![]() |
|
Log-Analyse und Auswertung: Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsamWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
| ![]() Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam Hallo liebes Trojaner-Board-Team ![]() ich habe einen Laptop mit Windows 8.1, 64bit Version. In letzter Zeit habe ich massive Probleme im Internet (bei allen Browsern). Ständig werden Pop-ups aufgemacht oder Werbungen/Fotos auf der Seite eingebildet. Sätze/Wörte verwandeln sich in Links etc. Mir kommt es so vor, dass dies vor allem/verstärkt bei Google Chrome auftritt. Ich habe nachdem auch mehrere Bedrohungen durch den Virenscanner bei Chrome-Dateien gefunden wurden Chrome deinstalliert und verwende nun Firefox. Der Laptop wird hauptsächlich von meinem jüngeren Bruder verwendet. Ich vermute mal, dass er beim Herunterladen von irgendwelchen Programmen/Spielen etwas eingefangen hat. Ich habe den Rechner vor einigen Tagen bereits mit dem AdwCleaner und Malwarebytes überprüfen lassen. Heute habe ich den Rechner noch einmal überprüft und Malwarebytes hat nichts mehr angezeigt. Im Internet ist mir auch keine Werbung mehr aufgefallen. Es wäre super wenn sich jemand von euch die Logs anschauen könnte, ob da noch was da ist ![]() Da sich nicht alle Logs in einem Beitrag ausgehen, poste ich mal die lt. eurer Anleitung und nach der Antwort die bereits vorhandenen (AdwCleaner, Malwarebytes), damit es nicht so aussieht als wäre das Thema bereits in Arbeit. Defogger - keine Fehlermeldung FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015 durchgeführt von User (Administrator) auf AMMAR (05-12-2015 00:25:51) Gestartet von C:\Users\User\Downloads Geladene Profile: User (Verfügbare Profile: User) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfws.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\RtkBleServ.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Yahoo Inc.) C:\Program Files (x86)\Yahoo!\yset\{58856E55-A302-5D4E-A2A9-3DE6FB5F3A50}\YSearchUtilSVC.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Mega Limited) C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.17994_x64__8wekyb3d8bbwe\glcnd.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Don HO don.h@free.fr) C:\Program Files (x86)\Notepad++\notepad++.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-25] (Realtek Semiconductor) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [449024 2012-08-29] (Realtek Semiconductor Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2912056 2012-08-10] (Synaptics Incorporated) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguix.exe [1130408 2015-10-16] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3826600 2015-10-23] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [147456 2007-01-15] (Nero AG) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\MountPoints2: {4d786bf4-9471-11e5-bea5-6c71d902b968} - "E:\setup.exe" ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => Keine Datei ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => Keine Datei Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2015-12-02] ShortcutTarget: MEGAsync.lnk -> C:\Users\User\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) BootExecute: autocheck autochk * sdnclean64.exe CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\..\Interfaces\{2BD78AC5-8536-41D0-910F-87651CDCCEBB}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{529FC467-EB76-4E39-A6EC-47637051F0E1}: [DhcpNameServer] 10.40.101.245 10.40.101.246 10.40.101.247 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130935658853419982&GUID=868FEB60-DB5A-8940-2052-53479423E232 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130935658853424095&GUID=868FEB60-DB5A-8940-2052-53479423E232 HKU\S-1-5-21-3455799945-794626198-3976200442-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset HKU\S-1-5-21-3455799945-794626198-3976200442-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.at.msn.com/ SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3455799945-794626198-3976200442-1001 -> {38DCA885-A7F3-4F85-8097-46F5B6A6EDAB} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-11-27] (Microsoft Corporation) BHO: MySearch App -> {41545533-2D43-3300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport_x64.dll" => Keine Datei BHO: Kein Name -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> Keine Datei BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2015-11-27] (Microsoft Corporation) BHO-x32: MySearch App -> {41545533-2D43-3300-76A7-7A786E7484D7} -> "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport.dll" => Keine Datei BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-12-04] (Oracle Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2015-11-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-12-04] (Oracle Corporation) Toolbar: HKLM - MySearch App - {41545533-2D43-3300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport_x64.dll" Keine Datei Toolbar: HKLM-x32 - MySearch App - {41545533-2D43-3300-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ATU3-C3\Passport.dll" Keine Datei DPF: HKLM-x32 {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-11-27] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default FF DefaultSearchEngine: Yahoo Web FF Homepage: hxxps://www.google.at/?gfe_rd=cr&ei=V_thVriUH-yk8weL5JWIDw&gws_rd=ssl FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-13] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-13] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-07-18] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-12-04] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-12-04] (Oracle Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-27] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-27] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [Keine Datei] FF Plugin HKU\S-1-5-21-3455799945-794626198-3976200442-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-04-27] (Unity Technologies ApS) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default\searchplugins\yahoo-ysp.xml [2015-11-22] FF Extension: DiscountExt - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default\extensions\tnhsukhopwoujqzpmwd@ycsfpmfhqknlaigm.com [2015-05-21] [ist nicht signiert] FF Extension: AllDeaaLApp - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\wy6aygp2.default\Extensions\R7sXvm@ZV.net [2015-05-21] [ist nicht signiert] Chrome: ======= CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default CHR DefaultSearchKeyword: Default -> Yahoo CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10 CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-28] CHR Extension: (GMX MailCheck) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\camnampocfohlcgbajligmemmabnljcm [2015-11-19] CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24] CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02] CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28] CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [595376 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfws.exe [1569416 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3815648 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1046952 2015-10-16] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [579776 2015-10-23] (AVG Technologies CZ, s.r.o.) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [38912 2012-09-13] (Realtek Semiconductor Corporation) [Datei ist nicht signiert] R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [48640 2012-08-29] () [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2797752 2015-10-13] (Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-20] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 MSMQ; C:\Windows\system32\mqsvc.exe [25600 2015-11-11] (Microsoft Corporation) S3 NBService; C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe [774144 2007-01-15] (Nero AG) [Datei ist nicht signiert] S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [266240 2007-01-15] (Nero AG) [Datei ist nicht signiert] R2 RtkBleServ; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\RtkBleServ.exe [35328 2012-09-13] (Realtek Semiconductor Corporation) [Datei ist nicht signiert] R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 YSearchUtilSvc; C:\Program Files (x86)\Yahoo!