|
Alles rund um Windows: Ich glaub ich hab mir einen Virus eingefangen?Windows 7 Hilfe zu allen Windows-Betriebssystemen: Windows XP, Windows Vista, Windows 7, Windows 8(.1) und Windows 10 / Windows 11- als auch zu sämtlicher Windows-Software. Alles zu Windows 10 ist auch gerne willkommen. Bitte benenne etwaige Fehler oder Bluescreens unter Windows mit dem Wortlaut der Fehlermeldung und Fehlercode. Erste Schritte für Hilfe unter Windows. |
25.12.2015, 22:44 | #1 |
| Problem: Ich glaub ich hab mir einen Virus eingefangen? Hallo Trojaner Board, Seit 2 Wochen wird in meinem Appdata Ordner immer so ne komische chinesische Datei erstellt, da steht irgendwas was drin von dem Ich 0 Ahnung hab? ist das ein Virus oder was ist das ich lösch das dann immer wieder aus diesem Verzeichnis raus. mfg bully |
25.12.2015, 22:53 | #2 |
/// Malwareteam | Ich glaub ich hab mir einen Virus eingefangen? Anleitung / Hilfe Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
__________________(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
26.12.2015, 12:45 | #3 |
| Ich glaub ich hab mir einen Virus eingefangen? Details FRST.TXT
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015 durchgeführt von -Modz- (Administrator) auf ACERGAMERPC (26-12-2015 12:43:45) Gestartet von C:\Users\-Modz-\Desktop Geladene Profile: -Modz- (Verfügbare Profile: -Administrator- & -Modz- & cihan) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe () C:\Program Files (x86)\No-IP\ducservice.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (AMD) C:\Windows\System32\atieclxx.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-22] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] () HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-18\...\RunOnce: [AOD] => C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) Startup: C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RebusDrop.lnk [2015-11-14] ShortcutTarget: RebusDrop.lnk -> C:\Users\-Modz-\RebusDrop\App\RebusDrop.exe (Keine Datei) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Setup-Assistent.lnk [2015-07-30] ShortcutTarget: NETGEAR WNA3100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5c0c63ef-d955-4b85-bdee-9a06994c681f}: [DhcpNameServer] 192.168.1.250 Tcpip\..\Interfaces\{5ca59fec-4fbe-44a1-96df-33c3a6e9a40a}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{c6f3c728-9206-4c2f-adb6-b3dcd2342a78}: [DhcpNameServer] 172.16.255.1 Tcpip\..\Interfaces\{d0f4e0ba-eab2-4369-bdf4-4b1fbc5a48ab}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{eb188895-7e38-46a6-812a-c8e96878e2ba}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1443630958&z=a05b20d85d3e2b8a196e3f2gfzdz5ccqdcee0t1wcb&from=dae&uid=395049983_6295314_9e8a0171&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://do-search.com/web/?type=ds&ts=1443630958&z=a05b20d85d3e2b8a196e3f2gfzdz5ccqdcee0t1wcb&from=dae&uid=395049983_6295314_9e8a0171&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1443630958&z=a05b20d85d3e2b8a196e3f2gfzdz5ccqdcee0t1wcb&from=dae&uid=395049983_6295314_9e8a0171&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://do-search.com/web/?type=ds&ts=1443630958&z=a05b20d85d3e2b8a196e3f2gfzdz5ccqdcee0t1wcb&from=dae&uid=395049983_6295314_9e8a0171&q={searchTerms} SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-07-30] (Nexon) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-13] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon [2015-12-15] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon Chrome: ======= CHR Profile: C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-03] CHR Extension: (Google Docs) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-03] CHR Extension: (Google Drive) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03] CHR Extension: (Norton Security Toolbar) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-06] CHR Extension: (Google-Suche) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmhfaagmiabgebeiogncajjkiddkpbfc [2015-11-19] CHR Extension: (Agar.io Powerups) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2015-12-25] CHR Extension: (Google Tabellen) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-03] CHR Extension: (Google Docs Offline) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Norton Identity Safe) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-03] CHR Extension: (Google Mail) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-03] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [349728 2015-08-13] (WildTangent) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert] R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] () S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices) R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\BASHDefs\20151218.