Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: FW:Important Mails verschickt, vermutlich Link angeklickt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 01.10.2015, 13:47   #1
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Icon16

FW:Important Mails verschickt, vermutlich Link angeklickt



Hallo zusammen,
ich kämpfe nun schon einige Tage damit, dass meine Emailadresse den oben genannten und bekannten Betreff verschickt. Mehrere Passwortänderungen konnten das Problem nicht eindämmen. Ich bin mir nicht 100% sicher ob ich nicht blöderweise einmal den Link angeklickt habe. Nun habe ich große Angst befallen zu sein. Wie in anderen Threads gelesen habe ich eine überprüfung mit FRST durchgeführt, den Code werde ich nun anhängen. Ich hoffe ihr könnt mir Helfen und Tipps geben.

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
durchgeführt von Sven (Administrator) auf SVEN-PC (01-10-2015 13:26:14)
Gestartet von E:\Imaginärer Desktop\Downloads
Geladene Profile: Sven (Verfügbare Profile: Sven & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Windows\System32\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Windows\System32\wuapihost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Valve Corporation) E:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16464_none_116100d161f6ab1d\TiWorker.exe
(Mozilla Corporation) E:\Mozilla\firefox.exe
(Mozilla Corporation) E:\Mozilla\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-10-12] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Run: [Spotify Web Helper] => C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-05] (Spotify Ltd)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\MountPoints2: {42a026c9-342a-11e4-9c33-806e6f6e6963} - "F:\autorun.exe" 
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-01-04]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b4064000-a755-4536-826f-dd0fcd003147}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e4098305-1e64-4aa0-84a3-af8930013e28}: [DhcpNameServer] 139.7.30.126 139.7.30.125

Internet Explorer:
==================
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 - ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll (ICQ)
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> {F8BF49F2-E55D-45A6-AE48-91858F3A84AD} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
Toolbar: HKLM-x32 - ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2010-03-28] (ICQ)
Toolbar: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-08] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2376779872-2597445691-444311316-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2376779872-2597445691-444311316-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-15] ()
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\google-images.xml [2014-09-16]
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\google-maps.xml [2014-09-16]
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\icqplugin.xml [2015-09-29]
FF Extension: Cliqz - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\Extensions\cliqz@cliqz.com.xpi [2014-09-16]
FF Extension: New Tab by Yahoo - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\Extensions\jid1-G80Ec8LLEbK5fQ@jetpack.xpi [2015-08-07]
FF HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\extensions\cliqz@cliqz.com => nicht gefunden
StartMenuInternet: FIREFOX.EXE - E:\Mozilla\firefox.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-07-27] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37448 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2011-10-12] (Intel Corporation) [Datei ist nicht signiert]
R2 ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [246520 2010-03-28] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-04] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-06-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-04] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-02-02] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148632 2015-08-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2014-08-14] () [Datei ist nicht signiert]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-10-12] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-02-02] () [Datei ist nicht signiert]
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2015-08-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-01 13:25 - 2015-10-01 13:26 - 00000000 ____D C:\FRST
2015-10-01 13:24 - 2015-10-01 13:24 - 00000000 ____D C:\AdwCleaner
2015-10-01 13:19 - 2015-10-01 13:19 - 00016148 _____ C:\WINDOWS\system32\SVEN-PC_Sven_HistoryPrediction.bin
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\Program Files\iPod
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files\Bonjour
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-19 17:25 - 2015-09-19 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-19 17:25 - 2015-09-19 17:25 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-14 18:31 - 2015-09-14 18:31 - 00004096 ____H C:\Users\Sven\AppData\Local\keyfile3.drm
2015-09-12 17:50 - 2015-09-28 15:39 - 00001677 _____ C:\WINDOWS\setupact.log
2015-09-12 17:50 - 2015-09-12 17:50 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-11 18:09 - 2015-09-19 17:25 - 00018887 _____ C:\WINDOWS\Directx.log
2015-09-11 18:03 - 2015-10-01 13:19 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-09 19:27 - 2015-09-09 19:27 - 00000000 ____D C:\Program Files (x86)\directx
2015-09-09 16:29 - 2015-09-02 03:20 - 00077400 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-09-09 16:29 - 2015-09-02 02:25 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-09-09 16:29 - 2015-09-02 02:25 - 01382912 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-09-09 16:29 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 16:29 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 16:29 - 2015-08-27 08:04 - 21874688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-09-09 16:29 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 16:29 - 2015-08-27 07:55 - 24594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-09 16:29 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 16:29 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 16:29 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 16:29 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 16:29 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 16:29 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 16:29 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 16:29 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-09-09 16:29 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 16:29 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 16:29 - 2015-08-27 07:23 - 19324416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-09 16:29 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 16:29 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 16:29 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 16:29 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 16:29 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 16:29 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 16:29 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-01 13:25 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-01 13:24 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-10-01 13:22 - 2015-08-31 10:20 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C2CBD864-49DA-492E-B3F2-9E4431FFA505}
2015-10-01 13:22 - 2013-01-04 18:11 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-01 13:19 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-01 13:19 - 2013-01-04 17:47 - 00000316 _____ C:\WINDOWS\Tasks\GlaryInitialize.job
2015-10-01 13:19 - 2013-01-04 16:59 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-30 17:41 - 2013-01-04 16:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-30 17:13 - 2014-07-13 16:16 - 00000000 ____D C:\Users\Sven\AppData\Local\Battle.net
2015-09-30 16:49 - 2014-07-13 16:16 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-09-28 21:33 - 2015-08-04 12:32 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-28 21:33 - 2015-07-10 18:34 - 00884716 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-28 21:33 - 2015-07-10 18:34 - 00196348 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-28 21:27 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-28 21:27 - 2013-06-09 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-09-28 16:55 - 2013-01-04 17:55 - 00000000 ___RD C:\Users\Sven\Desktop\Programme
2015-09-28 16:03 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-09-28 16:02 - 2015-01-30 12:54 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-09-28 16:02 - 2013-01-07 22:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-28 16:01 - 2013-01-07 22:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-24 13:27 - 2015-07-19 19:37 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-24 13:27 - 2015-07-19 19:37 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 22:12 - 2013-01-04 17:49 - 00000000 ____D C:\ProgramData\Origin
2015-09-20 22:11 - 2015-08-04 12:34 - 00000000 ____D C:\Users\Sven
2015-09-20 21:22 - 2013-01-04 20:49 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-09-20 21:22 - 2013-01-04 20:49 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-09-20 16:35 - 2013-01-05 18:52 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-09-19 17:26 - 2013-01-04 17:56 - 00000000 ____D C:\Users\Sven\Desktop\Spiele
2015-09-17 19:27 - 2013-01-14 20:34 - 00000000 ____D C:\Users\Sven\AppData\Local\Spotify
2015-09-17 19:20 - 2013-01-14 20:34 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Spotify
2015-09-16 14:26 - 2015-08-04 13:18 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2015-09-15 19:36 - 2013-01-04 16:59 - 00004192 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 19:36 - 2013-01-04 16:59 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 22:17 - 2013-04-13 23:38 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2015-09-11 18:09 - 2013-01-20 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-09-11 17:49 - 2015-07-10 14:20 - 00341624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 17:48 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 17:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-09-11 14:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 19:27 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-09-09 19:26 - 2013-01-04 16:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-09 17:35 - 2013-01-05 21:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 17:34 - 2013-08-14 15:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-06 15:46 - 2013-01-04 17:03 - 00090432 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-06 14:37 - 2015-08-04 13:25 - 00000000 ____D C:\Windows.old
2015-09-02 20:07 - 2015-04-04 01:04 - 00000000 ____D C:\Users\Sven\AppData\Roaming\dvdcss
2015-09-02 16:41 - 2015-08-04 19:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-14 18:31 - 2015-09-14 18:31 - 0004096 ____H () C:\Users\Sven\AppData\Local\keyfile3.drm
2014-02-03 18:35 - 2014-02-03 18:35 - 0000836 _____ () C:\Users\Sven\AppData\Local\recently-used.xbel
2013-01-04 17:16 - 2013-01-04 17:16 - 0000017 _____ () C:\Users\Sven\AppData\Local\resmon.resmoncfg
2015-01-18 01:06 - 2015-01-18 01:06 - 0014456 _____ () C:\Users\Sven\AppData\Local\WiDiSetupLog.20150118.000632.wdl
2015-01-18 01:06 - 2015-01-18 01:07 - 0015214 _____ () C:\Users\Sven\AppData\Local\WiDiSetupLog.20150118.000652.wdl
2015-08-04 12:28 - 2015-08-04 12:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\avgnt.exe
C:\Users\Sven\AppData\Local\Temp\sqlite3.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary5714788249305721880.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary8971995279134278962.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary9086440515081223896.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-09-21 15:18

==================== Ende von FRST.txt ============================
         
Gruß
Sven

Alt 01.10.2015, 13:49   #2
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-09-2015
durchgeführt von Sven (2015-10-01 13:26:31)
Gestartet von E:\Imaginärer Desktop\Downloads
Windows 10 Home (X64) (2015-08-04 11:18:44)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-2376779872-2597445691-444311316-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2376779872-2597445691-444311316-503 - Limited - Disabled)
Gast (S-1-5-21-2376779872-2597445691-444311316-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-2376779872-2597445691-444311316-1006 - Limited - Enabled)
Sven (S-1-5-21-2376779872-2597445691-444311316-1000 - Administrator - Enabled) => C:\Users\Sven

