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2015-08-05 00:03 - 2015-08-05 00:03 - 00538208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00872528 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2015-08-04 23:53 - 2015-08-04 23:53 - 00681552 _____ (Microsoft Corporation) C:\Windows\system32\msvcp120_clr0400.dll
2015-07-31 16:37 - 2015-07-31 16:37 - 00000000 ____D C:\Users\Max\AppData\Roaming\TERA
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-30 17:39 - 2015-01-01 19:51 - 00000000 ____D C:\Users\Max\AppData\Roaming\NetSpeedMonitor
2015-08-30 17:10 - 2014-05-27 20:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-30 16:47 - 2008-01-21 03:53 - 01090487 _____ C:\Windows\WindowsUpdate.log
2015-08-30 16:28 - 2006-11-02 17:22 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-30 16:28 - 2006-11-02 17:22 - 00004880 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-30 10:20 - 2014-06-04 21:12 - 00000000 ____D C:\Users\Max\AppData\Local\Paint.NET
2015-08-30 08:28 - 2014-12-29 01:26 - 00000170 ___SH C:\ProgramData\.zreglib
2015-08-30 08:28 - 2014-05-27 20:24 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-30 08:28 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-29 19:41 - 2014-12-29 02:19 - 00000775 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-08-29 19:41 - 2014-05-29 20:24 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-29 19:41 - 2014-05-29 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-08-29 19:41 - 2014-05-29 20:24 - 00000000 ____D C:\Program Files\WinRAR
2015-08-29 19:38 - 2014-05-27 19:17 - 00000000 ____D C:\Users\Max
2015-08-29 19:37 - 2014-08-07 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-29 19:36 - 2014-06-15 11:39 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-29 18:44 - 2006-11-02 17:42 - 00032560 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-08-29 14:53 - 2014-05-27 21:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-08-29 14:53 - 2008-01-21 05:26 - 00068674 _____ C:\Windows\PFRO.log
2015-08-28 15:53 - 2014-06-18 16:36 - 00021800 _____ C:\Windows\system32\spsys.log
2015-08-28 12:42 - 2014-11-13 21:39 - 00000745 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-08-28 12:42 - 2014-11-13 21:39 - 00000733 _____ C:\Users\Public\Desktop\Opera.lnk
2015-08-27 19:05 - 2014-05-27 20:24 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-08-27 19:05 - 2014-05-27 20:24 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-08-27 17:38 - 2014-05-27 21:05 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-08-27 14:50 - 2014-05-27 20:24 - 00000000 ____D C:\Users\Max\AppData\Local\Apps\2.0
2015-08-27 14:50 - 2006-11-02 15:33 - 00000000 __RHD C:\Users\Default
2015-08-27 14:43 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini
2015-08-27 01:42 - 2014-10-19 14:43 - 00000000 ____D C:\Users\Max\AppData\Roaming\TS3Client
2015-08-26 13:42 - 2014-09-17 18:46 - 00012288 _____ C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-26 09:37 - 2014-05-27 19:37 - 00000000 ____D C:\Program Files (x86)\EXPERTool
2015-08-25 18:31 - 2014-06-12 10:45 - 00000000 ____D C:\Users\Max\AppData\Local\Adobe
2015-08-25 18:25 - 2014-12-29 01:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SlySoft
2015-08-25 18:25 - 2014-12-29 01:27 - 00000000 ____D C:\Program Files (x86)\SlySoft
2015-08-25 18:25 - 2014-05-27 19:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EXPERTool
2015-08-25 18:24 - 2014-12-29 01:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elaborate Bytes
2015-08-25 18:24 - 2014-12-29 01:25 - 00000000 ____D C:\Program Files (x86)\Elaborate Bytes
2015-08-25 17:38 - 2014-05-28 06:22 - 01542732 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-08-25 17:38 - 2008-01-21 13:09 - 00673454 _____ C:\Windows\system32\perfh007.dat
2015-08-25 17:38 - 2008-01-21 13:09 - 00145466 _____ C:\Windows\system32\perfc007.dat
2015-08-25 17:37 - 2008-01-21 13:10 - 01542732 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-25 14:49 - 2014-10-19 14:42 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2015-08-25 10:57 - 2014-07-27 15:39 - 00002013 _____ C:\Users\Max\Desktop\meine nummer.txt
2015-08-25 10:18 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache
2015-08-24 17:11 - 2014-10-11 18:18 - 00000000 ____D C:\Users\Max\Desktop\tank
2015-08-24 12:54 - 2014-05-28 00:42 - 00000000 ____D C:\Games
2015-08-22 07:11 - 2014-05-27 20:25 - 00002017 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-19 18:53 - 2014-05-29 23:24 - 00000000 ____D C:\Program Files (x86)\WarThunder
2015-08-18 15:14 - 2014-05-28 00:48 - 00000000 ____D C:\ProgramData\Oracle
2015-08-18 14:47 - 2015-07-23 21:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-08-18 14:45 - 2015-02-01 19:40 - 00000000 ____D C:\Program Files (x86)\Wolfenstein - Enemy Territory
2015-08-18 14:43 - 2014-05-27 20:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-08-18 14:40 - 2014-11-08 13:58 - 00000000 ____D C:\Users\Max\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-08-18 14:40 - 2014-11-04 19:36 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-18 10:13 - 2006-11-02 17:21 - 00260216 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-17 23:20 - 2014-05-27 19:18 - 00057608 _____ C:\Users\Max\AppData\Local\GDIPFONTCACHEV1.DAT