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation) R3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-30] (Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\IPSDefs\20151223.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2014-11-10] (Visicom Media Inc.) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.) R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151224.002\ENG64.SYS [138488 2015-10-27] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151224.002\EX64.SYS [2148080 2015-10-27] (Symantec Corporation) R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2512016 2015-07-10] (MediaTek Inc.) S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-30] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 VCam_WDM; C:\Windows\system32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-10] (Wellbia.com Co., Ltd.) S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X] U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-26 12:43 - 2015-12-26 12:43 - 02370560 _____ (Farbar) C:\Users\-Modz-\Desktop\FRST64.exe 2015-12-26 12:43 - 2015-12-26 12:43 - 00021032 _____ C:\Users\-Modz-\Desktop\FRST.txt 2015-12-26 12:43 - 2015-12-26 12:43 - 00000000 ____D C:\FRST 2015-12-26 12:42 - 2015-12-26 12:42 - 00016148 _____ C:\WINDOWS\system32\ACERGAMERPC_-Modz-_HistoryPrediction.bin 2015-12-25 23:47 - 2015-12-25 23:51 - 00000000 ____D C:\Users\-Modz-\Desktop\Testminion 2015-12-25 20:23 - 2015-12-25 20:25 - 00000000 ____D C:\WINDOWS\Panther 2015-12-25 20:22 - 2015-12-25 20:23 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-25 12:18 - 2015-12-25 12:18 - 00000000 ____D C:\Users\-Modz-\Desktop\test 2015-12-23 15:17 - 2015-12-25 16:36 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Infamous GTAV Menu 2015-12-23 15:16 - 2015-12-23 15:19 - 02176009 _____ C:\Users\-Modz-\Desktop\Infamous v4.zip 2015-12-22 15:54 - 2015-12-22 15:54 - 00000000 ____D C:\Users\-Modz-\Desktop\Agar Minions 2015-12-21 18:42 - 2015-12-21 18:42 - 00000000 ____D C:\Users\-Modz-\Desktop\new turkish musik 2015-12-21 15:28 - 2015-12-21 15:29 - 00000000 ____D C:\Users\-Modz-\Desktop\old musik 2015-12-21 15:01 - 2015-11-08 12:46 - 00000000 ____D C:\Users\-Modz-\Desktop\Agar.io 50 Minions Free! 2015-12-20 19:37 - 2013-06-01 11:08 - 00000000 ____D C:\Users\-Modz-\Desktop\locale_de 2015-12-20 19:19 - 2015-12-20 19:22 - 00000000 ____D C:\EterNexus 1.0.3.1 a 2015-12-20 17:43 - 2015-12-20 17:48 - 00000000 ____D C:\Users\-Modz-\Documents\Bewerbung 2015-12-19 15:06 - 2015-12-24 10:15 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Hideman 2015-12-19 15:06 - 2015-12-19 15:06 - 00002062 _____ C:\Users\-Modz-\Desktop\Hideman.lnk 2015-12-19 15:06 - 2015-12-19 15:06 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hideman 2015-12-19 15:05 - 2015-12-19 15:05 - 00000000 ____D C:\Program Files (x86)\Hideman 2015-12-16 12:00 - 2015-12-16 12:00 - 00016148 _____ C:\WINDOWS\system32\ACERGAMERPC_-Administrator-_HistoryPrediction.bin 2015-12-14 19:56 - 2015-12-20 10:44 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\FileZilla 2015-12-14 19:39 - 2015-12-14 19:40 - 00000000 ____D C:\Program Files\FileZilla FTP Client 2015-12-14 19:39 - 2015-12-14 19:39 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-12-13 18:00 - 2015-12-13 18:07 - 00000000 ___RD C:\Users\-Modz-\Documents\Scanned Documents 2015-12-13 18:00 - 2015-12-13 18:00 - 00000000 ____D C:\Users\-Modz-\Documents\Fax 2015-12-13 15:10 - 2015-12-13 15:33 - 00002043 _____ C:\Users\-Modz-\Desktop\Quest.txt 2015-12-13 15:09 - 2015-12-13 15:17 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\TeamViewer 2015-12-13 15:09 - 2015-12-13 15:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-12-13 15:09 - 2015-12-13 15:09 - 00001116 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2015-12-13 15:09 - 2015-12-13 15:09 - 00001104 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2015-12-12 14:16 - 2015-12-25 16:14 - 00000000 ____D C:\Users\-Modz-\Desktop\Mt2-Queste 2015-12-10 16:48 - 2015-12-10 16:48 - 00000000 ____D C:\Users\-Modz-\Desktop\Tor Browser 2015-12-07 19:28 - 2015-12-07 19:28 - 00000000 ____D C:\ProgramData\ATI 2015-12-07 19:23 - 2015-12-07 19:23 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater 2015-12-07 19:23 - 2015-12-07 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2015-12-06 14:28 - 2015-12-16 11:59 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\LogMeIn Hamachi 2015-12-06 14:28 - 2015-12-06 14:28 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\LogMeIn 2015-12-05 17:52 - 2015-12-05 17:57 - 00000000 ____D C:\Users\-Modz-\Desktop\Chatters 2015-12-05 09:58 - 2015-12-21 15:14 - 00000000 ____D C:\Users\-Modz-\Desktop\agar game server 2015-12-05 09:51 - 2015-12-26 12:42 - 00000000 ____D