|
Plagegeister aller Art und deren Bekämpfung: Die Seite Watch4 öffnet sich einfach soWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
17.09.2015, 01:31 | #1 |
| Die Seite Watch4 öffnet sich einfach so Guten Morgen, wie schon im Titel angesprochen, hat sich die Watch4.de Seite einfach so in meinem Google Chrome geöffnet. Das ist mir heute zum 1. mal passiert und habe jetzt Angst, dass ich mir einen lästigen Trojaner/Virus eingefangen habe. Über Hilfe würde ich mich sehr freuen. Mit freundlichen Grüßen, Hatoki |
17.09.2015, 05:39 | #2 |
/// the machine /// TB-Ausbilder | Die Seite Watch4 öffnet sich einfach so hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
17.09.2015, 06:29 | #3 |
| Die Seite Watch4 öffnet sich einfach so FRST.txt:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Albert (Administrator) auf ALBERT-PC (17-09-2015 07:15:15) Gestartet von C:\Users\Albert\Downloads Geladene Profile: Albert & DefaultAppPool & (Verfügbare Profile: Albert & Gast & DefaultAppPool) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe () C:\Windows\SysWOW64\ASGT.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\puush\puush.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Albert\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-04-02] () HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\RunOnce: [Uninstall C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-04-02] () HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [Uninstall C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-04-02] () HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [Uninstall C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" HKU\S-1-5-21-929755791-1800140602-23206935-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) HKU\S-1-5-21-929755791-1800140602-23206935-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-07-10] (Microsoft Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e52ae475-28c6-4012-9b9f-a53a7d7f08f4}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKU\S-1-5-21-929755791-1800140602-23206935-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKU\S-1-5-21-929755791-1800140602-23206935-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-30] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-929755791-1800140602-23206935-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Albert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Albert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Albert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default\Extensions\abs@avira.com [2015-08-21] FF Extension: Avira SafeSearch Plus - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default\Extensions\safesearchplus@avira.com [2015-07-29] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Default -> Avira CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=de CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\pdf.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\gcswf32.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Profile: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-22] CHR Extension: (BetterTTV) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-25] CHR Extension: (YouTube) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-02] CHR Extension: (Adblock Plus) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-02] CHR Extension: (Steam inventory helper) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-08-30] CHR Extension: (Google-Suche) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-02] CHR Extension: (OddShot) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2015-08-24] CHR Extension: (Google Mail) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-06-13] () S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-07-04] (BitRaider, LLC) S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123608 2015-05-07] (altPUG LLC) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) R2 OneSyncSvc_Session10; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R2 OneSyncSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) U2 OneSyncSvc_Session11; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) U2 OneSyncSvc_Session11; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session10; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 PimIndexMaintenanceSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) U3 PimIndexMaintenanceSvc_Session11; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) U3 PimIndexMaintenanceSvc_Session11; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] () R3 UnistoreSvc_Session10; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UnistoreSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) U3 UnistoreSvc_Session11; C:\WINDOWS\System32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) U3 UnistoreSvc_Session11; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R3 UserDataSvc_Session10; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) R3 UserDataSvc_Session10; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) U3 UserDataSvc_Session11; C:\WINDOWS\system32\svchost.exe [39856 2015-07-10] (Microsoft Corporation) U3 UserDataSvc_Session11; C:\WINDOWS\SysWOW64\svchost.exe [35176 2015-07-10] (Microsoft Corporation) R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG) S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) S3 cpuz138; C:\Users\Albert\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2015-08-12] (CPUID) S3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49272 2014-12-29] (Visicom Media Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-03-17] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-03-17] (Malwarebytes Corporation) S3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35960 2014-12-29] (Visicom Media Inc.) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation) S3 NVFLASH; C:\WINDOWS\system32\drivers\nvflash.sys [15648 2013-04-19] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-08-10] (Wellbia.com Co., Ltd.) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-17 07:15 - 2015-09-17 07:15 - 00027305 _____ C:\Users\Albert\Downloads\FRST.txt 2015-09-17 07:15 - 2015-09-17 07:15 - 00000000 ____D C:\FRST 2015-09-17 07:14 - 2015-09-17 07:14 - 02191360 _____ (Farbar) C:\Users\Albert\Downloads\FRST64.exe 2015-09-17 07:08 - 2015-09-17 07:08 - 00016148 _____ C:\WINDOWS\system32\ALBERT-PC_Albert_HistoryPrediction.bin 2015-09-17 04:46 - 2015-09-17 04:46 - 00058980 _____ C:\Users\Albert\Desktop\AVSCAN-20150917-022024-40C85419.LOG 2015-09-17 02:12 - 2015-09-17 02:12 - 00000000 ___HD C:\OneDriveTemp 2015-09-13 04:09 - 2015-09-13 04:09 - 01868290 _____ C:\Users\Albert\Downloads\desmume-0.9.11-win64.zip 2015-09-13 04:09 - 2015-09-13 04:09 - 00000000 ____D C:\Users\Albert\Desktop\DesMuMe 2015-09-13 04:09 - 2005-12-04 00:11 - 67108864 _____ C:\Users\Albert\Desktop\0083 - Osu! Tatakae! Ouendan! (J)(ProjectG).nds 2015-09-13 04:08 - 2015-09-13 04:08 - 52354890 _____ C:\Users\Albert\Downloads\0083 - Osu! Tatakae! Ouendan! (J)(ProjectG).7z 2015-09-13 03:15 - 2015-09-13 03:29 - 163315280 _____ C:\Users\Albert\Desktop\ts3_recording_15_09_13_3_15_27.wav 2015-09-12 17:51 - 2015-09-12 17:51 - 00040846 _____ C:\Users\Albert\Downloads\Cookiezi+-+Renard+-+Rainbow+Dash+Likes+Girls+(Stay+Gay+Pony+Girl)+[Holy+Shit!+It's+Rainbow+Dash!!]+(2012-11-13)+Osu.osr 2015-09-11 23:38 - 2015-09-11 23:38 - 00030154 _____ C:\Users\Albert\Downloads\wa. - lieselotte (rrtyui) [Insane].osu 2015-09-11 23:23 - 2015-09-11 23:31 - 135115199 _____ C:\Users\Albert\Downloads\IWBTB.zip 2015-09-10 18:55 - 2015-09-10 18:55 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 ____D C:\Users\DefaultAppPool 2015-09-10 18:55 - 2015-08-14 23:10 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-09 21:01 - 2015-09-09 21:51 - 00000000 ____D C:\Users\Albert\Documents\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:12 - 00000000 ____D C:\ProgramData\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:01 - 00001194 _____ C:\Users\Public\Desktop\TMCanyon.lnk 2015-09-09 21:01 - 2015-09-09 21:01 - 00001148 _____ C:\Users\Public\Desktop\ManiaPlanet.lnk 2015-09-09 21:01 - 2015-09-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet 2015-09-09 21:00 - 2015-09-09 21:01 - 127307464 _____ (Nadeo ) C:\Users\Albert\Downloads\Maniaplanet_Setup_TMCanyon.exe 2015-09-09 19:15 - 2015-09-09 19:15 - 00000144 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-09-09 19:15 - 2015-09-09 19:15 - 00000000 ____D C:\Users\Albert\AppData\Roaming\fatshark 2015-09-09 18:55 - 2015-09-09 18:55 - 00262144 ____N C:\WINDOWS\Minidump\090915-29078-01.dmp 2015-09-09 18:23 - 2015-09-09 18:23 - 00000222 _____ C:\Users\Albert\Desktop\Warhammer End Times - Vermintide Public Test.url 2015-09-09 03:52 - 2015-09-09 03:52 - 00000221 _____ C:\Users\Albert\Desktop\PAYDAY The Heist.url 2015-09-09 03:52 - 2015-09-09 03:52 - 00000219 _____ C:\Users\Albert\Desktop\Counter-Strike Global Offensive.url 2015-09-07 22:53 - 2015-09-07 22:53 - 00262144 ____N C:\WINDOWS\Minidump\090715-34843-01.dmp 2015-09-07 16:05 - 2015-09-11 01:01 - 00000000 ____D C:\Users\Albert\Documents\TrackMania 2015-09-07 16:05 - 2015-09-11 00:04 - 00000000 ____D C:\ProgramData\TrackMania 2015-09-07 16:01 - 2015-09-07 16:01 - 00000221 _____ C:\Users\Albert\Desktop\TrackMania Nations Forever.url 2015-09-06 14:51 - 2015-09-06 14:51 - 00000000 ____D C:\Users\Albert\Desktop\Localisation 2015-09-05 22:56 - 2015-09-05 22:56 - 252166992 _____ C:\Users\Albert\Downloads\Secrets.of.Grindea.v0.600a.zip 2015-09-05 22:55 - 2015-09-05 22:55 - 00019988 _____ C:\Users\Albert\Downloads\Secrets of Grindea v0.600a.torrent 2015-09-05 21:58 - 2015-09-05 22:02 - 00000000 ____D C:\ProgramData\TEMP 2015-09-05 21:58 - 2015-09-05 21:58 - 00000000 ____D C:\ProgramData\Licenses 2015-09-05 21:57 - 2015-09-05 21:57 - 02007544 _____ (Gianpaolo Bottin ) C:\Users\Albert\Downloads\MouseSpeedSetup.exe 2015-09-05 19:12 - 2015-09-05 19:12 - 08388608 _____ C:\Users\Albert\Downloads\Super+Mario+64+(USA) (1).n64 2015-09-05 19:11 - 2015-09-05 19:11 - 08388608 _____ C:\Users\Albert\Downloads\Super+Mario+64+(USA).n64 2015-09-03 13:08 - 2015-09-03 13:08 - 00013282 _____ C:\Users\Albert\Downloads\kuendigung.odt 2015-09-03 13:07 - 2015-09-03 13:07 - 00014099 _____ C:\Users\Albert\Downloads\aufhebungsvertrag (1).odt 2015-09-03 13:05 - 2015-09-03 13:05 - 00014099 _____ C:\Users\Albert\Downloads\aufhebungsvertrag.odt 2015-08-31 17:30 - 2015-08-31 17:30 - 00262144 ____N C:\WINDOWS\Minidump\083115-44750-01.dmp 2015-08-30 11:47 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-30 11:47 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-30 11:47 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-30 11:47 - 2015-08-20 07:57 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-08-30 11:47 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-30 11:47 - 2015-08-20 07:21 - 21875200 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-08-30 11:47 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-30 11:47 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-30 11:47 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-30 11:47 - 2015-08-20 06:31 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-08-30 11:47 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-30 11:47 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-30 11:47 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-30 11:47 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-30 11:47 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-30 11:47 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-30 11:47 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-30 11:47 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-30 11:47 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-30 11:47 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-30 11:47 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-30 11:47 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-30 11:47 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-30 11:47 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-30 11:47 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-30 11:47 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-30 11:47 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-30 11:47 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-30 11:47 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2015-08-30 11:47 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2015-08-30 11:47 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2015-08-30 11:47 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2015-08-30 11:47 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-30 11:47 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2015-08-30 11:47 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-27 10:33 - 2015-08-27 10:34 - 03207904 _____ (Microsoft Corporation) C:\Users\Albert\Downloads\CVH.EXE 2015-08-26 17:25 - 2015-08-26 17:25 - 00001047 _____ C:\Users\Albert\Desktop\osu!.lnk 2015-08-26 15:17 - 2015-08-26 15:17 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-08-26 15:16 - 2015-08-07 06:05 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-08-26 15:14 - 2015-08-07 13:07 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 22551672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 18564728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 16638896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 15627520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 14935968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 13663424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 12186176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 02352248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 02104440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01177016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01063032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01000088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00985392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00931960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00387536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00339576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-08-26 15:10 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-08-26 13:29 - 2015-08-26 13:29 - 00000222 _____ C:\Users\Albert\Desktop\Call of Duty Black Ops III Beta.url 2015-08-26 11:09 - 2015-08-26 11:09 - 03275336 _____ (ppy) C:\Users\Albert\Downloads\osu!.exe 2015-08-26 11:09 - 2015-08-26 11:09 - 03275336 _____ (ppy) C:\Users\Albert\Desktop\osu!.exe 2015-08-24 18:04 - 2015-08-24 18:04 - 06317380 _____ C:\Users\Albert\Downloads\bit_rush.zip 2015-08-24 15:08 - 2015-08-24 15:09 - 00000000 ____D C:\Users\Albert\Desktop\ZSNES 2015-08-24 15:08 - 2015-08-24 15:08 - 00867785 _____ C:\Users\Albert\Downloads\zsnesw151.zip 2015-08-23 23:22 - 2015-08-23 23:22 - 00262144 ____N C:\WINDOWS\Minidump\082315-24453-01.dmp 2015-08-23 22:47 - 2015-08-23 22:47 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-23 22:47 - 2015-08-23 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-23 04:24 - 2015-08-23 04:25 - 00000000 ____D C:\Users\Albert\Desktop\Lunar Magic 2015-08-23 04:24 - 2015-08-23 04:24 - 01163080 _____ C:\Users\Albert\Downloads\lm232.zip 2015-08-23 04:24 - 2015-08-23 04:24 - 00345695 _____ C:\Users\Albert\Downloads\Super Mario World (USA).zip 2015-08-23 01:37 - 2015-08-23 01:37 - 00000222 _____ C:\Users\Albert\Desktop\Magicite.url 2015-08-21 20:10 - 2015-08-21 20:10 - 00000219 _____ C:\Users\Albert\Desktop\Left 4 Dead 2.url 2015-08-21 06:15 - 2015-08-21 06:15 - 11571256 _____ C:\Users\Albert\Downloads\WinRAR-ZIP-Archiv+(neu)+(2).zip 2015-08-21 06:11 - 2015-08-21 06:11 - 20774480 _____ C:\Users\Albert\Downloads\ts3_recording_15_08_20_13_48_5.wav 2015-08-21 06:10 - 2015-08-21 06:10 - 29806160 _____ C:\Users\Albert\Downloads\ts3_recording_15_08_20_13_45_14.wav 2015-08-21 04:11 - 2015-08-21 04:11 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Sun 2015-08-21 04:11 - 2015-08-21 04:11 - 00000000 ____D C:\Users\Albert\.oracle_jre_usage 2015-08-21 04:10 - 2015-08-21 04:10 - 00584288 _____ (Oracle Corporation) C:\Users\Albert\Downloads\jre-8u60-windows-i586-iftw.exe 2015-08-20 03:17 - 2015-08-20 03:17 - 11742295 _____ C:\Users\Albert\Downloads\164075 Tokisawa Nao - BRYNHILDR IN THE DARKNESS -Ver. EJECTED- (1).osz 2015-08-19 