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 1404 Venedig Entwickler-Tools (HKLM-x32\...\{13C1E98C-4434-4026-AADB-4A8A348B9402}) (Version: 1.00.0000 - Related Designs)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Apple Application Support (32-Bit) (HKLM-x32\...\{A50679D9-6CBD-4FCD-BACB-62EF3894F6F3}) (Version: 4.0.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{1F72FDD5-A069-45B4-928F-D0F16492DC69}) (Version: 4.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.8.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.3.1.000 - Asmedia Technology)
Assassin's Creed II (HKLM-x32\...\Steam App 33230) (Version:  - Ubisoft Montreal)
Assassin's Creed(R) III v1.04 (HKLM-x32\...\{9D15E813-0C26-41E7-ABC5-3EB06FF1B3CF}) (Version: 1.04 - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.1.7.1 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.1.7.1 - ASUSTek COMPUTER INC.) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.202 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.5.2.34169 - Electronic Arts)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version:  - )
Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version:  - Infinity Ward)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version:  - )
Canon MP970 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP970_series) (Version:  - )
Canon MP970 series Benutzerregistrierung (HKLM-x32\...\Canon MP970 series Benutzerregistrierung) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
CoH Vire Map Pack (HKLM-x32\...\{B9D0D8B4-928A-4BC8-8681-20DEB8633602}_is1) (Version: 1.0 - Henry666)
Command & Conquer(TM) Generäle (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer(TM) Generäle (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Command and Conquer(TM) Generäle Die Stunde Null  (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and Conquer(TM) Generäle Die Stunde Null  (x32 Version: 1.00.0000 - Electronic Arts) Hidden
Company of Heroes (New Steam Version) (HKLM-x32\...\Steam App 228200) (Version:  - Relic)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version:  - DownloadHelper)
Counter-Strike 1.6 (HKLM-x32\...\{13B792AA-C078-43A4-8A3A-8B12D629940D}) (Version: 1.00.0000 - )
Crysis(R) (HKLM-x32\...\{000E79B7-E725-4F01-870A-C12942B7F8E4}) (Version: 1.00.0000 - Electronic Arts)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Defraggler (HKLM\...\Defraggler) (Version: 2.12 - Piriform)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
Depth Hunter 2: Deep Dive (HKLM-x32\...\Steam App 248530) (Version:  - Biart Company LLC)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DirectX Happy Uninstall v4.1 (HKLM-x32\...\DirectX Happy Uninstall_is1) (Version:  - SuperFox Studio)
EditPad Lite 7.3.1 (HKLM\...\EditPad Lite) (Version: 7.3.1 - Just Great Software)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.04 - Ubisoft)
FixMyRegistry (HKLM-x32\...\FixMyRegistry) (Version: 38.1 - SmartTweak Software) <==== ACHTUNG
Fotogalerie (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Free M4a to MP3 Converter 7.2 (HKLM-x32\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version:  - Jodix Technologies Ltd.)
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Glary Utilities 2.51.0.1666 (HKLM-x32\...\Glary Utilities_is1) (Version: 2.51.0.1666 - Glarysoft Ltd)
Goat Simulator (HKLM-x32\...\Steam App 265930) (Version:  - Coffee Stain Studios)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gothic (HKLM-x32\...\{BBF10B37-4ED3-11D5-A818-00500435FC18}) (Version:  - )
Gothic III (HKLM-x32\...\{02B244A2-7F6A-42E8-A36F-8C385D7A1625}) (Version: 1.0.0 - JoWooD Productions Software AG)
Gothic_Patch (HKLM-x32\...\{302AC480-43D2-11D5-A818-00500435FC18}) (Version:  - )
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto Vice City (HKLM-x32\...\{4B35F00C-E63D-40DC-9839-DF15A33EAC46}) (Version: 1.00.000 - )
GTA2 (HKLM-x32\...\{2987EE84-C4EE-4FF5-8160-32DE00D6ABC6}) (Version: 1.00.001 - )
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Heroes of Might & Magic III - HD Edition (HKLM-x32\...\Steam App 297000) (Version:  - DotEmu)
Hitman Blood Money (HKLM-x32\...\{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}) (Version: 1.00.0000 - Eidos)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version:  - Square Enix)
ICQ 8.1 (build 6337) (HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
ICQ Toolbar (HKLM-x32\...\ICQToolbar) (Version: 3.0.0 - ICQ)
ICQ7.2 (HKLM-x32\...\{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}) (Version: 7.2 - ICQ)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.21.1124 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.6 - Intel)
Intel(R) Rapid Storage Technology enterprise (HKLM-x32\...\{8B313BF5-9BD5-42a3-94C1-A28AF3AA51CC}) (Version: 3.0.0.2003 - Intel Corporation)
IsoBuster 3.1 (HKLM-x32\...\IsoBuster_is1) (Version: 3.1 - Smart Projects)
iTunes (HKLM\...\{96984DE8-1DB8-425C-AC8C-3098BC696F04}) (Version: 12.3.0.44 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Logitech Gaming Software 8.70 (HKLM\...\Logitech Gaming Software) (Version: 8.70.315 - Logitech Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1014 - Marvell)
Mass Effect™ 3 (HKLM-x32\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Microsoft Age of Empires Gold (HKLM-x32\...\Age of Empires Gold 1.0) (Version:  - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
MiniTool Partition Wizard Home Edition 8.1.1 (HKLM-x32\...\{05D996FA-ADCB-4D23-BA3C-A7C184A8FAC6}_is1) (Version:  - MiniTool Solution Ltd.)
Monkey Island 2: Special Edition (HKLM-x32\...\Steam App 32460) (Version:  - LucasArts)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mozilla Firefox 17.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 17.0.1 (x86 de)) (Version: 17.0.1 - Mozilla)
Mozilla Firefox 36.0 (x86 de) (HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Mozilla Firefox 36.0 (x86 de)) (Version: 36.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 17.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0 (x86 de)) (Version: 17.0 - Mozilla)
Mozilla Thunderbird 31.7.0 (x86 de) (HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla)
MTA:SA v1.3.1 (HKLM-x32\...\MTA:SA 1.3) (Version: v1.3.1 - Multi Theft Auto)
Nasty File Remover v0.72 (remove only) (HKLM-x32\...\NFR) (Version:  - )
Need for Speed Underground 2 (HKLM-x32\...\{909F8EBC-EC7F-48FF-0085-475D818F0F31}) (Version:  - )
Need for Speed™ ProStreet (HKLM-x32\...\{2E1A71D5-7897-4F3F-B0E3-B412C86A646D}) (Version: 1.0.1.0 - Electronic Arts)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.2 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.60 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.60 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
partypoker (HKLM-x32\...\PartyPoker) (Version:  - PartyGaming)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Peggle Extreme (HKLM-x32\...\Steam App 3483) (Version:  - PopCap)
Peggle Nights (HKLM-x32\...\{6641FD4F-6B9F-47F4-9DEA-9979E79E68D7}) (Version: 1.1.6.5913 - PopCap Games)
POSTAL 2 Complete (HKLM-x32\...\Steam App 223470) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Race The Sun (HKLM-x32\...\Steam App 253030) (Version:  - Flippfly LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Remote Mouse version 2.06 (HKLM-x32\...\{01E4BC6D-3ACC-45E1-8928-C2FF626F63F3}_is1) (Version: 2.06 - Remote Mouse)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Samsung SSD Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 3.2 - Samsung Electronics)
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
SimCity 2000 Special Edition (HKLM-x32\...\{59D2C751-F7BE-4E9F-9C8C-1F16013802C7}) (Version: 2.0.0.1 - Electronic Arts)
SimCity 4 Deluxe (HKLM-x32\...\Steam App 24780) (Version:  - EA - Maxis)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Spotify) (Version: 1.0.13.108.gcd94e7db - Spotify AB)
Star Wars(tm) Knights of the Old Republic(tm) II: The Sith Lords(tm) (HKLM-x32\...\{629F65FB-7F3C-4D66-A1C0-20722744B7B6}) (Version: 1.00.0000 - Obsidian)
Star Wars: Dark Forces (HKLM-x32\...\Steam App 32400) (Version:  - LucasArts)
Star Wars: Knights of the Old Republic (HKLM-x32\...\Steam App 32370) (Version:  - BioWare)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader 2 (HKLM-x32\...\Steam App 232890) (Version:  - FireFly Studios)
Stronghold Crusader Extreme (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.20.0000 - Firefly Studios)
Stronghold Crusader HD (HKLM-x32\...\Steam App 40970) (Version:  - FireFly Studios)
Surgeon Simulator (HKLM-x32\...\Steam App 233720) (Version:  - Bossa Studios)
System Requirements Lab (HKLM-x32\...\{F89CDED6-B1F1-489F-BA44-698BF6A737C2}) (Version: 6.1.6.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
The Secret of Monkey Island: Special Edition (HKLM-x32\...\Steam App 32360) (Version:  - LucasArts)
Tropico 5 (HKLM-x32\...\Steam App 245620) (Version:  - Haemimont Games)
Unity Web Player (HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
User's Guides (HKLM\...\{B48E1FFD-A85D-45DB-9070-C06CDF6BD427}) (Version: 1.20.0000 - Logitech)
VLC media player 2.0.6 (HKLM\...\VLC media player) (Version: 2.0.6 - VideoLAN)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)
Worms Armageddon (HKLM-x32\...\Worms Armageddon) (Version:  - )
Xfire (HKLM-x32\...\Xfire) (Version:  - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02B7224E-0DF7-4157-8F32-932D31D838CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {037C24FD-6263-4CBF-BB03-07B9A808AC84} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1035932C-2B17-459D-A76D-E93BFA0DD652} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {12C07E51-1011-444A-ABCC-6B6E7FEE1B87} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {16F131D5-1DB0-41EA-AF27-2CD67FB2DE8E} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {174A4FA4-B8DA-4687-A960-29B5C320C6D5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-21] (Adobe Systems Incorporated)
Task: {17BD6BEC-FC11-4B44-98E8-B64D32B83130} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {2C494AC6-EE98-4992-9C6E-2E0E36462949} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {2D5DA54D-0FFB-4A91-BFEF-84F2D8BBB667} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2E6599DE-58CD-4F6B-8241-71AFC227E759} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {352CD86B-7CD6-469B-98F1-0FA3D27254A2} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {36A02D22-BD8D-430D-AB9C-028FEC4D60D1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {38990072-C7B8-461B-AF79-A1DA3BD982B0} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {3FDD4125-5AEB-42C7-A5E9-CC317857A116} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {46C34AB6-2DC7-4256-8B17-B44A345EF950} - System32\Tasks\GlaryInitialize => E:\Glary Utilities\Glary Utilities\initialize.exe [2012-11-28] (Glarysoft Ltd)
Task: {4CADE8D4-C1DC-472F-8668-B8952AFED8BB} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {50F16257-FDD9-483F-9098-0DEB2D13876A} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {53D64AE4-0384-401C-A505-A41C21B3376B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5B824DE2-73E6-4CB8-B8DA-D770479C7B86} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {5D6344A7-577E-4758-A15A-ECF5E64B3839} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {5EB4BABD-EC1C-4F95-99EE-BA7EDC95A75E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {67233D8C-DB46-44C7-AE7B-2474B1246074} - System32\Tasks\{18E8C04B-E39B-4674-9BE8-E3896DA27154} => Firefox.exe hxxp://ui.skype.com/ui/0/6.0.0.126/de/go/help.faq.installer?LastError=1618
Task: {6814CF03-7989-4348-ABD2-4CE22FF837A7} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {6F9D585C-2A61-48CD-A36D-56AB1A8D6498} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {70D09F85-08F5-4A46-A7B1-628625D88FC6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {74B787B4-4561-4B59-B125-57971F84F727} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {79F43EF2-E5DD-4893-86EF-3BA25446D638} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7CCB46D3-6247-4A19-B414-D8754F4767F2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {83D1AA23-B4FC-4EA4-A385-AD33BEEA1D41} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {845B04C4-EE23-49B1-8144-50FA32CE79D0} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {89D10D32-04E3-47C1-8C21-5D9702F3B6E5} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8C0D7198-139D-450B-9765-0FE1A936E890} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {97C535CB-1EB5-4B7E-8C14-1A2E09778254} - System32\Tasks\{3AA92185-0C2B-4C17-9CB8-954603728A1C} => Firefox.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin
Task: {9A339895-06F2-4C78-9C49-14F87AE3FD4E} - System32\Tasks\{4A054330-A7BE-43B5-8B07-3054B0401901} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {9A369C20-95DD-4F75-A15D-35DF4005A652} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {9CD5C0EE-2CFB-4173-8837-E7839D521678} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {A20428DA-B0A3-4761-ABF3-1141B597648D} - System32\Tasks\CCleanerSkipUAC => E:\CCleaner\CCleaner.exe [2012-11-24] (Piriform Ltd)
Task: {A46C0A8D-13F0-4445-9675-E27C0FAE3397} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A6870061-73A4-456B-A0ED-9F4D30DB7E9B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {B0C7611B-103A-4876-BFFF-1B1CE1589AD6} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {B6EF4534-1D90-455A-AA28-918C2FBF1E3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BDAB13EB-31AE-429C-8374-5AB8635E976B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {CDBBB802-2751-421E-86B0-C3713B9C0626} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {D2E931C0-F743-4651-8392-9A00F49AB9A2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {E6059C06-142F-45D8-ABEC-D6CD988113E5} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {E98C6373-72FD-47E5-A0E9-9F8CAC9E6A5D} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F1EAA3AD-2DAF-44DF-BFE4-0D6D3ACAD35F} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {F35FA0F6-81C4-4F5B-BC58-58B1BA91FF0B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {F6B3CE81-430F-489C-B26D-73542F9558F2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {FDF62A1B-1B02-442E-A644-3FBD071D277E} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GlaryInitialize.job => E:\Glary Utilities\Glary Utilities\initialize.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-08-04 13:24 - 2015-08-04 13:24 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2012-01-17 12:24 - 2012-01-17 12:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-09-23 16:47 - 2015-09-23 16:47 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-19 14:29 - 2015-08-11 11:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2013-08-15 23:17 - 2010-03-28 16:47 - 00246520 _____ () C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
2014-06-29 01:03 - 2014-06-29 01:03 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2013-07-02 22:56 - 2015-08-07 06:27 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-29 14:19 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-08-29 14:19 - 2015-08-18 09:56 - 02498808 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-08-12 11:48 - 2015-08-03 03:30 - 00642048 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-08-12 11:48 - 2015-08-03 03:11 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-07-10 13:00 - 2015-07-10 18:45 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-08-19 14:30 - 2015-08-11 10:58 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-08-12 11:48 - 2015-08-03 03:09 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 02:07 - 2015-03-07 02:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-07-02 02:28 - 2015-07-02 02:28 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00098888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CodeLog.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00031304 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckTool.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00017480 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CompressFile.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00088648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBGetRemoteNetInfo.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 01296456 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\libxml2.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00061000 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\zlib1.dll
2014-09-21 16:54 - 2014-08-14 00:47 - 00107592 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActivationOnline.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00075848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\logsys.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00030280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DiskSearchImg.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00068168 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\MountImg.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00158280 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ImgFile.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00276040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DsImgFile.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00072264 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CheckImg.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00139848 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\vhdvmdk.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00037448 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\BootDriver.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00581192 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ExImage.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00193096 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBackupSize.dll
2014-09-21 16:54 - 2014-08-14 00:47 - 00255560 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidImage.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00145992 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumDisk.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00076872 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FatLib.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00207944 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSLib.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00024648 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\GetDriverInfo.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00020552 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CorrectMbr.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00032328 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EnumTapeDevice.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00034888 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbTapeBrowse.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00064072 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\RegLib.dll
2014-09-21 16:54 - 2014-08-14 00:47 - 00022600 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AccountManager.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00115784 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NasOperator.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00194120 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\EmailBrowser.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\CloudOperator.dll
2014-09-21 16:54 - 2014-08-14 00:47 - 00037960 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\ActiveOnline.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00135752 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\VMConfig.dll
2014-09-21 16:54 - 2014-08-14 00:47 - 00020040 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\AndroidDeviceManager.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00043080 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TbDataSwap.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00096840 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\TBFireWall.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00353864 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceManager.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00027208 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\DeviceAdapter.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00137288 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Device.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00147016 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Partition.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00050248 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FileSystemAnalyser.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00062024 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\FATFileSystemAnalyser.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00089672 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\Common.dll
2014-09-21 16:54 - 2014-08-14 00:48 - 00056392 _____ () C:\Program Files (x86)\EaseUS\Todo Backup\bin\NTFSFileSystemAnalyser.dll
2015-08-06 17:14 - 2015-08-06 17:14 - 00019968 _____ () C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\PSIClient\64ac277a63c8ef2eb9f3dc3a6d5f249b\PSIClient.ni.dll
2015-08-04 13:28 - 2015-07-24 06:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2013-03-12 18:10 - 2015-07-03 18:12 - 00778240 _____ () E:\Program Files (x86)\Steam\SDL2.dll
2015-01-20 16:14 - 2015-07-03 18:12 - 04962816 _____ () E:\Program Files (x86)\Steam\v8.dll
2014-05-25 18:00 - 2015-08-19 22:39 - 02413248 _____ () E:\Program Files (x86)\Steam\video.dll
2014-09-02 19:26 - 2014-12-01 23:31 - 02396672 _____ () E:\Program Files (x86)\Steam\libavcodec-56.dll
2014-09-02 19:26 - 2014-12-01 23:31 - 00479744 _____ () E:\Program Files (x86)\Steam\libavformat-56.dll
2014-09-02 19:26 - 2014-12-01 23:31 - 00332800 _____ () E:\Program Files (x86)\Steam\libavresample-2.dll
2014-09-02 19:26 - 2014-12-01 23:31 - 00442880 _____ () E:\Program Files (x86)\Steam\libavutil-54.dll
2014-09-02 19:26 - 2014-12-01 23:31 - 00485888 _____ () E:\Program Files (x86)\Steam\libswscale-3.dll
2015-01-20 16:14 - 2015-07-03 18:12 - 01556992 _____ () E:\Program Files (x86)\Steam\icui18n.dll
2015-01-20 16:14 - 2015-07-03 18:12 - 01187840 _____ () E:\Program Files (x86)\Steam\icuuc.dll
2013-01-04 18:03 - 2015-08-19 22:39 - 00704192 _____ () E:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-27 00:29 - 2015-07-27 03:13 - 00171008 _____ () E:\Program Files (x86)\Steam\bin\openvr_api.dll
2013-01-04 18:03 - 2015-07-03 18:12 - 39553928 _____ () E:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-2376779872-2597445691-444311316-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPointII.lnk => C:\Windows\pss\SetPointII.lnk.CommonStartup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
MSCONFIG\startupreg: CanonSolutionMenu => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon
MSCONFIG\startupreg: FixMyRegistry => E:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as
MSCONFIG\startupreg: icq => C:\Users\Sven\AppData\Roaming\ICQM\icq.exe -CU
MSCONFIG\startupreg: IJNetworkScanUtility => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
MSCONFIG\startupreg: iTunesHelper => "E:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Kernel and Hardware Abstraction Layer => KHALMNPR.EXE
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Sven\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "E:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{AE33E8A5-21C8-4954-993A-766D892D5FEE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5C85BAC3-C42C-4DAB-9897-462BE26A747C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{04E23080-5EF8-4125-A707-FF55F7EA1721}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{6AD5CF3D-47E1-4F39-821E-3F10D0BDDBF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{19D4AD3A-C7CA-4D32-B959-8DFB9CC43260}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [{C0FF7496-1B27-4E9D-9AE6-7B5C68FFFEEA}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\RaceTheSun\RaceTheSun.exe
FirewallRules: [UDP Query User{700E19D0-B513-4705-B928-ABE6986C7E5E}E:\imaginärer desktop\qip\qip.exe] => (Allow) E:\imaginärer desktop\qip\qip.exe
FirewallRules: [TCP Query User{FD801DF3-A2D7-40B3-9E23-0AB1BE89F2FA}E:\imaginärer desktop\qip\qip.exe] => (Allow) E:\imaginärer desktop\qip\qip.exe
FirewallRules: [{91B1D801-44A7-4A9A-830C-3E62CD976589}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{BC13458C-5F05-4732-8EB9-DAABB2EC6E17}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{35320B73-FA16-4FAE-B5E1-18D033275291}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{0ADAC72E-FBBE-483D-90EF-16C2E50C51D4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3147\Agent.exe
FirewallRules: [{F9086E65-C393-4C9E-9202-2B500C5226C9}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DepthHunter2\dh2.exe
FirewallRules: [{501D636D-B0E3-4C6F-B505-988FE9140DAE}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DepthHunter2\dh2.exe
FirewallRules: [{BD6EC9B6-08C2-4A80-81A8-4362C3BA4A4A}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{22901019-AD6C-4826-A00B-3BA7C18F3B27}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Worms Armageddon\WA.exe