2015-08-16 19:38 - 2014-05-27 19:43 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-08-16 19:34 - 2014-05-27 19:55 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-15 15:21 - 2014-12-29 02:20 - 00000000 ____D C:\Users\Max\AppData\Roaming\vlc
2015-08-13 20:16 - 2014-05-27 21:05 - 01048344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2015-08-13 02:33 - 2006-11-02 17:07 - 00000000 ____D C:\Windows\SysWOW64\XPSViewer
2015-08-12 22:09 - 2014-05-28 05:39 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 22:02 - 2006-11-02 14:35 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2015-08-12 21:56 - 2014-05-27 19:17 - 00001460 _____ C:\Users\Max\AppData\Local\d3d9caps64.dat
2015-08-12 19:40 - 2014-11-26 17:01 - 00000763 _____ C:\Users\Max\test.vbs.txt
2015-08-11 20:15 - 2014-05-27 21:05 - 00447944 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswTdi.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00064712 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr.sys
2015-08-11 20:15 - 2014-05-27 21:05 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-08-09 15:58 - 2006-11-02 17:27 - 00091738 _____ C:\Windows\setupact.log
2015-08-09 14:57 - 2015-07-02 20:04 - 00000420 _____ C:\Users\Max\Desktop\verkaufe.txt
2015-08-08 12:03 - 2014-05-27 20:24 - 00000000 ____D C:\Users\Max\AppData\Local\Deployment
2015-08-07 13:06 - 2014-11-05 19:41 - 00033050 _____ C:\Windows\system32\nvinfo.pb
2015-08-07 13:06 - 2014-05-27 19:42 - 03106384 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 06883448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 03492144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 02558768 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 00937592 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-08-07 06:34 - 2014-05-27 19:49 - 00385328 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-08-07 06:34 - 2014-05-27 19:49 - 00062768 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-08-04 09:54 - 2015-07-23 21:33 - 00000000 ____D C:\Users\Max\Documents\Gameforge Live
2015-08-03 12:12 - 2014-05-28 00:59 - 05133709 _____ C:\Windows\system32\nvcoproc.bin
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-08-29 19:23 - 2015-08-29 19:23 - 0000000 ____H () C:\Users\Max\AppData\Local\BIT8C28.tmp
2015-08-12 20:13 - 2015-08-12 20:13 - 0000680 _____ () C:\Users\Max\AppData\Local\d3d9caps.dat
2014-05-27 19:17 - 2015-08-12 21:56 - 0001460 _____ () C:\Users\Max\AppData\Local\d3d9caps64.dat
2014-09-17 18:46 - 2015-08-26 13:42 - 0012288 _____ () C:\Users\Max\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-04 20:56 - 2014-11-04 20:56 - 0365922 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1418.txt
2014-12-29 00:02 - 2014-12-29 00:02 - 0363708 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1DDD.txt
2014-05-28 00:43 - 2014-05-28 00:43 - 0439916 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI1E1E.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0394938 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI41DA.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0382928 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI41FE.txt
2015-02-18 20:10 - 2015-02-18 20:12 - 0440002 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI4ADF.txt
2015-02-18 20:12 - 2015-02-18 20:13 - 0448546 _____ () C:\Users\Max\AppData\Local\dd_vcredistMSI4C25.txt
2014-11-04 20:56 - 2014-11-04 20:56 - 0011198 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1418.txt
2014-12-29 00:02 - 2014-12-29 00:02 - 0011124 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1DDD.txt
2014-05-28 00:43 - 2014-05-28 00:43 - 0020150 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI1E1E.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0011446 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI41DA.txt
2015-05-20 21:14 - 2015-05-20 21:14 - 0011382 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI41FE.txt
2015-02-18 20:10 - 2015-02-18 20:12 - 0011660 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI4ADF.txt
2015-02-18 20:12 - 2015-02-18 20:13 - 0011692 _____ () C:\Users\Max\AppData\Local\dd_vcredistUI4C25.txt
2015-08-29 19:22 - 2015-08-29 19:22 - 0000000 _____ () C:\Users\Max\AppData\Local\{62B4C10C-5919-439B-A555-141064086D4A}
2014-12-29 01:26 - 2015-08-30 08:28 - 0000170 ___SH () C:\ProgramData\.zreglib
Einige Dateien in TEMP:
====================
C:\Users\Max\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-30 08:34
==================== Ende von FRST.txt ============================
Geändert von Bolg (30.08.2015 um 17:15 Uhr) |
|
31.08.2015, 07:08
| #10 |
| /// the machine /// TB-Ausbilder | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" BEschreib das Problem bitte nochmal ganz genau.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
31.08.2015, 11:28