05:23 - 2015-08-13 06:33 - 24593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-08-19 05:23 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-08-19 05:23 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-08-19 05:23 - 2015-08-13 06:07 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-08-19 05:23 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-08-19 05:23 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-19 05:23 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-19 05:23 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-19 05:23 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2015-08-19 05:23 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2015-08-19 05:23 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-19 05:23 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2015-08-19 05:23 - 2015-08-11 11:57 - 03622256 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-08-19 05:23 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-08-19 05:23 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-19 05:23 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-19 05:23 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-19 05:23 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-19 05:23 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-08-19 05:23 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-08-19 05:23 - 2015-08-11 11:31 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-08-19 05:23 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-08-19 05:23 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-19 05:23 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-08-19 05:23 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-08-19 05:23 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2015-08-19 05:23 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-08-19 05:23 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-08-19 05:23 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-19 05:23 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-08-19 05:23 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-08-19 05:23 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-19 05:23 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-08-19 05:23 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-19 05:23 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-19 05:23 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-19 05:23 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2015-08-19 05:23 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2015-08-19 05:23 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-08-19 05:23 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-08-19 05:23 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-19 05:23 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe 2015-08-19 05:23 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-08-19 05:23 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2015-08-19 05:23 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-19 05:23 - 2015-08-11 11:02 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-08-19 05:23 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-08-19 05:23 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-08-19 05:23 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-19 05:23 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-08-19 05:23 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2015-08-19 05:23 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-08-19 05:23 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-19 05:23 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-08-19 05:23 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-19 05:23 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-19 05:23 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-08-19 05:23 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-19 05:23 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-08-19 05:23 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-19 05:23 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-19 05:23 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2015-08-19 05:23 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-08-19 05:23 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-19 05:23 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-08-19 05:23 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-08-19 05:23 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-19 05:23 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-19 05:23 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-08-19 05:23 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll 2015-08-18 03:22 - 2015-08-18 03:22 - 00660960 _____ (Dropbox, Inc.) C:\Users\Albert\Downloads\DropboxInstaller.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-17 07:13 - 2015-04-02 04:33 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Skype 2015-09-17 07:02 - 2015-04-02 03:35 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-17 07:00 - 2015-04-25 20:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-17 06:45 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-17 06:45 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-17 06:15 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-17 03:23 - 2015-04-02 14:46 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-17 02:19 - 2015-07-29 20:51 - 00000000 ____D C:\Users\Albert\AppData\Local\Packages 2015-09-17 02:19 - 2015-04-02 04:58 - 00136408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-17 02:12 - 2015-07-29 21:07 - 00000000 ____D C:\Users\Albert\OneDrive 2015-09-17 02:12 - 2015-04-02 03:35 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-15 21:36 - 2015-04-03 15:52 - 00000000 ____D C:\Users\Albert\AppData\Local\osu! 2015-09-15 20:43 - 2015-04-02 17:49 - 00000000 ____D C:\Users\Albert\AppData\Roaming\TS3Client 2015-09-15 19:12 - 2015-07-29 21:07 - 00002392 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-15 13:17 - 2015-08-15 22:25 - 00000000 ____D C:\Users\Albert\AppData\Roaming\OBS 2015-09-15 12:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-09-13 22:47 - 2015-07-31 19:05 - 00005326 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ALBERT-PC-Albert Albert-PC 2015-09-13 01:10 - 2015-05-15 20:13 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-09-12 17:32 - 2015-04-02 03:35 - 00000000 ____D C:\Users\Albert\AppData\Local\Google 2015-09-12 15:03 - 2015-07-29 20:33 - 00229076 _____ C:\WINDOWS\DPINST.LOG 2015-09-12 15:02 - 2015-07-10 14:20 - 00020025 _____ C:\WINDOWS\setupact.log 2015-09-11 22:20 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-09-11 21:28 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-11 21:28 - 2015-04-05 03:50 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-11 06:46 - 2015-07-29 20:37 - 00000000 ____D C:\Users\Albert 2015-09-11 02:12 - 2015-04-23 18:30 - 00000000 ____D C:\Users\Albert\AppData\Roaming\.minecraft 2015-09-10 05:44 - 2015-05-20 22:57 - 00000000 ____D C:\Users\Albert\AppData\Local\Battle.net 2015-09-10 00:15 - 2015-05-31 15:47 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2015-09-09 20:14 - 2015-05-20 22:57 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-09-09 18:55 - 2015-08-12 07:04 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-09 18:55 - 2015-08-07 03:44 - 00000000 ____D C:\WINDOWS\Minidump 2015-09-09 18:55 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-09 18:36 - 2015-04-02 17:06 - 00063064 _____ C:\WINDOWS\DirectX.log 2015-09-09 18:23 - 2015-05-30 16:08 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-09-08 17:46 - 2015-07-29 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-08 17:46 - 2015-05-03 13:03 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-07 22:53 - 2015-07-10 14:20 - 00341608 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-06 14:19 - 2015-04-02 17:49 - 00000000 ____D C:\Users\Albert\AppData\Local\TeamSpeak 3 Client 2015-09-05 22:59 - 2015-07-31 02:37 - 00000000 ____D C:\Users\Albert\Desktop\Secrets.of.Grindea.v0.600a 2015-09-03 13:07 - 2015-04-16 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-03 13:07 - 2015-04-16 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-01 15:51 - 2015-04-27 16:49 - 00000000 ____D C:\Users\Albert\Desktop\Errything 2015-08-31 17:33 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-08-31 17:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-31 17:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-08-31 17:30 - 2015-07-29 20:25 - 00150088 _____ C:\WINDOWS\PFRO.log 2015-08-30 20:57 - 2015-04-02 03:35 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-08-30 20:57 - 2015-04-02 03:35 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-08-26 18:37 - 2015-04-05 03:50 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-26 17:25 - 2015-04-03 15:52 - 00001055 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2015-08-26 17:00 - 2015-08-13 01:02 - 00000000 ____D C:\Users\Albert\Documents\Heroes of the Storm 2015-08-26 17:00 - 2015-06-05 23:57 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-08-26 16:12 - 2015-05-22 12:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-08-26 15:17 - 2015-08-12 07:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-26 15:17 - 2015-07-29 20:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-26 15:11 - 2015-08-12 07:05 - 00001446 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-08-23 23:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-23 22:47 - 2015-04-02 04:33 - 00000000 ____D C:\ProgramData\Skype 2015-08-21 04:11 - 2015-04-04 23:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-08-21 04:11 - 2015-04-04 23:28 - 00000000 ____D C:\ProgramData\Oracle 2015-08-21 04:11 - 2015-04-04 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-21 04:11 - 2015-04-04 23:27 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-21 03:43 - 2015-08-14 21:49 - 00000000 ____D C:\Users\Albert\AppData\Roaming\NVIDIA 2015-08-19 02:36 - 2015-07-21 22:53 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Secrets of Grindea 2015-08-18 01:30 - 2015-08-12 07:04 - 01423120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll 2015-08-18 01:30 - 2015-08-12 07:04 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll 2015-08-18 01:29 - 2015-08-12 07:04 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll 2015-08-18 01:29 - 2015-08-12 07:04 - 01710568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-09 19:15 - 2015-09-09 19:15 - 0000144 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Albert\AppData\Local\Temp\0Kraken0502DevProps.dll C:\Users\Albert\AppData\Local\Temp\4eacffb7297b2a4180dd749771530e33.dll C:\Users\Albert\AppData\Local\Temp\avgnt.exe C:\Users\Albert\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll C:\Users\Albert\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Albert\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Albert\AppData\Local\Temp\nvStInst.exe C:\Users\Albert\AppData\Local\Temp\speccycpuid.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-11 21:12 ==================== Ende von FRST.txt ============================ |
17.09.2015, 06:30 | #4 |
| Die Seite Watch4 öffnet sich einfach so Addition.txt: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:15-09-2015 durchgeführt von Albert (2015-09-17 07:15:59) Gestartet von C:\Users\Albert\Downloads Windows 10 Home (X64) (2015-07-29 18:51:15) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-929755791-1800140602-23206935-500 - Administrator - Disabled) Albert (S-1-5-21-929755791-1800140602-23206935-1000 - Administrator - Enabled) => C:\Users\Albert DefaultAccount (S-1-5-21-929755791-1800140602-23206935-503 - Limited - Disabled) Gast (S-1-5-21-929755791-1800140602-23206935-501 - Limited - Disabled) => C:\Users\Gast HomeGroupUser$ (S-1-5-21-929755791-1800140602-23206935-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Flash Player 18 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.13.3296) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (HKLM-x32\...\Aeria Ignite) (Version: 1.13.3296 - Aeria Games & Entertainment) Aeria Ignite (x32 Version: 1.13.3296 - Aeria Games & Entertainment) Hidden Akamai NetSession Interface (HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Akamai) (Version: - Akamai Technologies, Inc) Akamai NetSession Interface (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Akamai) (Version: - Akamai Technologies, Inc) AMD Catalyst Install Manager (HKLM\...\{120EC191-78F8-CA89-3511-7E90C23F5261}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.) Arma 3 (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive) ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.) ASUS GPU Tweak (x32 Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth) BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC) C9 (HKLM-x32\...\Steam App 212390) (Version: - Cloud 9 Studio) Call of Duty: Black Ops III Beta (HKLM-x32\...\Steam App 388520) (Version: - Treyarch) CCGLauncher version 0.0.0.7 (HKLM-x32\...\{78D51CE5-799C-4FCA-9635-6F61E19EA5E3}_is1) (Version: 0.0.0.7 - Custom Combat Gaming) CEVO CS:GO Client Beta version 1.0 (HKLM-x32\...\CEVO CS:GO Client Beta_is1) (Version: 1.0 - ) Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) Dropbox (HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Dropbox) (Version: 3.4.1 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.4.1 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Dropbox) (Version: 3.4.1 - Dropbox, Inc.) Echo of Soul (HKLM-x32\...\Steam App 290140) (Version: - Nvius) f.lux (HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Flux) (Version: - ) f.lux (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version: - ) f.lux (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\Flux) (Version: - ) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.93 - Google Inc.) Google Update Helper (x32 Version: 1.3.21.99 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve) Magicite (HKLM-x32\...\Steam App 268750) (Version: - SmashGames) Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation) ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 37.0.2 - Mozilla) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation) NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) osu! (HKLM-x32\...\{8e455ba3-ac0e-4441-90fd-ab2f615f4138}) (Version: latest - ppy Pty Ltd) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden PAYDAY: The Heist (HKLM-x32\...\Steam App 24240) (Version: - OVERKILL Software) Portal of Evil: Stolen Runes Collector's Edition (HKLM-x32\...\Steam App 361850) (Version: - ) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Razer Synapse (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.21.27405 - Razer Inc.) Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.) Reign Of Kings (HKLM-x32\...\Steam App 344760) (Version: - Code}{atch) S4 League (HKLM-x32\...\S4 League) (Version: - ) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.13.6 - NVIDIA Corporation) Hidden Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) Spooky's House of Jump Scares (HKLM-x32\...\Steam App 356670) (Version: - Lag Studios) Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic) TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo) Unity Web Player (HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\...\UnityWebPlayer) (Version: 5.0.1f1 - Unity Technologies ApS) Warhammer: End Times - Vermintide | Public Test (HKLM-x32\...\Steam App 252650) (Version: - ) WildStar (HKLM-x32\...\WildStar) (Version: - NCSOFT) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) WS Launcher (HKLM-x32\...