\yset\{58856E55-A302-5D4E-A2A9-3DE6FB5F3A50}\YSearchUtilSvc.exe [160536 2015-10-19] (Yahoo Inc.) S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [23152 2015-09-09] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [197040 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgfwfd; C:\Windows\system32\DRIVERS\avgfwd6a.sys [97208 2015-08-29] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [313776 2015-10-19] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [298416 2015-08-20] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [255408 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-08-10] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [306608 2015-10-08] (AVG Technologies CZ, s.r.o.) R3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-11-28] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2015-11-28] (Disc Soft Ltd) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.) S3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [164720 2012-09-24] (Qualcomm Atheros, Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-04] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2014-01-20] (Dritek System Inc.) S3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [273040 2012-09-06] (Realtek Semiconductor Corp.) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [696976 2012-09-06] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation ) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-10] (Synaptics Incorporated) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-06-23] (TuneUp Software) S3 UCOREW64; C:\Windows\Setup\bit\UCOREW64.sys [14632 2010-08-13] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S1 rfdwozpn; \??\C:\WINDOWS\system32\drivers\rfdwozpn.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-05 00:25 - 2015-12-05 00:26 - 00024326 _____ C:\Users\User\Downloads\FRST.txt 2015-12-05 00:25 - 2015-12-05 00:25 - 02350080 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2015-12-05 00:25 - 2015-12-05 00:25 - 00000000 ____D C:\FRST 2015-12-05 00:24 - 2015-12-05 00:24 - 00000000 _____ C:\Users\User\defogger_reenable 2015-12-05 00:23 - 2015-12-05 00:23 - 00050477 _____ C:\Users\User\Downloads\Defogger.exe 2015-12-05 00:16 - 2015-12-05 00:16 - 00040500 _____ C:\Users\User\Desktop\malwarebytes.txt 2015-12-04 23:05 - 2015-12-04 23:05 - 00001060 _____ C:\WINDOWS\wininit.ini 2015-12-04 22:03 - 2015-12-04 22:03 - 00568413 _____ C:\Users\User\Downloads\Preisblatt Strom Aqua Garant24.pdf 2015-12-04 21:17 - 2015-12-04 21:17 - 00026000 _____ C:\Users\User\AppData\Local\recently-used.xbel 2015-12-04 15:56 - 2015-12-04 15:56 - 00000000 ____D C:\Users\User\AppData\Local\YSearchUtil 2015-12-04 15:53 - 2015-12-04 15:53 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2015-12-04 15:53 - 2015-12-04 15:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-12-04 15:52 - 2015-12-04 15:52 - 00000000 ____D C:\Program Files (x86)\Java 2015-12-04 15:51 - 2015-12-04 15:51 - 00584288 _____ (Oracle Corporation) C:\Users\User\Downloads\jxpiinstall.exe 2015-12-03 15:49 - 2015-12-03 15:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-12-03 15:14 - 2015-12-05 00:24 - 00000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-03 15:14 - 2015-12-04 21:24 - 00000914 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-03 15:14 - 2015-12-03 21:19 - 00003890 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-03 15:14 - 2015-12-03 21:19 - 00003654 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-03 15:13 - 2015-12-03 15:13 - 00929872 _____ (Google Inc.) C:\Users\User\Downloads\ChromeSetup.exe 2015-12-03 15:12 - 2015-12-03 15:12 - 00001178 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2015-12-03 15:12 - 2015-12-03 15:12 - 00001166 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2015-12-03 15:12 - 2015-12-03 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-12-02 23:21 - 2015-12-03 15:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-12-02 23:21 - 2015-12-02 23:21 - 00000000 ____D C:\Users\User\AppData\Local\AVG Web TuneUp 2015-12-02 23:20 - 2015-12-02 23:20 - 00000000 ____D C:\Program Files\AVG Web TuneUp 2015-12-02 23:20 - 2015-12-02 23:20 - 00000000 ____D C:\Program Files (x86)\AVG Web TuneUp 2015-12-02 23:13 - 2014-04-16 00:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll 2015-12-02 23:13 - 2014-04-16 00:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll 2015-12-02 23:12 - 2015-12-02 23:12 - 00000000 ____D C:\Users\User\AppData\Roaming\AVG 2015-12-02 23:08 - 2015-12-02 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-12-02 23:02 - 2015-12-02 23:02 - 00000000 ___HD C:\$AVG 2015-12-02 23:01 - 2015-12-04 23:44 - 00000000 ____D C:\ProgramData\MFAData 2015-12-02 23:01 - 2015-12-02 23:01 - 00000000 ____D C:\Users\User\AppData\Local\MFAData 2015-12-02 23:00 - 2015-12-02 23:02 - 00000000 ____D C:\ProgramData\Avg 2015-12-02 23:00 - 2015-12-02 23:01 - 00000000 ____D C:\Program Files (x86)\AVG 2015-12-02 22:59 - 2015-12-02 23:12 - 00000000 ____D C:\Users\User\AppData\Local\Avg 2015-12-02 22:59 - 2015-12-02 23:00 - 00000000 ____D C:\Users\User\AppData\Local\AvgSetupLog 2015-12-02 22:45 - 2015-12-02 22:46 - 01466656 _____ C:\Users\User\Downloads\HijackThis - CHIP-Installer (1).exe 2015-12-02 22:42 - 2015-12-02 22:43 - 01466656 _____ C:\Users\User\Downloads\HijackThis - CHIP-Installer.exe 2015-12-02 22:25 - 2015-12-02 23:11 - 00000000 ____D C:\Program Files\Common Files\AV 2015-12-02 22:17 - 2015-12-02 22:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking 2015-12-02 22:16 - 2015-12-04 23:04 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy 2015-12-02 22:16 - 2015-12-02 23:30 - 00001410 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk 2015-12-02 22:16 - 2015-12-02 22:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2 2015-12-02 22:16 - 2015-12-02 22:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 2015-12-02 22:16 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe 2015-12-02 22:15 - 2015-12-04 23:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-02 22:14 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-02 22:14 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-02 22:14 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-02 22:10 - 2015-12-02 23:39 - 00000000 ____D C:\Users\User\Desktop\ANTI VIRUS 2015-12-02 22:08 - 2015-12-02 22:09 - 01466656 _____ C:\Users\User\Downloads\AVG AntiVirus Free 64 Bit - CHIP-Installer.exe 2015-12-02 22:06 - 2015-12-02 22:06 - 01466656 _____ C:\Users\User\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe 2015-12-02 22:05 - 2015-12-02 22:06 - 01466656 _____ C:\Users\User\Downloads\SpyBot Search Destroy - CHIP-Installer.exe 2015-12-02 21:59 - 2015-12-02 21:59 - 00000000 ____D C:\Users\User\AppData\Roaming\VSRevoGroup 2015-12-02 21:54 - 2015-12-02 21:55 - 01736704 _____ C:\Users\User\Downloads\adwcleaner_5.023.exe 2015-12-02 21:35 - 2015-12-02 21:35 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2015-12-02 21:35 - 2015-12-02 21:35 - 00000000 ___HD C:\Program Files\CanonBJ 2015-12-02 21:35 - 2015-12-02 21:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG2100 series 2015-11-30 16:36 - 2015-11-30 16:36 - 00444817 _____ C:\Users\User\Downloads\5 4 3 2 1 countdown + voice.mp4 2015-11-30 15:45 - 2015-11-30 15:45 - 00178925 _____ C:\Users\User\Downloads\DAAAMN!!! ᴴᴰ.mp4 2015-11-30 14:47 - 2015-11-30 14:47 - 00385591 _____ C:\Users\User\Downloads\BOOM BITCH GET OUT THE WAY! - Vine - Funny.mp4 2015-11-30 14:23 - 2015-11-30 14:23 - 33179398 _____ C:\Users\User\Downloads\IntroTamplate.zip 2015-11-30 14:08 - 2015-11-30 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Publish Providers 2015-11-30 14:04 - 2015-11-30 14:04 - 00000000 ____D C:\Users\User\Tracing 2015-11-30 14:03 - 2015-11-30 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-11-29 22:25 - 2015-11-29 22:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-11-29 22:25 - 2015-11-29 22:25 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-11-29 22:10 - 2015-12-02 23:29 - 00001287 _____ C:\Users\User\Desktop\Revo Uninstaller.lnk 2015-11-29 22:10 - 2015-11-29 22:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2015-11-29 22:07 - 2015-11-29 22:08 - 01466656 _____ C:\Users\User\Downloads\Revo Uninstaller - CHIP-Installer.exe 2015-11-29 12:33 - 2015-11-29 12:33 - 00938324 _____ C:\Users\User\Downloads\Thumbnail Rahmen Pack (by Exa).rar 2015-11-29 12:21 - 2015-12-03 22:10 - 00000000 ____D C:\Users\User\AppData\Local\Sony 2015-11-29 12:20 - 2015-11-30 14:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Sony 2015-11-29 12:14 - 2015-11-29 12:15 - 411073984 _____ (Sony Creative Software Inc.) C:\Users\User\Downloads\Sony Vegas Pro 13.exe 2015-11-28 22:04 - 2015-11-28 22:04 - 00000000 ____D