C:\Users\-Modz-\AppData\Local\LogMeIn Hamachi 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\Users\-Modz-\AppData\Local\LogMeIn 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\ProgramData\LogMeIn 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-11-29 22:19 - 2015-11-29 22:19 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-11-29 22:15 - 2015-11-29 22:15 - 00296648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys 2015-11-29 22:08 - 2015-11-29 22:08 - 49984512 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-11-29 22:08 - 2015-11-29 22:08 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe 2015-11-29 22:05 - 2015-11-29 22:05 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-11-29 22:05 - 2015-11-29 22:05 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-11-29 22:04 - 2015-11-29 22:04 - 27596288 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2015-11-29 21:44 - 2015-11-29 21:44 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-11-29 21:38 - 2015-11-29 21:38 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-11-29 21:36 - 2015-11-29 21:36 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-11-29 21:36 - 2015-11-29 21:36 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-11-29 21:35 - 2015-11-29 21:35 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-11-29 21:34 - 2015-11-29 21:34 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-11-29 21:34 - 2015-11-29 21:34 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-11-29 21:33 - 2015-11-29 21:33 - 08344064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2015-11-29 21:32 - 2015-11-29 21:32 - 10240000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2015-11-29 21:32 - 2015-11-29 21:32 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll 2015-11-29 21:32 - 2015-11-29 21:32 - 00683968 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-11-29 21:32 - 2015-11-29 21:32 - 00683968 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-11-29 21:32 - 2015-11-29 21:32 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-11-29 21:30 - 2015-11-29 21:30 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-11-29 21:29 - 2015-11-29 21:29 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-11-29 21:29 - 2015-11-29 21:29 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-11-29 21:29 - 2015-11-29 21:29 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-11-29 21:27 - 2015-11-29 21:27 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-11-29 21:25 - 2015-11-29 21:25 - 15711744 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-11-29 21:24 - 2015-11-29 21:24 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-11-29 21:22 - 2015-11-29 21:22 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-11-29 21:20 - 2015-11-29 21:20 - 00552448 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00246272 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00223744 _____ C:\WINDOWS\system32\dgtrayicon.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00162304 _____ C:\WINDOWS\system32\atieah64.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00145408 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00031744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-11-29 21:17 - 2015-11-29 21:17 - 00195072 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2015-11-29 21:17 - 2015-11-29 21:17 - 00174592 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-11-29 21:17 - 2015-11-29 21:17 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-11-29 14:57 - 2015-12-25 23:23 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2015-11-29 14:52 - 2015-12-25 22:39 - 00000000 ____D C:\WINDOWS\Minidump 2015-11-29 14:52 - 2015-11-29 14:52 - 00003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2015-11-29 14:51 - 2015-11-29 14:52 - 00016770 _____ C:\ProgramData\SMRResults501.dat 2015-11-28 21:33 - 2015-11-28 21:33 - 00016148 _____ C:\WINDOWS\system32\ACERGAMERPC_cihan_HistoryPrediction.bin 2015-11-28 20:52 - 2015-11-28 20:53 - 00000000 ____D C:\ProgramData\AVG 2015-11-28 20:52 - 2015-11-28 20:52 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\AVG 2015-11-28 20:52 - 2015-11-28 20:52 - 00000000 ____D C:\Users\-Modz-\AppData\Local\Avg 2015-11-28 20:24 - 2015-11-28 20:24 - 00000000 ____D C:\Python27 2015-11-28 20:24 - 2015-11-28 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 2015-11-28 20:13 - 2015-11-28 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JXcore 2015-11-28 20:13 - 2015-11-28 20:13 - 00000000 ____D C:\Program Files (x86)\JXcore 2015-11-28 19:55 - 2015-11-28 19:55 - 00000000 ____D C:\Users\cihan\AppData\Local\EgisTec IPS 2015-11-27 16:03 - 2015-11-28 20:26 - 00000000 ____D C:\Users\-Modz-\node_modules 2015-11-27 16:02 - 2015-11-28 20:15 - 00000000 ____D