FirewallRules: [{55D43D55-BC75-43BC-AC39-7782E3DC0120}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{EA78A7DA-7C92-4508-A6A9-76792DF66968}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed 2\AssassinsCreedIIGame.exe
FirewallRules: [{E2B9E4F2-C024-44F7-A871-714693EA75B2}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{E4AE8DF5-F352-403D-A4F5-9FFE37ACCF5D}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe
FirewallRules: [{5C527F23-40A2-4932-9B29-3A465393BDF6}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [{186B1E67-CFAE-4B3C-B76F-E68028C9FF34}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\SimCity 4 Deluxe\Apps\SimCity 4.exe
FirewallRules: [UDP Query User{782FC2BD-285F-4865-AE87-1649227822B4}C:\users\sven\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sven\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3220F9B5-A647-41D6-84BB-288AFFA8F865}C:\users\sven\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\sven\appdata\roaming\spotify\spotify.exe
FirewallRules: [{360EA121-D914-413D-8B89-5AD01F2A4FA8}] => (Allow) E:\Orignin games\Battlefield 4\bf4.exe
FirewallRules: [{C6DD2A5E-8670-4E2D-BB09-50352F2069F7}] => (Allow) E:\Orignin games\Battlefield 4\bf4.exe
FirewallRules: [{7D5AF3CE-1D41-4F44-94A6-76113617E3C8}] => (Allow) E:\Orignin games\Battlefield 4\bf4_x86.exe
FirewallRules: [{3B0AE549-2883-486C-9012-29303B11A8A7}] => (Allow) E:\Orignin games\Battlefield 4\bf4_x86.exe
FirewallRules: [{88463D13-A2C5-4B03-A9E2-F29737452648}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{D9807CA9-5AE4-4F7D-A949-6826F1789B54}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Dark Forces\DosBox\dosbox.exe
FirewallRules: [{7A25A4A3-E6D1-4916-8055-0189FD17512E}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Monkey2\Monkey2.exe
FirewallRules: [{8011C32A-5686-44C1-8816-D94131F65299}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Monkey2\Monkey2.exe
FirewallRules: [{83DEAF22-3385-4C5D-B970-87ED8B9445CF}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [{8730A40A-58AC-4B72-BF02-5DC25939E8B8}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\The Secret of Monkey Island Special Edition\MISE.exe
FirewallRules: [UDP Query User{DCCF4507-5013-49E0-B1AE-2CB1329CD2E2}E:\imaginärer desktop\warcraft iii\war3.exe] => (Allow) E:\imaginärer desktop\warcraft iii\war3.exe
FirewallRules: [TCP Query User{3B43360F-C8D5-4ED9-8B1C-D9C8E45242CF}E:\imaginärer desktop\warcraft iii\war3.exe] => (Allow) E:\imaginärer desktop\warcraft iii\war3.exe
FirewallRules: [UDP Query User{D13A8F94-33E1-42B1-BB4B-888DC0E8F7EE}E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [TCP Query User{945E5DF2-76A1-49A9-AB1E-B287C5D18634}E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe] => (Allow) E:\program files (x86)\steam\steamapps\common\dayz\dayz.exe
FirewallRules: [{31CDB413-0EA4-4EE3-97BA-8B3004E81640}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{172F05DC-1BEE-40C8-A210-7C41DC0C5F29}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{50570FBF-41F7-406F-A8CB-F6A74E10B85B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{837B6DFC-6915-4F17-A082-2E51043B282C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{18D336A0-C2BF-469C-91AD-59BF43A71A07}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{C93A0E3F-EB6D-485C-A63E-31AB97E3F2CF}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe
FirewallRules: [{42B886C3-8920-42CE-BC3C-6880364BC403}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{9F3332B6-4453-40EC-8C92-2D21614015B3}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader Extreme\Stronghold Crusader.exe
FirewallRules: [{A7294738-9EFD-4C02-8A75-08AA7E377963}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{5D4A7D05-F3DB-46F9-AC1F-99A0516C35D2}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Stronghold Crusader 2\bin\win32_release\Crusader2.exe
FirewallRules: [{597BE152-B045-4EBB-BB17-1F5BAA20EEED}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{88135123-A56F-4D30-BB83-F0C105073589}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{D93A278F-3A14-499C-964F-9D48D5063A9C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe
FirewallRules: [{EB576146-C213-4FA5-8DF6-87235257D4A3}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Heroes of Might & Magic III - HD Edition\HOMM3Launcher.exe
FirewallRules: [{42894DAD-750B-48E3-B342-DF5A9D7565AC}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Defy Gravity\DefyGravity.exe
FirewallRules: [{74A83261-A76A-4487-B3B1-8AD7C01722BB}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Defy Gravity\DefyGravity.exe
FirewallRules: [{E12BDDF5-3520-41AF-9476-DBB4D8AC8DA5}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{D4A24F3B-510D-418C-9ADA-847ADE915253}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\swkotor\swkotor.exe
FirewallRules: [{36EC68CC-6E63-462E-9AC3-D10202AD72C4}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{A76243EA-72EF-4F49-987F-831D90F50F7C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{B9BF4783-FE87-40CF-9B80-1FAE61A29622}] => (Allow) E:\Orignin games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{2C3438A1-F2A4-4D28-931B-FB649A820E4C}] => (Allow) E:\Orignin games\SimCity 2000 SE\Game\Game\DOSBox\DOSBox.exe
FirewallRules: [{C6B3B17C-3E64-4094-9B23-899FE3AB7D55}] => (Allow) E:\Orignin games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{5C6EA29A-11F2-401C-8E81-E27C45267359}] => (Allow) E:\Orignin games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{2941B146-9368-4F55-9C48-E75A05DFFAF3}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{A1AA8F90-454A-455A-AC31-B5FD18CA3CFF}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F32A9B7F-9D6F-44A7-AAA2-25E7FA314360}] => (Allow) LPort=4410
FirewallRules: [{CD3BD647-CAEE-4351-97D4-179D26CF6245}] => (Allow) LPort=4410
FirewallRules: [{A5D28AED-E32F-46A9-A32C-D8559C0F7581}] => (Allow) LPort=4410
FirewallRules: [{058177F1-562E-4AD9-B3B2-05FD0E257F80}] => (Allow) LPort=1900
FirewallRules: [{91FE893B-90BC-4612-8F01-9F882F987547}] => (Allow) LPort=7900
FirewallRules: [{670A5120-15CB-436D-A94E-4B99526B70B7}] => (Allow) LPort=24234
FirewallRules: [{7DBD51D5-1B14-452F-927C-60BA5B1AF44C}] => (Allow) LPort=7679
FirewallRules: [{DA3AB68F-BCCD-431C-B747-8D41D20D2C1C}] => (Allow) LPort=7676
FirewallRules: [{0B47B45B-6BCE-4D7E-B8D9-349EB22E995E}] => (Allow) LPort=8643
FirewallRules: [{0C827BAF-AAE1-4F8E-9899-20ADF8FF3471}] => (Allow) LPort=8743
FirewallRules: [{4A49C3C9-D060-4F14-A929-AF3C9457857B}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{A25A7827-ACD7-4896-857C-06EEB14DD3CD}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
FirewallRules: [{E6D28DF8-7325-42F2-8091-AE85ED573D6D}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{BCC26417-6A2D-49A2-BC52-773FFC8536BF}] => (Allow) E:\Uplay games\The Crew (Beta)\TheCrew.exe
FirewallRules: [{FB29DA69-E98E-4D9C-9AB9-FF6A77F975B8}] => (Allow) E:\Uplay games\The Crew (Beta)\TheCrew.exe
FirewallRules: [{ADF24328-EB96-4198-8434-E8714CA4E73E}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{7A64E29E-4578-4E13-8430-77BB9A86CE4C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Saints Row IV\SaintsRowIV.exe
FirewallRules: [{1910DA44-64E9-4006-90F7-370B98E20725}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{181BA87B-EB22-407C-91C9-A5395E8A7F60}] => (Allow) E:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{53E61430-28AF-484E-984E-AFC9DADC11F5}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{ADA7FB7D-CAC2-480A-A72D-E1D53E6CF0D7}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Tropico 5\Tropico5Steam.exe
FirewallRules: [{C4CF2585-D0FA-45F9-8361-AFC5FA2CE692}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{12767267-B68C-46D4-B951-B21EFF4C5D67}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Launcher.exe
FirewallRules: [{78A5761F-DAF7-45E0-A7D0-125792EAF0B5}] => (Allow) E:\Orignin games\SimCity\SimCity\SimCity.exe
FirewallRules: [{6A7BE97B-5C54-4261-91F8-33D5EF49332A}] => (Allow) E:\Orignin games\SimCity\SimCity\SimCity.exe
FirewallRules: [{A4229200-DB96-41BC-ABD2-016F1E801E1D}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{CA52D65F-DBAF-4D96-B720-2D95BCB654F7}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Just Cause 2\JustCause2.exe
FirewallRules: [{B16F5778-F775-4CDF-8A14-CD4706DB5B76}] => (Allow) E:\Orignin games\Battlefield 4\bf4.exe
FirewallRules: [{8EFE0386-3948-474E-8E77-FFBAB170DA07}] => (Allow) E:\Orignin games\Battlefield 4\bf4.exe
FirewallRules: [{1076781B-8CD6-4E2C-A708-F74E770536C7}] => (Allow) E:\Orignin games\Battlefield 4\bf4_x86.exe
FirewallRules: [{B859C4AD-BE33-4BBA-AF29-8F17B9028770}] => (Allow) E:\Orignin games\Battlefield 4\bf4_x86.exe
FirewallRules: [{FA78F1C9-1279-47CE-8184-47D4F197CB16}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{E4E42653-2168-48DF-B42E-4D880308525F}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\PAYDAY 2\payday2_win32_release.exe
FirewallRules: [{43985868-B00C-448A-85E1-C630F3512B4E}] => (Allow) E:\Orignin games\Peggle Nights\PeggleNights.exe
FirewallRules: [{0124EA6E-1E64-492E-AF9F-FE727E986ADA}] => (Allow) E:\Orignin games\Peggle Nights\PeggleNights.exe
FirewallRules: [{A75685BF-B53F-44ED-813F-A700CCFB8F51}] => (Allow) E:\Orignin games\Peggle Deluxe\Peggle.exe
FirewallRules: [{36E8F165-8A06-4A3C-A638-197BA75CE0CE}] => (Allow) E:\Orignin games\Peggle Deluxe\Peggle.exe
FirewallRules: [{97DD5124-D0ED-4F06-97C6-BFED4A32E9FA}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B047FD4B-8CBC-412D-9865-57466DDCD68F}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{CE8A1D65-63F3-48FD-94DA-B7A9A5944EB2}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{016BF2C5-4CBE-4BC9-AC25-A54E05594766}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold\Stronghold.exe
FirewallRules: [{F026E7A2-26AF-4268-89C7-D5D1ABF29921}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{F36E80E8-96D0-4F6D-91C0-FEA16562957F}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold Crusader.exe
FirewallRules: [{36E5A23B-2EE8-4012-8D21-B09E7D31DE86}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{4F4A1F9C-BC2C-45FB-9700-FA28E927EFDE}] => (Allow) E:\Program Files (x86)\Firefly Studios\Stronghold Crusader\Stronghold_Crusader_Extreme.exe
FirewallRules: [{FC739D7F-5EE1-4416-8D56-BE7ED1DA332E}] => (Allow) LPort=1900
FirewallRules: [{E3643ECF-8285-44CB-857D-5CFFD9DE15C2}] => (Allow) LPort=2869
FirewallRules: [{C78D5056-56C5-4FCC-AC8F-35ADAEDD590F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{58AABF09-D038-4AF2-890D-27A8F1B95DF4}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{529F52E3-6778-4695-A2F8-FF02A8F48870}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{943F402E-1CF9-4508-B82C-018197DFA9F5}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{FA5A6469-7B18-40E5-95F2-A5F442031ECB}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{E784E69A-AF53-4786-BE46-AEE25D6F82E1}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{4B6DF97B-BF33-41B3-B8AA-0226AE3579F5}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\CrysisDedicatedServer.exe
FirewallRules: [{2CBCC9D5-F851-4EB6-BA7C-82A982A0C448}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{6FAB42FE-5219-4F3A-A3E0-25766002232B}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin64\Crysis.exe
FirewallRules: [{70FCA0BD-9338-45C8-A290-AA9E51A13157}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{7D0003AB-79C3-4DA2-A0E3-040288216731}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\CrysisDedicatedServer.exe
FirewallRules: [{A43E7A37-C818-4818-B904-10BBBD4C03CC}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{9745F8E4-DF3A-4459-9FB7-0B407B9AFBDD}] => (Allow) E:\Program Files (x86)\Electronic Arts\Crytek\Crysis\Bin32\Crysis.exe
FirewallRules: [{A6DDF791-3B3C-48CC-B4A0-8409B9B99545}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{7E3AEBD8-CD70-45B2-AB08-D78330BC964C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{2B5D426F-583C-40AE-997D-47F1D2E7B165}] => (Allow) E:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{6B5B0426-51B3-47A8-939B-1B2D7F0EC3C9}] => (Allow) E:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{16C94F59-CC01-471F-AD30-60D4AF67CB27}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{31D34A0D-7E20-4A53-B68D-51EA615367C2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{7384B2AD-9F41-4C72-9D9F-4DFACE366017}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{DC145634-97A5-4B9D-97F5-DE1724CD12BB}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{E619DDA1-648D-4B23-B5ED-9B60C27C7913}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{32C6B20E-EC3E-4BB0-B04D-D4CA69D48FDC}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{C5067341-E666-43AB-BA98-C8E460035720}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{B41723DF-3074-4A89-AC21-0B2D3C404280}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{F4C190A6-6F9E-4AD0-A141-4D62854C7105}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{214E6526-9994-4057-8B08-E32BF9AC8711}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{8694934B-8670-483A-B986-665E6026D1B7}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{F13AA44F-E509-4B8B-B98A-4DB11B6BABC4}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Benchmark.exe
FirewallRules: [{0DD7F403-2AF6-4E52-A777-277B3B9D3286}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{98C9A070-69DB-45E7-899E-859562F10142}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\AddonWeb.exe
FirewallRules: [{65786F36-FB68-4391-A4E5-53AACCA6E087}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{4A323BCC-BCB6-48C5-860E-73ABC91CEDB2}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\tools\Anno4Web.exe
FirewallRules: [{CD945246-445C-4BBA-AC76-4899B946703E}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{0AD5CD69-BF63-4B73-8734-8C75F0DAC716}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Addon.exe
FirewallRules: [{23AF0838-BE36-45DB-B1D5-9B51DF900DCD}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{12DFDC1A-F09A-4E9C-8B94-E2B037A8EFB1}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 1404 - Königsedition\Anno4.exe
FirewallRules: [{92D96BCB-A406-4E6B-A71F-157B9E821B8E}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{889248A6-A9CF-4B7D-A265-D9E801EBF2CA}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{BD0837A2-3FCF-4750-BB1F-1EE9AFD90B1C}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{81B2FEE7-2099-4325-A95E-C860206A89DE}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{DBCD6D6F-A895-4922-8EE3-C98F91E271FD}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{DDCA72A0-D753-473D-809C-4A1305861E16}] => (Allow) C:\Program Files (x86)\ICQ7.2\aolload.exe
FirewallRules: [{B9690EF6-D5B2-4025-9059-83C469E6051A}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{A48C5E73-D9CD-44F8-A6E7-34DB3BF9937F}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{36D507E9-0FD8-4577-9BF4-41150F16AFFB}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{D3E5D1E8-87C3-4720-93F2-9AEB954C692E}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{0FE98C1B-51DC-461D-B79C-C603FB662796}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{25B90E1E-D4C0-416F-B9A8-3427EEA4821A}] => (Allow) C:\Program Files (x86)\ICQ7.2\ICQ.exe
FirewallRules: [{839CB61C-66DE-4DC1-94F2-ABC7A05700D7}] => (Allow) C:\Users\Sven\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{5A2FEA95-D422-4988-8DA0-97C7F8B0F8E4}] => (Allow) C:\Users\Sven\AppData\Roaming\ICQM\icq.exe
FirewallRules: [{F79239F5-FB47-4857-9512-A43D831A18AB}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{BEEE83EF-5B14-4072-8B93-163113FBE9CF}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\left 4 dead 2\left4dead2.exe
FirewallRules: [{127C5581-1F97-4CF7-930F-C79F0216957F}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{336F0C4D-38D6-4556-829B-67536CC16A47}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{0F91E988-77B2-4299-BDA0-A02866D675D5}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{4936686F-8B44-4049-B488-0EA2002DC7BA}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3mp.exe
FirewallRules: [{E9897A5B-3E79-4EA1-AE7A-09998D97708D}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{1621BF80-23D2-406B-A1B2-09A9B3EE6687}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Call of Duty 4\iw3sp.exe
FirewallRules: [{F40DCD1D-60DE-4138-BE56-B9D782C3DA64}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{19559FAC-18A8-4553-9FBD-793BB9714A6D}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Hitman Absolution\HMA.exe
FirewallRules: [{9825907D-B2E1-4B61-9314-ED781E41CADA}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{D9D2E237-B6C2-42BC-A2B5-6C974F139EF2}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\ShareThePain\System\Postal2MP.exe
FirewallRules: [{AFFC1300-E5E6-4E7D-A556-E66B82FDCBB7}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{7695A42A-01DD-46B4-9E06-B965BA208BFA}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\POSTAL2Complete\System\Postal2.exe
FirewallRules: [{01E485E6-760F-4422-B183-06404C34D050}] => (Allow) E:\Swotr\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{6A4C87F1-1A30-4540-BB62-4E2619CC2EF7}] => (Allow) E:\Swotr\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{9B4205BA-ECA2-4B1E-B673-0CA417C9C5C2}] => (Allow) E:\Swotr\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{D59FDC26-00C8-4915-9173-D6118E88706D}] => (Allow) E:\Swotr\Star Wars-The Old Republic\launcher.exe
FirewallRules: [{440A32A7-F523-4BF1-944D-53DC554B85A5}] => (Allow) E:\Orignin games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{42C86A49-7593-4DDB-9B6D-8EB0E6B7D7D3}] => (Allow) E:\Orignin games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{B9AC4AA6-C1BA-4D57-B27C-39E348857D5B}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{D28365B1-B6E1-4B87-8CD3-D7856181921D}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\Peggle Extreme\PeggleExtreme.exe
FirewallRules: [{1949043A-D9FF-4246-B404-5D99CA2332E2}] => (Allow) E:\Orignin games\SimCity\SimCity\SimCity.exe
FirewallRules: [{E940BB49-2291-4B93-AFB4-1CFF6338EA5C}] => (Allow) E:\Orignin games\SimCity\SimCity\SimCity.exe
FirewallRules: [{2F823C97-3BB6-4DE7-950E-2BA35E6B00B7}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{0C540A67-0BB9-4C94-B496-CF1A5B9F5350}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AssassinsCreed3.exe
FirewallRules: [{43230615-7988-4AE0-B8BD-1ED7B90C840E}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{FEE5D806-A5EC-4B44-B7D9-D6E75A4EC61E}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3MP.exe
FirewallRules: [{C85F970F-F273-4E31-99D1-56A7655D4C5C}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{2762378D-A9C1-4B3E-B7DB-B53F89726F95}] => (Allow) E:\Program Files (x86)\Ubisoft\Assassin's Creed III\AC3SP.exe
FirewallRules: [{59CB7E79-0B0A-47C8-99BA-7EE75866492D}] => (Allow) E:\Diablo3\Diablo III\Diablo III.exe
FirewallRules: [{DF08FB65-D810-426D-8E78-7ED9823B5F00}] => (Allow) E:\Diablo3\Diablo III\Diablo III.exe
FirewallRules: [{85900FD5-67A1-436E-9808-83890FE472FC}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{67EA7559-527E-4D1E-9663-CC0B0810DB6C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F845AE07-994A-4414-8CBD-FBA6618B16C1}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{F07D55CE-3545-48A8-A03B-0CCB09CD7D9A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{B506E186-79D1-43A1-8F22-0A7FC8137124}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{E73D7F90-44BF-4935-B504-8A42FE14685F}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Editor.exe
FirewallRules: [{94C7E9AC-EE26-4F26-A7FE-682753123895}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{52202AE6-E032-475F-825C-83C21964EB79}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\FC3Updater.exe
FirewallRules: [{D30A24CB-8117-4C18-92FE-6A2E458E1112}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{BA96538F-76F5-4739-8ACA-DD1AB682B3E3}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3_d3d11.exe
FirewallRules: [{1FC1E81F-2AB5-4F3E-B0C5-B2FF2C8B6AF3}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [{85BFB983-BBC4-4A47-A1CC-9E386FD867B1}] => (Allow) E:\Program Files (x86)\Ubisoft\FarCry 3\bin\farcry3.exe
FirewallRules: [UDP Query User{31366EBB-9925-45FD-8AD7-DE62AF38AAEA}E:\program files (x86)\xfire\xfire.exe] => (Allow) E:\program files (x86)\xfire\xfire.exe
FirewallRules: [TCP Query User{1BA501A3-442F-44F0-871C-4E38E3201E17}E:\program files (x86)\xfire\xfire.exe] => (Allow) E:\program files (x86)\xfire\xfire.exe
FirewallRules: [{E41A3114-55FA-4EE3-BECC-F219C5A91A36}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BBB0E5EF-6FF5-48B8-98C1-F9D832F43678}] => (Allow) E:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F8C756BE-B27D-4598-9AAA-0626B8069CF1}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{A115A2E6-D137-42BC-ADAA-5D4255C5E620}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7D5CE18E-67A5-461E-B0C4-7C6E99C8994B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{D815430D-2142-409F-9BEC-D7C2329EFD4C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{E7840A91-FB57-4941-B8BD-935CB2FB7E26}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{54E3B2D1-0957-4034-8B51-0B6E35A584D5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{0F393953-DCBC-461C-A3AE-9D396DE0893F}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{B741FD3C-A0C2-4511-AE8D-8B4DBDA0EB92}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{B035A108-988C-4641-99A0-9F1FA6B71AC3}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{5A42A535-019E-47B2-93BC-90FD004C2F6B}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{54E1B223-3FEA-4225-ABF6-6DAADC768075}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{B08EB9EA-CE48-4CE9-AB89-EECBFB0093F7}] => (Allow) E:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{CF053282-735B-49AC-A709-1846EF97AF93}E:\program files (x86)\ubisoft\related designs\anno 2070\autopatcherneu.exe] => (Allow) E:\program files (x86)\ubisoft\related designs\anno 2070\autopatcherneu.exe
FirewallRules: [UDP Query User{365653DA-EB49-4EF2-8E60-BA17DC7BB9D4}E:\program files (x86)\ubisoft\related designs\anno 2070\autopatcherneu.exe] => (Allow) E:\program files (x86)\ubisoft\related designs\anno 2070\autopatcherneu.exe
FirewallRules: [{833EE840-AC84-452E-B35B-A6627C0D5616}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\ANNO 2070\Anno5.exe
FirewallRules: [{E999C5CF-0923-46CD-91E7-FC2BFEE0DC88}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\ANNO 2070\Anno5.exe
FirewallRules: [{1FFE9C0D-B98D-4A63-B73C-F950F194172C}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\ANNO 2070\Anno5.exe
FirewallRules: [{AD1ABA8E-F625-4840-96E8-3004B8F7C09B}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\ANNO 2070\Anno5.exe
FirewallRules: [TCP Query User{12C2AAC2-A847-4336-8691-4228BBFE7429}E:\mozilla\firefox.exe] => (Allow) E:\mozilla\firefox.exe
FirewallRules: [UDP Query User{B9A7B947-C24C-462C-A5A0-4E162AB83B02}E:\mozilla\firefox.exe] => (Allow) E:\mozilla\firefox.exe
FirewallRules: [{D3888D89-7257-43E0-9F4B-B1E2F931E577}] => (Allow) E:\Orignin games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{AE32F6E4-C666-4FE1-AB9A-2E28B57D7590}] => (Allow) E:\Orignin games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{9DC2CB57-E3CD-4456-BFEA-9F6CEFA36997}] => (Allow) E:\Orignin games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{ABF83284-F3CF-4823-B25E-6072C4ED9ABE}] => (Allow) E:\Orignin games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{2CA16251-F250-4DAA-B1E7-578F28E0BAF7}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{10E78197-BD82-40A3-902E-FC451162920B}] => (Allow) E:\Program Files (x86)\Steam\SteamApps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [TCP Query User{F8D35763-2AAD-4C1A-BE0E-FBF5101A9176}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{5648654D-9027-40F2-975B-DADD954A5B2C}E:\diablo iii\diablo iii.exe] => (Allow) E:\diablo iii\diablo iii.exe
FirewallRules: [{F4AECB86-0D41-445A-BD86-6EA4B1FA355F}] => (Allow) E:\Orignin games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{3A3D3678-57A7-4E19-B085-D36FD292FCC2}] => (Allow) E:\Orignin games\Command and Conquer Red Alert II\RA2Launcher.exe
FirewallRules: [{ADFEFFD7-D56F-4357-99E0-DC22C9631625}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D49A2971-E7C5-4761-B98D-BA70B79E140D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E4FC8228-17BA-4D2B-BAE9-ED33CFA392A7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{EF8032B0-F1D5-4E04-A23B-396237802B32}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B98A785C-CAFC-423B-A87F-A44085ED9788}] => (Allow) E:\Program Files\iTunes\iTunes.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (09/28/2015 10:19:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/28/2015 10:19:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/27/2015 09:48:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Name des fehlerhaften Moduls: jucheck.exe, Version: 2.8.60.27, Zeitstempel: 0x55c116b1
Ausnahmecode: 0x40000015
Fehleroffset: 0x00052d24
ID des fehlerhaften Prozesses: 0x2004
Startzeit der fehlerhaften Anwendung: 0xjucheck.exe0
Pfad der fehlerhaften Anwendung: jucheck.exe1
Pfad des fehlerhaften Moduls: jucheck.exe2
Berichtskennung: jucheck.exe3
Vollständiger Name des fehlerhaften Pakets: jucheck.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: jucheck.exe5