C:\Users\User\AppData\Local\EMU 2015-11-28 22:02 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll 2015-11-28 21:55 - 2015-11-28 21:55 - 00047160 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys 2015-11-28 21:51 - 2015-11-28 21:57 - 00000000 ____D C:\Users\User\AppData\Roaming\DAEMON Tools Lite 2015-11-28 21:51 - 2015-11-28 21:55 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys 2015-11-28 21:51 - 2015-11-28 21:55 - 00000000 ____D C:\Program Files\DAEMON Tools Lite 2015-11-28 21:51 - 2015-11-28 21:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite 2015-11-28 21:41 - 2015-11-28 21:42 - 01709792 _____ (Disc Soft Ltd.) C:\Users\User\Downloads\DT101LiteInstaller.exe 2015-11-28 20:01 - 2015-11-28 21:50 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite 2015-11-28 19:58 - 2015-11-28 19:59 - 13146016 _____ (Disc Soft Ltd) C:\Users\User\Downloads\DTLite501-0406.exe 2015-11-28 19:56 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll 2015-11-28 19:56 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll 2015-11-28 19:56 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll 2015-11-28 19:56 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll 2015-11-28 19:56 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll 2015-11-28 19:56 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll 2015-11-28 19:56 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll 2015-11-28 19:56 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll 2015-11-28 19:55 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll 2015-11-28 19:55 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll 2015-11-28 19:55 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll 2015-11-28 19:55 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll 2015-11-28 19:55 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll 2015-11-28 19:55 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll 2015-11-28 19:55 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll 2015-11-28 19:55 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll 2015-11-28 19:55 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll 2015-11-28 19:55 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll 2015-11-28 19:55 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll 2015-11-28 19:55 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll 2015-11-28 19:55 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll 2015-11-28 19:55 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll 2015-11-28 19:55 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll 2015-11-28 19:55 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll 2015-11-28 19:55 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll 2015-11-28 19:22 - 2015-11-28 19:46 - 1849327616 _____ C:\Users\User\Downloads\flt-role.iso 2015-11-28 19:08 - 2015-11-28 19:08 - 00000000 ____D C:\ProgramData\LumaEmu_SteamCloud 2015-11-28 19:07 - 2015-11-28 19:07 - 00000000 ___SH C:\Users\User\AppData\Local\LumaEmu 2015-11-28 18:27 - 2015-11-28 18:58 - 1913126389 _____ C:\Users\User\Downloads\GMOD 13.2(2).rar 2015-11-28 11:05 - 2015-11-28 11:05 - 00452426 _____ C:\Users\User\Downloads\Ha GAY!!! (1).mp4 2015-11-28 11:04 - 2015-11-28 11:05 - 01167415 _____ C:\Users\User\Downloads\epic black man crying.mp4 2015-11-28 11:03 - 2015-11-28 11:03 - 05560509 _____ C:\Users\User\Downloads\Black People React.mp4 2015-11-28 11:02 - 2015-11-28 11:02 - 00088903 _____ C:\Users\User\Downloads\Facepalm Scene Original.mp4 2015-11-28 11:00 - 2015-11-28 11:00 - 00310728 _____ C:\Users\User\Downloads\Alter Mann sagt WoW - Wally.mp4 2015-11-27 22:22 - 2015-12-04 21:03 - 00000000 ____D C:\Users\User\AppData\Local\gtk-2.0 2015-11-27 22:18 - 2015-12-04 21:17 - 00000000 ____D C:\Users\User\.gimp-2.8 2015-11-27 22:18 - 2015-12-02 23:30 - 00000961 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk 2015-11-27 22:18 - 2015-11-27 22:18 - 00000000 ____D C:\Users\User\AppData\Local\gegl-0.2 2015-11-27 22:18 - 2015-11-27 22:18 - 00000000 ____D C:\Users\User\AppData\Local\fontconfig 2015-11-27 22:16 - 2015-11-27 22:18 - 00000000 ____D C:\Program Files\GIMP 2 2015-11-27 22:14 - 2015-11-27 22:16 - 96819488 _____ (The GIMP Team ) C:\Users\User\Downloads\gimp-2.8.16-setup.exe 2015-11-27 21:55 - 2015-11-29 17:34 - 00000000 ____D C:\Users\User\Desktop\Adian 2015-11-25 20:57 - 2015-11-25 20:57 - 00000000 ____D C:\Users\User\AppData\LocalLow\PlayfulCorp 2015-11-25 20:57 - 2015-11-25 20:57 - 00000000 ____D C:\ProgramData\.mono 2015-11-25 15:22 - 2015-11-25 15:22 - 02696192 _____ C:\Users\User\Downloads\DirtyHooah_[www.unknowncheats.me]_ (1).dll 2015-11-24 22:08 - 2015-11-24 22:08 - 02719232 _____ C:\Users\User\Downloads\DirtyHooah_[www.unknowncheats.me]_.dll 2015-11-24 19:09 - 2015-11-24 19:10 - 01820422 _____ C:\Users\User\Downloads\Breeze 2.zip 2015-11-24 19:05 - 2015-11-24 19:07 - 08718628 _____ C:\Users\User\Downloads\minecraft_server.1.8.8 (1).exe 2015-11-24 18:24 - 2015-12-02 22:24 - 00000000 ____D C:\Users\User\AppData\Roaming\PhotoScape 2015-11-24 17:17 - 2015-11-24 17:20 - 08173005 _____ C:\Users\User\Downloads\Huzuni 3.5.zip 2015-11-24 16:49 - 2015-11-24 16:51 - 05225026 _____ C:\Users\User\Downloads\huzuni.zip 2015-11-23 15:17 - 2015-11-23 15:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Shooter 2015-11-23 15:07 - 2015-11-28 22:04 - 00000000 ____D C:\Users\User\Documents\My Games 2015-11-22 21:30 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll 2015-11-22 21:30 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll 2015-11-22 20:55 - 2015-12-02 22:13 - 00000000 ____D C:\ProgramData\Hi-Rez Studios 2015-11-22 20:49 - 2015-11-22 20:52 - 50495272 _____ (Hi-Rez Studios) C:\Users\User\Downloads\InstallPaladins.exe 2015-11-22 18:12 - 2015-11-22 18:12 - 00000000 ____D C:\Program Files (x86)\Yahoo! 2015-11-22 18:10 - 2015-11-22 18:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Sun 2015-11-22 18:10 - 2015-11-22 18:10 - 00000000 ____D C:\Users\User\AppData\Roaming\Agarp 2015-11-22 18:10 - 2015-11-22 18:10 - 00000000 ____D C:\Users\User\.oracle_jre_usage 2015-11-22 18:04 - 2015-11-22 18:04 - 00000000 ____D C:\Users\User\AppData\LocalLow\Oracle 2015-11-22 18:02 - 2015-11-22 18:02 - 00471479 _____ () C:\Users\User\Downloads\agarp.exe 2015-11-21 18:13 - 2015-11-21 18:13 - 00002449 _____ C:\Users\User\Downloads\SkypeVoiceChanger132 (1).zip 2015-11-21 17:16 - 2015-11-21 17:16 - 01466656 _____ C:\Users\User\Downloads\Skype Voice Changer - CHIP-Installer.exe 2015-11-21 17:16 - 2015-11-21 17:16 - 00002449 _____ C:\Users\User\Downloads\SkypeVoiceChanger132.zip 2015-11-21 17:12 - 2015-12-04 14:33 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn Hamachi 2015-11-21 17:12 - 2015-11-21 17:12 - 00000000 ____D C:\Users\User\AppData\Local\LogMeIn 2015-11-21 17:12 - 2015-11-21 17:12 - 00000000 ____D C:\ProgramData\LogMeIn 2015-11-21 17:07 - 2015-11-21 17:09 - 08716288 _____ C:\Users\User\Downloads\hamachi220383.msi 2015-11-20 21:01 - 2015-11-20 21:01 - 01247112 _____ (Mojang) C:\Users\User\Downloads\Minecraft.exe 2015-11-20 20:38 - 2015-12-04 20:58 - 00000000 ____D C:\Users\User\Desktop\AMMAR 2015-11-20 09:42 - 2015-11-20 09:42 - 00000000 ____D C:\Users\User\Documents\FlashIntegro 2015-11-20 09:42 - 2015-11-20 09:42 - 00000000 ____D C:\Users\User\AppData\Roaming\VideoEditor 2015-11-20 09:42 - 2015-11-20 09:42 - 00000000 ____D C:\Users\User\AppData\Roaming\FlashIntegro 2015-11-20 09:35 - 2014-12-09 12:21 - 00081792 _____ (Flash-Integro LLC) C:\WINDOWS\SysWOW64\mslvddsfilter2.ax 2015-11-20 09:35 - 2011-12-07 18:32 - 00216064 _____ ( ) C:\WINDOWS\SysWOW64\Lagarith.dll 2015-11-20 09:35 - 2005-08-01 18:43 - 00245760 _____ () C:\WINDOWS\SysWOW64\lame.ax 2015-11-20 09:35 - 2004-12-10 09:03 - 00438272 _____ (On2.com) C:\WINDOWS\SysWOW64\vp6vfw.dll 2015-11-20 09:35 - 2004-09-06 15:06 - 00053248 _____ C:\WINDOWS\SysWOW64\xvid.ax 2015-11-20 09:35 - 2004-07-03 20:08 - 00139264 _____ C:\WINDOWS\SysWOW64\xvidvfw.dll 2015-11-20 09:35 - 2004-07-03 19:59 - 00524288 _____ C:\WINDOWS\SysWOW64\xvidcore.dll 2015-11-20 09:35 - 2004-02-04 20:11 - 00081920 _____ (fccHandler) C:\WINDOWS\SysWOW64\AC3ACM.acm 2015-11-20 09:35 - 2003-05-22 11:26 - 00638976 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divx.dll 2015-11-20 09:35 - 2003-05-22 11:26 - 00221215 _____ (DivXNetworks, Inc.) C:\WINDOWS\SysWOW64\divxdec.ax 2015-11-20 09:35 - 2003-05-21 22:50 - 00261632 _____ (MainConcept) C:\WINDOWS\SysWOW64\mcdvd_32.dll 2015-11-20 09:35 - 2003-05-21 22:50 - 00156910 _____ C:\WINDOWS\WMSysPr8.prx 