C:\Program Files\nodejs 2015-11-27 16:02 - 2015-11-27 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js 2015-11-27 15:19 - 2015-11-27 15:41 - 00000041 _____ C:\Users\-Modz-\.node_repl_history 2015-11-27 15:17 - 2015-11-28 20:21 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\npm-cache 2015-11-27 15:16 - 2015-11-28 20:21 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\npm 2015-11-26 13:17 - 2015-11-26 13:17 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\paint.net ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-26 12:43 - 2015-09-30 18:41 - 00005422 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for AcerGamerPC--Modz- AcerGamerPC 2015-12-26 12:43 - 2015-09-02 12:24 - 00000000 ____D C:\Program Files (x86)\Steam 2015-12-26 12:43 - 2015-07-10 10:05 - 00000000 ____D C:\Windows 2015-12-26 12:42 - 2015-08-05 21:17 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Skype 2015-12-26 12:42 - 2015-07-30 11:43 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-26 01:51 - 2015-07-30 11:43 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-26 01:03 - 2015-08-04 19:44 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5B47F70A-D3F0-4C2B-93FE-8C7AC35F87B4} 2015-12-25 23:24 - 2015-07-30 14:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-25 23:24 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-12-25 23:24 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-12-25 23:24 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF 2015-12-25 23:18 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-25 23:17 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-12-25 22:39 - 2015-07-30 15:39 - 00000000 ____D C:\Users\-Modz-\AppData\Local\CrashDumps 2015-12-25 22:37 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Raptr 2015-12-25 22:36 - 2015-08-04 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-25 22:36 - 2015-08-04 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-25 22:36 - 2015-07-10 13:20 - 00354816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-25 20:31 - 2015-09-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-25 20:31 - 2015-08-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-25 20:29 - 2015-07-30 12:26 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-25 20:25 - 2015-07-30 12:26 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-25 20:25 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-25 20:22 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-25 20:21 - 2015-08-12 14:23 - 00000000 ____D C:\Program Files (x86)\No-IP 2015-12-25 20:21 - 2015-07-30 14:10 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-12-25 16:00 - 2015-09-18 13:09 - 00000000 ____D C:\Users\-Modz-\AppData\Local\BetterDS3 2015-12-25 12:34 - 2015-07-30 14:08 - 00000000 ____D C:\AMD 2015-12-25 12:31 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-23 13:42 - 2015-11-01 15:03 - 00000000 ____D C:\Users\-Modz-\Documents\Rockstar Games 2015-12-23 13:14 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-22 12:24 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-20 17:16 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz-\AppData\Local\Packages 2015-12-20 14:59 - 2015-11-13 18:28 - 00000000 ____D C:\Users\-Modz-\Desktop\Dateien 2015-12-20 10:44 - 2015-11-01 14:59 - 00000000 ____D C:\Program Files\Rockstar Games 2015-12-20 10:44 - 2015-11-01 14:59 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-12-19 21:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-16 20:26 - 2015-09-30 18:41 - 00000000 ____D C:\Users\-Modz-\Documents\Kaufmännische schule nagold hausaufgaben 2015-12-16 12:00 - 2015-07-30 14:02 - 00002417 _____ C:\Users\-Administrator-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-16 12:00 - 2015-07-30 14:02 - 00000000 ___RD C:\Users\-Administrator-\OneDrive 2015-12-16 11:59 - 2015-07-30 11:46 - 00000000 ____D C:\ProgramData\clear.fi 2015-12-15 20:51 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz- 2015-12-13 19:51 - 2015-07-30 15:00 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\CrashDumps 2015-12-13 19:47 - 2015-07-30 14:12 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8EB8C160-0213-480F-AC20-8A9F72A16FCF} 2015-12-13 19:44 - 2015-07-30 14:00 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\Packages 2015-12-09 15:54 - 2015-07-30 14:15 - 00002390 _____ C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-09 15:54 - 2015-07-30 14:15 - 00000000 ___RD C:\Users\-Modz-\OneDrive 2015-12-09 00:19 - 2015-07-30 14:18 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\AMD 2015-12-08 18:01 - 2015-10-23 19:56 - 00000000 ____D C:\Users\-Modz-\Documents\Firma Rechnungen 2015-12-07 19:23 - 2015-10-27 18:32 - 00000000 ____D C:\Program Files (x86)\AMD 2015-12-07 19:23 