\{7CD2FACD-18D7-46C7-A4C6-17FD6D97E045}) (Version: 0.0.2.0 - Launcher) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-929755791-1800140602-23206935-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 30-08-2015 10:41:54 Windows Update 03-09-2015 13:05:34 PROPLUS 09-09-2015 18:35:01 DirectX wurde installiert ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {05C98C79-1104-4035-9E2B-FC95F61615F6} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {0B58E041-1B36-4998-8753-66E5F1CB6D08} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {0BBC2268-C425-4C6D-B3CB-393FF47360CD} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {13D5E34A-E73A-4252-9C0D-73A6DB63024C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {14945DB8-6BE7-4C9C-9ECE-6D047998D964} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {187325F2-C56A-4B70-A86B-28E477CFA2A4} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {1A174EA1-680A-48F1-9C0B-63906D1024B7} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {2122D76D-907D-48A7-BE23-0BB02B4DD9D3} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.) Task: {32D15BC2-C635-4B00-8187-1F4E3AEEA286} - \Norton Security\Norton Error Processor -> Keine Datei <==== ACHTUNG Task: {34754787-BC99-4B50-8000-2006292A4FCD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {426EB1FB-45CD-47D3-92EB-FDCB10060CF6} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {4FBA81BE-E19B-4B1A-98EF-0410400C89FA} - System32\Tasks\Microsoft Office 15 Sync Maintenance for ALBERT-PC-Albert Albert-PC => C:\Program Files\Microsoft Office\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation) Task: {53F40544-A4A4-4246-9723-064AB148991B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {6B941885-A76B-473B-AFC6-7DD599801448} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {7308C720-7F0A-4F4E-9B80-4CBD0F15DF6A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {77EE62F0-459C-4614-AAD6-EB63C5EB91AA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {78ED5F76-0A0C-4E0F-A528-BFFB8E0CC3A8} - \Norton Security\Norton Error Analyzer -> Keine Datei <==== ACHTUNG Task: {79F9E036-85AC-4E85-B940-D15235377355} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {88362A4C-258B-4404-9905-D30B655FFEB6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {99B9EAAC-8086-44E2-A82F-A1E29DD0ED55} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {9C93AD01-B7F0-418F-AF8D-7C1D487AF18B} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {9E101577-3A83-4EB1-B3F7-63A97794D5EC} - System32\Tasks\{7B57496B-F3A3-4BF7-B719-9B4B83662C96} => Chrome.exe hxxp://ui.skype.com/ui/0/7.5.0.102/de/abandoninstall?source=lightinstaller&page=tsBing Task: {9F3412E0-0718-4136-83B7-DAA413A78154} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {A2DF64A3-CE28-4F51-B05B-09BCB8553A3C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {A5A0C1EE-96A6-48BB-BF93-ED44F742CA16} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {A78A32EE-178E-4696-A7F2-9FBC94CE8FCE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-02] (Google Inc.) Task: {A9EB4CCE-2A3F-449A-A0DB-F673E4F46AF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation) Task: {AE7FC380-C604-4D42-8D0C-DDB2B830331C} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {AFF13D75-36B2-42B5-A474-4F090E80C27D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B4278F7A-D514-47AD-9E6A-E0FFA81E8E47} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {B9CDA924-C5B8-4DBA-B9FC-4475C28D4F69} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C477C324-EEAB-42F6-A3E0-55C4DC4AF35E} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.0.0.110\WSCStub.exe Task: {C6236691-97E0-469E-8232-5D28FABF0D61} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated) Task: {C9A135C1-92B1-4F69-A60B-B9ABC292FB5D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation) Task: {D85A39CE-A023-4D71-B471-E69AC9513707} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {D9163222-262E-42BA-8BF5-FD01DDD2CEEA} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {D929FB15-2EE0-43F4-B226-F9B242A11389} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {E083EA92-0435-498F-8ADF-C45D7630D2DF} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {F31280B9-2078-432E-A61E-58EA74064174} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {F6410CFA-BCD6-4555-9C19-EBD2BE16473C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {F76276D5-0F4F-4C76-84E9-F9C5138CC168} - \Microsoft\Windows\Setup\GWXTriggers\Time-3xd -> Keine Datei <==== ACHTUNG Task: {FA9573CE-0292-4D84-8EBD-86C7BEBD80DE} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FE5AFE51-4D0C-43D1-AF1E-91FC94657CD2} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe [2015-08-12] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_pepper.exe Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-07-29 21:21 - 2015-07-29 21:21 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 05:23 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe 2012-08-06 12:24 - 2012-08-06 12:24 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll 2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll 2015-06-23 21:11 - 2015-06-23 21:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-08-12 07:03 - 2015-08-07 06:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-08-30 11:47 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-08-11 22:09 - 2015-08-03 03:09 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll 2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-29 21:21 - 2015-07-29 21:21 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-08-11 22:09 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-08-11 22:09 - 2015-08-03 03:14 - 00882688 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2015-08-19 05:23 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-08-11 22:09 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 13:00 - 2015-07-10 18:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-07-29 21:21 - 2015-07-29 21:21 - 00577024 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll 2015-07-29 21:21 - 2015-07-29 21:21 - 00181248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\nodert-buffer-utils\bin\NodeRT_Buffer_Utils.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00559616 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.storage.streams\bin\NodeRT_Windows_Storage_Streams.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00643072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation.diagnostics\bin\NodeRT_Windows_Foundation_Diagnostics.node 2015-07-10 13:00 - 2015-07-10 18:45 - 00037888 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\winrt-projections\bin\Winrt_Projections.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00796160 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http\bin\NodeRT_Windows_Web_Http.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00961536 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.headers\bin\NodeRT_Windows_Web_Http_Headers.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00204288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.web.http.filters\bin\NodeRT_Windows_Web_Http_Filters.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00397824 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.foundation\bin\NodeRT_Windows_Foundation.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00074240 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.networking\bin\NodeRT_Windows_Networking.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00093696 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.security.cryptography\bin\NodeRT_Windows_Security_Cryptography.node 2015-07-29 21:21 - 2015-07-29 21:21 - 00124416 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\dss_service\node_modules\windows.cortana.pal\bin\NodeRT_Windows_Cortana_PAL.node 2012-01-10 14:41 - 2015-04-02 05:43 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe 2015-07-08 08:58 - 2015-07-08 08:58 - 00292352 _____ () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe 2015-08-12 07:04 - 2015-08-18 01:31 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-08-01 23:46 - 2015-09-17 02:12 - 00619840 _____ () C:\Users\Albert\AppData\Local\Temp\0Kraken0502DevProps.dll 2015-04-02 14:46 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-04-02 14:46 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-04-02 14:46 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll 2015-04-02 14:46 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-04-02 14:46 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-04-02 14:46 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-04-02 14:46 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-04-02 14:46 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-04-02 14:46 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-04-02 14:46 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-04-02 14:46 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-23 13:41 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-09-05 03:42 - 2015-09-05 03:42 - 00137728 _____ () C:\ProgramData\Razer\Synapse\CrashReporter\CrashRpt1402.dll 2015-04-02 14:46 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-09-16 06:03 - 2015-09-12 02:22 - 01501512 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libglesv2.dll 2015-09-16 06:03 - 2015-09-12 02:22 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\libegl.dll 2015-04-29 16:01 - 2014-11-26 03:12 - 40622592 _____ () C:\Users\Albert\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libcef.dll 2015-04-29 16:01 - 2014-11-26 03:12 - 00911360 _____ () C:\Users\Albert\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libglesv2.dll 2015-04-29 16:01 - 2014-11-26 03:12 - 00134144 _____ () C:\Users\Albert\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\cef\libegl.dll 2015-09-16 06:03 - 2015-09-12 02:22 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\WINDOWS\Temp:$DATA AlternateDataStreams: C:\ProgramData\TEMP:8EFFFE8D ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\aeriagames.com -> hxxp://aeriagames.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-929755791-1800140602-23206935-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg HKU\S-1-5-21-929755791-1800140602-23206935-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img0.jpg HKU\S-1-5-21-929755791-1800140602-23206935-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg HKU\S-1-5-21-929755791-1800140602-23206935-501-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [UDP Query User{676382BC-C005-4F7B-A203-4B67E3C9ED4E}C:\users\albert\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\albert\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{4CAFBC49-76C4-4442-90E9-F325C8DA0359}C:\users\albert\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\albert\desktop\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{4610E33B-457D-4B51-94AA-C44DC5A73A09}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [UDP Query User{3596363D-48D2-46ED-93F9-91BA5D841CF0}C:\users\albert\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\albert\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{3646D286-945A-4768-AA72-CD9C6221BF01}C:\users\albert\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\albert\appdata\local\akamai\netsession_win.exe FirewallRules: [UDP Query User{BCEC56D3-F66D-41E9-A5B8-D749BC197DCB}C:\users\albert\desktop\secrets.of.grindea.v0.599i\secrets of grindea.exe] => (Allow) C:\users\albert\desktop\secrets.of.grindea.v0.599i\secrets of grindea.exe FirewallRules: [TCP Query User{260C173E-13ED-477F-94AE-A36BA82ED21F}C:\users\albert\desktop\secrets.of.grindea.v0.599i\secrets of grindea.exe] => (Allow) C:\users\albert\desktop\secrets.of.grindea.v0.599i\secrets of grindea.exe FirewallRules: [{402E74D5-566C-4518-83D6-3F7CEDA11865}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal of Evil Stolen Runes Collectors Edition\PortalOfEvil_StolenRunes.exe FirewallRules: [{11196909-D3A4-47D7-922A-7D927B0AF83B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Portal of Evil Stolen Runes Collectors Edition\PortalOfEvil_StolenRunes.exe FirewallRules: [UDP Query User{49B88955-A909-4E22-99DD-7E7FDEEAD20C}C:\users\albert\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\albert\appdata\local\akamai\netsession_win.exe FirewallRules: [TCP Query User{C4A32EC7-EB5E-4CBD-B758-20439ADB58F1}C:\users\albert\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\albert\appdata\local\akamai\netsession_win.exe FirewallRules: [{1FCD88B8-075F-47D0-B158-FD178893248E}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe FirewallRules: [{87A7036F-1E11-4B0C-A6EE-E39453A38EC5}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe FirewallRules: [{E7F4023F-AB8C-4BDC-B88D-6BF9AD781EEA}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe FirewallRules: [{D5BE13B2-716B-4802-BC06-60E7D0D5828B}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars-The Old Republic\launcher.exe FirewallRules: [{A0F27AC6-0C28-4A09-8454-113441ADFBC3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [{3B1868B3-B8B9-46E6-AA05-BB18BC6D29B3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe FirewallRules: [UDP Query User{EA54B2D6-9B07-41E4-BE4A-50C07131EECC}C:\users\albert\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\albert\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{919DDB55-8599-4E03-A12F-714A49E7B4CB}C:\users\albert\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\albert\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{79A7A01A-6715-4923-B7D7-A88B9128A4B8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe FirewallRules: [{6FA4F29A-FF18-46EC-9854-1FC72B868D39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Realm of the Mad God\Realm of the Mad God.exe FirewallRules: [{26B0F215-263B-41CC-80F6-CDF08E2C92C4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{2F6D1ECB-912A-4F10-9566-9EE76D002E78}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{EE9249A0-A4D7-42A0-A71E-09FC6477B5A0}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{D58BCABC-9A2F-4C2E-B76B-EF85A908DDB6}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{8ED5CC84-A6E9-44D1-A1CE-3B5CDC3DB058}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{6B598927-EC86-4104-88C1-AC56DFBA3B33}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [UDP Query User{3F5E4968-5AC5-4218-8099-4ACBA1A900D1}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [TCP Query User{3BAB2E3C-7009-4472-8B6D-0FF458FF9358}C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{A207A6EC-F714-4724-9CA2-B6610B5AEFF4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\C9\C9.exe FirewallRules: [{52E349EC-3653-46D4-A1F4-9AE1A746B81B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\C9\C9.exe FirewallRules: [{8045C2CA-5789-4530-9138-EAE6FDD07F94}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\C9\C9MappingAccount.exe FirewallRules: [{7EEA0819-CCA3-4E50-99C9-1ABC255387FB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\C9\C9MappingAccount.exe FirewallRules: [UDP Query User{F8518013-BAB7-4BD1-8E6E-A0024E69F5B8}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [TCP Query User{0221C46C-2FE4-47B3-B6BA-408AAF11C2C2}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Block) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe FirewallRules: [{2A44BB02-5947-4B43-9C4F-43D98C9709A4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{A7FBD119-D7E5-4B79-87EE-EC8BF556737D}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe FirewallRules: [{F8419116-B280-4637-A84C-544D035A0EB8}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{78082C93-F413-4AD4-8EE4-EAD865218CE4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{BF6CEE52-6AC9-4D5D-94FF-B7028BD51159}C:\users\albert\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\albert\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{F849E1B9-7ABA-4151-82D9-AAA9487EE83B}C:\users\albert\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\albert\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{E5CAF41C-02EA-42A0-91E5-7143F1D2738B}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2162C3FA-2788-48A5-AC0A-1DD041FBE23D}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{ECC052B8-05D7-4EEA-89DB-3A6F0BDBA61C}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{5023B199-1FC2-49CF-AB3C-02293AF5C933}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe FirewallRules: [{A5C40633-5011-4E49-AAFD-CC3BB12268D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [{4473D981-51EF-41B6-B184-4574A3D6C49C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe FirewallRules: [UDP Query User{E01CCC45-B590-4A39-A9FE-BED5BED1631B}C:\program files (x86)\dolphin x86\dolphin.exe] => (Allow) C:\program files (x86)\dolphin x86\dolphin.exe FirewallRules: [TCP Query User{FEBC5EF8-113E-4E73-A457-38279552BA43}C:\program files (x86)\dolphin x86\dolphin.exe] => (Allow) C:\program files (x86)\dolphin x86\dolphin.exe FirewallRules: [{3F6AB5B6-C547-4A4A-BB6E-0709579EFE26}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe FirewallRules: [{B1E4CCAE-444C-4EC4-A160-E6FE20F9F947}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reign Of Kings\Reign of Kings.exe FirewallRules: [UDP Query User{42E7BFDE-75A6-4111-9EFB-DEEA1B2D1056}C:\users\albert\desktop\dolphin\dolphin.exe] => (Allow) C:\users\albert\desktop\dolphin\dolphin.exe FirewallRules: [TCP Query User{3B32A2AD-81CE-4C30-91EA-9B5520A4A049}C:\users\albert\desktop\dolphin\dolphin.exe] => (Allow) C:\users\albert\desktop\dolphin\dolphin.exe FirewallRules: [{2BCE94A4-7DCB-440C-976A-8D098EB9B1B0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reign Of Kings\ROK.exe FirewallRules: [{33916D03-66C6-47CD-84D3-6EB38790A2D1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Reign Of Kings\ROK.exe FirewallRules: [{AA73A48F-3008-4E22-A5AD-E373A7113A67}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{71070112-D903-484C-9A4E-66A485890FE5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{9E9268E8-E7FB-4DF2-BDE0-AF378DD5F301}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{B040F283-6855-4821-9170-7E5A9D1CEFD1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{43448E72-4A73-4EFF-8245-D3DF9C2345F7}] => (Allow) C:\Users\Albert\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{48860CD2-8665-4428-A094-BBE5F2503384}] => (Allow) C:\Users\Albert\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{69C27FB5-C9D9-452A-93D3-2994473AF145}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{E1CB7DD3-3DEE-41B9-99DF-2AFF1E4D612C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{D27536F3-AE3C-421E-A17C-BC1B7F9201F7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe FirewallRules: [{92081BB5-2923-483C-BFCE-A95B407AE7D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Spooky's House of Jump Scares\SPOOKY.exe FirewallRules: [TCP Query User{F75B12C7-AFB4-4F4A-A9FE-68957BD81AFD}C:\users\albert\desktop\errything\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\albert\desktop\errything\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{2F589E4A-7805-4E7B-B564-B3A600A58462}C:\users\albert\desktop\errything\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\albert\desktop\errything\mc\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{80B6F86C-BD8A-43BA-8B9B-9A2BE6A835F8}C:\program files (x86)\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\java.exe FirewallRules: [UDP Query User{1E19E3BF-F2D9-4252-83C1-CCD4F1048AD9}C:\program files (x86)\java\jre1.8.0_45\bin\java.