Error: (09/27/2015 09:47:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Diablo III.exe, Version 2.3.0.33567 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 8d4

Startzeit: 01d0f95d03514e04

Beendigungszeit: 1

Anwendungspfad: E:\Diablo III\Diablo III.exe

Berichts-ID: 7f25b9aa-6550-11e5-9bd9-3085a99a7620

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/22/2015 08:31:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm game.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3fc

Startzeit: 01d0f564b67fb87b

Beendigungszeit: 4294967295

Anwendungspfad: E:\Orignin games\Command and Conquer Red Alert II\game.exe

Berichts-ID: 12e9b672-6158-11e5-9bd9-3085a99a7620

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/20/2015 12:05:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm game.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 98c

Startzeit: 01d0f38b4d1df23a

Beendigungszeit: 4294967295

Anwendungspfad: E:\Orignin games\Command and Conquer Red Alert II\game.exe

Berichts-ID: 186fcb36-5f7f-11e5-9bd9-3085a99a7620

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/20/2015 12:05:06 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm RA2Launcher.exe, Version 1.0.0.1 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17d8

Startzeit: 01d0f38b474eaa4d

Beendigungszeit: 4294967295

Anwendungspfad: E:\Orignin games\Command and Conquer Red Alert II\RA2Launcher.exe

Berichts-ID: 10b3ee71-5f7f-11e5-9bd9-3085a99a7620

Vollständiger Name des fehlerhaften Pakets: 

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (09/20/2015 01:52:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/17/2015 10:23:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (09/17/2015 07:36:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Sven-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (09/30/2015 06:16:54 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (09/30/2015 06:16:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session3" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/29/2015 09:59:03 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (09/29/2015 09:58:57 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/29/2015 04:21:26 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avira Browser-Schutz" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/28/2015 10:19:58 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 5

Error: (09/28/2015 10:19:51 PM) (Source: DCOM) (EventID: 10010) (User: Sven-PC)
Description: CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca

Error: (09/28/2015 10:19:51 PM) (Source: DCOM) (EventID: 10010) (User: Sven-PC)
Description: App.AppXw3qcpc7p849541dp39vvqd01bn7z9ybh.mca

Error: (09/28/2015 10:19:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (09/28/2015 09:27:35 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
%%1058


CodeIntegrity:
===================================
  Date: 2015-09-28 21:27:35.409
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-28 21:27:35.386
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-28 16:03:58.354
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-28 16:03:58.333
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-15 16:31:15.377
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-15 16:31:15.339
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2015-09-12 14:44:41.960
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-09-12 14:44:41.941
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-09-12 14:44:41.919
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

  Date: 2015-09-12 14:44:41.887
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-3820 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16325.85 MB
Verfügbarer physikalischer RAM: 13554.93 MB
Summe virtueller Speicher: 42325.85 MB
Verfügbarer virtueller Speicher: 39562.38 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:119.14 GB) (Free:45.98 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:414.55 GB) NTFS
Drive f: (STUNDENULL1) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DA564D34)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 724ACDFB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________


Alt 01.10.2015, 14:02   #3
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



hi,

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
__________________

Alt 01.10.2015, 14:58   #4
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Beide Programme haben wohl nichts gefunden.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2015.10.01.04
  rootkit: v2015.09.22.01

Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16431
Sven :: SVEN-PC [administrator]