| #11 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Es ist eig. ganz simpel zu erklären. Der PC bleibt einfach hängen ohne Bluescreen und ohne Warnungen oder Fehlern im Ereignisprotokoll. Ich sehe oft Livestreams und Videos den Tag über und irgendwann bleibt er einfach hängen nach dem ich ein Video angeklickt habe oder im Video selber ein paar Minuten weiter Klicke. Schon probiert ne weile zu warten aber selbst nach einer halben Stunde reagiert er nicht also erzwungenes "Knopf" Runterfahren. Hab gedacht das es am Flashplayer liegen könnte da alles Videos und Stream darüber laufen aber hat sich nicht bestätigt. Wenn ich keine Videos anschaue oder Streams ist es bis jetzt nicht passiert aber ich kann mich auch irren. Der Pc ist nicht der neuste aber nur das Motherboard, CPU und Arbeitsspeicher sind noch Orginal. Keine Ahnung was es also ist  |
|
01.09.2015, 05:34
| #12 |
| /// the machine /// TB-Ausbilder | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\Users\Max\.android\Downloads\CheckDrive 2014 - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\Coowon Browser - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\CR_Downloader_fuer_ultrahle.exe
C:\Users\Max\.android\Downloads\CR_Downloader_fuer_wwe-all-stars.exe
C:\Users\Max\.android\Downloads\DTLite4491-0356 (1).exe
C:\Users\Max\.android\Downloads\FRAPS - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\ManyCam - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\OpenOffice-lnstall.exe
C:\Users\Max\.android\Downloads\PC_Wecker_by_IP-MAN_v4.00_CB-DL-Manager (1).exe
C:\Users\Max\.android\Downloads\Router-Reconnect-lnstall.exe
C:\Users\Max\.android\Downloads\setup_Project64_2.1-2.exe
C:\Users\Max\.android\Downloads\vlc-2.1.5-win64.exe
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Downloadverhalten überdenken: CHIP-Installer - was ist das? - Anleitungen Passiert das nur im Browser? Wenn in welchem? Mal andern Browser testen, offline Videos testen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2015, 15:13
| #13 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" 6.1 GB das hätte ich nicht gedacht.  Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:31-08-2015
durchgeführt von Max (2015-09-01 15:49:54) Run:1
Gestartet von C:\Users\Max\.android\Downloads
Geladene Profile: Max (Verfügbare Profile: Max & adi)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\Users\Max\.android\Downloads\CheckDrive 2014 - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\Coowon Browser - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\CR_Downloader_fuer_ultrahle.exe
C:\Users\Max\.android\Downloads\CR_Downloader_fuer_wwe-all-stars.exe
C:\Users\Max\.android\Downloads\DTLite4491-0356 (1).exe
C:\Users\Max\.android\Downloads\FRAPS - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\ManyCam - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe
C:\Users\Max\.android\Downloads\OpenOffice-lnstall.exe
C:\Users\Max\.android\Downloads\PC_Wecker_by_IP-MAN_v4.00_CB-DL-Manager (1).exe
C:\Users\Max\.android\Downloads\Router-Reconnect-lnstall.exe
C:\Users\Max\.android\Downloads\setup_Project64_2.1-2.exe
C:\Users\Max\.android\Downloads\vlc-2.1.5-win64.exe
Emptytemp:
*****************
C:\Users\Max\.android\Downloads\CheckDrive 2014 - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\Coowon Browser - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\CR_Downloader_fuer_ultrahle.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\CR_Downloader_fuer_wwe-all-stars.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\DTLite4491-0356 (1).exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\FRAPS - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\ManyCam - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\NetSpeedMonitor 64 Bit - CHIP-Installer.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\OpenOffice-lnstall.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\PC_Wecker_by_IP-MAN_v4.00_CB-DL-Manager (1).exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\Router-Reconnect-lnstall.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\setup_Project64_2.1-2.exe => erfolgreich verschoben
C:\Users\Max\.android\Downloads\vlc-2.1.5-win64.exe => erfolgreich verschoben
EmptyTemp: => 6.1 GB temporäre Dateien entfernt.
Das System musste neu gestartet werden..
==== Ende von Fixlog 15:54:17 ====
|
|
01.09.2015, 18:05
| #14 |
| /// the machine /// TB-Ausbilder | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" Dann ist es definitiv die Graka oder der Treiber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.09.2015, 19:02
| #15 |
| | "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" hmm.. dann Tippe ich eher auf den Treiber da ich Spiele Zocken kann auf volle Leistung und es gibt da keine Probleme nur leider gibt es keinen neuen Treiber momentan aber ich Danke dir das du mir geholfen hast meinen PC mal aufzuräumen |
|
| Themen zu "Es befinden sich aktive Modifikationen von Malware auf deinem Rechner" |
| antivirus, bluestacks, desktop, dnsapi.dll, downloader, failed, firefox, flash player, google, hilfe, home, homepage, installation, malware, mozilla, problem, realtek, registry, scan, security, software, stick, svchost.exe, system, teamspeak, vista, windows, windows xp |
WARNUNG an die MITLESER: 
Linear-Darstellung