2015-11-20 09:35 - 2003-05-21 22:50 - 00082944 _____ (Voxware, Inc.) C:\WINDOWS\SysWOW64\vct3216.acm 2015-11-20 09:35 - 2003-05-21 22:50 - 00038912 _____ (NCT Company) C:\WINDOWS\SysWOW64\alf2cd.acm 2015-11-20 09:35 - 2003-05-21 22:50 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3a.dll 2015-11-20 09:35 - 2003-03-25 04:49 - 00098304 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\WINDOWS\SysWOW64\L3CODECX.AX 2015-11-20 09:35 - 2003-03-18 22:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp71.dll 2015-11-20 09:35 - 2003-02-21 02:42 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr71.dll 2015-11-20 09:35 - 2002-08-19 23:41 - 00413760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg4c32.dll 2015-11-20 09:35 - 2000-03-14 19:55 - 00013239 _____ (SHARP Corporation) C:\WINDOWS\SysWOW64\Scg726.acm 2015-11-20 09:13 - 2015-11-20 09:13 - 01466656 _____ C:\Users\User\Downloads\VSDC Free Video Editor - CHIP-Installer.exe 2015-11-19 18:50 - 2015-11-19 18:57 - 02726840 _____ C:\Users\User\Downloads\0000-0300.avi 2015-11-19 18:41 - 2015-11-19 18:43 - 02266784 _____ C:\Users\User\Downloads\TEMPLATE WITH TROWN2.blend 2015-11-19 17:13 - 2015-12-02 23:29 - 00000000 ____D C:\Users\User\AppData\Roaming\Nico Mak Computing 2015-11-19 17:12 - 2015-11-19 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bandicam 2015-11-19 17:12 - 2015-11-19 17:12 - 00000000 ____D C:\Program Files (x86)\Bandicam 2015-11-19 17:12 - 2008-08-18 19:18 - 00077824 _____ (Fox Magic Software) C:\WINDOWS\SysWOW64\fmcodec.DLL 2015-11-19 17:04 - 2015-11-19 17:09 - 15708072 _____ (Bandisoft) C:\Users\User\Downloads\bdcamsetup_2.4.1.903.exe 2015-11-19 17:03 - 2015-11-19 17:08 - 17089408 _____ (DsNET Corp ) C:\Users\User\Downloads\aTube_Catcher_3.8.7980.exe 2015-11-17 17:45 - 2015-11-17 17:45 - 21301260 _____ C:\Users\User\Downloads\Banner Vorlage BaumBlau.psd 2015-11-17 17:21 - 2015-11-17 17:21 - 25123276 _____ C:\Users\User\Downloads\intro template by BlockArts Blendaa only.blend 2015-11-17 17:11 - 2015-11-17 17:11 - 01298936 _____ C:\Users\User\Downloads\StorepoxArts TEMPLATE19.rar 2015-11-15 18:49 - 2015-11-15 18:49 - 00017069 _____ C:\Users\User\Downloads\00702054222_20140101_20141231.csv 2015-11-15 18:48 - 2015-11-15 18:48 - 00015505 _____ C:\Users\User\Downloads\00702054222_20150101_20151115 (1).csv 2015-11-15 18:47 - 2015-11-15 18:47 - 00015505 _____ C:\Users\User\Downloads\00702054222_20150101_20151115.csv 2015-11-15 18:40 - 2015-11-15 18:40 - 00000000 ____D C:\Program Files (x86)\Samsung 2015-11-15 18:39 - 2015-11-15 18:39 - 15073546 _____ C:\Users\User\Downloads\AllShare_Control_PC_SW_EN_32bit.zip 2015-11-15 18:15 - 2015-11-15 18:22 - 626223629 _____ C:\Users\User\Downloads\ArchiDroid_V3.0.2-i9300.zip 2015-11-15 18:02 - 2015-11-15 18:02 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf 2015-11-15 14:08 - 2015-11-15 14:10 - 19556711 _____ C:\Users\User\Downloads\spigot_server.jar 2015-11-15 13:41 - 2015-11-15 13:41 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia 2015-11-14 10:58 - 2015-11-14 11:08 - 93142312 _____ C:\Users\User\Downloads\Top_Body.rar 2015-11-13 22:42 - 2015-11-13 22:42 - 00000000 ____D C:\Program Files\Pixum 2015-11-13 22:36 - 2015-11-13 22:37 - 01631584 _____ C:\Users\User\Downloads\setup_Pixum_Fotowelt.exe 2015-11-13 22:35 - 2015-12-05 00:10 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2015-11-13 22:35 - 2015-11-13 22:35 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater 2015-11-13 21:17 - 2015-11-13 21:38 - 329097008 _____ C:\Users\User\Downloads\HOFER_Bestellsoftware_Setup.exe 2015-11-13 15:29 - 2015-11-13 15:34 - 08718628 _____ C:\Users\User\Downloads\minecraft_server.1.8.8.exe 2015-11-12 21:39 - 2015-11-12 21:40 - 01316185 _____ C:\Users\User\Downloads\worldguard-6.1.jar 2015-11-12 21:39 - 2015-11-12 21:39 - 01583804 _____ C:\Users\User\Downloads\worldedit-bukkit-6.1.jar 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Notepad++ 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2015-11-12 21:31 - 2015-11-12 21:31 - 00000000 ____D C:\Program Files (x86)\Notepad++ 2015-11-12 21:29 - 2015-11-12 21:31 - 04103179 _____ C:\Users\User\Downloads\npp.6.8.6.Installer.exe 2015-11-12 15:10 - 2015-11-12 15:10 - 77881318 _____ C:\Users\User\Downloads\Null Leak by PreHacker.zip 2015-11-12 14:39 - 2015-11-12 14:39 - 00000000 ____D C:\Users\User\Icarus 2015-11-12 14:31 - 2015-11-12 14:31 - 07321270 _____ C:\Users\User\Downloads\Icarus Leak by PreHacker.zip 2015-11-12 14:28 - 2015-11-12 14:28 - 00000824 _____ C:\Users\User\Documents\hosts.txt 2015-11-12 14:27 - 2015-11-12 14:27 - 00000000 ____D C:\Users\User\Documents\MEGAsync Downloads 2015-11-12 14:26 - 2015-11-12 21:45 - 00000000 ___RD C:\Users\User\Documents\MEGA 2015-11-12 14:23 - 2015-11-12 14:23 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MEGAsync 2015-11-12 14:23 - 2015-11-12 14:23 - 00000000 ____D C:\Users\User\AppData\Local\MEGAsync 2015-11-12 14:23 - 2015-11-12 14:23 - 00000000 ____D C:\Users\User\AppData\Local\Mega Limited 2015-11-12 14:19 - 2015-11-12 14:19 - 00000273 _____ C:\Users\User\Downloads\ICarus Crack.bat 2015-11-12 14:16 - 2015-11-12 14:19 - 09989712 _____ (MEGA Limited) C:\Users\User\Downloads\MEGAsyncSetup.exe 2015-11-12 11:47 - 2015-11-12 11:47 - 00045680 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys 2015-11-11 21:38 - 2015-11-11 21:38 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft 2015-11-11 21:35 - 2015-11-11 21:37 - 63340400 _____ C:\Users\User\Downloads\Minecraft launcher Team Extreme.rar 2015-11-11 15:31 - 2015-11-11 15:31 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices 2015-11-11 15:31 - 2015-11-11 15:31 - 00000000 ____D C:\WINDOWS\system32\msmq 2015-11-11 15:31 - 2015-11-11 15:31 - 00000000 ____D C:\WINDOWS\system32\BestPractices 2015-11-11 15:26 - 2015-11-11 15:27 - 10776447 _____ C:\Users\User\Downloads\Minecraft_HD_64x1.8.8..zip 2015-11-10 20:31 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys 2015-11-10 20:31 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys 2015-11-10 20:31 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2015-11-10 20:31 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll 2015-11-10 20:31 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2015-11-10 20:31 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2015-11-10 20:31 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2015-11-10 20:31 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2015-11-10 20:31 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2015-11-10 20:31 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2015-11-10 20:31 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2015-11-10 20:31 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2015-11-10 20:31 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2015-11-10 20:31 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys 2015-11-10 20:31 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2015-11-10 20:31 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2015-11-10 20:31 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2015-11-10 20:31 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tunnel.sys 2015-11-10 20:31 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2015-11-10 20:31 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2015-11-10 20:31 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2015-11-10 20:31 - 2014-11-05 02:41 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2015-11-10 20:31 - 2014-11-05 02:18 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll 2015-11-10 20:30 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2015-11-10 20:30 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2015-11-10 20:30 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2015-11-10 20:30 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2015-11-10 20:30 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2015-11-10 20:30 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2015-11-10 20:30 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2015-11-10 20:30 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2015-11-10 20:30 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2015-11-10 20:30 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2015-11-10 20:30 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll 2015-11-10 20:30 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2015-11-10 20:30 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe 2015-11-10 20:30 