01.10.2015 15:26:26
mbar-log-2015-10-01 (15-26-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 531195
Time elapsed: 16 minute(s), 40 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Code:
ATTFilter
15:53:48.0818 0x1abc  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
15:53:56.0812 0x1abc  ============================================================
15:53:56.0812 0x1abc  Current date / time: 2015/10/01 15:53:56.0812
15:53:56.0812 0x1abc  SystemInfo:
15:53:56.0812 0x1abc  
15:53:56.0812 0x1abc  OS Version: 10.0.10240 ServicePack: 0.0
15:53:56.0812 0x1abc  Product type: Workstation
15:53:56.0812 0x1abc  ComputerName: SVEN-PC
15:53:56.0812 0x1abc  UserName: Sven
15:53:56.0812 0x1abc  Windows directory: C:\WINDOWS
15:53:56.0812 0x1abc  System windows directory: C:\WINDOWS
15:53:56.0812 0x1abc  Running under WOW64
15:53:56.0812 0x1abc  Processor architecture: Intel x64
15:53:56.0812 0x1abc  Number of processors: 8
15:53:56.0812 0x1abc  Page size: 0x1000
15:53:56.0812 0x1abc  Boot type: Normal boot
15:53:56.0812 0x1abc  ============================================================
15:53:56.0943 0x1abc  KLMD registered as C:\WINDOWS\system32\drivers\63154018.sys
15:53:56.0996 0x1abc  System UUID: {F3B6507A-62D0-D0FB-2B1F-B48191D43F72}
15:53:57.0191 0x1abc  Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 ( 119.24 Gb ), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:57.0211 0x1abc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:53:57.0213 0x1abc  ============================================================
15:53:57.0213 0x1abc  \Device\Harddisk1\DR1:
15:53:57.0213 0x1abc  MBR partitions:
15:53:57.0213 0x1abc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:53:57.0213 0x1abc  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
15:53:57.0213 0x1abc  \Device\Harddisk0\DR0:
15:53:57.0213 0x1abc  MBR partitions:
15:53:57.0213 0x1abc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
15:53:57.0213 0x1abc  ============================================================
15:53:57.0214 0x1abc  C: <-> \Device\Harddisk1\DR1\Partition2
15:53:57.0239 0x1abc  E: <-> \Device\Harddisk0\DR0\Partition1
15:53:57.0239 0x1abc  ============================================================
15:53:57.0239 0x1abc  Initialize success
15:53:57.0239 0x1abc  ============================================================
15:54:24.0027 0x0810  ============================================================
15:54:24.0027 0x0810  Scan started
15:54:24.0027 0x0810  Mode: Manual; SigCheck; TDLFS; 
15:54:24.0027 0x0810  ============================================================
15:54:24.0027 0x0810  KSN ping started
15:54:26.0367 0x0810  KSN ping finished: true
15:54:27.0963 0x0810  ================ Scan system memory ========================
15:54:27.0963 0x0810  System memory - ok
15:54:27.0963 0x0810  ================ Scan services =============================
15:54:28.0015 0x0810  1394ohci - ok
15:54:28.0020 0x0810  3ware - ok
15:54:28.0026 0x0810  ACPI - ok
15:54:28.0031 0x0810  acpiex - ok
15:54:28.0038 0x0810  acpipagr - ok
15:54:28.0043 0x0810  AcpiPmi - ok
15:54:28.0047 0x0810  acpitime - ok
15:54:28.0053 0x0810  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:54:28.0070 0x0810  AdobeARMservice - ok
15:54:28.0099 0x0810  [ C6D147C12C424373B016C0AB0A6C61EB, 043D44F3C942CFC3558E782938C26849BF648A58A7AA62C4A526E37DE4136C27 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:54:28.0107 0x0810  AdobeFlashPlayerUpdateSvc - ok
15:54:28.0110 0x0810  ADP80XX - ok
15:54:28.0113 0x0810  AFD - ok
15:54:28.0115 0x0810  agp440 - ok
15:54:28.0117 0x0810  ahcache - ok
15:54:28.0118 0x0810  AJRouter - ok
15:54:28.0120 0x0810  ALG - ok
15:54:28.0122 0x0810  AmdK8 - ok
15:54:28.0124 0x0810  AmdPPM - ok
15:54:28.0125 0x0810  amdsata - ok
15:54:28.0127 0x0810  amdsbs - ok
15:54:28.0129 0x0810  amdxata - ok
15:54:28.0148 0x0810  [ 6B31C215750CD41567E962D22839EE44, FF0B92807296B88DE37F9F2EB27FF7B73AA998B98074AA54A949A2B79690AFE5 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
15:54:28.0166 0x0810  AntiVirMailService - ok
15:54:28.0175 0x0810  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
15:54:28.0184 0x0810  AntiVirSchedulerService - ok
15:54:28.0193 0x0810  [ 18B0643B3B504E0FDCFCE0C8743B29C7, 1D4C004AD5066F52A4AA039F5364814F8F6B04EC1F704A5A3110172AD465661C ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
15:54:28.0202 0x0810  AntiVirService - ok
15:54:28.0220 0x0810  [ 9A12F8E472FE05EF653CA152050405D4, 569EA8FFDE827F850CA8E3CB747A8552FD9981E61C48C7EA55E550A6C07F770E ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
15:54:28.0238 0x0810  AntiVirWebService - ok
15:54:28.0241 0x0810  AppHostSvc - ok
15:54:28.0243 0x0810  AppID - ok
15:54:28.0245 0x0810  AppIDSvc - ok
15:54:28.0248 0x0810  Appinfo - ok
15:54:28.0259 0x0810  [ 3E7C6639E424FD28952C29D66B7E5277, B10AD3FA5CB36328C5DF33AF58F76770E2B54CFBCB70BD84934F925B8E19FA1F ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:54:28.0263 0x0810  Apple Mobile Device Service - ok
15:54:28.0265 0x0810  AppReadiness - ok
15:54:28.0267 0x0810  AppXSvc - ok
15:54:28.0268 0x0810  arcsas - ok
15:54:28.0271 0x0810  [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64        C:\WINDOWS\system32\drivers\asahci64.sys
15:54:28.0275 0x0810  asahci64 - ok
15:54:28.0296 0x0810  [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT            C:\Windows\SysWOW64\ASGT.exe
15:54:28.0303 0x0810  ASGT - detected UnsignedFile.Multi.Generic ( 1 )
15:54:30.0621 0x0810  Detect skipped due to KSN trusted
15:54:30.0621 0x0810  ASGT - ok
15:54:30.0645 0x0810  aspnet_state - ok
15:54:30.0650 0x0810  AsyncMac - ok
15:54:30.0656 0x0810  atapi - ok
15:54:30.0674 0x0810  [ 4AEF9EC86818375495FB78CA58DF4E18, 0565888F798FAB86091E7A7D8E1D583DF3CC5756A12ACF04987C67C14E360DFB ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
15:54:30.0693 0x0810  atksgt - detected UnsignedFile.Multi.Generic ( 1 )
15:54:33.0019 0x0810  Detect skipped due to KSN trusted
15:54:33.0019 0x0810  atksgt - ok
15:54:33.0025 0x0810  AudioEndpointBuilder - ok
15:54:33.0029 0x0810  Audiosrv - ok
15:54:33.0036 0x0810  [ AC82CC4F2A41E098EB34C0A9F8125DDC, CC416DD5FC8E14A1F99F8DF52D795CA6E16EDBF8FD7C9624B10BA83D9D954BF2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
15:54:33.0044 0x0810  avgntflt - ok
15:54:33.0052 0x0810  [ 45061BD6F11B80BF1C07A9253A659BF1, 9A1AFE963672E23F3C19FACE2CEB64766C964B165ECB26F36B6FB5730CEAFD2D ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
15:54:33.0059 0x0810  avipbb - ok
15:54:33.0062 0x0810  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
15:54:33.0067 0x0810  avkmgr - ok
15:54:33.0070 0x0810  [ 74179E7C103F3A44B33D7D982E21E35D, 7F2384B065EA9959734D65426781D901CDB0DA8DFCAD13BF05044DDF33CA5688 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
15:54:33.0074 0x0810  avnetflt - ok
15:54:33.0077 0x0810  AxInstSV - ok
15:54:33.0078 0x0810  b06bdrv - ok
15:54:33.0081 0x0810  BasicDisplay - ok
15:54:33.0083 0x0810  BasicRender - ok
15:54:33.0086 0x0810  bcmfn2 - ok
15:54:33.0088 0x0810  BDESVC - ok
15:54:33.0090 0x0810  Beep - ok
15:54:33.0107 0x0810  [ 2EE42E7539BBF4252F7F47B288E61CEA, 2113A7C825AE2D222FD80D092BAA254AB3EFA8A2F58EC8325837A6BC611BC715 ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
15:54:33.0129 0x0810  BEService - ok
15:54:33.0133 0x0810  BFE - ok
15:54:33.0135 0x0810  BITS - ok
15:54:33.0143 0x0810  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:54:33.0152 0x0810  Bonjour Service - ok
15:54:33.0154 0x0810  bowser - ok
15:54:33.0156 0x0810  BrokerInfrastructure - ok
15:54:33.0158 0x0810  Browser - ok
15:54:33.0160 0x0810  BthAvrcpTg - ok
15:54:33.0162 0x0810  BthHFEnum - ok
15:54:33.0164 0x0810  bthhfhid - ok
15:54:33.0166 0x0810  BthHFSrv - ok
15:54:33.0168 0x0810  BTHMODEM - ok
15:54:33.0171 0x0810  bthserv - ok
15:54:33.0173 0x0810  buttonconverter - ok
15:54:33.0175 0x0810  CapImg - ok
15:54:33.0177 0x0810  cdfs - ok
15:54:33.0179 0x0810  CDPSvc - ok
15:54:33.0181 0x0810  cdrom - ok
15:54:33.0183 0x0810  CertPropSvc - ok
15:54:33.0185 0x0810  circlass - ok
15:54:33.0187 0x0810  CLFS - ok
15:54:33.0189 0x0810  ClipSVC - ok
15:54:33.0194 0x0810  CmBatt - ok
15:54:33.0195 0x0810  CNG - ok
15:54:33.0197 0x0810  cnghwassist - ok
15:54:33.0212 0x0810  CompositeBus - ok
15:54:33.0216 0x0810  COMSysApp - ok
15:54:33.0224 0x0810  condrv - ok
15:54:33.0226 0x0810  CoreMessagingRegistrar - ok
15:54:33.0231 0x0810  CryptSvc - ok
15:54:33.0233 0x0810  dam - ok
15:54:33.0236 0x0810  DcomLaunch - ok
15:54:33.0237 0x0810  DcpSvc - ok
15:54:33.0239 0x0810  defragsvc - ok
15:54:33.0241 0x0810  DeviceAssociationService - ok
15:54:33.0243 0x0810  DeviceInstall - ok
15:54:33.0245 0x0810  DevQueryBroker - ok
15:54:33.0246 0x0810  Dfsc - ok
15:54:33.0249 0x0810  Dhcp - ok
15:54:33.0251 0x0810  diagnosticshub.standardcollector.service - ok
15:54:33.0253 0x0810  DiagTrack - ok
15:54:33.0255 0x0810  disk - ok
15:54:33.0256 0x0810  DmEnrollmentSvc - ok
15:54:33.0258 0x0810  dmvsc - ok
15:54:33.0260 0x0810  dmwappushservice - ok
15:54:33.0262 0x0810  Dnscache - ok
15:54:33.0267 0x0810  dot3svc - ok
15:54:33.0269 0x0810  DPS - ok
15:54:33.0270 0x0810  drmkaud - ok
15:54:33.0272 0x0810  DsmSvc - ok
15:54:33.0274 0x0810  DsSvc - ok
15:54:33.0276 0x0810  DXGKrnl - ok
15:54:33.0278 0x0810  e1iexpress - ok
15:54:33.0280 0x0810  Eaphost - ok
15:54:33.0289 0x0810  [ B6572CC49E8D0DBCCAB230B4DAB06FB1, 8DEABC39E09ABBA51BA1739A34E77F955E0D9D77094575EBB927CA320D874B25 ] EaseUS Agent    C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
15:54:33.0294 0x0810  EaseUS Agent - detected UnsignedFile.Multi.Generic ( 1 )
15:54:35.0619 0x0810  Detect skipped due to KSN trusted
15:54:35.0619 0x0810  EaseUS Agent - ok
15:54:35.0624 0x0810  ebdrv - ok
15:54:35.0629 0x0810  EFS - ok
15:54:35.0634 0x0810  EhStorClass - ok
15:54:35.0639 0x0810  EhStorTcgDrv - ok
15:54:35.0644 0x0810  embeddedmode - ok
15:54:35.0650 0x0810  EntAppSvc - ok
15:54:35.0654 0x0810  ErrDev - ok
15:54:35.0665 0x0810  [ A40A3A4653A18A0DA6522CEC69547B9F, ABB8D6C5A890D15DE9B96768BC91F48D7223C514C480706884D3C96FF539DC0D ] EUBAKUP         C:\WINDOWS\system32\drivers\eubakup.sys
15:54:35.0675 0x0810  EUBAKUP - detected UnsignedFile.Multi.Generic ( 1 )
15:54:37.0999 0x0810  Detect skipped due to KSN trusted
15:54:37.0999 0x0810  EUBAKUP - ok
15:54:38.0009 0x0810  [ 23A4CFFF224CD9FA2226B64F1DCC4B4A, 67FD0393C592591CE9B87C21C78651CB73C1FB67C125B5B04D56F64C241F4F24 ] EUBKMON         C:\WINDOWS\system32\drivers\EUBKMON.sys
15:54:38.0016 0x0810  EUBKMON - detected UnsignedFile.Multi.Generic ( 1 )
15:54:40.0342 0x0810  Detect skipped due to KSN trusted
15:54:40.0342 0x0810  EUBKMON - ok
15:54:40.0347 0x0810  [ 38A68D8706F79429ACAD043BE3533B97, 19879137A938A77DB0DD68A15BEFB2908F4D592510EBA7B676BBB43CE93E2745 ] EUDSKACS        C:\Windows\system32\drivers\eudskacs.sys
15:54:40.0358 0x0810  EUDSKACS - detected UnsignedFile.Multi.Generic ( 1 )
15:54:42.0675 0x0810  Detect skipped due to KSN trusted
15:54:42.0675 0x0810  EUDSKACS - ok
15:54:42.0686 0x0810  [ 06BB97B21EF082703B7F3AE97F2DFFD8, E40C844E476B8500760549CF5A615A7EE094F18FA14F1C1DF08292B1B73EF804 ] EUFDDISK        C:\Windows\system32\drivers\EuFdDisk.sys
15:54:42.0709 0x0810  EUFDDISK - detected UnsignedFile.Multi.Generic ( 1 )
15:54:45.0030 0x0810  Detect skipped due to KSN trusted
15:54:45.0030 0x0810  EUFDDISK - ok
15:54:45.0037 0x0810  EventSystem - ok
15:54:45.0042 0x0810  exfat - ok
15:54:45.0047 0x0810  fastfat - ok
15:54:45.0052 0x0810  Fax - ok
15:54:45.0057 0x0810  fcvsc - ok
15:54:45.0060 0x0810  fdc - ok
15:54:45.0063 0x0810  fdPHost - ok
15:54:45.0066 0x0810  FDResPub - ok
15:54:45.0068 0x0810  fhsvc - ok
15:54:45.0071 0x0810  FileCrypt - ok
15:54:45.0074 0x0810  FileInfo - ok
15:54:45.0078 0x0810  Filetrace - ok
15:54:45.0080 0x0810  flpydisk - ok
15:54:45.0083 0x0810  FltMgr - ok
15:54:45.0086 0x0810  FontCache - ok
15:54:45.0089 0x0810  FontCache3.0.0.0 - ok
15:54:45.0090 0x0810  FsDepends - ok
15:54:45.0092 0x0810  Fs_Rec - ok
15:54:45.0094 0x0810  fvevol - ok
15:54:45.0096 0x0810  gagp30kx - ok
15:54:45.0098 0x0810  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
15:54:45.0101 0x0810  GEARAspiWDM - ok
15:54:45.0103 0x0810  gencounter - ok
15:54:45.0105 0x0810  genericusbfn - ok
15:54:45.0123 0x0810  [ 5031F3E650D242EEECEB92EB9900FB93, FB51ADB81AC3E0097362BAECEC4F0C83C46E5505277B7F35FDCE9BF88B72C963 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
15:54:45.0141 0x0810  GfExperienceService - ok
15:54:45.0144 0x0810  GPIOClx0101 - ok
15:54:45.0145 0x0810  gpsvc - ok
15:54:45.0147 0x0810  GpuEnergyDrv - ok
15:54:45.0151 0x0810  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:54:45.0156 0x0810  gupdate - ok
15:54:45.0159 0x0810  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:54:45.0164 0x0810  gupdatem - ok
15:54:45.0166 0x0810  HDAudBus - ok
15:54:45.0167 0x0810  HidBatt - ok
15:54:45.0169 0x0810  HidBth - ok
15:54:45.0171 0x0810  hidi2c - ok
15:54:45.0173 0x0810  hidinterrupt - ok
15:54:45.0174 0x0810  HidIr - ok
15:54:45.0176 0x0810  hidserv - ok
15:54:45.0177 0x0810  HidUsb - ok
15:54:45.0179 0x0810  HomeGroupListener - ok
15:54:45.0182 0x0810  HomeGroupProvider - ok
15:54:45.0183 0x0810  HpSAMD - ok
15:54:45.0185 0x0810  HTTP - ok
15:54:45.0186 0x0810  hwpolicy - ok
15:54:45.0188 0x0810  hyperkbd - ok
15:54:45.0190 0x0810  HyperVideo - ok
15:54:45.0192 0x0810  i8042prt - ok
15:54:45.0193 0x0810  iaLPSSi_GPIO - ok
15:54:45.0195 0x0810  iaLPSSi_I2C - ok
15:54:45.0206 0x0810  [ BC14E2C46AECD17D22D3356CA0A2DD4B, B325BC739019AEE9BA787BD936A660439CA861F84A3289788ADB2DD7756F632B ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
15:54:45.0217 0x0810  iaStorA - ok
15:54:45.0219 0x0810  iaStorAV - ok
15:54:45.0221 0x0810  [ 10F228CC634E74B47FD48FDBFE0126D9, 1A761E43C4ABFCBDBD4CC1CA5630408DBFF470208E09D4A388B3B5B16CE677D1 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
15:54:45.0224 0x0810  IAStorDataMgrSvc - detected UnsignedFile.Multi.Generic ( 1 )
15:54:48.0537 0x0810  Detect skipped due to KSN trusted
15:54:48.0537 0x0810  IAStorDataMgrSvc - ok
15:54:48.0543 0x0810  [ 0475F003D7F3A949CA5BFC56C6B1DF43, 45A586407FF543DC4135E9601D647287A0355E0D0AF9E244C6B23CE7729EF6BD ] iaStorF         C:\WINDOWS\system32\drivers\iaStorF.sys
15:54:48.0553 0x0810  iaStorF - ok
15:54:48.0557 0x0810  iaStorV - ok
15:54:48.0567 0x0810  ibbus - ok
15:54:48.0575 0x0810  [ 86B750CC384F3A8B8C1D12F3188307AE, 222B271B1E958715FF54B63B4533FA24DF13191B99D1A406BF2E9A532E31FF30 ] ICQ Service     C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
15:54:48.0586 0x0810  ICQ Service - ok
15:54:48.0590 0x0810  icssvc - ok
15:54:48.0595 0x0810  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
15:54:48.0600 0x0810  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
15:54:50.0920 0x0810  Detect skipped due to KSN trusted
15:54:50.0920 0x0810  IDriverT - ok
15:54:50.0927 0x0810  IEEtwCollectorService - ok
15:54:50.0933 0x0810  IKEEXT - ok
15:54:51.0035 0x0810  [ 622868E4BAE8FBCD22CB1A5901A2C824, C1A2264C0984DD16C83B663C9CE43E049E1356E32C5771C3ACE225F285699138 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
15:54:51.0134 0x0810  IntcAzAudAddService - ok
15:54:51.0140 0x0810  intelide - ok
15:54:51.0141 0x0810  intelpep - ok
15:54:51.0143 0x0810  intelppm - ok
15:54:51.0145 0x0810  IoQos - ok
15:54:51.0147 0x0810  IpFilterDriver - ok
15:54:51.0149 0x0810  iphlpsvc - ok
15:54:51.0150 0x0810  IPMIDRV - ok
15:54:51.0152 0x0810  IPNAT - ok
15:54:51.0162 0x0810  [ 57A85230DA22ABCFD9AF2E5A3D946F41, 9E9217FF5AB64D06D79632B9F9CEDABA10F744C40896D7622D0FD397FD0E99BF ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:54:51.0173 0x0810  iPod Service - ok
15:54:51.0176 0x0810  IRENUM - ok
15:54:51.0177 0x0810  isapnp - ok
15:54:51.0179 0x0810  iScsiPrt - ok
15:54:51.0181 0x0810  kbdclass - ok
15:54:51.0183 0x0810  kbdhid - ok
15:54:51.0184 0x0810  kdnic - ok
15:54:51.0186 0x0810  KeyIso - ok
15:54:51.0187 0x0810  KSecDD - ok
15:54:51.0189 0x0810  KSecPkg - ok
15:54:51.0191 0x0810  ksthunk - ok
15:54:51.0193 0x0810  KtmRm - ok
15:54:51.0200 0x0810  [ 305BB2AC00D46542E0A653AB63F4ABB1, E3BE57A0EBB1194656D20C11688863A7864B06223419F688D82881F9F49604B6 ] LADF_CaptureOnly C:\WINDOWS\system32\DRIVERS\ladfGSCamd64.sys
15:54:51.0210 0x0810  LADF_CaptureOnly - ok
15:54:51.0214 0x0810  [ 28CDDC7D478A6313F55077416DCBD0DE, EE4174FC9444856DF0693D1A5F16EB88352A3B012AA82D49C462980703981A7A ] LADF_RenderOnly C:\WINDOWS\system32\DRIVERS\ladfGSRamd64.sys
15:54:51.0219 0x0810  LADF_RenderOnly - ok
15:54:51.0221 0x0810  LanmanServer - ok
15:54:51.0222 0x0810  LanmanWorkstation - ok
15:54:51.0225 0x0810  lfsvc - ok
15:54:51.0227 0x0810  [ 17325C9B9ADB2BB99049936D0C9812C8, 70ADDC85FD5757BC9C4B97F382B25A19851FF8275021FFC04A81E208A604F83E ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
15:54:51.0237 0x0810  LGBusEnum - ok
15:54:51.0239 0x0810  [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp      C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys
15:54:51.0243 0x0810  LGCoreTemp - ok
15:54:51.0246 0x0810  [ C7AF05942E041D4B1F345ACF79993BB3, E8FAAE356C99A11F6CF17640FD9C67F87AFBFEFB70C458CB85178F2AD94DF848 ] LGJoyXlCore     C:\WINDOWS\system32\drivers\LGJoyXlCore.sys
15:54:51.0253 0x0810  LGJoyXlCore - ok
15:54:51.0256 0x0810  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
15:54:51.0260 0x0810  LGSHidFilt - ok
15:54:51.0263 0x0810  [ 1DDB8DE3D6EEF31EDCF4977B2D2FAACC, 24291B522A596E2D9A1CDAC192DB1C7422D5DD0E87E5C8A5F5E2CAA90296BF23 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
15:54:51.0270 0x0810  LGVirHid - ok
15:54:51.0272 0x0810  [ B6552D382FF070B4ED34CBD6737277C0, 7C2C24454037170311B0267DEFB797E8DF8D157D62157D271BF7F5F74B2A12F3 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
15:54:51.0276 0x0810  LHidFilt - ok
15:54:51.0278 0x0810  LicenseManager - ok
15:54:51.0282 0x0810  [ B658B7076B1ACAA5876524595630F183, 3B800B81D0966C2B988857847F35FCA5BB446B368063B10094FB4483A1508B8E ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
15:54:51.0285 0x0810  lirsgt - detected UnsignedFile.Multi.Generic ( 1 )
15:54:53.0614 0x0810  Detect skipped due to KSN trusted
15:54:53.0614 0x0810  lirsgt - ok
15:54:53.0618 0x0810  lltdio - ok
15:54:53.0624 0x0810  lltdsvc - ok
15:54:53.0629 0x0810  lmhosts - ok
15:54:53.0636 0x0810  [ 73C1F563AB73D459DFFE682D66476558, 9B8BEE384C968DC6C37DD54B9128D9C2BA92EDBF7BDF49D753AA7DB165F18D00 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
15:54:53.0647 0x0810  LMouFilt - ok
15:54:53.0654 0x0810  LSI_SAS - ok
15:54:53.0659 0x0810  LSI_SAS2i - ok
15:54:53.0664 0x0810  LSI_SAS3i - ok
15:54:53.0668 0x0810  LSI_SSS - ok
15:54:53.0671 0x0810  LSM - ok
15:54:53.0673 0x0810  luafv - ok
15:54:53.0676 0x0810  MapsBroker - ok
15:54:53.0678 0x0810  megasas - ok
15:54:53.0681 0x0810  megasr - ok
15:54:53.0685 0x0810  [ E4DD818EF22BBBF4274AF767A96D34C8, 4796F543091E2FC2F143296C71CC13BE18646261E5E293A07C5872A544933826 ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
15:54:53.0691 0x0810  MEIx64 - ok
15:54:53.0696 0x0810  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:54:53.0702 0x0810  Microsoft Office Groove Audit Service - ok
15:54:53.0704 0x0810  mlx4_bus - ok
15:54:53.0705 0x0810  MMCSS - ok
15:54:53.0707 0x0810  Modem - ok
15:54:53.0709 0x0810  monitor - ok
15:54:53.0710 0x0810  mouclass - ok
15:54:53.0712 0x0810  mouhid - ok
15:54:53.0716 0x0810  mountmgr - ok
15:54:53.0719 0x0810  [ 8C7336950F1E69CDFD811CBBD9CF00A2, 6A85107B66936B3AAB10A4209F17A72BA86923B95A334B12F48D8512EB93CBAA ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:54:53.0724 0x0810  MozillaMaintenance - ok
15:54:53.0725 0x0810  mpsdrv - ok
15:54:53.0727 0x0810  MpsSvc - ok
15:54:53.0729 0x0810  MQAC - ok
15:54:53.0732 0x0810  MRxDAV - ok
15:54:53.0734 0x0810  mrxsmb - ok
15:54:53.0735 0x0810  mrxsmb10 - ok
15:54:53.0737 0x0810  mrxsmb20 - ok