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz-\AppData\Local\AMD 2015-12-07 19:23 - 2015-07-30 14:09 - 00000000 ____D C:\Program Files\AMD 2015-12-07 19:13 - 2009-07-14 04:20 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy 2015-12-07 19:09 - 2015-11-24 17:23 - 00000000 ____D C:\Users\-Modz-\AppData\Local\ManyCam 2015-12-07 19:08 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-06 14:29 - 2015-07-30 14:10 - 00000000 ____D C:\Users\-Administrator-\AppData\Roaming\Raptr 2015-12-05 17:56 - 2015-10-24 13:07 - 00000000 ____D C:\Users\-Modz-\Documents\Visual Studio 2010 2015-12-05 09:46 - 2015-07-30 11:43 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-05 09:46 - 2015-07-30 11:43 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-01 01:32 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-01 01:32 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-29 22:19 - 2015-07-16 03:11 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-11-29 22:18 - 2015-08-25 09:31 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-11-29 22:18 - 2015-07-16 03:11 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-11-29 22:18 - 2015-07-16 03:11 - 01497248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-11-29 22:12 - 2015-10-24 11:38 - 23961088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-11-29 22:07 - 2015-10-24 11:38 - 41510912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-11-29 22:04 - 2015-10-24 11:38 - 22348800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-11-29 21:30 - 2015-10-24 11:38 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-11-29 21:17 - 2015-10-24 11:38 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-11-29 21:17 - 2015-10-24 11:38 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-11-29 15:08 - 2015-11-24 17:01 - 00000000 ____D C:\Users\-Modz-\AppData\Local\NPE 2015-11-29 14:52 - 2015-07-30 14:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2015-11-29 14:52 - 2015-07-30 14:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-01 14:22 - 2015-11-01 14:22 - 0000000 _____ () C:\Program Files\Microsoft Office 2015-11-01 14:22 - 2015-11-01 14:22 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD 2015-10-18 13:16 - 2015-10-18 13:16 - 0000148 _____ () C:\Users\-Modz-\AppData\Roaming\version.ini 2015-07-30 11:06 - 2015-07-30 11:07 - 0002640 _____ () C:\ProgramData\ArcadeDeluxe5.log 2015-11-29 14:51 - 2015-11-29 14:52 - 0016770 _____ () C:\ProgramData\SMRResults501.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\SMRResults501.dat ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-20 14:50 ==================== Ende von FRST.txt ============================ ADDITON.TXT Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015 durchgeführt von -Modz- (2015-12-26 12:44:20) Gestartet von C:\Users\-Modz-\Desktop Windows 10 Home (X64) (2015-07-30 13:00:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= -Administrator- (S-1-5-21-2460867539-720680438-1151803929-1000 - Administrator - Enabled) => C:\Users\-Administrator- -Modz- (S-1-5-21-2460867539-720680438-1151803929-1001 - Administrator - Enabled) => C:\Users\-Modz- Administrator (S-1-5-21-2460867539-720680438-1151803929-500 - Administrator - Disabled) cihan (S-1-5-21-2460867539-720680438-1151803929-1004 - Administrator - Enabled) => C:\Users\cihan DefaultAccount (S-1-5-21-2460867539-720680438-1151803929-503 - Limited - Disabled) Gast (S-1-5-21-2460867539-720680438-1151803929-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3506 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0708.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.) Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive) ATI AVIVO64 Codecs (Version: 11.6.0.10405 - ATI Technologies Inc.) Hidden aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation) Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Catalyst Control Center Next Localization BR (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) clear.fi (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden clear.fi (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.) clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM) Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden FileZilla Client 3.14.1 (HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.) Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Free Video Player 2.1 (HKLM-x32\...\FreeVideoPlayer) (Version: 2.1 - FreeVideoPlayer Software Inc) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Hideman (HKLM-x32\...\Hideman) (Version: - ) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM-x32\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation) Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden JXcore version 3.0.7 (HKLM-x32\...