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_45\bin\java.exe FirewallRules: [{CB50FE85-EE4E-4901-B0C6-7D0FA0AEE23E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{C49F24E2-5B51-4896-AB1D-F880C538C652}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\GarrysMod\hl2.exe FirewallRules: [{855E5D84-4991-4CFA-944E-59196326429F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe FirewallRules: [{702FE63E-62C1-42E7-BCA3-25FD143DFC87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Echo of Soul\EOSLauncher.exe FirewallRules: [{1A73A548-7D6E-4B1E-A4AE-7C500FCFE670}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{998EB387-DC9D-4E27-9B7B-702819E1D140}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{E846C742-BCCA-466E-A00D-7201D4DD2487}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{9E70953D-1359-4640-82E9-9F86C892CBA3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FAF365D7-4D7B-40CF-8633-F9FAC2043940}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{7F4CCBE4-37F0-4DBB-A4C2-0DA0066AC0F0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{DCDA76B6-FA96-4A3C-970E-4BD6E86B0F60}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{FCE37952-0C8D-4997-880C-4718783BE57B}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{8BD724F1-F418-451D-AE05-DE05FCF5CFA7}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{52E62A87-0BCB-49B7-991D-22C8EE7659DE}C:\users\albert\desktop\errything\secrets.of.grindea.v0.599i\secrets of grindea.exe] => (Allow) C:\users\albert\desktop\errything\secrets.of.grindea.v0.599i\secrets of grindea.exe FirewallRules: [UDP Query User{EE6657DD-BBC0-4B30-8909-B0F636A2D6E0}C:\users\albert\desktop\errything\secrets.of.grindea.v0.599i\secrets of grindea.exe] => (Allow) C:\users\albert\desktop\errything\secrets.of.grindea.v0.599i\secrets of grindea.exe FirewallRules: [{CBFB314B-D4B0-42A0-BD38-97AC10C3C67E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{9B51E232-EC11-43C8-BD62-6E26A364A9AB}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe FirewallRules: [{2004FF6D-B1CD-4041-99D1-FBDE70C5BF25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicite\Magicite.exe FirewallRules: [{E64FF1F3-C968-42F2-8DAB-E676B2D80197}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Magicite\Magicite.exe FirewallRules: [{8CF5CFBC-6DFF-4D41-9477-F44CA38C6732}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [{D761036C-9670-48FC-BB41-3B3A59899958}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops III Beta\BlackOps3.exe FirewallRules: [TCP Query User{3DDFEA41-78ED-4FD5-B78F-8413013DD470}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{BD619B20-76BD-4545-A42C-32A953980834}C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37274\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{94AFE992-3D58-4822-9594-AC286CC2DA1D}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{69A480C6-A53A-4326-B904-385AB5C62551}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{AA4C12E6-EBFF-45A2-A32D-9D6DCCA73BC8}C:\users\albert\desktop\secrets.of.grindea.v0.600a\secrets of grindea.exe] => (Allow) C:\users\albert\desktop\secrets.of.grindea.v0.600a\secrets of grindea.exe FirewallRules: [UDP Query User{888E1CB5-4861-478A-8657-3DBE04CF573C}C:\users\albert\desktop\secrets.of.grindea.v0.600a\secrets of grindea.exe] => (Allow) C:\users\albert\desktop\secrets.of.grindea.v0.600a\secrets of grindea.exe FirewallRules: [{73B4E0C6-D4B5-4F7E-896E-C46D7A20E706}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe FirewallRules: [{6D062B06-D530-4AB8-BC0E-7F0193C2AF76}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe FirewallRules: [{2FCD58AD-7395-41DE-BCB2-6F769FF5A590}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe FirewallRules: [{8B7CE987-7073-4975-A2AE-96641CFD3867}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe FirewallRules: [{2BCA3EA5-DCFB-414A-9CC7-04D981BFA5DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [{1A365D56-16CE-4FB7-AD6A-0A392318080E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe FirewallRules: [TCP Query User{6962FB1B-8657-45BD-8AEC-EBCB42B3AFED}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe FirewallRules: [UDP Query User{59210F5F-FBBC-4A2B-9AF5-64CD67644A68}C:\program files (x86)\maniaplanet\maniaplanet.exe] => (Allow) C:\program files (x86)\maniaplanet\maniaplanet.exe FirewallRules: [TCP Query User{934206C3-C0CF-4A62-9961-D8772CB409C1}C:\program files (x86)\steam\steamapps\common\warhammer end times vermintide public test\vermintide.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer end times vermintide public test\vermintide.exe FirewallRules: [UDP Query User{83191462-A033-4E14-845B-D3F069767ED2}C:\program files (x86)\steam\steamapps\common\warhammer end times vermintide public test\vermintide.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\warhammer end times vermintide public test\vermintide.exe FirewallRules: [{F77FBD47-0771-4077-93DD-0E29E991C46C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{C03CFE3A-ACA1-4A98-84A1-6ECF0DDB7466}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\PAYDAY The Heist\payday_win32_release.exe FirewallRules: [{29E8302A-0DF5-4F8A-9E14-5C48372FA54C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.) Class Guid: {36fc9e60-c465-11cf-8056-444553540000} Manufacturer: (Standard-USB-Hostcontroller) Service: Problem: : Windows has stopped this device because it has reported problems. (Code 43) Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (09/17/2015 02:14:50 AM) (Source: Avira Launcher Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.Runtime.InteropServices.COMException (0x80080005): Die COM-Klassenfactory für die Komponente mit CLSID {BFE18E9C-6D87-4450-B37C-E02F0B373803} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005 Starten des Servers fehlgeschlagen (Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)). bei Avira.OE.WinCore.WindowsUpdateInformation.GetWindowsUpdateData() bei Avira.OE.WinCore.DeviceUpdateDataFactory.UpdateDynamicData(DevUpdateDataCommand devUpdateData, String userSid) bei Avira.OE.WinCore.DeviceUpdateDataFactory.CreateDeviceUpdateData(String userSid) bei Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(String userSid) bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession) bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs) bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHan... Error: (09/17/2015 02:12:51 AM) (Source: Avira Launcher Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.Runtime.InteropServices.COMException (0x80080005): Die COM-Klassenfactory für die Komponente mit CLSID {BFE18E9C-6D87-4450-B37C-E02F0B373803} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005 Starten des Servers fehlgeschlagen (Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)). bei Avira.OE.WinCore.WindowsUpdateInformation.GetWindowsUpdateData() bei Avira.OE.WinCore.DeviceUpdateDataFactory.UpdateDynamicData(DevUpdateDataCommand devUpdateData, String userSid) bei Avira.OE.WinCore.DeviceUpdateDataFactory.CreateDeviceUpdateData(String userSid) bei Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(String userSid) bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession) bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs) bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHan... Error: (09/16/2015 07:02:28 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALBERT-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (09/16/2015 05:42:07 AM) (Source: Avira Launcher Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.Runtime.InteropServices.COMException (0x80080005): Die COM-Klassenfactory für die Komponente mit CLSID {BFE18E9C-6D87-4450-B37C-E02F0B373803} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005 Starten des Servers fehlgeschlagen (Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)). bei Avira.OE.WinCore.WindowsUpdateInformation.GetWindowsUpdateData() bei Avira.OE.WinCore.DeviceUpdateDataFactory.UpdateDynamicData(DevUpdateDataCommand devUpdateData, String userSid) bei Avira.OE.WinCore.DeviceUpdateDataFactory.CreateDeviceUpdateData(String userSid) bei Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(String userSid) bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession) bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs) bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHan... Error: (09/16/2015 05:17:41 AM) (Source: Avira Launcher Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.Runtime.InteropServices.COMException (0x80080005): Die COM-Klassenfactory für die Komponente mit CLSID {BFE18E9C-6D87-4450-B37C-E02F0B373803} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005 Starten des Servers fehlgeschlagen (Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)). bei Avira.OE.WinCore.WindowsUpdateInformation.GetWindowsUpdateData() bei Avira.OE.WinCore.DeviceUpdateDataFactory.UpdateDynamicData(DevUpdateDataCommand devUpdateData, String userSid) bei Avira.OE.WinCore.DeviceUpdateDataFactory.CreateDeviceUpdateData(String userSid) bei Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(String userSid) bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession) bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs) bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHan... Error: (09/15/2015 09:38:20 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALBERT-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (09/15/2015 07:13:16 PM) (Source: Avira Launcher Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.Runtime.InteropServices.COMException (0x80080005): Die COM-Klassenfactory für die Komponente mit CLSID {BFE18E9C-6D87-4450-B37C-E02F0B373803} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005 Starten des Servers fehlgeschlagen (Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)). bei Avira.OE.WinCore.WindowsUpdateInformation.GetWindowsUpdateData() bei Avira.OE.WinCore.DeviceUpdateDataFactory.UpdateDynamicData(DevUpdateDataCommand devUpdateData, String userSid) bei Avira.OE.WinCore.DeviceUpdateDataFactory.CreateDeviceUpdateData(String userSid) bei Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(String userSid) bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession) bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs) bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHan... Error: (09/15/2015 07:11:12 PM) (Source: Avira Launcher Service Host) (EventID: 0) (User: ) Description: Fehler beim Verarbeiten von Sitzungsänderung. System.Runtime.InteropServices.COMException (0x80080005): Die COM-Klassenfactory für die Komponente mit CLSID {BFE18E9C-6D87-4450-B37C-E02F0B373803} konnte aufgrund des folgenden Fehlers nicht abgerufen werden: 80080005 Starten des Servers fehlgeschlagen (Ausnahme von HRESULT: 0x80080005 (CO_E_SERVER_EXEC_FAILURE)). bei Avira.OE.WinCore.WindowsUpdateInformation.GetWindowsUpdateData() bei Avira.OE.WinCore.DeviceUpdateDataFactory.UpdateDynamicData(DevUpdateDataCommand devUpdateData, String userSid) bei Avira.OE.WinCore.DeviceUpdateDataFactory.CreateDeviceUpdateData(String userSid) bei Avira.OE.Communicator.Communicator.CreateAndSendDeviceUpdateDataMessage(String userSid) bei Avira.OE.Communicator.Communicator.SessionChanged(Session newActiveSession, Session previousActiveSession) bei Avira.OE.Communicator.Communicator.OnActiveSessionChanged(Object sender, ActiveSessionChangedEventArgs activeSessionChangedEventArgs) bei Avira.OE.WinCore.EventHandlerExtensions.SafeInvoke[T](EventHan... Error: (09/15/2015 01:38:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALBERT-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (09/15/2015 01:38:38 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ALBERT-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (09/17/2015 02:19:28 AM) (Source: DCOM) (EventID: 10016) (User: ALBERT-PC) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Albert-PCAlbertS-1-5-21-929755791-1800140602-23206935-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (09/17/2015 02:19:28 AM) (Source: DCOM) (EventID: 10016) (User: ALBERT-PC) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Albert-PCAlbertS-1-5-21-929755791-1800140602-23206935-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (09/17/2015 02:18:16 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80246007 fehlgeschlagen: Microsoft .Net Native Runtime Package 1.1.23101.0 Error: (09/17/2015 02:14:50 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803} Error: (09/17/2015 02:12:50 AM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {BFE18E9C-6D87-4450-B37C-E02F0B373803} Error: (09/16/2015 07:02:28 AM) (Source: DCOM) (EventID: 10010) (User: ALBERT-PC) Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca Error: (09/16/2015 07:02:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_Session9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/16/2015 07:02:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _Session9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/16/2015 07:02:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_Session9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (09/16/2015 07:02:26 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_Session9" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2015-08-25 16:27:28.538 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:28.393 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:28.243 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:28.031 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:27.860 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:27.710 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:25.839 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:27:24.619 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:23:54.233 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2015-08-25 16:23:53.903 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: AMD FX(tm)-6300 Six-Core Processor Prozentuale Nutzung des RAM: 53% Installierter physikalischer RAM: 8173.55 MB Verfügbarer physikalischer RAM: 3770.13 MB Summe virtueller Speicher: 16365.55 MB Verfügbarer virtueller Speicher: 9929.23 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:930.97 GB) (Free:644.31 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: D7ED938C) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) ==================== Ende von Addition.txt ============================ Vielen Dank für die Hilfe |