15:54:53.0739 0x0810  MsBridge - ok
15:54:53.0741 0x0810  MSDTC - ok
15:54:53.0744 0x0810  Msfs - ok
15:54:53.0746 0x0810  msgpiowin32 - ok
15:54:53.0747 0x0810  mshidkmdf - ok
15:54:53.0749 0x0810  mshidumdf - ok
15:54:53.0751 0x0810  msisadrv - ok
15:54:53.0753 0x0810  MSiSCSI - ok
15:54:53.0754 0x0810  msiserver - ok
15:54:53.0756 0x0810  MSKSSRV - ok
15:54:53.0758 0x0810  MsLldp - ok
15:54:53.0759 0x0810  MSMQ - ok
15:54:53.0761 0x0810  MSPCLOCK - ok
15:54:53.0763 0x0810  MSPQM - ok
15:54:53.0765 0x0810  MsRPC - ok
15:54:53.0767 0x0810  mssmbios - ok
15:54:53.0769 0x0810  MSTEE - ok
15:54:53.0771 0x0810  MTConfig - ok
15:54:53.0772 0x0810  Mup - ok
15:54:53.0775 0x0810  [ A56731462518CCE74EB0DB38C2A04986, 0E38662CC1D90E1A2DBE0835B0C23ED81CC48868104CBF637DB1C9881821A9B9 ] mv91cons        C:\WINDOWS\system32\drivers\mv91cons.sys
15:54:53.0779 0x0810  mv91cons - ok
15:54:53.0784 0x0810  [ 232DE45537AE5652C64F0B8669081D02, 5382E94E1A61C78D36C77B4ABEA62F345C715FC60D8F3D35F29363BAB1DE10CC ] mvs91xx         C:\WINDOWS\system32\drivers\mvs91xx.sys
15:54:53.0792 0x0810  mvs91xx - ok
15:54:53.0794 0x0810  mvumis - ok
15:54:53.0796 0x0810  NativeWifiP - ok
15:54:53.0798 0x0810  NcaSvc - ok
15:54:53.0800 0x0810  NcbService - ok
15:54:53.0801 0x0810  NcdAutoSetup - ok
15:54:53.0803 0x0810  ndfltr - ok
15:54:53.0805 0x0810  NDIS - ok
15:54:53.0806 0x0810  NdisCap - ok
15:54:53.0808 0x0810  NdisImPlatform - ok
15:54:53.0810 0x0810  NdisTapi - ok
15:54:53.0812 0x0810  Ndisuio - ok
15:54:53.0813 0x0810  NdisVirtualBus - ok
15:54:53.0815 0x0810  NdisWan - ok
15:54:53.0817 0x0810  ndiswanlegacy - ok
15:54:53.0819 0x0810  ndproxy - ok
15:54:53.0820 0x0810  Ndu - ok
15:54:53.0823 0x0810  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\WINDOWS\System32\drivers\netaapl64.sys
15:54:53.0832 0x0810  Netaapl - ok
15:54:53.0834 0x0810  NetBIOS - ok
15:54:53.0836 0x0810  NetBT - ok
15:54:53.0838 0x0810  Netlogon - ok
15:54:53.0840 0x0810  Netman - ok
15:54:53.0844 0x0810  NetMsmqActivator - ok
15:54:53.0845 0x0810  NetPipeActivator - ok
15:54:53.0847 0x0810  netprofm - ok
15:54:53.0849 0x0810  NetSetupSvc - ok
15:54:53.0850 0x0810  NetTcpActivator - ok
15:54:53.0852 0x0810  NetTcpPortSharing - ok
15:54:53.0854 0x0810  netvsc - ok
15:54:53.0857 0x0810  NgcCtnrSvc - ok
15:54:53.0858 0x0810  NgcSvc - ok
15:54:53.0860 0x0810  NlaSvc - ok
15:54:53.0862 0x0810  Npfs - ok
15:54:53.0864 0x0810  npsvctrig - ok
15:54:53.0866 0x0810  nsi - ok
15:54:53.0867 0x0810  nsiproxy - ok
15:54:53.0870 0x0810  NTFS - ok
15:54:53.0871 0x0810  Null - ok
15:54:53.0876 0x0810  [ B9E5A80F646DDFEF158773722A466EA3, 028979FE600D17DA70445F44D81FAE4EDA3478FCC81FA5506133CCAC37C4E2BF ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
15:54:53.0884 0x0810  NVHDA - ok
15:54:54.0033 0x0810  [ 5FB73F2354F2993136567EB209F4835A, 40EA334DEDEB76C101CC432D1D07E59F1CD123D01778BE80193F821FC211512B ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
15:54:54.0234 0x0810  nvlddmkm - ok
15:54:54.0268 0x0810  [ 4EBEE69A8FE7DC85FD3C122821C617A0, 7193C14DEB4C5B0D86C5C6841C80879C28E1FDA8F77879EB18A3D2685C67B986 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:54:54.0295 0x0810  NvNetworkService - ok
15:54:54.0298 0x0810  nvraid - ok
15:54:54.0299 0x0810  nvstor - ok
15:54:54.0301 0x0810  [ 0EF30778078D7B5877F8F57151699798, B0409C79143BDBB774C3C740CCA8EB77CF67915E59EC6050DB993ED0575EC077 ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
15:54:54.0305 0x0810  NvStreamKms - ok
15:54:54.0380 0x0810  [ D23A07D549243F5B77780BAA4FBF5BC3, 5BC5161CAE6BE6382BDCDE9B1CDD5F4DEBC3EA18D01B0E261AF716FDB04154BC ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
15:54:54.0454 0x0810  NvStreamSvc - ok
15:54:54.0473 0x0810  [ AE16891F2D960D9B312D704A8122AB29, DD9767637CC34C3D0EED6243FAD3D3D321873A5B72688CAD31895655A933055F ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:54:54.0493 0x0810  nvsvc - ok
15:54:54.0496 0x0810  [ 4F00008B513F4019623ED61159363888, A1047FF1FCF3ED405C3426C8959AD10426F30E3F58E95BFD6ADF1DBC947AB379 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
15:54:54.0501 0x0810  nvvad_WaveExtensible - ok
15:54:54.0502 0x0810  nv_agp - ok
15:54:54.0511 0x0810  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:54:54.0520 0x0810  odserv - ok
15:54:54.0522 0x0810  OneSyncSvc - ok
15:54:54.0639 0x0810  [ 4F9FFCF12B6ED0B4DAC95427772C226E, 4A79AEC410ED1034366FAC1388FB29381EE6541AA17E3652BE86265D09541C56 ] Origin Client Service E:\Program Files (x86)\Origin\OriginClientService.exe
15:54:54.0695 0x0810  Origin Client Service - ok
15:54:54.0700 0x0810  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:54:54.0705 0x0810  ose - ok
15:54:54.0708 0x0810  p2pimsvc - ok
15:54:54.0710 0x0810  p2psvc - ok
15:54:54.0711 0x0810  Parport - ok
15:54:54.0713 0x0810  partmgr - ok
15:54:54.0715 0x0810  PcaSvc - ok
15:54:54.0717 0x0810  pci - ok
15:54:54.0718 0x0810  pciide - ok
15:54:54.0720 0x0810  pcmcia - ok
15:54:54.0722 0x0810  pcw - ok
15:54:54.0723 0x0810  pdc - ok
15:54:54.0725 0x0810  PEAUTH - ok
15:54:54.0727 0x0810  percsas2i - ok
15:54:54.0729 0x0810  percsas3i - ok
15:54:54.0750 0x0810  PerfHost - ok
15:54:54.0754 0x0810  PimIndexMaintenanceSvc - ok
15:54:54.0756 0x0810  pla - ok
15:54:54.0758 0x0810  PlugPlay - ok
15:54:54.0761 0x0810  [ CD421DDB5C6E5458CE52EDC36DE7DC5B, 7B9C0A8B2B86BBF5D7E02F2620B0015A2530CBBC99724BE20313DE53EB31D62E ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
15:54:54.0769 0x0810  PnkBstrA - ok
15:54:54.0771 0x0810  PNRPAutoReg - ok
15:54:54.0772 0x0810  PNRPsvc - ok
15:54:54.0774 0x0810  PolicyAgent - ok
15:54:54.0776 0x0810  Power - ok
15:54:54.0778 0x0810  PptpMiniport - ok
15:54:54.0833 0x0810  [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
15:54:54.0917 0x0810  PrintNotify - ok
15:54:54.0921 0x0810  Processor - ok
15:54:54.0922 0x0810  ProfSvc - ok
15:54:54.0924 0x0810  Psched - ok
15:54:54.0926 0x0810  [ C32ECB99AD25E9A04F01C8665DF29EF8, 0489B3DEC6A33E50D8A48A8DAD3F5B923A81F7300E4A71358D90D2879BAC9AA2 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
15:54:54.0935 0x0810  pwdrvio - ok
15:54:54.0937 0x0810  [ D619356B955EEFA642F5FF72755E8B3C, 1FD54978A77ACD6FBF1236E177ED074894743A9141E4169FE9AFE28680FC93C5 ] pwdspio         C:\Windows\system32\pwdspio.sys
15:54:54.0944 0x0810  pwdspio - ok
15:54:54.0946 0x0810  QWAVE - ok
15:54:54.0948 0x0810  QWAVEdrv - ok
15:54:54.0949 0x0810  RasAcd - ok
15:54:54.0951 0x0810  RasAgileVpn - ok
15:54:54.0953 0x0810  RasAuto - ok
15:54:54.0954 0x0810  Rasl2tp - ok
15:54:54.0956 0x0810  RasMan - ok
15:54:54.0958 0x0810  RasPppoe - ok
15:54:54.0959 0x0810  RasSstp - ok
15:54:54.0961 0x0810  rdbss - ok
15:54:54.0964 0x0810  rdpbus - ok
15:54:54.0966 0x0810  RDPDR - ok
15:54:54.0969 0x0810  RdpVideoMiniport - ok
15:54:54.0971 0x0810  rdyboost - ok
15:54:54.0973 0x0810  ReFSv1 - ok
15:54:54.0975 0x0810  RemoteAccess - ok
15:54:54.0976 0x0810  RemoteRegistry - ok
15:54:54.0978 0x0810  RetailDemo - ok
15:54:54.0980 0x0810  RpcEptMapper - ok
15:54:54.0982 0x0810  RpcLocator - ok
15:54:54.0983 0x0810  RpcSs - ok
15:54:54.0985 0x0810  rspndr - ok
15:54:54.0987 0x0810  s3cap - ok
15:54:54.0988 0x0810  SamSs - ok
15:54:54.0990 0x0810  sbp2port - ok
15:54:54.0992 0x0810  SCardSvr - ok
15:54:54.0993 0x0810  ScDeviceEnum - ok
15:54:54.0995 0x0810  scfilter - ok
15:54:54.0997 0x0810  Schedule - ok
15:54:54.0999 0x0810  SCPolicySvc - ok
15:54:55.0000 0x0810  sdbus - ok
15:54:55.0002 0x0810  SDRSVC - ok
15:54:55.0004 0x0810  sdstor - ok
15:54:55.0005 0x0810  SecDrv - ok
15:54:55.0007 0x0810  seclogon - ok
15:54:55.0009 0x0810  SENS - ok
15:54:55.0011 0x0810  SensorDataService - ok
15:54:55.0012 0x0810  SensorService - ok
15:54:55.0014 0x0810  SensrSvc - ok
15:54:55.0016 0x0810  SerCx - ok
15:54:55.0017 0x0810  SerCx2 - ok
15:54:55.0019 0x0810  Serenum - ok
15:54:55.0021 0x0810  Serial - ok
15:54:55.0022 0x0810  sermouse - ok
15:54:55.0027 0x0810  SessionEnv - ok
15:54:55.0032 0x0810  sfloppy - ok
15:54:55.0034 0x0810  SharedAccess - ok
15:54:55.0036 0x0810  ShellHWDetection - ok
15:54:55.0037 0x0810  SiSRaid2 - ok
15:54:55.0039 0x0810  SiSRaid4 - ok
15:54:55.0046 0x0810  [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
15:54:55.0055 0x0810  SkypeUpdate - ok
15:54:55.0057 0x0810  smphost - ok
15:54:55.0059 0x0810  SmsRouter - ok
15:54:55.0063 0x0810  SNMPTRAP - ok
15:54:55.0065 0x0810  spaceport - ok
15:54:55.0066 0x0810  SpbCx - ok
15:54:55.0069 0x0810  Spooler - ok
15:54:55.0070 0x0810  sppsvc - ok
15:54:55.0072 0x0810  srv - ok
15:54:55.0074 0x0810  srv2 - ok
15:54:55.0075 0x0810  srvnet - ok
15:54:55.0077 0x0810  SSDPSRV - ok
15:54:55.0079 0x0810  SstpSvc - ok
15:54:55.0082 0x0810  StateRepository - ok
15:54:55.0095 0x0810  [ 2A6EDC2FBB4B9C11BB21BE3881C7A692, 74482CA4EC2B98C069A32C224BA5449AE10A8B41BFC053A4C23B6F65113A97A4 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
15:54:55.0109 0x0810  Steam Client Service - ok
15:54:55.0117 0x0810  [ 7477A8BD87856CBDF92BBD72692649A8, D13D117506D350AAC555C2ACB1DABDFAB199A954E1220940C91F2551BEF9D2E4 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:54:55.0126 0x0810  Stereo Service - ok
15:54:55.0128 0x0810  stexstor - ok
15:54:55.0130 0x0810  [ 7C4D2F167FA6153B4FE7145FE6D3DF15, F39ED9CDF323DDC57D0F64F9CC121E911EA53819A3A941A2F6EA557C35FCB372 ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
15:54:55.0137 0x0810  StillCam - ok
15:54:55.0139 0x0810  stisvc - ok
15:54:55.0140 0x0810  storahci - ok
15:54:55.0142 0x0810  storflt - ok
15:54:55.0144 0x0810  stornvme - ok
15:54:55.0148 0x0810  storqosflt - ok
15:54:55.0150 0x0810  StorSvc - ok
15:54:55.0152 0x0810  storufs - ok
15:54:55.0153 0x0810  storvsc - ok
15:54:55.0156 0x0810  svsvc - ok
15:54:55.0171 0x0810  swenum - ok
15:54:55.0172 0x0810  swprv - ok
15:54:55.0174 0x0810  Synth3dVsc - ok
15:54:55.0176 0x0810  SysMain - ok
15:54:55.0177 0x0810  SystemEventsBroker - ok
15:54:55.0179 0x0810  TabletInputService - ok
15:54:55.0181 0x0810  TapiSrv - ok
15:54:55.0182 0x0810  Tcpip - ok
15:54:55.0184 0x0810  Tcpip6 - ok
15:54:55.0186 0x0810  tcpipreg - ok
15:54:55.0189 0x0810  tdx - ok
15:54:55.0268 0x0810  [ 8305FB462C325A67628E0556DF244B8B, 4ABD5D14E64BE07DD9332E39C3B902A40BD1E763A075F68F0048A7FAEB3019D5 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
15:54:55.0343 0x0810  TeamViewer - ok
15:54:55.0349 0x0810  terminpt - ok
15:54:55.0351 0x0810  TermService - ok
15:54:55.0352 0x0810  Themes - ok
15:54:55.0354 0x0810  tiledatamodelsvc - ok
15:54:55.0356 0x0810  TimeBroker - ok
15:54:55.0357 0x0810  TPM - ok
15:54:55.0359 0x0810  TrkWks - ok
15:54:55.0361 0x0810  TrustedInstaller - ok
15:54:55.0365 0x0810  TsUsbFlt - ok
15:54:55.0367 0x0810  TsUsbGD - ok
15:54:55.0369 0x0810  tunnel - ok
15:54:55.0370 0x0810  uagp35 - ok
15:54:55.0372 0x0810  UASPStor - ok
15:54:55.0374 0x0810  UcmCx0101 - ok
15:54:55.0376 0x0810  UcmUcsi - ok
15:54:55.0377 0x0810  Ucx01000 - ok
15:54:55.0379 0x0810  UdeCx - ok
15:54:55.0381 0x0810  udfs - ok
15:54:55.0382 0x0810  UEFI - ok
15:54:55.0384 0x0810  Ufx01000 - ok
15:54:55.0386 0x0810  UfxChipidea - ok
15:54:55.0388 0x0810  ufxsynopsys - ok
15:54:55.0391 0x0810  UI0Detect - ok
15:54:55.0393 0x0810  uliagpkx - ok
15:54:55.0394 0x0810  umbus - ok
15:54:55.0396 0x0810  UmPass - ok
15:54:55.0398 0x0810  UmRdpService - ok
15:54:55.0400 0x0810  UnistoreSvc - ok
15:54:55.0402 0x0810  upnphost - ok
15:54:55.0404 0x0810  UrsChipidea - ok
15:54:55.0406 0x0810  UrsCx01000 - ok
15:54:55.0407 0x0810  UrsSynopsys - ok
15:54:55.0410 0x0810  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
15:54:55.0419 0x0810  USBAAPL64 - ok
15:54:55.0421 0x0810  usbaudio - ok
15:54:55.0423 0x0810  usbccgp - ok
15:54:55.0424 0x0810  usbcir - ok
15:54:55.0427 0x0810  usbehci - ok
15:54:55.0428 0x0810  usbhub - ok
15:54:55.0430 0x0810  USBHUB3 - ok
15:54:55.0432 0x0810  usbohci - ok
15:54:55.0434 0x0810  usbprint - ok
15:54:55.0436 0x0810  usbser - ok
15:54:55.0437 0x0810  USBSTOR - ok
15:54:55.0439 0x0810  usbuhci - ok
15:54:55.0441 0x0810  USBXHCI - ok
15:54:55.0443 0x0810  UserDataSvc - ok
15:54:55.0445 0x0810  UserManager - ok
15:54:55.0447 0x0810  UsoSvc - ok
15:54:55.0448 0x0810  VaultSvc - ok
15:54:55.0450 0x0810  vdrvroot - ok
15:54:55.0452 0x0810  vds - ok
15:54:55.0453 0x0810  VerifierExt - ok
15:54:55.0455 0x0810  vhdmp - ok
15:54:55.0457 0x0810  vhf - ok
15:54:55.0459 0x0810  vmbus - ok
15:54:55.0460 0x0810  VMBusHID - ok
15:54:55.0462 0x0810  vmicguestinterface - ok
15:54:55.0464 0x0810  vmicheartbeat - ok
15:54:55.0466 0x0810  vmickvpexchange - ok
15:54:55.0467 0x0810  vmicrdv - ok
15:54:55.0469 0x0810  vmicshutdown - ok
15:54:55.0470 0x0810  vmictimesync - ok
15:54:55.0472 0x0810  vmicvmsession - ok
15:54:55.0473 0x0810  vmicvss - ok
15:54:55.0475 0x0810  volmgr - ok
15:54:55.0477 0x0810  volmgrx - ok
15:54:55.0479 0x0810  volsnap - ok
15:54:55.0480 0x0810  vpci - ok
15:54:55.0482 0x0810  vsmraid - ok
15:54:55.0484 0x0810  VSS - ok
15:54:55.0485 0x0810  VSTXRAID - ok
15:54:55.0487 0x0810  vwifibus - ok
15:54:55.0489 0x0810  vwififlt - ok
15:54:55.0491 0x0810  W32Time - ok
15:54:55.0493 0x0810  w3logsvc - ok
15:54:55.0494 0x0810  W3SVC - ok
15:54:55.0496 0x0810  WacomPen - ok
15:54:55.0498 0x0810  WalletService - ok
15:54:55.0499 0x0810  wanarp - ok
15:54:55.0501 0x0810  wanarpv6 - ok
15:54:55.0503 0x0810  WAS - ok
15:54:55.0504 0x0810  wbengine - ok
15:54:55.0506 0x0810  WbioSrvc - ok
15:54:55.0508 0x0810  Wcmsvc - ok
15:54:55.0510 0x0810  wcncsvc - ok
15:54:55.0511 0x0810  WcsPlugInService - ok
15:54:55.0513 0x0810  WdBoot - ok
15:54:55.0515 0x0810  Wdf01000 - ok
15:54:55.0516 0x0810  WdFilter - ok
15:54:55.0518 0x0810  WdiServiceHost - ok
15:54:55.0520 0x0810  WdiSystemHost - ok
15:54:55.0521 0x0810  wdiwifi - ok
15:54:55.0523 0x0810  WdNisDrv - ok
15:54:55.0525 0x0810  WdNisSvc - ok
15:54:55.0527 0x0810  WebClient - ok
15:54:55.0528 0x0810  Wecsvc - ok
15:54:55.0530 0x0810  WEPHOSTSVC - ok
15:54:55.0532 0x0810  wercplsupport - ok
15:54:55.0533 0x0810  WerSvc - ok
15:54:55.0535 0x0810  wfpcapture - ok
15:54:55.0537 0x0810  WFPLWFS - ok
15:54:55.0538 0x0810  WiaRpc - ok
15:54:55.0540 0x0810  WIMMount - ok
15:54:55.0541 0x0810  WinDefend - ok
15:54:55.0545 0x0810  WindowsTrustedRT - ok
15:54:55.0547 0x0810  WindowsTrustedRTProxy - ok
15:54:55.0549 0x0810  WinHttpAutoProxySvc - ok
15:54:55.0551 0x0810  WinMad - ok
15:54:55.0555 0x0810  Winmgmt - ok
15:54:55.0556 0x0810  WinRM - ok
15:54:55.0559 0x0810  WINUSB - ok
15:54:55.0561 0x0810  WinVerbs - ok
15:54:55.0563 0x0810  WlanSvc - ok
15:54:55.0565 0x0810  wlidsvc - ok
15:54:55.0566 0x0810  WmiAcpi - ok
15:54:55.0569 0x0810  wmiApSrv - ok
15:54:55.0571 0x0810  WMPNetworkSvc - ok
15:54:55.0573 0x0810  Wof - ok
15:54:55.0575 0x0810  workfolderssvc - ok
15:54:55.0577 0x0810  wpcfltr - ok
15:54:55.0580 0x0810  WPDBusEnum - ok
15:54:55.0582 0x0810  WpdUpFltr - ok
15:54:55.0583 0x0810  WpnService - ok
15:54:55.0585 0x0810  ws2ifsl - ok
15:54:55.0587 0x0810  wscsvc - ok
15:54:55.0588 0x0810  WSDPrintDevice - ok
15:54:55.0590 0x0810  WSDScan - ok
15:54:55.0592 0x0810  WSearch - ok
15:54:55.0596 0x0810  WSService - ok
15:54:55.0597 0x0810  wuauserv - ok
15:54:55.0599 0x0810  WudfPf - ok
15:54:55.0601 0x0810  WUDFRd - ok
15:54:55.0603 0x0810  wudfsvc - ok
15:54:55.0604 0x0810  WUDFWpdFs - ok
15:54:55.0606 0x0810  WUDFWpdMtp - ok
15:54:55.0608 0x0810  WwanSvc - ok
15:54:55.0609 0x0810  XblAuthManager - ok
15:54:55.0611 0x0810  XblGameSave - ok
15:54:55.0614 0x0810  xboxgip - ok
15:54:55.0616 0x0810  XboxNetApiSvc - ok
15:54:55.0618 0x0810  xinputhid - ok
15:54:55.0619 0x0810  ================ Scan global ===============================
15:54:55.0626 0x0810  [ Global ] - ok
15:54:55.0626 0x0810  ================ Scan MBR ==================================
15:54:55.0627 0x0810  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:54:55.0652 0x0810  \Device\Harddisk1\DR1 - ok
15:54:55.0653 0x0810  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:54:55.0697 0x0810  \Device\Harddisk0\DR0 - ok
15:54:55.0697 0x0810  ================ Scan VBR ==================================
15:54:55.0698 0x0810  [ A3231EAAA0E80DEFC8DB538E8B06DF0B ] \Device\Harddisk1\DR1\Partition1
15:54:55.0699 0x0810  \Device\Harddisk1\DR1\Partition1 - ok
15:54:55.0700 0x0810  [ 8DE403B6B6D0A6C4A0B18AAF4A49487B ] \Device\Harddisk1\DR1\Partition2
15:54:55.0701 0x0810  \Device\Harddisk1\DR1\Partition2 - ok
15:54:55.0702 0x0810  [ F3C37D13917630C1CDB12EF7C57CB9A9 ] \Device\Harddisk0\DR0\Partition1
15:54:55.0743 0x0810  \Device\Harddisk0\DR0\Partition1 - ok
15:54:55.0744 0x0810  ================ Scan generic autorun ======================
15:54:55.0968 0x0810  [ 65E8545F1297CD83534C354A7BED1848, 19B3F3C17A335837454DC1851C6436D0BB2D8B1595AEB4DC71265FB20868B48F ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:54:56.0146 0x0810  RTHDVCPL - ok
15:54:56.0189 0x0810  [ 8F82FFC6CD0F4C83F4565E1A40332CCD, 45D17603664CBE2C4236AEDB3C21D585C8225A3D3B1118365EE2C6BFDB8A7890 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:54:56.0225 0x0810  NvBackend - ok
15:54:56.0227 0x0810  ShadowPlay - ok
15:54:56.0431 0x0810  [ 4914D5FCBE8C478DCCDCB58945EEFAFC, A59B49114429A4DB8789AD7DE35C44B8EED0BF5B39A1814512DD91DB2F94FCCB ] C:\Program Files\Logitech Gaming Software\LCore.exe
15:54:56.0617 0x0810  Launch LCore - ok
15:54:56.0696 0x0810  [ 6D44DE61A0BC7EE359D65992665C6432, 5A3C2D57A293B9BDD7CB1A4AA0ACF19374866F8A88EF132E350E5973CB4F7662 ] E:\Program Files\iTunes\iTunesHelper.exe
15:54:56.0710 0x0810  iTunesHelper - ok
15:54:56.0723 0x0810  [ 994B8BF5CA5FD971647DD9E41630973E, 062A8F2D3E40BC0D8B53030507AA04C348AB52843EF78ED63BDE5233C607BECA ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
15:54:56.0736 0x0810  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
15:54:59.0061 0x0810  Detect skipped due to KSN trusted
15:54:59.0061 0x0810  IAStorIcon - ok
15:54:59.0067 0x0810  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
15:54:59.0079 0x0810  GrooveMonitor - ok
15:54:59.0106 0x0810  [ C1A86A6D6847DEFF009EAE85BA0C1F20, 7DC2A823FA281117B335B74876469C788A5C81534251179BE86F3FB35F1B6D67 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
15:54:59.0127 0x0810  avgnt - ok
15:54:59.0137 0x0810  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
15:54:59.0148 0x0810  SunJavaUpdateSched - ok
15:54:59.0168 0x0810  OneDriveSetup - ok
15:54:59.0169 0x0810  OneDriveSetup - ok
15:54:59.0200 0x0810  [ F34001FB7E4EA94D404339CD8B15D84C, 7E76FD43729CE6B6F29C2ED4F6B41BE3232390D9E6224F65AB506C0846BB557D ] C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe
15:54:59.0230 0x0810  Spotify Web Helper - ok
15:54:59.0356 0x0810  [ 86BF17A265E1B4BA41325623EC132E66, 4414B5F01A78B76BFC1A7C39F595645A09E674FA6DE7991F31BA6673EEB23F9E ] E:\Program Files (x86)\Steam\steam.exe
15:54:59.0397 0x0810  Steam - ok
15:54:59.0399 0x0810  OneDriveSetup - ok
15:54:59.0400 0x0810  Waiting for KSN requests completion. In queue: 48
15:55:00.0400 0x0810  Waiting for KSN requests completion. In queue: 48
15:55:01.0401 0x0810  Waiting for KSN requests completion. In queue: 48
15:55:01.0753 0x1098  Object required for P2P: [ 8305FB462C325A67628E0556DF244B8B ] TeamViewer
15:55:02.0401 0x0810  Waiting for KSN requests completion. In queue: 11
15:55:03.0401 0x0810  Waiting for KSN requests completion. In queue: 11
15:55:04.0345 0x1098  Object send P2P result: true
15:55:04.0417 0x0810  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.13.202 ), 0x41000 ( enabled : updated )
15:55:04.0421 0x0810  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
15:55:04.0453 0x0810  Win FW state via NFP2: enabled ( trusted )
15:55:06.0868 0x0810  ============================================================
15:55:06.0868 0x0810  Scan finished
15:55:06.0868 0x0810  ============================================================
15:55:06.0881 0x05b0  Detected object count: 0
15:55:06.0881 0x05b0  Actual detected object count: 0
         