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2015-11-10 20:30 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2015-11-10 20:30 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2015-11-10 20:30 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2015-11-10 20:30 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2015-11-10 20:30 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2015-11-10 20:30 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2015-11-10 20:30 - 2015-09-12 14:47 - 00414559 _____ C:\WINDOWS\system32\ApnDatabase.xml 2015-11-10 20:29 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2015-11-10 20:29 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2015-11-10 20:29 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2015-11-10 20:29 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll 2015-11-10 20:29 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2015-11-10 20:29 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2015-11-10 20:29 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2015-11-10 20:29 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll 2015-11-10 20:29 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll 2015-11-10 20:29 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2015-11-10 20:29 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2015-11-10 20:29 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2015-11-10 20:29 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2015-11-10 20:29 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2015-11-10 20:29 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll 2015-11-10 20:29 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2015-11-10 20:29 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2015-11-10 20:29 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2015-11-10 20:29 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2015-11-10 20:29 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2015-11-10 20:29 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2015-11-10 20:29 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll 2015-11-10 20:28 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2015-11-10 20:28 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2015-11-10 20:28 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2015-11-10 20:28 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2015-11-10 20:28 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2015-11-10 20:28 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL 2015-11-10 20:28 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll 2015-11-10 20:28 - 2014-11-10 19:06 - 00136512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2015-11-09 17:27 - 2015-11-27 22:21 - 00000000 ____D C:\Users\User\.thumbnails 2015-11-09 17:27 - 2015-11-09 17:27 - 00000000 ____D C:\Users\User\AppData\Roaming\Blender Foundation 2015-11-09 17:25 - 2015-11-09 17:25 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Blender 2015-11-09 17:25 - 2015-11-09 17:25 - 00000000 ____D C:\Program Files\Blender Foundation 2015-11-09 17:23 - 2015-11-09 17:23 - 83674076 _____ C:\Users\User\Downloads\blender-2.76b-windows64.msi 2015-11-09 17:20 - 2015-11-09 17:21 - 31691811 _____ C:\Users\User\Downloads\BEST Blender Intro Template By WakashawMotionDesign 2.zip 2015-11-09 17:16 - 2015-11-09 17:17 - 11983670 _____ C:\Users\User\Downloads\5 Free Intro Templates (Windows Movie Maker).mp4 2015-11-08 20:41 - 2015-12-02 23:30 - 00001038 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2015-11-08 20:21 - 2015-11-08 20:21 - 00000000 ____D C:\Users\User\Documents\MAGIX Downloads 2015-11-08 19:45 - 2015-11-08 20:21 - 00000000 ____D C:\Users\User\AppData\Roaming\MAGIX 2015-11-08 19:44 - 2015-11-08 20:22 - 00000000 ___RD C:\Users\User\Documents\MAGIX 2015-11-08 19:43 - 2015-11-29 23:14 - 00000000 ____D C:\ProgramData\MAGIX 2015-11-08 19:43 - 2015-11-08 19:43 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0 2015-11-08 19:32 - 2015-11-08 20:45 - 00679896 _____ C:\Users\User\Downloads\Nicht bestätigt 66316.crdownload 2015-11-08 19:32 - 2015-11-08 19:38 - 435272856 _____ (MAGIX Software GmbH) C:\Users\User\Downloads\music_maker_2016_dlv_chip_de_20150917_16-00.exe 2015-11-08 19:29 - 2015-11-08 20:45 - 119252368 _____ (MAGIX AG) C:\Users\User\Downloads\Nicht bestätigt 895426.crdownload 2015-11-08 19:22 - 2015-11-08 20:45 - 361419726 _____ (Image-Line) C:\Users\User\Downloads\Nicht bestätigt 621655.crdownload 2015-11-08 19:22 - 2015-11-08 20:45 - 05147216 _____ (Image-Line) C:\Users\User\Downloads\Nicht bestätigt 701303.crdownload 2015-11-08 13:40 - 2015-11-08 13:40 - 01383844 _____ C:\Users\User\Downloads\usb_nicht_erkannt.pdf 2015-11-07 18:26 - 2015-11-07 18:27 - 00000000 ____D C:\Users\User\Documents\OneNote-Notizbücher 2015-11-07 17:38 - 2015-12-04 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013 2015-11-07 17:37 - 2015-12-04 14:15 - 00000000 ____D C:\Program Files\Microsoft Office 15 2015-11-07 17:37 - 2015-11-07 17:37 - 01107136 _____ (Microsoft Corporation) C:\Users\User\Downloads\Setup.X86.de-DE_O365ProPlusRetail_405e2c1e-adf5-4c39-804a-8d0c54a951b6_TX_PR_b_3_.exe 2015-11-07 09:14 - 2015-12-02 22:19 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera Software 2015-11-07 09:14 - 2015-12-02 22:19 - 00000000 ____D C:\Users\User\AppData\Local\Opera Software ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-05 00:25 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2015-12-04 21:08 - 2014-09-02 10:43 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3455799945-794626198-3976200442-1001 2015-12-04 19:41 - 2014-09-05 16:27 - 00000000 ____D C:\Users\User\OneDrive 2015-12-04 19:40 - 2014-01-20 21:20 - 00000000 ____D C:\ProgramData\Realtek 2015-12-04 15:55 - 2014-09-02 11:04 - 00000000 ____D C:\ProgramData\Oracle 2015-12-04 15:38 - 2014-09-09 13:13 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity 2015-12-04 14:55 - 2014-09-09 12:26 - 00000000 ____D C:\Users\User\AppData\Roaming\.minecraft 2015-12-04 14:32 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-04 14:32 - 2013-08-22 15:44 - 00555584 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-04 14:31 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2015-12-04 14:19 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2015-12-04 14:18 - 2014-09-02 11:55 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-03 22:00 - 2015-01-14 19:43 - 00000000 ____D C:\AdwCleaner 2015-12-03 19:55 - 2015-01-17 18:36 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype 2015-12-03 19:10 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-03 16:06 - 2014-09-02 12:34 - 00000000 ____D C:\WINDOWS\AutoKMS 2015-12-02 23:48 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf 2015-12-02 23:33 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\addins 2015-12-02 23:30 - 2015-02-20 13:39 - 00001319 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2015-12-02 23:30 - 2015-02-17 11:02 - 00001397 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk 2015-12-02 23:30 - 2015-02-17 11:02 - 00001328 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk 2015-12-02 23:30 - 2015-02-13 17:41 - 00002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk 2015-12-02 23:30 - 2015-02-13 17:38 - 00001555 _____ C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk 2015-12-02 23:30 - 2015-02-13 17:38 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2015-12-02 23:30 - 2015-01-17 18:36 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk 2015-12-02 23:30 - 2014-09-02 11:15 - 00000938 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-12-02 23:30 - 2014-09-02 10:36 - 00001457 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2015-12-02 23:30 - 2014-09-02 10:26 - 00001523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-02 23:30 - 2014-09-02 10:22 - 00000469 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2015-12-02 23:30 - 2014-09-02 10:22 - 00000467 _____ C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2015-12-02 23:29 - 2015-05-17 18:47 - 00000000 ____D C:\Program Files (x86)\SystemContinue 2015-12-02 23:29 - 2014-09-02 11:05 - 00000000 ____D C:\ProgramData\Adobe 2015-12-02 23:29 - 2014-09-02 11:05 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-12-02 23:16 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-02 23:08 - 2015-02-13 17:41 - 00000000 ____D C:\Users\User\AppData\Roaming\TuneUp Software 2015-12-02 23:07 - 2012-07-26 09:12 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-02 22:54 - 2014-09-02 