17.09.2015, 19:30 | #5 |
/// the machine /// TB-Ausbilder | Die Seite Watch4 öffnet sich einfach so nö Downloade Dir bitte Malwarebytes Anti-Malware
Downloade Dir bitte AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
17.09.2015, 23:44 | #6 |
| Die Seite Watch4 öffnet sich einfach so MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 18.09.2015 Suchlaufzeit: 00:01 Protokolldatei: MBAM.txt Administrator: Ja Version: 2.1.8.1057 Malware-Datenbank: v2015.09.17.05 Rootkit-Datenbank: v2015.08.16.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Albert Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 476176 Abgelaufene Zeit: 17 Min., 11 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.008 - Bericht erstellt am 18/09/2015 um 00:26:57 # Aktualisiert am 18/09/2015 von Xplode # Datenbank : 2015-09-17.3 [Server] # Betriebssystem : Windows 10 Home (x64) # Benutzername : Albert - ALBERT-PC # Gestartet von : C:\Users\Albert\Desktop\adwcleaner_5.008.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : mcaudrv_simple [-] Dienst Gelöscht : ManyCam ***** [ Ordner ] ***** ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\END ***** [ Verknüpfungen ] ***** ***** [ Geplante Tasks ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\S [-] Schlüssel Gelöscht : HKCU\Software\OCS [!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS ***** [ Internetbrowser ] ***** ************************* :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [977 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.6.2 (09.14.2015:1) OS: Windows 10 Home x64 Ran by Albert on 18.09.2015 at 0:35:47,63 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin ~~~ FireFox Successfully deleted the following from C:\Users\Albert\AppData\Roaming\mozilla\firefox\profiles\gk71w955.default\prefs.js user_pref(extensions.xpiState, {\app-profile\:{\abs@avira.com\:{\d\:\C:\\\\Users\\\\Albert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\gk71w955.defaul ~~~ Chrome Successfully deleted: [Folder] C:\Users\Albert\Appdata\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [C:\Users\Albert\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\Albert\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: ajopnjidmegmdimjlfnijceegpefgped [C:\Users\Albert\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\Albert\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [ ajopnjidmegmdimjlfnijceegpefgped ] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 18.09.2015 at 0:39:39,60 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Albert (Administrator) auf ALBERT-PC (18-09-2015 00:40:59) Gestartet von C:\Users\Albert\Desktop Geladene Profile: Albert (Verfügbare Profile: Albert & Gast & DefaultAppPool) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-04-02] () HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\RunOnce: [Uninstall C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e52ae475-28c6-4012-9b9f-a53a7d7f08f4}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-929755791-1800140602-23206935-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Albert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default\Extensions\abs@avira.com [2015-08-21] FF Extension: Avira SafeSearch Plus - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default\Extensions\safesearchplus@avira.com [2015-07-29] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Default -> Avira CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=de CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\pdf.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\gcswf32.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Profile: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-22] CHR Extension: (YouTube) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-02] CHR Extension: (Adblock Plus) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-02] CHR Extension: (Steam inventory helper) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-08-30] CHR Extension: (Google-Suche) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-02] CHR Extension: (OddShot) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2015-08-24] CHR Extension: (Google Mail) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG) S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert] R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-06-13] () S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-07-04] (BitRaider, LLC) S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123608 2015-05-07] (altPUG LLC) S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation) S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] () S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG) S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) S3 cpuz138; C:\Users\Albert\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2015-08-12] (CPUID) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation) S3 NVFLASH; C:\WINDOWS\system32\drivers\nvflash.sys [15648 2013-04-19] () R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-08-10] (Wellbia.com Co., Ltd.) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-18 00:40 - 2015-09-18 00:41 - 00019378 _____ C:\Users\Albert\Desktop\FRST.txt 2015-09-18 00:39 - 2015-09-18 00:39 - 00001653 _____ C:\Users\Albert\Desktop\JRT.txt 2015-09-18 00:35 - 2015-09-18 00:35 - 01798976 _____ (Malwarebytes) C:\Users\Albert\Desktop\JRT.exe 2015-09-18 00:34 - 2015-09-18 00:35 - 01798976 _____ (Malwarebytes) C:\Users\Albert\Downloads\JRT.exe 2015-09-18 00:31 - 2015-09-18 00:31 - 00016148 _____ C:\WINDOWS\system32\ALBERT-PC_Albert_HistoryPrediction.bin 2015-09-18 00:25 - 2015-09-18 00:26 - 00000000 ____D C:\AdwCleaner 2015-09-18 00:23 - 2015-09-18 00:23 - 01662976 _____ C:\Users\Albert\Downloads\adwcleaner_5.008.exe 2015-09-18 00:23 - 2015-09-18 00:23 - 01662976 _____ C:\Users\Albert\Desktop\adwcleaner_5.008.exe 2015-09-18 00:19 - 2015-09-18 00:19 - 00001197 _____ C:\Users\Albert\Desktop\MBAM.txt 2015-09-17 23:58 - 2015-09-18 00:00 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-17 23:58 - 2015-09-17 23:58 - 00001167 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-17 23:58 - 2015-09-17 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-17 23:58 - 2015-09-17 23:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-17 23:58 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-09-17 23:58 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-09-17 23:58 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-17 23:57 - 2015-09-17 23:58 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Albert\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-17 23:53 - 2015-09-17 23:53 - 00000000 ___HD C:\OneDriveTemp 2015-09-17 07:23 - 2015-09-17 07:25 - 00000417 _____ C:\Users\Albert\Downloads\Search.txt 2015-09-17 07:15 - 2015-09-18 00:41 - 00000000 ____D C:\FRST 2015-09-17 07:15 - 2015-09-17 07:16 - 00068286 _____ C:\Users\Albert\Downloads\Addition.txt 2015-09-17 07:15 - 2015-09-17 07:16 - 00062794 _____ C:\Users\Albert\Downloads\FRST.txt 2015-09-17 07:14 - 2015-09-17 07:14 - 02191360 _____ (Farbar) C:\Users\Albert\Desktop\FRST64.exe 2015-09-17 04:46 - 2015-09-17 04:46 - 00058980 _____ C:\Users\Albert\Desktop\AVSCAN-20150917-022024-40C85419.LOG 2015-09-13 04:09 - 2015-09-13 04:09 - 01868290 _____ C:\Users\Albert\Downloads\desmume-0.9.11-win64.zip 2015-09-13 04:09 - 2015-09-13 04:09 - 00000000 ____D C:\Users\Albert\Desktop\DesMuMe 2015-09-13 04:09 - 2005-12-04 00:11 - 67108864 _____ C:\Users\Albert\Desktop\0083 - Osu! Tatakae! Ouendan! (J)(ProjectG).nds 2015-09-13 04:08 - 2015-09-13 04:08 - 52354890 _____ C:\Users\Albert\Downloads\0083 - Osu! Tatakae! Ouendan! (J)(ProjectG).7z 2015-09-13 03:15 - 2015-09-13 03:29 - 163315280 _____ C:\Users\Albert\Desktop\ts3_recording_15_09_13_3_15_27.wav 2015-09-12 17:51 - 2015-09-12 17:51 - 00040846 _____ C:\Users\Albert\Downloads\Cookiezi+-+Renard+-+Rainbow+Dash+Likes+Girls+(Stay+Gay+Pony+Girl)+[Holy+Shit!+It's+Rainbow+Dash!!]+(2012-11-13)+Osu.osr 2015-09-11 23:38 - 2015-09-11 23:38 - 00030154 _____ C:\Users\Albert\Downloads\wa. - lieselotte (rrtyui) [Insane].osu 2015-09-11 23:23 - 2015-09-11 23:31 - 135115199 _____ C:\Users\Albert\Downloads\IWBTB.zip 2015-09-10 18:55 - 2015-09-10 18:55 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 ____D C:\Users\DefaultAppPool 2015-09-10 18:55 - 2015-08-14 23:10 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-09 21:01 - 2015-09-09 21:51 - 00000000 ____D C:\Users\Albert\Documents\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:12 - 00000000 ____D C:\ProgramData\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:01 - 00001194 _____ C:\Users\Public\Desktop\TMCanyon.lnk 2015-09-09 21:01 - 2015-09-09 21:01 - 00001148 _____ C:\Users\Public\Desktop\ManiaPlanet.lnk 2015-09-09 21:01 - 2015-09-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet 2015-09-09 21:00 - 2015-09-09 21:01 - 127307464 _____ (Nadeo ) C:\Users\Albert\Downloads\Maniaplanet_Setup_TMCanyon.exe 2015-09-09 19:15 - 2015-09-09 19:15 - 00000144 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-09-09 19:15 - 2015-09-09 19:15 - 00000000 ____D C:\Users\Albert\AppData\Roaming\fatshark 2015-09-09 18:55 - 2015-09-09 18:55 - 00262144 ____N C:\WINDOWS\Minidump\090915-29078-01.dmp 2015-09-09 18:23 - 2015-09-09 18:23 - 00000222 _____ C:\Users\Albert\Desktop\Warhammer End Times - Vermintide Public Test.url 2015-09-09 03:52 - 2015-09-09 03:52 - 00000221 _____ C:\Users\Albert\Desktop\PAYDAY The Heist.url 2015-09-09 03:52 - 2015-09-09 03:52 - 00000219 _____ C:\Users\Albert\Desktop\Counter-Strike Global Offensive.url 2015-09-09 00:06 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 00:06 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 00:06 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 00:06 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 00:06 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 00:06 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 00:06 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 00:06 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 00:06 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-09-09 00:06 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 00:06 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 00:06 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 00:06 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 00:06 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 00:06 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 00:06 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 00:06 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 00:06 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 00:06 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 00:06 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 00:06 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 00:06 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 00:06 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 00:06 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-09-09 00:06 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 00:06 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 00:06 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 00:06 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 00:06 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 00:06 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 00:06 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 00:06 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-07 22:53 - 2015-09-07 22:53 - 00262144 ____N C:\WINDOWS\Minidump\090715-34843-01.dmp 2015-09-07 16:05 - 2015-09-11 01:01 - 00000000 ____D C:\Users\Albert\Documents\TrackMania 2015-09-07 16:05 - 2015-09-11 00:04 - 00000000 ____D C:\ProgramData\TrackMania 2015-09-07 16:01 - 2015-09-07 16:01 - 00000221 _____ C:\Users\Albert\Desktop\TrackMania Nations Forever.url 2015-09-06 14:51 - 2015-09-06 14:51 - 00000000 ____D C:\Users\Albert\Desktop\Localisation 2015-09-05 22:56 - 2015-09-05 22:56 - 252166992 _____ C:\Users\Albert\Downloads\Secrets.of.Grindea.v0.600a.zip 2015-09-05 22:55 - 2015-09-05 22:55 - 00019988 _____ C:\Users\Albert\Downloads\Secrets of Grindea v0.600a.torrent 2015-09-05 21:58 - 2015-09-05 22:02 - 00000000 ____D C:\ProgramData\TEMP 2015-09-05 21:58 - 2015-09-05 21:58 - 00000000 ____D C:\ProgramData\Licenses 2015-09-05 21:57 - 2015-09-05 21:57 - 02007544 _____ (Gianpaolo Bottin ) C:\Users\Albert\Downloads\MouseSpeedSetup.exe 2015-09-05 19:12 - 2015-09-05 19:12 - 08388608 _____ C:\Users\Albert\Downloads\Super+Mario+64+(USA) (1).n64 2015-09-05 19:11 - 2015-09-05 19:11 - 08388608 _____ C:\Users\Albert\Downloads\Super+Mario+64+(USA).n64 2015-09-03 13:08 - 2015-09-03 13:08 - 00013282 _____ C:\Users\Albert\Downloads\kuendigung.odt 2015-09-03 13:07 - 2015-09-03 13:07 - 00014099 _____ C:\Users\Albert\Downloads\aufhebungsvertrag (1).odt 2015-09-03 13:05 - 2015-09-03 13:05 - 00014099 _____ C:\Users\Albert\Downloads\aufhebungsvertrag.odt 2015-08-31 17:30 - 2015-08-31 17:30 - 00262144 ____N C:\WINDOWS\Minidump\083115-44750-01.dmp 2015-08-30 11:47 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-30 11:47 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-30 11:47 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-30 11:47 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-30 11:47 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-30 11:47 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-30 11:47 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-30 11:47 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-30 11:47 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-30 11:47 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-30 11:47 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-30 11:47 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-30 11:47 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-30 11:47 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-30 11:47 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-30 11:47 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-30 11:47 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-30 11:47 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-30 11:47 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-30 11:47 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-30 11:47 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-30 11:47 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-30 11:47 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-30 11:47 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-30 11:47 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-30 11:47 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2015-08-30 11:47 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2015-08-30 11:47 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2015-08-30 11:47 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2015-08-30 11:47 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-30 11:47 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2015-08-30 11:47 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-27 10:33 - 2015-08-27 10:34 - 03207904 _____ (Microsoft Corporation) C:\Users\Albert\Downloads\CVH.EXE 2015-08-26 17:25 - 2015-08-26 17:25 - 00001047 _____ C:\Users\Albert\Desktop\osu!.lnk 2015-08-26 15:17 - 2015-08-26 15:17 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-08-26 15:16 - 2015-08-07 06:05 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-08-26 15:14 - 2015-08-07 13:07 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 22551672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 18564728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 16638896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 15627520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 14935968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 13663424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 