PS: Habe anhand des Email-Quellcodes herausgefunden dass meine Mails aus Ungarn und über eine weitere IP verschickt werden die ich nach mehreren Stationen in den USA nicht nachverfolgen kann. (Windows tracert CMD)

Gruß

Alt 02.10.2015, 15:56   #5
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    FixMyRegistry


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 02.10.2015, 16:56   #6
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Mbam
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.10.2015
Suchlaufzeit: 17:29
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.1.8.1057
Malware-Datenbank: v2015.10.02.05
Rootkit-Datenbank: v2015.09.22.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Sven

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 515716
Abgelaufene Zeit: 7 Min., 29 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
PUP.Optional.ICQToolbar, C:\Program Files (x86)\ICQ6Toolbar, Löschen bei Neustart, [260767ebb0dbdd59375993928d76ef11], 

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
JRT
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 10 Home x64
Ran by Sven on 02.10.2015 at 17:50:44,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Tasks



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\SysWOW64\RENDAC8.tmp



~~~ Folders

Successfully deleted: [Folder] C:\Users\Sven\AppData\Roaming\getrighttogo





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.10.2015 at 17:51:42,40
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
ADWClean
Code:
ATTFilter
# AdwCleaner v5.009 - Bericht erstellt am 02/10/2015 um 17:46:53
# Aktualisiert am 27/09/2015 von Xplode
# Datenbank : 2015-09-30.1 [Server]
# Betriebssystem : Windows 10 Home  (x64)
# Benutzername : Sven - SVEN-PC
# Gestartet von : E:\Imaginärer Desktop\Downloads\AdwCleaner_5.009.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner Gelöscht : C:\ProgramData\RegClean
[-] Ordner Gelöscht : C:\Users\Sven\AppData\Local\YSearchUtil
[-] Ordner Gelöscht : C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
[-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Local\YSearchUtil

***** [ Dateien ] *****


***** [ Verknüpfungen ] *****


***** [ Geplante Tasks ] *****

[-] Task Gelöscht : Adobe Flash Player Updater

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
[-] Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
[-] Schlüssel Gelöscht : HKCU\Software\APN PIP
[-] Schlüssel Gelöscht : HKCU\Software\ICQ\ICQToolbar
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKCU\Software\smarttweak
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\ICQ\ICQToolbar
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\APN PIP
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\ICQ\ICQToolbar
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\OCS
[!] Schlüssel Nicht Gelöscht : [x64] HKCU\Software\smarttweak
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\systweak
[!] Daten Nicht Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
[!] Daten Nicht Wiederhergestellt : HKU\S-1-5-21-2376779872-2597445691-444311316-1000\Software\Microsoft\Internet Explorer\Main [ICQ Search]

***** [ Internetbrowser ] *****

[-] [C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\prefs.js] [Preference] Gelöscht : user_pref("icqtoolbar.installsource", "1");
[-] [C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\prefs.js] [Preference] Gelöscht : user_pref("icqtoolbar.skip_default_search", "yes");

*************************

:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2876 Bytes] ##########
         
FRST
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
durchgeführt von Sven (Administrator) auf SVEN-PC (02-10-2015 17:53:39)
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Sven & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(Mozilla Corporation) E:\Mozilla\firefox.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation) E:\Mozilla\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_185.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-10-12] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Run: [Spotify Web Helper] => C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-05] (Spotify Ltd)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\MountPoints2: {42a026c9-342a-11e4-9c33-806e6f6e6963} - "F:\autorun.exe" 
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-01-04]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b4064000-a755-4536-826f-dd0fcd003147}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e4098305-1e64-4aa0-84a3-af8930013e28}: [DhcpNameServer] 139.7.30.126 139.7.30.125

Internet Explorer:
==================
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = 
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> {F8BF49F2-E55D-45A6-AE48-91858F3A84AD} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-08] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2376779872-2597445691-444311316-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2376779872-2597445691-444311316-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-15] ()
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\google-images.xml [2014-09-16]
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\google-maps.xml [2014-09-16]
FF Extension: Cliqz - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\Extensions\cliqz@cliqz.com.xpi [2014-09-16]
FF HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\extensions\cliqz@cliqz.com => nicht gefunden
StartMenuInternet: FIREFOX.EXE - E:\Mozilla\firefox.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
S2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-07-27] ()
S2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37448 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2011-10-12] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-04] (Microsoft Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-03] (Electronic Arts)
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-06-29] ()
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-04] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-02-02] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148632 2015-08-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2014-08-14] () [Datei ist nicht signiert]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-10-12] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-02-02] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2015-08-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-02 17:53 - 2015-10-02 17:53 - 00017941 _____ C:\Users\Sven\Desktop\FRST.txt
2015-10-02 17:52 - 2015-10-02 17:52 - 00002975 _____ C:\Users\Sven\Desktop\AdwCleaner[C1].txt
2015-10-02 17:51 - 2015-10-02 17:51 - 00000738 _____ C:\Users\Sven\Desktop\JRT.txt
2015-10-02 17:48 - 2015-10-02 17:48 - 00016148 _____ C:\WINDOWS\system32\SVEN-PC_Sven_HistoryPrediction.bin
2015-10-02 17:42 - 2015-10-02 17:42 - 00001278 _____ C:\Users\Sven\Desktop\mbam.txt
2015-10-02 17:40 - 2015-10-02 17:48 - 00018834 _____ C:\WINDOWS\PFRO.log
2015-10-02 17:27 - 2015-10-02 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-02 17:27 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-02 17:27 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-02 17:24 - 2015-10-02 17:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-10-01 15:26 - 2015-10-02 17:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-01 15:25 - 2015-10-02 17:42 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-01 15:25 - 2015-10-02 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-01 15:24 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-01 13:30 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 13:30 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 13:30 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:30 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 13:30 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 13:30 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 13:30 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 13:30 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 13:30 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 13:30 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 13:30 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 13:30 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 13:30 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 13:30 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 13:30 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 13:30 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:30 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 13:30 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 13:30 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 13:30 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 13:30 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 13:30 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 13:30 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 13:30 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 13:30 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 13:30 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 13:30 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 13:30 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 13:30 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 13:30 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 13:30 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 13:30 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 13:30 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 13:30 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 13:30 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 13:30 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 13:30 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 13:30 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 13:30 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 13:30 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 13:30 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 13:30 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 13:30 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 13:30 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 13:30 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 13:30 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 13:30 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 13:30 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 13:30 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 13:30 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 13:30 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 13:30 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 13:30 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 13:30 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 13:30 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 13:30 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 13:30 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 13:30 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 13:30 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 13:30 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 13:30 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 13:30 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 13:30 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 13:30 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 13:30 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 13:30 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 13:30 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 13:30 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 13:30 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 13:30 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 13:30 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 13:30 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 13:30 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 13:30 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 13:30 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 13:30 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 13:30 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 13:30 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 13:30 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 13:30 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 13:30 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 13:30 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 13:30 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 13:30 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 13:30 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 13:30 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 13:30 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 13:30 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 13:30 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:30 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 13:30 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 13:30 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 13:30 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 13:30 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 13:30 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 13:30 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 13:29 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 13:29 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 13:29 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 13:29 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 13:29 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 13:29 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 13:29 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 13:29 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 13:29 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 13:29 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 13:29 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 13:29 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 13:29 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 13:29 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 13:29 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 13:29 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 13:29 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 13:29 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 13:29 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 13:29 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 13:29 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 13:29 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 13:29 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 13:29 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 13:29 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:29 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 13:29 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 13:29 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 13:29 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 13:29 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 13:29 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 13:29 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 13:29 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 13:29 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 13:29 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 13:29 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 13:29 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 13:29 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:29 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 13:29 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 13:29 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 13:25 - 2015-10-02 17:53 - 00000000 ____D C:\FRST
2015-10-01 13:25 - 2015-10-01 13:25 - 02192384 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2015-10-01 13:24 - 2015-10-02 17:46 - 00000000 ____D C:\AdwCleaner
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\Program Files\iPod
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files\Bonjour
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-19 17:25 - 2015-09-19 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-19 17:25 - 2015-09-19 17:25 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-14 18:31 - 2015-09-14 18:31 - 00004096 ____H C:\Users\Sven\AppData\Local\keyfile3.drm
2015-09-12 17:50 - 2015-09-28 15:39 - 00001677 _____ C:\WINDOWS\setupact.log
2015-09-12 17:50 - 2015-09-12 17:50 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-11 18:09 - 2015-09-19 17:25 - 00018887 _____ C:\WINDOWS\Directx.log
2015-09-11 18:03 - 2015-10-02 17:48 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-09 19:27 - 2015-09-09 19:27 - 00000000 ____D C:\Program Files (x86)\directx
2015-09-09 16:29 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 16:29 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 16:29 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 16:29 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 16:29 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 16:29 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 16:29 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 16:29 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 16:29 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 16:29 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 16:29 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 16:29 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 16:29 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 16:29 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 16:29 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 16:29 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 16:29 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 16:29 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 16:29 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-02 17:48 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-02 17:48 - 2013-06-09 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-02 17:48 - 2013-01-04 17:47 - 00000316 _____ C:\WINDOWS\Tasks\GlaryInitialize.job
2015-10-02 17:48 - 2013-01-04 16:59 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-02 17:47 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-02 17:47 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-10-02 17:41 - 2013-01-04 16:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-02 17:40 - 2013-01-04 17:05 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 17:37 - 2013-08-15 23:17 - 00000000 ____D C:\ProgramData\ICQ
2015-10-02 16:23 - 2015-08-31 10:20 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C2CBD864-49DA-492E-B3F2-9E4431FFA505}
2015-10-02 14:48 - 2014-07-13 16:16 - 00000000 ____D C:\Users\Sven\AppData\Local\Battle.net
2015-10-02 14:27 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-02 14:24 - 2014-07-13 16:16 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-01 15:44 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-28 21:33 - 2015-08-04 12:32 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-28 21:33 - 2015-07-10 18:34 - 00884716 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-28 21:33 - 2015-07-10 18:34 - 00196348 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-28 16:55 - 2013-01-04 17:55 - 00000000 ___RD C:\Users\Sven\Desktop\Programme
2015-09-28 16:02 - 2015-01-30 12:54 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-09-28 16:02 - 2013-01-07 22:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-28 16:01 - 2013-01-07 22:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-24 13:27 - 2015-07-19 19:37 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-24 13:27 - 2015-07-19 19:37 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 22:12 - 2013-01-04 17:49 - 00000000 ____D C:\ProgramData\Origin
2015-09-20 22:11 - 2015-08-04 12:34 - 00000000 ____D C:\Users\Sven
2015-09-20 21:22 - 2013-01-04 20:49 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-09-20 21:22 - 2013-01-04 20:49 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-09-20 16:35 - 2013-01-05 18:52 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-09-19 17:26 - 2013-01-04 17:56 - 00000000 ____D C:\Users\Sven\Desktop\Spiele
2015-09-17 19:27 - 2013-01-14 20:34 - 00000000 ____D C:\Users\Sven\AppData\Local\Spotify
2015-09-17 19:20 - 2013-01-14 20:34 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Spotify
2015-09-16 14:26 - 2015-08-04 13:18 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2015-09-15 19:36 - 2013-01-04 16:59 - 00004192 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 19:36 - 2013-01-04 16:59 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 22:17 - 2013-04-13 23:38 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2015-09-11 18:09 - 2013-01-20 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-09-11 17:49 - 2015-07-10 14:20 - 00341624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 17:48 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 14:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 19:27 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-09-09 19:26 - 2013-01-04 16:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-09 17:35 - 2013-01-05 21:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 17:34 - 2013-08-14 15:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-06 15:46 - 2013-01-04 17:03 - 00090432 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-06 14:37 - 2015-08-04 13:25 - 00000000 ____D C:\Windows.old
2015-09-02 20:07 - 2015-04-04 01:04 - 00000000 ____D C:\Users\Sven\AppData\Roaming\dvdcss
2015-09-02 16:41 - 2015-08-04 19:59 - 00000000 ____D C:\WINDOWS\System32\Tasks\Games

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-14 18:31 - 2015-09-14 18:31 - 0004096 ____H () C:\Users\Sven\AppData\Local\keyfile3.drm
2014-02-03 18:35 - 2014-02-03 18:35 - 0000836 _____ () C:\Users\Sven\AppData\Local\recently-used.xbel
2013-01-04 17:16 - 2013-01-04 17:16 - 0000017 _____ () C:\Users\Sven\AppData\Local\resmon.resmoncfg
2015-01-18 01:06 - 2015-01-18 01:06 - 0014456 _____ () C:\Users\Sven\AppData\Local\WiDiSetupLog.20150118.000632.wdl
2015-01-18 01:06 - 2015-01-18 01:07 - 0015214 _____ () C:\Users\Sven\AppData\Local\WiDiSetupLog.20150118.000652.wdl
2015-08-04 12:28 - 2015-08-04 12:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\avgnt.exe
C:\Users\Sven\AppData\Local\Temp\sqlite3.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary5714788249305721880.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary8971995279134278962.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary9086440515081223896.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-01 13:50

==================== Ende von FRST.txt ============================
         

Alt 03.10.2015, 11:34   #7
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Passwort vom Mail Account geändert?



ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.10.2015, 19:06   #8
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Passwort mehrmals gewechselt. Werde es jetzt nochmals ändern.

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63419cd2aa0d0d48839126775844395c
# end=init
# utc_time=2015-10-03 10:38:37
# local_time=2015-10-03 12:38:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26060
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63419cd2aa0d0d48839126775844395c
# end=updated
# utc_time=2015-10-03 10:44:17
# local_time=2015-10-03 12:44:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=63419cd2aa0d0d48839126775844395c
# engine=26060
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-03 10:57:22
# local_time=2015-10-03 12:57:22 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 3004420 7343854 0 0
# scanned=49557
# found=0
# cleaned=0
# scan_time=785
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63419cd2aa0d0d48839126775844395c
# end=init
# utc_time=2015-10-03 04:15:52
# local_time=2015-10-03 06:15:52 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 26063
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=63419cd2aa0d0d48839126775844395c
# end=updated
# utc_time=2015-10-03 04:16:24
# local_time=2015-10-03 06:16:24 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=63419cd2aa0d0d48839126775844395c
# engine=26063
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-03 05:59:31
# local_time=2015-10-03 07:59:31 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 26406 7369183 0 0
# scanned=520265
# found=2
# cleaned=0
# scan_time=6186
sh=62BFF91A7E351CB1A21EF92320815874B2D2DFA8 ft=1 fh=fc2555afc5bde153 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Sven\AppData\Local\Temp\DMR\dmr_72.exe"
sh=ABA32A0BF4960B1AB88953C36CF160625C78AC9B ft=1 fh=47eacc88b34b8f30 vn="MSIL/AdvancedSystemProtector.D evtl. unerwünschte Anwendung" ac=I fn="E:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe"
         

Code:
ATTFilter
 Results of screen317's Security Check version 1.008  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Antivirus    
Windows Defender   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Java 8 Update 60  
 Adobe Flash Player 	19.0.0.185  
 Adobe Reader XI  
 Mozilla Firefox 17.0.1 Firefox out of Date!  
 Mozilla Thunderbird 17.0. Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 Windows Defender MSMpEng.exe 
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Avira Antivirus sched.exe  
 Avira Antivirus avshadow.exe  
 Avira Antivirus avmailc7.exe  
 Avira Antivirus avwebg7.exe  
 Windows Defender MpCmdRun.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:03-10-2015
durchgeführt von Sven (Administrator) auf SVEN-PC (03-10-2015 20:04:32)
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Sven & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
() C:\Windows\SysWOW64\ASGT.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) E:\Program Files\iTunes\iTunesHelper.exe
(Spotify Ltd) C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_15.1001.16470.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1509.14010.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Mozilla Corporation) E:\Mozilla\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [14601160 2015-07-02] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => E:\Program Files\iTunes\iTunesHelper.exe [170256 2015-09-23] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorIcon.exe [286720 2011-10-12] (Intel Corporation)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782520 2015-09-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Run: [Spotify Web Helper] => C:\Users\Sven\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018360 2015-09-05] (Spotify Ltd)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Run: [Steam] => E:\Program Files (x86)\Steam\steam.exe [2899136 2015-08-19] (Valve Corporation)
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\MountPoints2: {42a026c9-342a-11e4-9c33-806e6f6e6963} - "F:\autorun.exe" 
Startup: C:\Users\Sven\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung SSD Magician.lnk [2013-01-04]
ShortcutTarget: Samsung SSD Magician.lnk -> C:\Program Files (x86)\Samsung SSD Magician\Samsung SSD Magician.exe (Samsung Electronics.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{b4064000-a755-4536-826f-dd0fcd003147}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{e4098305-1e64-4aa0-84a3-af8930013e28}: [DhcpNameServer] 139.7.30.126 139.7.30.125

Internet Explorer:
==================
HKU\S-1-5-21-2376779872-2597445691-444311316-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> DefaultScope {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = 
SearchScopes: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> {F8BF49F2-E55D-45A6-AE48-91858F3A84AD} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-08-30] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-08-30] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2376779872-2597445691-444311316-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxps://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default
FF Homepage: hxxps://www.google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-21] ()
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll [Keine Datei]
FF Plugin: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelogx64.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.6 -> E:\Program Files\VideoLAN\VLC\npvlc.dll [2013-04-08] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-21] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @esn/esnlaunch,version=2.1.4 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.4\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll [Keine Datei]
FF Plugin-x32: @esn/npbattlelog,version=2.7.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.1\npbattlelog.dll [2015-04-30] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-08-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-01-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2376779872-2597445691-444311316-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Sven\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-02-20] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2376779872-2597445691-444311316-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-08-15] ()
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\google-images.xml [2014-09-16]
FF SearchPlugin: C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\searchplugins\google-maps.xml [2014-09-16]
FF Extension: Cliqz - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\Extensions\cliqz@cliqz.com.xpi [2014-09-16]
FF HKU\S-1-5-21-2376779872-2597445691-444311316-1000\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Sven\AppData\Roaming\Mozilla\Firefox\Profiles\yhab8cni.default\extensions\cliqz@cliqz.com => nicht gefunden
StartMenuInternet: FIREFOX.EXE - E:\Mozilla\firefox.exe

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [932912 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148688 2015-09-24] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.)
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1128448 2015-07-27] ()
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [37448 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology enterprise\IAStorDataMgrSvc.exe [7168 2011-10-12] (Intel Corporation) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
S2 MBAMService; E:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
R2 MSMQ; C:\Windows\system32\mqsvc.exe [26112 2015-08-04] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; E:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-03] (Electronic Arts)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-06-29] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-31] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [84480 2015-08-04] (Microsoft Corporation)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [578560 2015-08-04] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49760 2011-09-21] (Asmedia Technology)
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [303616 2014-02-02] () [Datei ist nicht signiert]
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [148632 2015-08-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-06-16] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-09-24] (Avira Operations GmbH & Co. KG)
R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [61000 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [48200 2014-08-14] () [Datei ist nicht signiert]
R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [18504 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [189000 2014-08-14] (CHENGDU YIWO Tech Development Co., Ltd) [Datei ist nicht signiert]
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [23832 2011-10-12] (Intel Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [35328 2014-02-02] () [Datei ist nicht signiert]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 MQAC; C:\Windows\System32\drivers\mqac.sys [175104 2015-08-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [12400 2015-08-11] (Macrovision Europe Ltd) [Datei ist nicht signiert]
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-03 20:04 - 2015-10-03 20:04 - 00019921 _____ C:\Users\Sven\Desktop\FRST.txt
2015-10-03 20:04 - 2015-10-03 20:04 - 00000000 ____D C:\Users\Sven\Desktop\FRST-OlderVersion
2015-10-03 19:55 - 2015-10-03 19:55 - 00016148 _____ C:\WINDOWS\system32\SVEN-PC_Sven_HistoryPrediction.bin
2015-10-02 17:40 - 2015-10-02 17:48 - 00018834 _____ C:\WINDOWS\PFRO.log