07:27 - 00000000 ____D C:\Users\User\AppData\Local\VirtualStore 2015-12-02 22:38 - 2015-06-08 15:51 - 00000000 ____D C:\Program Files (x86)\PageEdit 2015-12-02 22:25 - 2014-09-05 16:33 - 00000000 ____D C:\Users\User\AppData\Local\Deployment 2015-12-02 22:24 - 2015-01-17 18:36 - 00000000 ___RD C:\Program Files (x86)\Skype 2015-12-02 22:14 - 2015-01-14 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-02 22:14 - 2015-01-14 20:16 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-02 22:13 - 2014-01-20 21:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-30 14:14 - 2014-09-02 12:34 - 00003510 _____ C:\WINDOWS\System32\Tasks\AutoKMS 2015-11-30 14:03 - 2015-01-17 18:36 - 00000000 ____D C:\ProgramData\Skype 2015-11-29 23:05 - 2015-05-25 07:35 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-29 23:05 - 2015-05-25 07:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam 2015-11-29 22:55 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Public\Libraries 2015-11-29 21:46 - 2014-09-09 13:28 - 00000000 ____D C:\Users\User\Documents\Bandicam 2015-11-28 11:58 - 2014-03-18 11:03 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-11-28 11:58 - 2014-03-18 10:25 - 00765542 _____ C:\WINDOWS\system32\perfh007.dat 2015-11-28 11:58 - 2014-03-18 10:25 - 00159362 _____ C:\WINDOWS\system32\perfc007.dat 2015-11-23 14:24 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-11-22 21:29 - 2015-05-25 13:34 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-21 16:53 - 2015-03-28 11:54 - 00000000 ____D C:\Users\User\AppData\Roaming\.technic 2015-11-20 21:01 - 2015-02-13 15:48 - 00001186 _____ C:\Users\User\Downloads\nativelog.txt 2015-11-20 21:01 - 2015-02-13 15:48 - 00000000 ____D C:\Users\User\Downloads\game 2015-11-19 22:41 - 2015-02-13 17:50 - 00004597 _____ C:\Users\User\FreeYouTubeToMP3Converter.xml 2015-11-19 22:14 - 2015-02-13 17:38 - 00000240 _____ C:\Users\User\updhelper.xml 2015-11-15 13:34 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache 2015-11-13 22:35 - 2014-09-02 11:11 - 00000000 ____D C:\Users\User\AppData\Local\Adobe 2015-11-12 22:23 - 2013-08-22 16:36 - 00000000 ___RD C:\WINDOWS\ToastData 2015-11-12 21:43 - 2015-02-20 13:05 - 00000102 _____ C:\Users\User\AppData\default.pls 2015-11-12 20:24 - 2014-01-20 22:37 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-11-12 20:13 - 2014-01-20 22:37 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-11-11 15:31 - 2015-05-17 18:57 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcmiplugin.dll 2015-11-11 15:31 - 2015-05-17 18:56 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsec.dll 2015-11-11 15:31 - 2015-05-17 18:56 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqad.dll 2015-11-11 15:31 - 2015-05-17 18:53 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll 2015-11-11 15:31 - 2013-08-22 12:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb 2015-11-11 15:31 - 2013-08-22 12:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb 2015-11-11 15:31 - 2013-08-22 12:44 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb 2015-11-11 15:31 - 2013-08-22 12:44 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb 2015-11-11 15:31 - 2013-08-22 12:40 - 00173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys 2015-11-11 15:31 - 2013-08-22 12:35 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll 2015-11-11 15:31 - 2013-08-22 12:32 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe 2015-11-11 15:31 - 2013-08-22 12:26 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe 2015-11-11 15:31 - 2013-08-22 12:20 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll 2015-11-11 15:31 - 2013-08-22 11:23 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll 2015-11-11 15:31 - 2013-08-22 11:19 - 00788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll 2015-11-11 15:31 - 2013-08-22 10:50 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll 2015-11-11 15:31 - 2013-08-22 05:16 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb 2015-11-11 15:31 - 2013-08-22 05:16 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb 2015-11-11 15:31 - 2013-08-22 05:16 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb 2015-11-11 15:31 - 2013-08-22 05:16 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb 2015-11-11 15:31 - 2013-08-22 05:06 - 00563712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll 2015-11-11 15:31 - 2013-08-22 04:54 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll 2015-11-11 15:31 - 2013-08-22 04:31 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll 2015-11-11 15:31 - 2013-08-22 04:08 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll 2015-11-11 15:31 - 2013-08-22 04:05 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll 2015-11-11 15:31 - 2013-08-22 00:55 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof 2015-11-11 15:30 - 2015-05-17 18:57 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqad.dll 2015-11-11 15:30 - 2015-05-17 18:56 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsec.dll 2015-11-11 15:30 - 2015-05-17 18:54 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll 2015-11-11 15:30 - 2015-05-17 18:51 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqmigplugin.dll 2015-11-11 15:30 - 2013-08-22 11:53 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll 2015-11-11 15:30 - 2013-08-22 11:10 - 01408512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll 2015-11-11 15:30 - 2013-08-22 07:59 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof 2015-11-08 20:42 - 2014-09-09 13:12 - 00000000 ____D C:\Program Files (x86)\Audacity 2015-11-08 19:44 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\Help 2015-11-07 09:15 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-05-22 15:41 - 2015-08-13 20:11 - 0000024 _____ () C:\Users\User\AppData\Roaming\appdataFr25.bin 2014-09-02 07:27 - 2015-12-04 19:41 - 0054111 _____ () C:\Users\User\AppData\Local\BTServer.log 2015-01-12 20:53 - 2015-01-12 20:53 - 0000010 _____ () C:\Users\User\AppData\Local\DSI.DAT 2015-11-28 19:07 - 2015-11-28 19:07 - 0000000 ___SH () C:\Users\User\AppData\Local\LumaEmu 2014-12-27 11:01 - 2014-12-27 11:01 - 0613057 _____ (CMI Limited) C:\Users\User\AppData\Local\nsb17DC.tmp 2014-12-27 11:19 - 2014-12-27 11:19 - 0613057 _____ (CMI Limited) C:\Users\User\AppData\Local\nsm3885.tmp 2015-12-04 21:17 - 2015-12-04 21:17 - 0026000 _____ () C:\Users\User\AppData\Local\recently-used.xbel 2015-01-12 20:34 - 2015-01-13 20:53 - 0761485 _____ () C:\ProgramData\ChromeTabExtension.crx Einige Dateien in TEMP: ==================== C:\Users\User\AppData\Local\Temp\ytb.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-28 17:58 ==================== Ende von FRST.txt ============================ Addition: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015 durchgeführt von User (2015-12-05 00:27:29) Gestartet von C:\Users\User\Downloads Windows 8.1 (X64) (2014-09-02 09:35:46) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3455799945-794626198-3976200442-500 - Administrator - Disabled) Gast (S-1-5-21-3455799945-794626198-3976200442-501 - Limited - Disabled) User (S-1-5-21-3455799945-794626198-3976200442-1001 - Administrator - Enabled) => C:\Users\User ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) AVG (Version: 16.7.7226 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4477 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.7.7226 - AVG Technologies) AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.2.1.951 - AVG Technologies) Bandicam (HKLM-x32\...\Bandicam) (Version: 2.4.1.903 - Bandisoft.com) Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation) Canon MG2100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2100_series) (Version: - Canon Inc.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd) FMW 1 (Version: 1.22.2 - AVG Technologies) Hidden Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 15.0.4771.1004 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4771.1004 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4771.1004 - Microsoft Corporation) Hidden paint.net (HKLM\...\{19BD2C33-16A8-4ED1-B9EA-D9E35B21EC42}) (Version: 4.0.5 - dotPDN LLC) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.) Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.2.9.6 - Synaptics Incorporated) Unity Web Player (HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\UnityWebPlayer) (Version: 4.6.5f1 - Unity Technologies ApS) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3455799945-794626198-3976200442-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) ==================== Wiederherstellungspunkte ========================= 20-11-2015 09:35:26 Uniblue PC Mechanic installation 21-11-2015 17:10:29 Installed LogMeIn Hamachi 22-11-2015 20:54:29 Installed Hi-Rez Studios Games 28-11-2015 19:53:19 DirectX wurde installiert 29-11-2015 22:32:28 Revo Uninstaller's restore point - HOFER Bestellsoftware 02-12-2015 22:00:45 Revo Uninstaller's restore point - Bandisoft MPEG-1 Decoder 03-12-2015 22:07:08 Removed Java 7 Update 75 (64-bit) ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2015-11-12 14:32 - 00000970 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 www.andrewthehax0r.xyz 127.0.0.1 andrewshost.net 127.0.0.1 www.andrewthehax0r.xyz 127.0.0.1 andrewshost.net ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {12E43200-F07B-4626-B40B-90BB2A22658B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-11-27] (Microsoft Corporation) Task: {2584B5DE-9418-42B8-A3BE-1560FAE88DEE} - System32\Tasks\{E6331D2A-8572-416E-9B07-7020739809E6} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.2.0.103/de/go/help.faq.installer?LastError=1638 Task: {2F1A789E-0676-4401-9518-AC923CD0F8E3} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe Task: {4E1FBD54-C3B5-4A17-B5BF-C3751F14C615} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {4EE3072A-7ADD-4CD5-9735-E75FD9027B49} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {7636670B-6A31-4F9D-9FBA-53BE0851C4B7} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software) Task: {79F60833-359B-400C-9003-E4081E922996} - System32\Tasks\{032808C4-ED07-4B5E-93E3-D7158C989DA0} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/go/help.faq.installer?LastError=1638 Task: {818D70D9-4037-4EB0-8AAF-3F0EACCA7576} - System32\Tasks\{5AE09AAF-97CC-4094-B99D-9CFF5603E4B4} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.3.0.101/de/go/help.faq.installer?LastError=1638 Task: {94675CA2-7E6F-4205-A692-6DE72ED4A4A8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {9BF165CC-1F9C-43E6-9CE4-AE9955E0869D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {A8405224-7BF4-4654-B714-D683AE60108C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-10-13] (Microsoft Corporation) Task: {D1AD50F6-7737-410B-814E-D277E53DECBB} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation) Task: {D37D25B3-6A85-4645-8705-436FFE7051A0} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {F58F1F65-0FB0-4D33-B3E5-B27CE81B070A} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-27] (Microsoft Corporation) Task: {F688A3AA-552C-45A2-8234-2B06D146E069} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {F91DE262-2696-40D6-AEA4-4F54DC7FB31E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2015-11-27] (Microsoft Corporation) Task: {FEB5D689-9CE3-436F-BA5A-3B4987F27CC8} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-13] (Adobe Systems Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2014-01-20 21:20 - 2012-08-29 23:40 - 00048640 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe 2015-12-04 14:14 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-07-16 10:24 - 2014-07-16 10:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll 2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2015-12-02 22:16 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-12-02 22:16 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-12-02 22:16 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-12-02 22:16 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-12-02 22:16 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2014-01-20 21:11 - 2012-07-18 09:07 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll 2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF 2015-12-02 23:00 - 2015-04-07 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2015-06-08 20:06 - 2015-06-08 20:06 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3455799945-794626198-3976200442-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKU\S-1-5-21-3455799945-794626198-3976200442-1001\...\StartupApproved\Run: => "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [TCP Query User{58C187DA-18A2-4B2A-8C9E-08CAF47D4BE3}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [UDP Query User{223DD61C-72C5-4532-98C0-82216BC686D0}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{B4E18897-C917-468D-83C1-E6BE7C322E3C}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [{2508526D-2FC6-4E13-8328-AF9E4FD2BFDD}] => (Block) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe FirewallRules: [TCP Query User{CBE1091A-DBE7-436E-9E4C-E0FF9A451A26}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D8FE2524-1F11-46D9-8822-23AD23E095C5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{FFC34173-5916-4C82-AEEB-164979ACF172}C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{FB503E07-BC29-44D6-A64F-0C1B514B9151}C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{FEC860B5-FBF6-4A0D-AB9D-477F3770F219}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{2F0EA8EB-F9DE-4624-A8D3-7151794C0F44}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{D8010B3F-2ECB-4423-95E9-63336922828A}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{4436741F-D4FD-471D-BF09-8CA421428E3F}] => (Allow) LPort=2869 FirewallRules: [{A9772732-0246-421D-9BE8-93A0BA4BE5AE}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{718E41D1-81C1-4BEE-A685-E80C0FA747F6}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{5984CA82-DB59-464D-B4A5-0C9AD6B12E6F}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{98FEB0DD-2026-4198-958F-5F413311DAE3}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{71BC2BB0-17E7-4DFE-8AD9-DF3B1A49932F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{6E05720F-AE34-453D-88C4-A9BA14EE475B}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [UDP Query User{C935A717-5A55-45CD-9606-07C971FB54D0}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe FirewallRules: [TCP Query User{24D7E573-437D-4CE0-A936-64717EF9351C}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{902E764F-8497-41A6-96B1-922B3BF4DEEA}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{29FBCE7E-1805-409D-A2F6-B96FCB38C47D}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{C9CDE5B9-5AD8-4B7F-9B5A-63E304A11C8A}C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\user\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{C09E88DB-B46B-469E-85A4-F6B3A145AB56}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{05EBD917-8B65-418E-9AFA-B762564CAD27}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [{DA4706C5-60D9-4760-97E4-364DDD4B2FD9}] => (Allow) LPort=7878 FirewallRules: [{EBAA4B51-E821-4DB9-A3ED-442E8D3CE4D8}] => (Allow) LPort=20102 FirewallRules: [{4A6FD496-D1D1-4469-988C-F1D6B8B527CD}] => (Allow) LPort=1900 FirewallRules: [{EF9A280A-029E-424E-849D-A92B63D4495D}] => (Allow) C:\Program Files (x86)\Samsung\AllShare Control\AllShare Control PC.exe FirewallRules: [{D34DF3B8-3553-4132-9656-25690E8C6625}] => (Allow) C:\Program Files (x86)\Samsung\AllShare Control\AllShare Control PC.exe FirewallRules: [TCP Query User{2586573C-A035-4F12-8086-15E734F1FE22}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{95795CBE-E9AB-4B87-BC69-A1F68B8D3E50}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{BDA140B1-0F1E-43E1-9E2A-80EE988A2EA4}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{1FE2EF0A-F432-48E8-A245-686477C78C3A}] => (Block) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{1B74168E-0676-4F59-B15A-9C690ECC29B0}C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe] => (Allow) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe FirewallRules: [UDP Query User{16E9EDA2-2BCB-40E4-92DC-892574522064}C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe] => (Allow) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe FirewallRules: [{71C0A67E-7B91-43F2-B385-CC96C1A436D5}] => (Block) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe FirewallRules: [{2DDD642B-5C8B-4D7E-802D-255913758C52}] => (Block) C:\users\user\desktop\garry's mod\garry's mod\garrysmod.exe FirewallRules: [{D4A739FD-F5D6-4BE5-942B-4B550D5D4E1F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{954080D7-1800-4C9D-A183-16BD51F62F5A}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{681E195D-CB8B-45C8-86C2-BDE08C33B85E}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{6EC1C995-CE20-4A9B-9BCC-5FA008AFDC48}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{CA490777-BCBE-4D63-AF44-B1FAFBC47FB7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{B1ABA552-AE94-4F28-A80B-7EE3304755AD}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{01F6481E-B06E-485D-89B5-FE5337B6CE7C}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{ECBF50EA-6952-4E92-8A62-F4717EFC8C00}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe FirewallRules: [{1D3C5076-EC29-472E-8317-6E55FD7E4067}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8DD545C2-C2B1-4E8E-8E11-7D48B20ED59F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{B70B2C20-72E9-479F-87B6-A6335FD31724}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{C28AF11A-3A70-48D7-B131-C7F61AADFBCA}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{A19424E3-0351-4941-9B25-C573EB85B16B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe FirewallRules: [{F1B2EF0E-536F-4D22-AEB1-6C0CD2020248}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/04/2015 11:22:02 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: ) Description: 80070005 Error: (12/04/2015 09:41:13 PM) (Source: SideBySide) (EventID: 35) (User: ) Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"2" in Zeile UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0"3. Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein. Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0". Definition: UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0". Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose. Error: (12/04/2015 03:39:38 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9600.17415, Zeitstempel: 0x545046f0 Name des fehlerhaften Moduls: DivX.dll, Version: 5.0.5.830, Zeitstempel: 0x3ea73f16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001b6001 ID des fehlerhaften Prozesses: 0x10b4 Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0 Pfad der fehlerhaften Anwendung: wmplayer.exe1 Pfad des fehlerhaften Moduls: wmplayer.exe2 Berichtskennung: wmplayer.exe3 Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5 Error: (12/04/2015 03:33:26 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm javaw.exe, Version 8.0.660.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 10d8 Startzeit: 01d12e9ffe0d8759 Endzeit: 201 Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe Berichts-ID: f59f6f67-9a93-11e5-beac-6c71d902b968 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/04/2015 03:27:50 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm javaw.exe, Version 8.0.660.18 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1268 Startzeit: 01d12e9dc5c67cff Endzeit: 18 Anwendungspfad: C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe Berichts-ID: 2e8ac933-9a93-11e5-beac-6c71d902b968 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (12/04/2015 03:12:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9600.17415, Zeitstempel: 0x545046f0 Name des fehlerhaften Moduls: DivX.dll, Version: 5.0.5.830, Zeitstempel: 0x3ea73f16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001b6001 ID des fehlerhaften Prozesses: 0x18e4 Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0 Pfad der fehlerhaften Anwendung: wmplayer.exe1 Pfad des fehlerhaften Moduls: wmplayer.exe2 Berichtskennung: wmplayer.exe3 Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5 Error: (12/04/2015 03:07:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.9600.17415, Zeitstempel: 0x545046f0 Name des fehlerhaften Moduls: DivX.dll, Version: 5.0.5.830, Zeitstempel: 0x3ea73f16 Ausnahmecode: 0xc0000005 Fehleroffset: 0x001b6001 ID des fehlerhaften Prozesses: 0x12c8 Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0 Pfad der fehlerhaften Anwendung: wmplayer.exe1 Pfad des fehlerhaften Moduls: wmplayer.exe2 Berichtskennung: wmplayer.exe3 Vollständiger Name des fehlerhaften Pakets: wmplayer.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: wmplayer.exe5 Error: (12/03/2015 10:05:45 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller, Version: 4.2.1.951, Zeitstempel: 0x564dd806 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bc8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x000e5904 ID des fehlerhaften Prozesses: 0x1398 Startzeit der fehlerhaften Anwendung: 0xUNINSTALL.exe_AVG Uninstaller0 Pfad der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller1 Pfad des fehlerhaften Moduls: UNINSTALL.exe_AVG Uninstaller2 Berichtskennung: UNINSTALL.exe_AVG Uninstaller3 Vollständiger Name des fehlerhaften Pakets: UNINSTALL.exe_AVG Uninstaller4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UNINSTALL.exe_AVG Uninstaller5 Error: (12/03/2015 10:05:22 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller, Version: 4.2.1.951, Zeitstempel: 0x564dd806 Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18007, Zeitstempel: 0x55c4bc8e Ausnahmecode: 0xc0000374 Fehleroffset: 0x000e5904 ID des fehlerhaften Prozesses: 0x20d0 Startzeit der fehlerhaften Anwendung: 0xUNINSTALL.exe_AVG Uninstaller0 Pfad der fehlerhaften Anwendung: UNINSTALL.exe_AVG Uninstaller1 Pfad des fehlerhaften Moduls: UNINSTALL.exe_AVG Uninstaller2 Berichtskennung: UNINSTALL.exe_AVG Uninstaller3 Vollständiger Name des fehlerhaften Pakets: UNINSTALL.exe_AVG Uninstaller4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: UNINSTALL.exe_AVG Uninstaller5 Error: (12/03/2015 08:45:37 PM) (Source: MsiInstaller) (EventID: 10021) (User: AMMAR) Description: Produkt: Adobe Photoshop Elements 8.0 -- Das Gerät ist nicht bereit. (NULL)(NULL)(NULL)(NULL)(NULL) Systemfehler: ============= Error: (12/04/2015 04:11:06 PM) (Source: DCOM) (EventID: 10010) (User: AMMAR) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (12/04/2015 02:38:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (12/04/2015 02:30:53 PM) (Source: DCOM) (EventID: 10010) (User: AMMAR) Description: {BEBA2AA5-B5A7-4DD3-9AD6-43B24CDD3B7D} Error: (12/04/2015 02:29:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/03/2015 10:52:37 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/03/2015 09:50:47 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/03/2015 09:50:47 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/03/2015 09:50:44 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/03/2015 09:50:44 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (12/03/2015 09:50:43 PM) (Source: DCOM) (EventID: 10016) (User: AMMAR) Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}AMMARUserS-1-5-21-3455799945-794626198-3976200442-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar CodeIntegrity: =================================== Date: 2015-12-04 23:47:00.298 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:46:59.836 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:46:59.371 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:46:58.900 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:46:58.435 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:46:57.965 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:46:57.491 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 23:14:39.480 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 21:46:48.273 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2015-12-04 21:46:47.773 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\AVG\Framework\Common\avgfmwbasex.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3630QM CPU @ 2.40GHz Prozentuale Nutzung des RAM: 43% Installierter physikalischer RAM: 8071.27 MB Verfügbarer physikalischer RAM: 4576.99 MB Summe virtueller Speicher: 9415.27 MB Verfügbarer virtueller Speicher: 5850.93 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:464.65 GB) (Free:356.22 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 465.8 GB) (Disk ID: EC43DB7C) Partition: GPT. ==================== Ende von Addition.txt ============================ Beim Starten von GMER kam folgende Fehlermeldung: C\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Nach Bestätigen dieser Fehlermeldung kam die Meldung, dass GMER nicht mehr funktioniert. Virenscanner war deaktiviert und auch sonst alle Programme geschlossen. Ich habe den Rechner neu gestartet und GMER noch einmal gestartet – mit demselben Ergebnis. Vielen Dank und lg ![]() |
Themen zu Windows 8.1, Werbefenster im Internet, Laptop startet sehr langsam |
antivirus, browser, desktop, device driver, dnsapi.dll, flash player, google, hijack, hijackthis, homepage, iexplore.exe, installation, internet, langsam, mozilla, mp3, npdicihegicnhaangkdmcgbjceoemeoo, office 365, prozesse, realtek, registry, safer networking, scan, security, software, starten, super, svchost.exe, system, werbefenster, windows, windowsapps |