12186176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 02352248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 02104440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01177016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01063032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01000088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00985392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00931960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00387536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00339576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-08-26 15:10 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-08-26 13:29 - 2015-08-26 13:29 - 00000222 _____ C:\Users\Albert\Desktop\Call of Duty Black Ops III Beta.url 2015-08-26 11:09 - 2015-08-26 11:09 - 03275336 _____ (ppy) C:\Users\Albert\Downloads\osu!.exe 2015-08-26 11:09 - 2015-08-26 11:09 - 03275336 _____ (ppy) C:\Users\Albert\Desktop\osu!.exe 2015-08-24 18:04 - 2015-08-24 18:04 - 06317380 _____ C:\Users\Albert\Downloads\bit_rush.zip 2015-08-24 15:08 - 2015-08-24 15:09 - 00000000 ____D C:\Users\Albert\Desktop\ZSNES 2015-08-24 15:08 - 2015-08-24 15:08 - 00867785 _____ C:\Users\Albert\Downloads\zsnesw151.zip 2015-08-23 23:22 - 2015-08-23 23:22 - 00262144 ____N C:\WINDOWS\Minidump\082315-24453-01.dmp 2015-08-23 22:47 - 2015-08-23 22:47 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-23 22:47 - 2015-08-23 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-23 04:24 - 2015-08-23 04:25 - 00000000 ____D C:\Users\Albert\Desktop\Lunar Magic 2015-08-23 04:24 - 2015-08-23 04:24 - 01163080 _____ C:\Users\Albert\Downloads\lm232.zip 2015-08-23 04:24 - 2015-08-23 04:24 - 00345695 _____ C:\Users\Albert\Downloads\Super Mario World (USA).zip 2015-08-23 01:37 - 2015-08-23 01:37 - 00000222 _____ C:\Users\Albert\Desktop\Magicite.url 2015-08-21 20:10 - 2015-08-21 20:10 - 00000219 _____ C:\Users\Albert\Desktop\Left 4 Dead 2.url 2015-08-21 06:15 - 2015-08-21 06:15 - 11571256 _____ C:\Users\Albert\Downloads\WinRAR-ZIP-Archiv+(neu)+(2).zip 2015-08-21 06:11 - 2015-08-21 06:11 - 20774480 _____ C:\Users\Albert\Downloads\ts3_recording_15_08_20_13_48_5.wav 2015-08-21 06:10 - 2015-08-21 06:10 - 29806160 _____ C:\Users\Albert\Downloads\ts3_recording_15_08_20_13_45_14.wav 2015-08-21 04:11 - 2015-08-21 04:11 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Sun 2015-08-21 04:11 - 2015-08-21 04:11 - 00000000 ____D C:\Users\Albert\.oracle_jre_usage 2015-08-21 04:10 - 2015-08-21 04:10 - 00584288 _____ (Oracle Corporation) C:\Users\Albert\Downloads\jre-8u60-windows-i586-iftw.exe 2015-08-20 03:17 - 2015-08-20 03:17 - 11742295 _____ C:\Users\Albert\Downloads\164075 Tokisawa Nao - BRYNHILDR IN THE DARKNESS -Ver. EJECTED- (1).osz 2015-08-19 05:23 - 2015-08-13 06:22 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2015-08-19 05:23 - 2015-08-13 06:20 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2015-08-19 05:23 - 2015-08-13 05:53 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll 2015-08-19 05:23 - 2015-08-11 12:04 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2015-08-19 05:23 - 2015-08-11 12:04 - 02462648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2015-08-19 05:23 - 2015-08-11 12:04 - 01087296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2015-08-19 05:23 - 2015-08-11 12:03 - 00442208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2015-08-19 05:23 - 2015-08-11 12:02 - 00554744 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll 2015-08-19 05:23 - 2015-08-11 12:02 - 00292856 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe 2015-08-19 05:23 - 2015-08-11 12:02 - 00080720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys 2015-08-19 05:23 - 2015-08-11 11:52 - 00993104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2015-08-19 05:23 - 2015-08-11 11:50 - 01643872 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2015-08-19 05:23 - 2015-08-11 11:40 - 04048808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2015-08-19 05:23 - 2015-08-11 11:40 - 02151208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2015-08-19 05:23 - 2015-08-11 11:40 - 00918320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2015-08-19 05:23 - 2015-08-11 11:38 - 00454000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll 2015-08-19 05:23 - 2015-08-11 11:37 - 00243800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe 2015-08-19 05:23 - 2015-08-11 11:26 - 00845664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll 2015-08-19 05:23 - 2015-08-11 11:23 - 16706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2015-08-19 05:23 - 2015-08-11 11:21 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll 2015-08-19 05:23 - 2015-08-11 11:21 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll 2015-08-19 05:23 - 2015-08-11 11:20 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll 2015-08-19 05:23 - 2015-08-11 11:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll 2015-08-19 05:23 - 2015-08-11 11:18 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2015-08-19 05:23 - 2015-08-11 11:16 - 02416640 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2015-08-19 05:23 - 2015-08-11 11:14 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll 2015-08-19 05:23 - 2015-08-11 11:13 - 00413184 _____ C:\WINDOWS\system32\diagtrack_win.dll 2015-08-19 05:23 - 2015-08-11 11:11 - 02446336 _____ C:\WINDOWS\system32\InputService.dll 2015-08-19 05:23 - 2015-08-11 11:11 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe 2015-08-19 05:23 - 2015-08-11 11:10 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2015-08-19 05:23 - 2015-08-11 11:10 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-19 05:23 - 2015-08-11 11:10 - 00293376 _____ C:\WINDOWS\system32\TextInputFramework.dll 2015-08-19 05:23 - 2015-08-11 11:09 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll 2015-08-19 05:23 - 2015-08-11 11:08 - 00893440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2015-08-19 05:23 - 2015-08-11 11:08 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll 2015-08-19 05:23 - 2015-08-11 11:07 - 01178112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2015-08-19 05:23 - 2015-08-11 11:07 - 00593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2015-08-19 05:23 - 2015-08-11 11:07 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe 2015-08-19 05:23 - 2015-08-11 11:06 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2015-08-19 05:23 - 2015-08-11 11:06 - 02662400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 03527168 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00996352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPermissions.dll 2015-08-19 05:23 - 2015-08-11 11:05 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll 2015-08-19 05:23 - 2015-08-11 11:03 - 02558976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2015-08-19 05:23 - 2015-08-11 11:02 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2015-08-19 05:23 - 2015-08-11 11:02 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll 2015-08-19 05:23 - 2015-08-11 11:01 - 01334784 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll 2015-08-19 05:23 - 2015-08-11 11:00 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2015-08-19 05:23 - 2015-08-11 11:00 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 00642560 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2015-08-19 05:23 - 2015-08-11 10:59 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tetheringclient.dll 2015-08-19 05:23 - 2015-08-11 10:58 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll 2015-08-19 05:23 - 2015-08-11 10:57 - 13024768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2015-08-19 05:23 - 2015-08-11 10:57 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2015-08-19 05:23 - 2015-08-11 10:51 - 01916928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2015-08-19 05:23 - 2015-08-11 10:51 - 01823232 _____ C:\WINDOWS\SysWOW64\InputService.dll 2015-08-19 05:23 - 2015-08-11 10:50 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe 2015-08-19 05:23 - 2015-08-11 10:50 - 00200704 _____ C:\WINDOWS\SysWOW64\TextInputFramework.dll 2015-08-19 05:23 - 2015-08-11 10:50 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2015-08-19 05:23 - 2015-08-11 10:49 - 00586752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2015-08-19 05:23 - 2015-08-11 10:49 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-08-19 05:23 - 2015-08-11 10:48 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll 2015-08-19 05:23 - 2015-08-11 10:47 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll 2015-08-19 05:23 - 2015-08-11 10:45 - 01820672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2015-08-19 05:23 - 2015-08-11 10:43 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll 2015-08-19 05:23 - 2015-08-11 10:42 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2015-08-19 05:23 - 2015-08-11 10:40 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll 2015-08-19 05:23 - 2015-08-11 10:40 - 01112064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll 2015-08-19 05:23 - 2015-08-11 10:39 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe 2015-08-19 05:23 - 2015-08-11 10:38 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-18 00:36 - 2015-07-29 21:07 - 00000000 ____D C:\Users\Albert\OneDrive 2015-09-18 00:32 - 2015-04-02 14:46 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-18 00:32 - 2015-04-02 04:33 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Skype 2015-09-18 00:32 - 2015-04-02 03:35 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-18 00:31 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-18 00:30 - 2015-08-12 07:04 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-18 00:30 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-18 00:30 - 2015-07-10 14:20 - 00341608 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-18 00:29 - 2015-07-29 20:25 - 00150460 _____ C:\WINDOWS\PFRO.log 2015-09-18 00:29 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-09-18 00:28 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-18 00:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-18 00:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-18 00:07 - 2015-04-02 03:35 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-18 00:02 - 2015-04-02 03:35 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-18 00:02 - 2015-04-02 03:35 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-18 00:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-18 00:00 - 2015-04-25 20:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-17 02:19 - 2015-07-29 20:51 - 00000000 ____D C:\Users\Albert\AppData\Local\Packages 2015-09-15 21:36 - 2015-04-03 15:52 - 00000000 ____D C:\Users\Albert\AppData\Local\osu! 2015-09-15 20:43 - 2015-04-02 17:49 - 00000000 ____D C:\Users\Albert\AppData\Roaming\TS3Client 2015-09-15 19:12 - 2015-07-29 21:07 - 00002392 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-15 13:17 - 2015-08-15 22:25 - 00000000 ____D C:\Users\Albert\AppData\Roaming\OBS 2015-09-15 12:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-09-13 22:47 - 2015-07-31 19:05 - 00005326 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ALBERT-PC-Albert Albert-PC 2015-09-13 01:10 - 2015-05-15 20:13 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-09-12 17:32 - 2015-04-02 03:35 - 00000000 ____D C:\Users\Albert\AppData\Local\Google 2015-09-12 15:03 - 2015-07-29 20:33 - 00229076 _____ C:\WINDOWS\DPINST.LOG 2015-09-12 15:02 - 2015-07-10 14:20 - 00020025 _____ C:\WINDOWS\setupact.log 2015-09-11 22:20 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-09-11 21:28 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-11 21:28 - 2015-04-05 03:50 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-11 06:46 - 2015-07-29 20:37 - 00000000 ____D C:\Users\Albert 2015-09-11 02:12 - 2015-04-23 18:30 - 00000000 ____D C:\Users\Albert\AppData\Roaming\.minecraft 2015-09-10 05:44 - 2015-05-20 22:57 - 00000000 ____D C:\Users\Albert\AppData\Local\Battle.net 2015-09-10 00:15 - 2015-05-31 15:47 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2015-09-09 20:14 - 2015-05-20 22:57 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-09-09 18:55 - 2015-08-07 03:44 - 00000000 ____D C:\WINDOWS\Minidump 2015-09-09 18:36 - 2015-04-02 17:06 - 00063064 _____ C:\WINDOWS\DirectX.log 2015-09-09 18:23 - 2015-05-30 16:08 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-09-08 17:46 - 2015-07-29 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-08 17:46 - 2015-05-03 13:03 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-06 14:19 - 2015-04-02 17:49 - 00000000 ____D C:\Users\Albert\AppData\Local\TeamSpeak 3 Client 2015-09-05 22:59 - 2015-07-31 02:37 - 00000000 ____D C:\Users\Albert\Desktop\Secrets.of.Grindea.v0.600a 2015-09-03 13:07 - 2015-04-16 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-03 13:07 - 2015-04-16 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-01 15:51 - 2015-04-27 16:49 - 00000000 ____D C:\Users\Albert\Desktop\Errything 2015-08-31 17:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-26 18:37 - 2015-04-05 03:50 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-26 17:25 - 2015-04-03 15:52 - 00001055 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2015-08-26 17:00 - 2015-08-13 01:02 - 00000000 ____D C:\Users\Albert\Documents\Heroes of the Storm 2015-08-26 17:00 - 2015-06-05 23:57 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-08-26 16:12 - 2015-05-22 12:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-08-26 15:17 - 2015-08-12 07:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-26 15:17 - 2015-07-29 20:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-26 15:11 - 2015-08-12 07:05 - 00001446 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-08-23 23:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-23 22:47 - 2015-04-02 04:33 - 00000000 ____D C:\ProgramData\Skype 2015-08-21 04:11 - 2015-04-04 23:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-08-21 04:11 - 2015-04-04 23:28 - 00000000 ____D C:\ProgramData\Oracle 2015-08-21 04:11 - 2015-04-04 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-21 04:11 - 2015-04-04 23:27 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-21 03:43 - 2015-08-14 21:49 - 00000000 ____D C:\Users\Albert\AppData\Roaming\NVIDIA 2015-08-19 02:36 - 2015-07-21 22:53 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Secrets of Grindea ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-09 19:15 - 2015-09-09 19:15 - 0000144 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Albert\AppData\Local\Temp\0Kraken0502DevProps.dll C:\Users\Albert\AppData\Local\Temp\4eacffb7297b2a4180dd749771530e33.dll C:\Users\Albert\AppData\Local\Temp\avgnt.exe C:\Users\Albert\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll C:\Users\Albert\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Albert\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Albert\AppData\Local\Temp\nvStInst.exe C:\Users\Albert\AppData\Local\Temp\speccycpuid.dll C:\Users\Albert\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-11 21:12 ==================== Ende von FRST.txt ============================ |
18.09.2015, 20:44 | #7 |
/// the machine /// TB-Ausbilder | Die Seite Watch4 öffnet sich einfach soESET Online Scanner
Downloade Dir bitte SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
19.09.2015, 06:44 | #8 |
| Die Seite Watch4 öffnet sich einfach so SecurityCheck: Code:
ATTFilter Results of screen317's Security Check version 1.008 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Avira Antivirus Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 60 Adobe Flash Player 18.0.0.232 Adobe Reader XI Mozilla Firefox 38.0.1 Firefox out of Date! Google Chrome (45.0.2454.85) Google Chrome (45.0.2454.93) ````````Process Check: objlist.exe by Laurent```````` Windows Defender MSMpEng.exe Avira Antivir avgnt.exe Avira Antivir avguard.exe Avira Antivirus sched.exe Avira Antivirus avshadow.exe ESET ESET Online Scanner OnlineScannerApp.exe ESET ESET Online Scanner OnlineCmdLineScanner.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=561548d15a240f49ac4c14d5361414c7 # end=init # utc_time=2015-09-19 01:17:30 # local_time=2015-09-19 03:17:30 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download esets_scanner_update returned -1 esets_gle=37126 Update Finalize Updated modules version: 0 Old modules - leave modules Update Init Update Download Update Init Update Download Update Init Update Download Update Finalize Updated modules version: 25838 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=561548d15a240f49ac4c14d5361414c7 # end=updated # utc_time=2015-09-19 01:26:07 # local_time=2015-09-19 03:26:07 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=561548d15a240f49ac4c14d5361414c7 # end=init # utc_time=2015-09-19 03:32:03 # local_time=2015-09-19 05:32:03 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download esets_scanner_update returned -1 esets_gle=53251 Update Finalize Updated modules version: 25838 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=561548d15a240f49ac4c14d5361414c7 # end=updated # utc_time=2015-09-19 03:32:20 # local_time=2015-09-19 05:32:20 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=561548d15a240f49ac4c14d5361414c7 # engine=25838 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-09-19 05:38:49 # local_time=2015-09-19 07:38:49 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 0 6115141 0 0 # scanned=368076 # found=1 # cleaned=0 # scan_time=7588 sh=9059E7D33F2C77B1A13DE457E6A56C99136D7056 ft=1 fh=6d85a4dc6dcf1c1c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Albert\Downloads\windows 10 final 64 bit - chip-installer.exe" Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:15-09-2015 durchgeführt von Albert (Administrator) auf ALBERT-PC (19-09-2015 07:42:07) Gestartet von C:\Users\Albert\Desktop Geladene Profile: Albert (Verfügbare Profile: Albert & Gast & DefaultAppPool) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe () C:\Windows\SysWOW64\ASGT.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe () C:\Program Files (x86)\puush\puush.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Razer Inc) C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe () C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe (Razer, Inc.) C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe (Razer, Inc.) C:\Users\Albert\AppData\Local\Razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\SndVol.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [593216 2015-08-11] (Razer Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-26] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Kraken0502Launcher] => C:\Program Files (x86)\Razer\Razer_Kraken0502_Driver\Drivers\SysAudio\Kraken0502Helper.exe [1599808 2015-08-14] (Razer Inc) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe [568904 2015-04-02] () HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.) HKU\S-1-5-21-929755791-1800140602-23206935-1000\...\RunOnce: [Uninstall C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Albert\AppData\Local\Microsoft\OneDrive\17.3.5892.0626_1\amd64" ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Albert\AppData\Roaming\Dropbox\bin\DropboxExt64.25.dll [2015-03-31] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{e52ae475-28c6-4012-9b9f-a53a7d7f08f4}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-21] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-929755791-1800140602-23206935-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Albert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default\Extensions\abs@avira.com [2015-08-21] FF Extension: Avira SafeSearch Plus - C:\Users\Albert\AppData\Roaming\Mozilla\Firefox\Profiles\gk71w955.default\Extensions\safesearchplus@avira.com [2015-07-29] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://safesearch.avira.com/#web/result?source=omnibar&q={searchTerms} CHR DefaultSearchKeyword: Default -> Avira CHR DefaultSuggestURL: Default -> hxxps://safesearch.avira.com/suggestions?q={searchTerms}&li=ff&hl=de CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\ppGoogleNaClPluginChrome.dll => Keine Datei CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\pdf.dll => Keine Datei CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.93\gcswf32.dll => Keine Datei CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.) CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.99\npGoogleUpdate3.dll => Keine Datei CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Profile: C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (ProxFlow) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2015-05-22] CHR Extension: (BetterTTV) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-09-19] CHR Extension: (YouTube) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-02] CHR Extension: (Adblock Plus) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-04-02] CHR Extension: (Steam inventory helper) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-08-30] CHR Extension: (Google-Suche) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-02] CHR Extension: (ReChat for Twitch™) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ipplilmaapjjklilmmaccfemdmhkoacd [2015-09-18] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-02] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-02] CHR Extension: (OddShot) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2015-08-24] CHR Extension: (Google Mail) - C:\Users\Albert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert] S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-07-15] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-26] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-26] (Avira Operations GmbH & Co. KG) R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert] S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1060352 2015-06-13] () S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2015-07-04] (BitRaider, LLC) S3 celavimushost; C:\Program Files (x86)\CEVO\CSGO Client Beta\CelavimusClientHelper.exe [123608 2015-05-07] (altPUG LLC) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-07-29] (Microsoft Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation) S2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] () R2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.) S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-07-29] (Microsoft Corporation) R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-07-29] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-07-15] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-07-15] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-07-15] (Avira Operations GmbH & Co. KG) S3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) S3 cpuz138; C:\Users\Albert\AppData\Local\Temp\cpuz138\cpuz138_x64.sys [28392 2015-08-12] (CPUID) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [113880 2015-09-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-07-29] (Microsoft Corporation) S3 NVFLASH; C:\WINDOWS\system32\drivers\nvflash.sys [15648 2013-04-19] () R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 rzendpt; C:\Windows\System32\drivers\rzendpt.sys [50392 2015-08-13] (Razer Inc) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.) R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [129472 2015-06-27] (Razer, Inc.) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [37416 2015-08-10] (Wellbia.com Co., Ltd.) S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X] U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-19 06:21 - 2015-09-19 06:21 - 00016148 _____ C:\WINDOWS\system32\ALBERT-PC_Albert_HistoryPrediction.bin 2015-09-19 05:29 - 2015-09-19 05:29 - 00262144 ____N C:\WINDOWS\Minidump\091915-21640-01.dmp 2015-09-19 04:44 - 2015-09-19 04:44 - 00852704 _____ C:\Users\Albert\Downloads\SecurityCheck.exe 2015-09-19 04:44 - 2015-09-19 04:44 - 00852704 _____ C:\Users\Albert\Desktop\SecurityCheck.exe 2015-09-19 03:17 - 2015-09-19 03:17 - 00000000 ____D C:\Program Files (x86)\ESET 2015-09-19 03:16 - 2015-09-19 03:17 - 02870984 _____ (ESET) C:\Users\Albert\Desktop\esetsmartinstaller_deu.exe 2015-09-19 03:15 - 2015-09-19 03:16 - 02870984 _____ (ESET) C:\Users\Albert\Downloads\esetsmartinstaller_deu.exe 2015-09-18 00:41 - 2015-09-18 00:42 - 00055116 _____ C:\Users\Albert\Desktop\Addition.txt 2015-09-18 00:40 - 2015-09-19 07:42 - 00022172 _____ C:\Users\Albert\Desktop\FRST.txt 2015-09-18 00:39 - 2015-09-18 00:39 - 00001653 _____ C:\Users\Albert\Desktop\JRT.txt 2015-09-18 00:35 - 2015-09-18 00:35 - 01798976 _____ (Malwarebytes) C:\Users\Albert\Desktop\JRT.exe 2015-09-18 00:34 - 2015-09-18 00:35 - 01798976 _____ (Malwarebytes) C:\Users\Albert\Downloads\JRT.exe 2015-09-18 00:25 - 2015-09-18 00:26 - 00000000 ____D C:\AdwCleaner 2015-09-18 00:23 - 2015-09-18 00:23 - 01662976 _____ C:\Users\Albert\Downloads\adwcleaner_5.008.exe 2015-09-18 00:23 - 2015-09-18 00:23 - 01662976 _____ C:\Users\Albert\Desktop\adwcleaner_5.008.exe 2015-09-18 00:19 - 2015-09-18 00:19 - 00001197 _____ C:\Users\Albert\Desktop\MBAM.txt 2015-09-17 23:58 - 2015-09-18 00:00 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-09-17 23:58 - 2015-09-17 23:58 - 00001167 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-09-17 23:58 - 2015-09-17 23:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-17 23:58 - 2015-09-17 23:58 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-17 23:58 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-09-17 23:58 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-09-17 23:58 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2015-09-17 23:57 - 2015-09-17 23:58 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Albert\Downloads\mbam-setup-2.1.8.1057.exe 2015-09-17 23:53 - 2015-09-17 23:53 - 00000000 ___HD C:\OneDriveTemp 2015-09-17 07:23 - 2015-09-17 07:25 - 00000417 _____ C:\Users\Albert\Downloads\Search.txt 2015-09-17 07:15 - 2015-09-19 07:42 - 00000000 ____D C:\FRST 2015-09-17 07:15 - 2015-09-17 07:16 - 00068286 _____ C:\Users\Albert\Downloads\Addition.txt 2015-09-17 07:15 - 2015-09-17 07:16 - 00062794 _____ C:\Users\Albert\Downloads\FRST.txt 2015-09-17 07:14 - 2015-09-17 07:14 - 02191360 _____ (Farbar) C:\Users\Albert\Desktop\FRST64.exe 2015-09-17 04:46 - 2015-09-17 04:46 - 00058980 _____ C:\Users\Albert\Desktop\AVSCAN-20150917-022024-40C85419.LOG 2015-09-13 04:09 - 2015-09-13 04:09 - 01868290 _____ C:\Users\Albert\Downloads\desmume-0.9.11-win64.zip 2015-09-13 04:09 - 2015-09-13 04:09 - 00000000 ____D C:\Users\Albert\Desktop\DesMuMe 2015-09-13 04:09 - 2005-12-04 00:11 - 67108864 _____ C:\Users\Albert\Desktop\0083 - Osu! Tatakae! Ouendan! (J)(ProjectG).nds 2015-09-13 04:08 - 2015-09-13 04:08 - 52354890 _____ C:\Users\Albert\Downloads\0083 - Osu! Tatakae! Ouendan! (J)(ProjectG).7z 2015-09-13 03:15 - 2015-09-13 03:29 - 163315280 _____ C:\Users\Albert\Desktop\ts3_recording_15_09_13_3_15_27.wav 2015-09-12 17:51 - 2015-09-12 17:51 - 00040846 _____ C:\Users\Albert\Downloads\Cookiezi+-+Renard+-+Rainbow+Dash+Likes+Girls+(Stay+Gay+Pony+Girl)+[Holy+Shit!+It's+Rainbow+Dash!!]+(2012-11-13)+Osu.osr 2015-09-11 23:38 - 2015-09-11 23:38 - 00030154 _____ C:\Users\Albert\Downloads\wa. - lieselotte (rrtyui) [Insane].osu 2015-09-11 23:23 - 2015-09-11 23:31 - 135115199 _____ C:\Users\Albert\Downloads\IWBTB.zip 2015-09-10 18:55 - 2015-09-10 18:55 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten 2015-09-10 18:55 - 2015-09-10 18:55 - 00000000 ____D C:\Users\DefaultAppPool 2015-09-10 18:55 - 2015-08-14 23:10 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 __RSD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ___RD C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2015-09-10 18:55 - 2015-07-10 13:04 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-09-09 21:01 - 2015-09-09 21:51 - 00000000 ____D C:\Users\Albert\Documents\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:12 - 00000000 ____D C:\ProgramData\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\ManiaPlanet 2015-09-09 21:01 - 2015-09-09 21:01 - 00001194 _____ C:\Users\Public\Desktop\TMCanyon.lnk 2015-09-09 21:01 - 2015-09-09 21:01 - 00001148 _____ C:\Users\Public\Desktop\ManiaPlanet.lnk 2015-09-09 21:01 - 2015-09-09 21:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ManiaPlanet 2015-09-09 21:00 - 2015-09-09 21:01 - 127307464 _____ (Nadeo ) C:\Users\Albert\Downloads\Maniaplanet_Setup_TMCanyon.exe 2015-09-09 19:15 - 2015-09-09 19:15 - 00000144 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2015-09-09 19:15 - 2015-09-09 19:15 - 00000000 ____D C:\Users\Albert\AppData\Roaming\fatshark 2015-09-09 18:55 - 2015-09-09 18:55 - 00262144 ____N C:\WINDOWS\Minidump\090915-29078-01.dmp 2015-09-09 18:23 - 2015-09-09 18:23 - 00000222 _____ C:\Users\Albert\Desktop\Warhammer End Times - Vermintide Public Test.url 2015-09-09 03:52 - 2015-09-09 03:52 - 00000221 _____ C:\Users\Albert\Desktop\PAYDAY The Heist.url 2015-09-09 03:52 - 2015-09-09 03:52 - 00000219 _____ C:\Users\Albert\Desktop\Counter-Strike Global Offensive.url 2015-09-09 00:06 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll 2015-09-09 00:06 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2015-09-09 00:06 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2015-09-09 00:06 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-09-09 00:06 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe 2015-09-09 00:06 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2015-09-09 00:06 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-09-09 00:06 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-09-09 00:06 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe 2015-09-09 00:06 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll 2015-09-09 00:06 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2015-09-09 00:06 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2015-09-09 00:06 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2015-09-09 00:06 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-09-09 00:06 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-09-09 00:06 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-09-09 00:06 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2015-09-09 00:06 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2015-09-09 00:06 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll 2015-09-09 00:06 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll 2015-09-09 00:06 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll 2015-09-09 00:06 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-09-09 00:06 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll 2015-09-09 00:06 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2015-09-09 00:06 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2015-09-09 00:06 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll 2015-09-09 00:06 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-09-09 00:06 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-09-09 00:06 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2015-09-09 00:06 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll 2015-09-09 00:06 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-09-09 00:06 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll 2015-09-07 22:53 - 2015-09-07 22:53 - 00262144 ____N C:\WINDOWS\Minidump\090715-34843-01.dmp 2015-09-07 16:05 - 2015-09-11 01:01 - 00000000 ____D C:\Users\Albert\Documents\TrackMania 2015-09-07 16:05 - 2015-09-11 00:04 - 00000000 ____D C:\ProgramData\TrackMania 2015-09-07 16:01 - 2015-09-07 16:01 - 00000221 _____ C:\Users\Albert\Desktop\TrackMania Nations Forever.url 2015-09-06 14:51 - 2015-09-06 14:51 - 00000000 ____D C:\Users\Albert\Desktop\Localisation 2015-09-05 22:56 - 2015-09-05 22:56 - 252166992 _____ C:\Users\Albert\Downloads\Secrets.of.Grindea.v0.600a.zip 2015-09-05 22:55 - 2015-09-05 22:55 - 00019988 _____ C:\Users\Albert\Downloads\Secrets of Grindea v0.600a.torrent 2015-09-05 21:58 - 2015-09-05 22:02 - 00000000 ____D C:\ProgramData\TEMP 2015-09-05 21:58 - 2015-09-05 21:58 - 00000000 ____D C:\ProgramData\Licenses 2015-09-05 21:57 - 2015-09-05 21:57 - 02007544 _____ (Gianpaolo Bottin ) C:\Users\Albert\Downloads\MouseSpeedSetup.exe 2015-09-05 19:12 - 2015-09-05 19:12 - 08388608 _____ C:\Users\Albert\Downloads\Super+Mario+64+(USA) (1).n64 2015-09-05 19:11 - 2015-09-05 19:11 - 08388608 _____ C:\Users\Albert\Downloads\Super+Mario+64+(USA).n64 2015-09-03 13:08 - 2015-09-03 13:08 - 00013282 _____ C:\Users\Albert\Downloads\kuendigung.odt 2015-09-03 13:07 - 2015-09-03 13:07 - 00014099 _____ C:\Users\Albert\Downloads\aufhebungsvertrag (1).odt 2015-09-03 13:05 - 2015-09-03 13:05 - 00014099 _____ C:\Users\Albert\Downloads\aufhebungsvertrag.odt 2015-08-31 17:30 - 2015-08-31 17:30 - 00262144 ____N C:\WINDOWS\Minidump\083115-44750-01.dmp 2015-08-30 11:47 - 2015-08-20 08:07 - 08019296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-08-30 11:47 - 2015-08-20 08:06 - 00609592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2015-08-30 11:47 - 2015-08-20 08:02 - 22324656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2015-08-30 11:47 - 2015-08-20 07:26 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2015-08-30 11:47 - 2015-08-20 07:21 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll 2015-08-30 11:47 - 2015-08-20 07:16 - 20857848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2015-08-30 11:47 - 2015-08-20 07:13 - 02235904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-08-30 11:47 - 2015-08-18 09:56 - 02498808 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:55 - 00373072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2015-08-30 11:47 - 2015-08-18 09:54 - 01396064 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll 2015-08-30 11:47 - 2015-08-18 09:27 - 01771592 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2015-08-30 11:47 - 2015-08-18 09:24 - 00963920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll 2015-08-30 11:47 - 2015-08-18 09:13 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll 2015-08-30 11:47 - 2015-08-18 09:13 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2015-08-30 11:47 - 2015-08-18 09:12 - 02225664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2015-08-30 11:47 - 2015-08-18 09:07 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2015-08-30 11:47 - 2015-08-18 09:04 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2015-08-30 11:47 - 2015-08-18 09:04 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2015-08-30 11:47 - 2015-08-18 08:59 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll 2015-08-30 11:47 - 2015-08-18 08:59 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnApi.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWCN.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWCN.dll 2015-08-30 11:47 - 2015-08-18 08:58 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WcnNetsh.dll 2015-08-30 11:47 - 2015-08-18 08:57 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2015-08-30 11:47 - 2015-08-18 08:56 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll 2015-08-30 11:47 - 2015-08-18 08:55 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2015-08-30 11:47 - 2015-08-18 08:54 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2015-08-30 11:47 - 2015-08-18 08:54 - 00247296 _____ C:\WINDOWS\system32\facecredentialprovider.dll 2015-08-30 11:47 - 2015-08-18 08:52 - 01888768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2015-08-30 11:47 - 2015-08-18 08:50 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 01061888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2015-08-30 11:47 - 2015-08-18 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll 2015-08-30 11:47 - 2015-08-18 08:36 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll 2015-08-30 11:47 - 2015-08-18 08:35 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WcnApi.dll 2015-08-30 11:47 - 2015-08-18 08:35 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWCN.dll 2015-08-30 11:47 - 2015-08-18 08:34 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll 2015-08-30 11:47 - 2015-08-18 08:29 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2015-08-30 11:47 - 2015-08-18 08:26 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll 2015-08-30 11:47 - 2015-08-18 06:44 - 00008847 _____ C:\WINDOWS\system32\ResPriHMImageList 2015-08-27 10:33 - 2015-08-27 10:34 - 03207904 _____ (Microsoft Corporation) C:\Users\Albert\Downloads\CVH.EXE 2015-08-26 17:25 - 2015-08-26 17:25 - 00001047 _____ C:\Users\Albert\Desktop\osu!.lnk 2015-08-26 15:17 - 2015-08-26 15:17 - 00002202 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk 2015-08-26 15:16 - 2015-08-07 06:05 - 00573048 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe 2015-08-26 15:14 - 2015-08-07 13:07 - 42840184 _____ C:\WINDOWS\system32\nvcompiler.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 37819184 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 22551672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 18564728 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 16638896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 15627520 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 14935968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 13663424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 12186176 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 02352248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 02104440 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01898288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435560.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01558832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435560.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01177016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01063032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01061168 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 01000088 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00985392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00931960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00787200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00632848 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00408184 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00387536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00376440 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00364152 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00339576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00316120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00176904 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00155792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00150832 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll 2015-08-26 15:14 - 2015-08-07 13:07 - 00128696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll 2015-08-26 15:10 - 2015-08-11 06:52 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll 2015-08-26 13:29 - 2015-08-26 13:29 - 00000222 _____ C:\Users\Albert\Desktop\Call of Duty Black Ops III Beta.url 2015-08-26 11:09 - 2015-08-26 11:09 - 03275336 _____ (ppy) C:\Users\Albert\Downloads\osu!.exe 2015-08-26 11:09 - 2015-08-26 11:09 - 03275336 _____ (ppy) C:\Users\Albert\Desktop\osu!.exe 2015-08-24 18:04 - 2015-08-24 18:04 - 06317380 _____ C:\Users\Albert\Downloads\bit_rush.zip 2015-08-24 15:08 - 2015-08-24 15:09 - 00000000 ____D C:\Users\Albert\Desktop\ZSNES 2015-08-24 15:08 - 2015-08-24 15:08 - 00867785 _____ C:\Users\Albert\Downloads\zsnesw151.zip 2015-08-23 23:22 - 2015-08-23 23:22 - 00262144 ____N C:\WINDOWS\Minidump\082315-24453-01.dmp 2015-08-23 22:47 - 2015-08-23 22:47 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-08-23 22:47 - 2015-08-23 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-08-23 04:24 - 2015-08-23 04:25 - 00000000 ____D C:\Users\Albert\Desktop\Lunar Magic 2015-08-23 04:24 - 2015-08-23 04:24 - 01163080 _____ C:\Users\Albert\Downloads\lm232.zip 2015-08-23 04:24 - 2015-08-23 04:24 - 00345695 _____ C:\Users\Albert\Downloads\Super Mario World (USA).zip 2015-08-23 01:37 - 2015-08-23 01:37 - 00000222 _____ C:\Users\Albert\Desktop\Magicite.url 2015-08-21 20:10 - 2015-08-21 20:10 - 00000219 _____ C:\Users\Albert\Desktop\Left 4 Dead 2.url 2015-08-21 06:15 - 2015-08-21 06:15 - 11571256 _____ C:\Users\Albert\Downloads\WinRAR-ZIP-Archiv+(neu)+(2).zip 2015-08-21 06:11 - 2015-08-21 06:11 - 20774480 _____ C:\Users\Albert\Downloads\ts3_recording_15_08_20_13_48_5.wav 2015-08-21 06:10 - 2015-08-21 06:10 - 29806160 _____ C:\Users\Albert\Downloads\ts3_recording_15_08_20_13_45_14.wav 2015-08-21 04:11 - 2015-08-21 04:11 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Sun 2015-08-21 04:11 - 2015-08-21 04:11 - 00000000 ____D C:\Users\Albert\.oracle_jre_usage 2015-08-21 04:10 - 2015-08-21 04:10 - 00584288 _____ (Oracle Corporation) C:\Users\Albert\Downloads\jre-8u60-windows-i586-iftw.exe 2015-08-20 03:17 - 2015-08-20 03:17 - 11742295 _____ C:\Users\Albert\Downloads\164075 Tokisawa Nao - BRYNHILDR IN THE DARKNESS -Ver. EJECTED- (1).osz ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-09-19 07:35 - 2015-04-02 04:33 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Skype 2015-09-19 07:31 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru 2015-09-19 07:10 - 2015-05-15 20:13 - 00000892 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job 2015-09-19 07:07 - 2015-04-02 03:35 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-09-19 07:00 - 2015-04-25 20:17 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-09-19 06:57 - 2015-07-10 14:22 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log 2015-09-19 05:31 - 2015-07-29 21:07 - 00000000 ____D C:\Users\Albert\OneDrive 2015-09-19 05:31 - 2015-04-02 14:46 - 00000000 ____D C:\Program Files (x86)\Steam 2015-09-19 05:31 - 2015-04-02 03:35 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-09-19 05:30 - 2015-07-29 20:37 - 00000000 ____D C:\Users\Albert 2015-09-19 05:29 - 2015-08-12 07:04 - 00000000 ____D C:\ProgramData\NVIDIA 2015-09-19 05:29 - 2015-08-07 03:44 - 00000000 ____D C:\WINDOWS\Minidump 2015-09-19 05:29 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-09-19 04:22 - 2015-04-03 15:52 - 00000000 ____D C:\Users\Albert\AppData\Local\osu! 2015-09-19 03:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-09-18 01:09 - 2015-07-31 19:05 - 00005326 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for ALBERT-PC-Albert Albert-PC 2015-09-18 00:30 - 2015-07-10 14:20 - 00341608 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-09-18 00:29 - 2015-07-29 20:25 - 00150460 _____ C:\WINDOWS\PFRO.log 2015-09-18 00:29 - 2015-07-10 11:05 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-09-18 00:28 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-18 00:28 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser 2015-09-18 00:02 - 2015-04-02 03:35 - 00004196 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-18 00:02 - 2015-04-02 03:35 - 00003964 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-17 02:19 - 2015-07-29 20:51 - 00000000 ____D C:\Users\Albert\AppData\Local\Packages 2015-09-15 20:43 - 2015-04-02 17:49 - 00000000 ____D C:\Users\Albert\AppData\Roaming\TS3Client 2015-09-15 19:12 - 2015-07-29 21:07 - 00002392 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-09-15 13:17 - 2015-08-15 22:25 - 00000000 ____D C:\Users\Albert\AppData\Roaming\OBS 2015-09-15 12:35 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-09-12 17:32 - 2015-04-02 03:35 - 00000000 ____D C:\Users\Albert\AppData\Local\Google 2015-09-12 15:03 - 2015-07-29 20:33 - 00229076 _____ C:\WINDOWS\DPINST.LOG 2015-09-12 15:02 - 2015-07-10 14:20 - 00020025 _____ C:\WINDOWS\setupact.log 2015-09-11 22:20 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache 2015-09-11 21:28 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-09-11 21:28 - 2015-04-05 03:50 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-09-11 02:12 - 2015-04-23 18:30 - 00000000 ____D C:\Users\Albert\AppData\Roaming\.minecraft 2015-09-10 05:44 - 2015-05-20 22:57 - 00000000 ____D C:\Users\Albert\AppData\Local\Battle.net 2015-09-10 00:15 - 2015-05-31 15:47 - 00000000 ____D C:\Program Files (x86)\World of Warcraft 2015-09-09 20:14 - 2015-05-20 22:57 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-09-09 18:36 - 2015-04-02 17:06 - 00063064 _____ C:\WINDOWS\DirectX.log 2015-09-09 18:23 - 2015-05-30 16:08 - 00000000 ____D C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-09-08 17:46 - 2015-07-29 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-09-08 17:46 - 2015-05-03 13:03 - 00000000 ____D C:\ProgramData\Package Cache 2015-09-06 14:19 - 2015-04-02 17:49 - 00000000 ____D C:\Users\Albert\AppData\Local\TeamSpeak 3 Client 2015-09-05 22:59 - 2015-07-31 02:37 - 00000000 ____D C:\Users\Albert\Desktop\Secrets.of.Grindea.v0.600a 2015-09-03 13:07 - 2015-04-16 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-09-03 13:07 - 2015-04-16 15:05 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-09-01 15:51 - 2015-04-27 16:49 - 00000000 ____D C:\Users\Albert\Desktop\Errything 2015-08-31 17:32 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\oobe 2015-08-26 18:37 - 2015-04-05 03:50 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-08-26 17:25 - 2015-04-03 15:52 - 00001055 _____ C:\Users\Albert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk 2015-08-26 17:00 - 2015-08-13 01:02 - 00000000 ____D C:\Users\Albert\Documents\Heroes of the Storm 2015-08-26 17:00 - 2015-06-05 23:57 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-08-26 16:12 - 2015-05-22 12:56 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-08-26 15:17 - 2015-08-12 07:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation 2015-08-26 15:17 - 2015-07-29 20:28 - 00000000 ____D C:\ProgramData\NVIDIA Corporation 2015-08-26 15:11 - 2015-08-12 07:05 - 00001446 _____ C:\Users\Public\Desktop\GeForce Experience.lnk 2015-08-23 23:24 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2015-08-23 22:47 - 2015-04-02 04:33 - 00000000 ____D C:\ProgramData\Skype 2015-08-21 04:11 - 2015-04-04 23:28 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-08-21 04:11 - 2015-04-04 23:28 - 00000000 ____D C:\ProgramData\Oracle 2015-08-21 04:11 - 2015-04-04 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-08-21 04:11 - 2015-04-04 23:27 - 00000000 ____D C:\Program Files (x86)\Java 2015-08-21 03:43 - 2015-08-14 21:49 - 00000000 ____D C:\Users\Albert\AppData\Roaming\NVIDIA ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-09 19:15 - 2015-09-09 19:15 - 0000144 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Albert\AppData\Local\Temp\0Kraken0502DevProps.dll C:\Users\Albert\AppData\Local\Temp\4eacffb7297b2a4180dd749771530e33.dll C:\Users\Albert\AppData\Local\Temp\avgnt.exe C:\Users\Albert\AppData\Local\Temp\d4f5d244a0909d75573750c06e9db24d.dll C:\Users\Albert\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Albert\AppData\Local\Temp\nvSCPAPI64.dll C:\Users\Albert\AppData\Local\Temp\nvStInst.exe C:\Users\Albert\AppData\Local\Temp\speccycpuid.dll C:\Users\Albert\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-09-11 21:12 ==================== Ende von FRST.txt ============================ Jedoch habe ich seit geraumer Zeit noch Probleme mit meinem PC. Nach dem Boot ist er sehr langsam beim Öffnen von Dateien, Programmen, etc., nicht so wie früher. Außerdem startet er sich seltsamerweise manchmal selbst neu. Könntest du mir bei diesen Problemen auch helfen? |
19.09.2015, 21:52 | #9 |
/// the machine /// TB-Ausbilder | Die Seite Watch4 öffnet sich einfach so Ist damit dieser PC gemeint oder ein anderer?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.09.2015, 02:26 | #10 |
| Die Seite Watch4 öffnet sich einfach so Damit ist der selbe PC gemeint. |
20.09.2015, 12:24 | #11 |
/// the machine /// TB-Ausbilder | Die Seite Watch4 öffnet sich einfach so http://support2.microsoft.com/kb/929135/de Bitte einen Clean Boot machen. Wenn das Problem dann weg ist, einzeln wieder Dienste aktivieren, dazwischen immer einen Reboot machen. Solange bis Du weißt welcher Dienst die Probleme macht. Diesen dann hier benennen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
20.09.2015, 14:45 | #12 |
| Die Seite Watch4 öffnet sich einfach so Hey, ich habe einen Clean Boot gemacht, dabei die Microsoft-Dienste angelassen, wie es auf der Seite stand, habe dennoch immer noch das selbe Problem, also kann es von meinen installierten Sachen nicht sein. Btw, ich habe vergessen zu erwähnen, dass auch das Öffnen von Dateien oder Seiten etwas zu lange dauert, als es sollte. |
21.09.2015, 14:13 | #13 |
/// the machine /// TB-Ausbilder | Die Seite Watch4 öffnet sich einfach so Nee, dann liegt es an Windows selbst oder an der Hardware.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Die Seite Watch4 öffnet sich einfach so |
angst, chrome, einfach, eingefangen, freue, gefangen, google, google chrome, guten, heute, hilfe, lästige, meinem, morgen, seite, titel, troja, trojaner/virus, watch, watch4, watch4.de, würde, öffnet |