2015-10-02 17:27 - 2015-10-02 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-02 17:27 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-10-02 17:27 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-02 17:24 - 2015-10-02 17:24 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-10-01 15:26 - 2015-10-02 17:27 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-10-01 15:25 - 2015-10-02 17:42 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-01 15:25 - 2015-10-02 17:40 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-10-01 15:24 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-01 13:30 - 2015-09-25 02:13 - 01276416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2015-10-01 13:30 - 2015-09-25 01:24 - 00796160 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2015-10-01 13:30 - 2015-09-25 01:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:30 - 2015-09-25 01:23 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-10-01 13:30 - 2015-09-25 01:17 - 02178560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-10-01 13:30 - 2015-09-25 01:08 - 03586560 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-10-01 13:30 - 2015-09-25 01:07 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-10-01 13:30 - 2015-09-25 01:06 - 01423872 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2015-10-01 13:30 - 2015-09-25 01:05 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2015-10-01 13:30 - 2015-09-25 01:01 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2015-10-01 13:30 - 2015-09-25 01:00 - 01205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2015-10-01 13:30 - 2015-09-25 01:00 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2015-10-01 13:30 - 2015-09-25 01:00 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2015-10-01 13:30 - 2015-09-25 00:53 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2015-10-01 13:30 - 2015-09-25 00:43 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2015-10-01 13:30 - 2015-09-25 00:43 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2015-10-01 13:30 - 2015-09-25 00:42 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00625152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2015-10-01 13:30 - 2015-09-25 00:25 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2015-10-01 13:30 - 2015-09-25 00:19 - 00466432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2015-10-01 13:30 - 2015-09-19 07:14 - 00102304 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2015-10-01 13:30 - 2015-09-17 08:50 - 02464216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2015-10-01 13:30 - 2015-09-17 08:50 - 01563392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2015-10-01 13:30 - 2015-09-17 08:50 - 00099664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2015-10-01 13:30 - 2015-09-17 08:50 - 00088384 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2015-10-01 13:30 - 2015-09-17 08:49 - 08020816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-10-01 13:30 - 2015-09-17 08:49 - 06487248 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2015-10-01 13:30 - 2015-09-17 08:49 - 01563472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2015-10-01 13:30 - 2015-09-17 08:49 - 00894256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2015-10-01 13:30 - 2015-09-17 08:49 - 00553808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2015-10-01 13:30 - 2015-09-17 08:48 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 02494712 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 02432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 02156400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 01983824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00809352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00555768 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00537080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-10-01 13:30 - 2015-09-17 08:48 - 00505696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00476760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2015-10-01 13:30 - 2015-09-17 08:48 - 00395088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00332624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2015-10-01 13:30 - 2015-09-17 08:48 - 00243760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2015-10-01 13:30 - 2015-09-17 08:47 - 01397088 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-10-01 13:30 - 2015-09-17 08:44 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2015-10-01 13:30 - 2015-09-17 08:43 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-10-01 13:30 - 2015-09-17 08:39 - 00081488 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-10-01 13:30 - 2015-09-17 08:37 - 01295712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2015-10-01 13:30 - 2015-09-17 08:37 - 01168736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-10-01 13:30 - 2015-09-17 08:28 - 05120056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2015-10-01 13:30 - 2015-09-17 08:28 - 02154808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2015-10-01 13:30 - 2015-09-17 08:28 - 01357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2015-10-01 13:30 - 2015-09-17 08:28 - 00441168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2015-10-01 13:30 - 2015-09-17 08:28 - 00074880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2015-10-01 13:30 - 2015-09-17 08:27 - 01766952 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2015-10-01 13:30 - 2015-09-17 08:27 - 00454512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 02446648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 01895568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00646672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00508248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00434376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2015-10-01 13:30 - 2015-09-17 08:26 - 00428128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2015-10-01 13:30 - 2015-09-17 08:25 - 00962400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-10-01 13:30 - 2015-09-17 08:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2015-10-01 13:30 - 2015-09-17 08:20 - 00764416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-10-01 13:30 - 2015-09-17 08:12 - 16708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-10-01 13:30 - 2015-09-17 08:09 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2015-10-01 13:30 - 2015-09-17 08:08 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2015-10-01 13:30 - 2015-09-17 08:08 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2015-10-01 13:30 - 2015-09-17 08:08 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2015-10-01 13:30 - 2015-09-17 08:07 - 21875712 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-10-01 13:30 - 2015-09-17 08:06 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2015-10-01 13:30 - 2015-09-17 08:06 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-10-01 13:30 - 2015-09-17 08:06 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2015-10-01 13:30 - 2015-09-17 08:05 - 02226688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2015-10-01 13:30 - 2015-09-17 08:05 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2015-10-01 13:30 - 2015-09-17 08:04 - 07569408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2015-10-01 13:30 - 2015-09-17 08:04 - 00910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2015-10-01 13:30 - 2015-09-17 08:03 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2015-10-01 13:30 - 2015-09-17 08:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2015-10-01 13:30 - 2015-09-17 08:00 - 24595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 03248640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 02417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2015-10-01 13:30 - 2015-09-17 08:00 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KeywordDetectorMsftSidAdapter.dll
2015-10-01 13:30 - 2015-09-17 07:58 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 00403456 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2015-10-01 13:30 - 2015-09-17 07:57 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2015-10-01 13:30 - 2015-09-17 07:56 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2015-10-01 13:30 - 2015-09-17 07:56 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 02236416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 01601536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00671232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx02000.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2015-10-01 13:30 - 2015-09-17 07:55 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2015-10-01 13:30 - 2015-09-17 07:54 - 03781120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2015-10-01 13:30 - 2015-09-17 07:54 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2015-10-01 13:30 - 2015-09-17 07:53 - 07055872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 01181696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00570880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2015-10-01 13:30 - 2015-09-17 07:52 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 13027840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 02660864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 01812480 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 01203712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 01067520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-10-01 13:30 - 2015-09-17 07:51 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2015-10-01 13:30 - 2015-09-17 07:50 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2015-10-01 13:30 - 2015-09-17 07:50 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2015-10-01 13:30 - 2015-09-17 07:50 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2015-10-01 13:30 - 2015-09-17 07:49 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 01290240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationGeofences.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWiFiAdapter.dll
2015-10-01 13:30 - 2015-09-17 07:49 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 02093056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2015-10-01 13:30 - 2015-09-17 07:48 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 07523328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 00513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2015-10-01 13:30 - 2015-09-17 07:47 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00928256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2015-10-01 13:30 - 2015-09-17 07:46 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2015-10-01 13:30 - 2015-09-17 07:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 19325440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 04791296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 01331200 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 00869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2015-10-01 13:30 - 2015-09-17 07:45 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-10-01 13:30 - 2015-09-17 07:44 - 01844736 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2015-10-01 13:30 - 2015-09-17 07:44 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2015-10-01 13:30 - 2015-09-17 07:44 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncutil.dll
2015-10-01 13:30 - 2015-09-17 07:43 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2015-10-01 13:30 - 2015-09-17 07:43 - 00378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2015-10-01 13:30 - 2015-09-17 07:43 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-10-01 13:30 - 2015-09-17 07:42 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-10-01 13:30 - 2015-09-17 07:41 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2015-10-01 13:30 - 2015-09-17 07:40 - 06101504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2015-10-01 13:30 - 2015-09-17 07:40 - 01918464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-10-01 13:30 - 2015-09-17 07:40 - 01162240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2015-10-01 13:30 - 2015-09-17 07:39 - 00587264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2015-10-01 13:30 - 2015-09-17 07:38 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2015-10-01 13:30 - 2015-09-17 07:37 - 18806272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-10-01 13:30 - 2015-09-17 07:37 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 05079552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 02207232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 01820160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2015-10-01 13:30 - 2015-09-17 07:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2015-10-01 13:30 - 2015-09-17 07:34 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 03579904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2015-10-01 13:30 - 2015-09-17 07:32 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2015-10-01 13:30 - 2015-09-17 07:31 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-10-01 13:30 - 2015-09-17 07:31 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2015-10-01 13:30 - 2015-09-17 07:30 - 00311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 01104384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 00677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2015-10-01 13:30 - 2015-09-17 07:29 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-10-01 13:30 - 2015-09-17 07:26 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2015-10-01 13:30 - 2015-09-17 07:16 - 00512000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2015-10-01 13:30 - 2015-09-13 04:05 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-10-01 13:30 - 2015-09-13 03:41 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-10-01 13:29 - 2015-09-25 02:35 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2015-10-01 13:29 - 2015-09-25 02:34 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2015-10-01 13:29 - 2015-09-25 01:34 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2015-10-01 13:29 - 2015-09-25 01:34 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2015-10-01 13:29 - 2015-09-25 01:01 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2015-10-01 13:29 - 2015-09-25 01:00 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2015-10-01 13:29 - 2015-09-25 00:24 - 00131072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2015-10-01 13:29 - 2015-09-17 08:49 - 00501008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2015-10-01 13:29 - 2015-09-17 08:48 - 00406864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-10-01 13:29 - 2015-09-17 08:48 - 00278352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2015-10-01 13:29 - 2015-09-17 08:28 - 00407608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2015-10-01 13:29 - 2015-09-17 08:11 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2015-10-01 13:29 - 2015-09-17 08:10 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2015-10-01 13:29 - 2015-09-17 08:09 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2015-10-01 13:29 - 2015-09-17 08:04 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2015-10-01 13:29 - 2015-09-17 08:03 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2015-10-01 13:29 - 2015-09-17 08:03 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2015-10-01 13:29 - 2015-09-17 08:03 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2015-10-01 13:29 - 2015-09-17 08:02 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2015-10-01 13:29 - 2015-09-17 08:02 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2015-10-01 13:29 - 2015-09-17 07:56 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2015-10-01 13:29 - 2015-09-17 07:55 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2015-10-01 13:29 - 2015-09-17 07:55 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2015-10-01 13:29 - 2015-09-17 07:55 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2015-10-01 13:29 - 2015-09-17 07:54 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:29 - 2015-09-17 07:52 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2015-10-01 13:29 - 2015-09-17 07:52 - 00856576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2015-10-01 13:29 - 2015-09-17 07:52 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2015-10-01 13:29 - 2015-09-17 07:51 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2015-10-01 13:29 - 2015-09-17 07:50 - 00421888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2015-10-01 13:29 - 2015-09-17 07:50 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeWiFi.dll
2015-10-01 13:29 - 2015-09-17 07:50 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeCell.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationWebproxy.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCrowdsource.dll
2015-10-01 13:29 - 2015-09-17 07:49 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeIP.dll
2015-10-01 13:29 - 2015-09-17 07:46 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2015-10-01 13:29 - 2015-09-17 07:46 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\syncmlhook.dll
2015-10-01 13:29 - 2015-09-17 07:45 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2015-10-01 13:29 - 2015-09-17 07:44 - 00599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2015-10-01 13:29 - 2015-09-17 07:43 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2015-10-01 13:29 - 2015-09-17 07:39 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-10-01 13:29 - 2015-09-17 07:36 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2015-10-01 13:29 - 2015-09-17 07:33 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2015-10-01 13:29 - 2015-09-17 07:28 - 00473088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2015-10-01 13:25 - 2015-10-03 20:04 - 02193408 _____ (Farbar) C:\Users\Sven\Desktop\FRST64.exe
2015-10-01 13:25 - 2015-10-03 20:04 - 00000000 ____D C:\FRST
2015-10-01 13:24 - 2015-10-02 17:46 - 00000000 ____D C:\AdwCleaner
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\Program Files\iPod
2015-09-28 16:02 - 2015-09-28 16:02 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\WINDOWS\System32\Tasks\Apple
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files\Bonjour
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-09-28 16:01 - 2015-09-28 16:01 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-09-19 17:25 - 2015-09-19 17:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Westwood Online
2015-09-19 17:25 - 2015-09-19 17:25 - 00000000 ____D C:\Program Files (x86)\WestwoodOnline
2015-09-14 18:31 - 2015-09-14 18:31 - 00004096 ____H C:\Users\Sven\AppData\Local\keyfile3.drm
2015-09-12 17:50 - 2015-09-28 15:39 - 00001677 _____ C:\WINDOWS\setupact.log
2015-09-12 17:50 - 2015-09-12 17:50 - 00000000 _____ C:\WINDOWS\setuperr.log
2015-09-11 18:09 - 2015-09-19 17:25 - 00018887 _____ C:\WINDOWS\Directx.log
2015-09-11 18:03 - 2015-10-03 20:02 - 00000275 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-09 19:27 - 2015-09-09 19:27 - 00000000 ____D C:\Program Files (x86)\directx
2015-09-09 16:29 - 2015-08-27 08:36 - 03620736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-09 16:29 - 2015-08-27 08:32 - 00608936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-09-09 16:29 - 2015-08-27 07:59 - 02880032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-09 16:29 - 2015-08-27 07:54 - 00541248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-09-09 16:29 - 2015-08-27 07:54 - 00365568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-09 16:29 - 2015-08-27 07:51 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-09 16:29 - 2015-08-27 07:51 - 01774592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-09 16:29 - 2015-08-27 07:49 - 01008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-09 16:29 - 2015-08-27 07:47 - 12503552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-09 16:29 - 2015-08-27 07:43 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-09 16:29 - 2015-08-27 07:43 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2015-09-09 16:29 - 2015-08-27 07:42 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-09 16:29 - 2015-08-27 07:39 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-09 16:29 - 2015-08-27 07:23 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 02153472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-09 16:29 - 2015-08-27 07:16 - 01612288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-09 16:29 - 2015-08-27 07:12 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-09 16:29 - 2015-08-27 07:12 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-09 16:29 - 2015-08-27 07:11 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-09 16:29 - 2015-08-27 07:11 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-09 16:29 - 2015-08-27 07:09 - 11262464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-09 16:29 - 2015-08-27 07:08 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-10-03 19:41 - 2013-01-04 16:59 - 00001134 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-03 19:41 - 2013-01-04 16:59 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-03 19:18 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\sru
2015-10-03 18:28 - 2014-07-13 16:16 - 00000000 ____D C:\Users\Sven\AppData\Local\Battle.net
2015-10-03 18:28 - 2014-07-13 16:16 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-10-03 18:17 - 2015-08-31 10:20 - 00004152 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{C2CBD864-49DA-492E-B3F2-9E4431FFA505}
2015-10-03 18:14 - 2013-01-04 17:47 - 00000316 _____ C:\WINDOWS\Tasks\GlaryInitialize.job
2015-10-03 11:00 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-10-02 18:18 - 2015-08-04 12:32 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-02 18:18 - 2015-07-10 18:34 - 00884716 _____ C:\WINDOWS\system32\perfh007.dat
2015-10-02 18:18 - 2015-07-10 18:34 - 00196348 _____ C:\WINDOWS\system32\perfc007.dat
2015-10-02 18:12 - 2015-07-10 14:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-02 18:12 - 2013-06-09 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-02 18:11 - 2015-07-10 11:05 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-10-02 17:40 - 2013-01-04 17:05 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\Provisioning
2015-10-02 17:39 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-10-02 17:37 - 2013-08-15 23:17 - 00000000 ____D C:\ProgramData\ICQ
2015-10-01 15:44 - 2015-07-10 12:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-28 16:55 - 2013-01-04 17:55 - 00000000 ___RD C:\Users\Sven\Desktop\Programme
2015-09-28 16:02 - 2015-01-30 12:54 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-09-28 16:02 - 2013-01-07 22:44 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-09-28 16:01 - 2013-01-07 22:45 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-09-24 13:27 - 2015-07-19 19:37 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-24 13:27 - 2015-07-19 19:37 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-22 22:12 - 2013-01-04 17:49 - 00000000 ____D C:\ProgramData\Origin
2015-09-20 22:11 - 2015-08-04 12:34 - 00000000 ____D C:\Users\Sven
2015-09-20 21:22 - 2013-01-04 20:49 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.exe
2015-09-20 21:22 - 2013-01-04 20:49 - 00226168 _____ C:\WINDOWS\SysWOW64\PnkBstrB.ex0
2015-09-20 16:35 - 2013-01-05 18:52 - 00000000 ____D C:\Program Files (x86)\SystemRequirementsLab
2015-09-19 17:26 - 2013-01-04 17:56 - 00000000 ____D C:\Users\Sven\Desktop\Spiele
2015-09-17 19:27 - 2013-01-14 20:34 - 00000000 ____D C:\Users\Sven\AppData\Local\Spotify
2015-09-17 19:20 - 2013-01-14 20:34 - 00000000 ____D C:\Users\Sven\AppData\Roaming\Spotify
2015-09-16 14:26 - 2015-08-04 13:18 - 00000000 ____D C:\Users\Sven\AppData\Local\Packages
2015-09-15 19:36 - 2013-01-04 16:59 - 00004192 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-09-15 19:36 - 2013-01-04 16:59 - 00003960 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-09-15 18:12 - 2015-07-10 13:06 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 18:12 - 2015-07-10 13:06 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-13 22:17 - 2013-04-13 23:38 - 00000000 ____D C:\Users\Sven\AppData\Roaming\vlc
2015-09-11 18:09 - 2013-01-20 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2015-09-11 17:49 - 2015-07-10 14:20 - 00341624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-11 17:48 - 2015-07-10 18:46 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-11 14:48 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 19:27 - 2015-07-10 12:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-09-09 19:27 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-09-09 19:27 - 2015-07-10 12:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-09-09 19:26 - 2013-01-04 16:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-09-09 17:35 - 2013-01-05 21:53 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-09-09 17:34 - 2013-08-14 15:06 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 21:36 - 2015-07-10 13:04 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-09-06 15:46 - 2013-01-04 17:03 - 00090432 _____ C:\Users\Sven\AppData\Local\GDIPFONTCACHEV1.DAT
2015-09-06 14:37 - 2015-08-04 13:25 - 00000000 ____D C:\Windows.old

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-09-14 18:31 - 2015-09-14 18:31 - 0004096 ____H () C:\Users\Sven\AppData\Local\keyfile3.drm
2014-02-03 18:35 - 2014-02-03 18:35 - 0000836 _____ () C:\Users\Sven\AppData\Local\recently-used.xbel
2013-01-04 17:16 - 2013-01-04 17:16 - 0000017 _____ () C:\Users\Sven\AppData\Local\resmon.resmoncfg
2015-01-18 01:06 - 2015-01-18 01:06 - 0014456 _____ () C:\Users\Sven\AppData\Local\WiDiSetupLog.20150118.000632.wdl
2015-01-18 01:06 - 2015-01-18 01:07 - 0015214 _____ () C:\Users\Sven\AppData\Local\WiDiSetupLog.20150118.000652.wdl
2015-08-04 12:28 - 2015-08-04 12:28 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Sven\AppData\Local\Temp\avgnt.exe
C:\Users\Sven\AppData\Local\Temp\npp.6.8.3.Installer.exe
C:\Users\Sven\AppData\Local\Temp\sqlite3.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary5714788249305721880.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary8971995279134278962.dll
C:\Users\Sven\AppData\Local\Temp\SRLDetectionLibrary9086440515081223896.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-10-01 13:50

==================== Ende von FRST.txt ============================
         
Hoffentlich ist der Spuk nun vorbei. Kannst du anhand der Logs sagen dass da etwas war? Denn die Mails wurden immer in Abständen von ca. 2 Wochen verschickt.
Danke für deine bisherige Hilfe

Alt 04.10.2015, 07:25   #9
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Firefox und Thunderbird updaten.

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
C:\Users\Sven\AppData\Local\Temp\DMR\dmr_72.exe

E:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe
Emptytemp:
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.




Wir haben Adware entfernt, aber sonst nix.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.10.2015, 09:43   #10
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Habe die Updates durchgheführt.

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:03-10-2015
durchgeführt von Sven (2015-10-04 10:38:13) Run:1
Gestartet von C:\Users\Sven\Desktop
Geladene Profile: Sven (Verfügbare Profile: Sven & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Users\Sven\AppData\Local\Temp\DMR\dmr_72.exe

E:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe
Emptytemp:
         


*****************

C:\Users\Sven\AppData\Local\Temp\DMR\dmr_72.exe => erfolgreich verschoben
E:\Program Files (x86)\CPUID\PC Wizard 2013\systweakasp_c.exe => erfolgreich verschoben
EmptyTemp: => 5.4 GB temporäre Dateien entfernt.


Das System musste neu gestartet werden.. 

==== Ende von Fixlog 10:38:29 ====
         
Danke für deine Hilfe.

Alt 04.10.2015, 15:36   #11
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
Combofix deinstallieren .
  • Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
  • Drücke bitte die + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
  • Klicke auf OK.
    Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
  • Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen.

Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.
Meine Empfehlung:

Emsisoft

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.

Optional:
NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.


Lade Software von einem sauberen Portal wie .
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwarecleaner .


Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.10.2015, 18:36   #12
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Hallo Schrauber,
leider muss ich das Thema wieder aufgreifen.

Seit deinem letzten Beitrag/der Passwort Änderung war Ruhe.

Bis ich vor ca. 30min wieder 7 E-Mails erhalten habe, dass meine Mails nicht zugestellt werden können Betreff "FW:new massage"

Ich habe 2min vorher das 1. mal wieder eine Email verfasst und verschickt, Thunderbird hat mich nach dem Passwort für das Ausgangskonto gefragt und ich konnte die Mail verschicken.
Entweder ist mein PC/Mailkonto immer noch nicht sauber oder das war ein dummer Zufall und die Emails werden von wo anders verschickt.

Ich bin mitlerweile wirklich verzweifelt.

Gruß
Sven

Alt 17.10.2015, 15:47   #13
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Sind die 7 Mails in deinem Gesendet Ordner?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 17.10.2015, 15:51   #14
Torni94
 
FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Hi,

Nein, in meinem gesendet Ordner werden die Mails nicht angezeigt.

Gruß
Sven

Alt 18.10.2015, 06:26   #15
schrauber
/// the machine
/// TB-Ausbilder
 

FW:Important Mails verschickt, vermutlich Link angeklickt - Standard

FW:Important Mails verschickt, vermutlich Link angeklickt



Dann hat es nichts mit deinem Konto zu tun, sondern einfach mit Spoofing.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu FW:Important Mails verschickt, vermutlich Link angeklickt
.dll, administrator, adobe, antivirus, avira, bonjour, defender, desktop, dnsapi.dll, explorer, flash player, google, home, homepage, installation, launch, mozilla, problem, prozesse, realtek, registry, rundll, scan, services.exe, software, system, windows




Ähnliche Themen: FW:Important Mails verschickt, vermutlich Link angeklickt


  1. Hey! Important message [...] Web.de verschickt Spam
    Plagegeister aller Art und deren Bekämpfung - 07.11.2015 (10)
  2. Spam Mails an einige meiner Kontakte mit Betreff FW: important message
    Plagegeister aller Art und deren Bekämpfung - 14.10.2015 (2)
  3. DHL Mail Link angeklickt
    Log-Analyse und Auswertung - 27.05.2015 (18)
  4. Phishing Mail DHL Link angeklickt
    Log-Analyse und Auswertung - 26.03.2015 (13)
  5. Mail DHL Link angeklickt
    Log-Analyse und Auswertung - 26.03.2015 (9)
  6. Link angeklickt DHL
    Plagegeister aller Art und deren Bekämpfung - 21.03.2015 (18)
  7. DHL Phishing Mail Link angeklickt
    Plagegeister aller Art und deren Bekämpfung - 15.03.2015 (7)
  8. Link angeklickt/ Sea Hacker plop up
    Plagegeister aller Art und deren Bekämpfung - 09.12.2014 (16)
  9. Link in verdächtiger Email angeklickt
    Plagegeister aller Art und deren Bekämpfung - 14.11.2014 (13)
  10. Link in E-mail angeklickt
    Log-Analyse und Auswertung - 15.04.2014 (8)
  11. PayPal Phishingmail Link angeklickt
    Plagegeister aller Art und deren Bekämpfung - 06.03.2014 (13)
  12. Spam Mail Link angeklickt
    Log-Analyse und Auswertung - 05.03.2014 (10)
  13. Phishing-Link von Paypal angeklickt
    Plagegeister aller Art und deren Bekämpfung - 07.10.2013 (11)
  14. Schädlichen Link angeklickt.
    Log-Analyse und Auswertung - 26.04.2013 (25)
  15. Link in eMail angeklickt: PC infiziert?
    Plagegeister aller Art und deren Bekämpfung - 15.07.2012 (5)
  16. Phorpiex Virus verschickt Mails mit Link
    Plagegeister aller Art und deren Bekämpfung - 06.12.2011 (49)
  17. Link über ICQ geschickt bekommen und natürlich angeklickt und an alle verschickt
    Log-Analyse und Auswertung - 21.04.2010 (39)

Zum Thema FW:Important Mails verschickt, vermutlich Link angeklickt - Hallo zusammen, ich kämpfe nun schon einige Tage damit, dass meine Emailadresse den oben genannten und bekannten Betreff verschickt. Mehrere Passwortänderungen konnten das Problem nicht eindämmen. Ich bin mir nicht - FW:Important Mails verschickt, vermutlich Link angeklickt...
Archiv
Du betrachtest: FW:Important Mails verschickt, vermutlich Link angeklickt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.