\{3ECB57C5-7C51-4526-8DD6-D4AD94823A17}_is1) (Version: 3.0.7 - Nubisa Inc.) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.) LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc) ManyCam 4.1.0 (HKLM-x32\...\ManyCam) (Version: 4.1.0 - Visicom Media Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR) Node.js (HKLM\...\{4A184F20-65CB-49D8-AF28-808B4A6A1FCD}) (Version: 5.0.0 - Node.js Foundation) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) Norton Security (HKLM-x32\...\NS) (Version: 22.5.5.15 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Python 2.7.10 (64-bit) (HKLM\...\{E2B51919-207A-43EB-AE78-733F9C6797C3}) (Version: 2.7.10150 - Python Software Foundation) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6299 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.52465 - TeamViewer) Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2460867539-720680438-1151803929-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\-Modz-\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01084ACA-227D-482F-B9FC-969E8F0C4828} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {01B4A6FC-5A15-41C8-91B2-5961601A24F1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {15FE4BF7-2E19-4ED0-A85F-4084BF22F695} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation) Task: {1808CAAB-5F3E-4DCF-9EB5-5AB9AB40657E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd) Task: {18964D87-007B-4BA5-8780-C0066565F5CA} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {1F8C911D-539F-4298-94FF-909FD4959023} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.) Task: {2B935BB6-71D8-494B-BB71-839122719B68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.) Task: {32048B5C-3143-4C3D-A2B2-45CFF9693554} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink) Task: {47FA0A9B-88CF-408A-AE4E-4511F29F22F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\msoia.exe Task: {4C5925C9-7161-4144-BED2-265FAAB0DF5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.) Task: {5BC98968-DD21-4E89-8C74-8FEA734D136F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5F637823-2F28-458D-A23F-CE17AFAA258E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for AcerGamerPC--Modz- AcerGamerPC => D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation) Task: {6B32E276-5C1A-495D-BEF5-0E9CE5C8CF0B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {755CB63D-A049-4FA3-86B3-49E94F724F8B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {7B12E6A5-6993-48FD-ABB9-85A2C867FD05} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {7CD3FDE0-2A0A-4F62-8AB4-85A29A5E4914} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {8318485A-D6A1-4C04-8455-BDF6474D58B8} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {8D2A1A87-87AE-4E00-B00C-D3CBA34789F2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {8E2E9F7D-B3DD-4417-90EA-524DDC25355A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-25] (Microsoft Corporation) Task: {90AA5DF7-00EC-4AAC-9407-EE9F2E8E7429} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {9132E55B-72BA-4970-81E3-93030734DB51} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {9460F9AC-0E92-46BB-BD19-2927597310FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {967D59ED-ECD8-45EC-816A-2C1918915198} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-29] (Advanced Micro Devices, Inc.) Task: {9B433667-1E4F-4ACC-9ABB-506FBC7D1056} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {9BC543EB-9912-4A28-B810-B564F7304E2D} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {C02DA7EC-7EDE-4B28-8B18-678D1D131E0A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {C0845E86-A69C-41B4-B676-0091CFAD27D0} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe Task: {C10783D3-CB0B-45FB-9B0F-2C509F978644} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {C10FF07E-200B-4F9F-B9CC-B1BB12E27BE7} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {C68AE6DD-BB7C-49B0-821D-2CB0CE12EE63} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated) Task: {CAD3BB77-6BD8-4D7E-8876-62F2818CB916} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {D0B7DE8E-CA33-4F86-A8B6-0DE6C580EA3C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D0BC65D8-4257-45DC-BCB6-D5488A88A9DC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {D69E4355-9538-41EB-A483-5979325E5786} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {DAFDF1C5-FD69-47E2-8136-45CC81D443FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\msoia.exe Task: {DD832DBA-C03D-4A93-AF68-AE432376AB60} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DEAC86D9-C8F8-4EFB-AC0E-BDC194DF2762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {E268F7AD-78E9-4A2B-8DE8-4C217EBF3C20} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E5FCB07B-2071-4816-87C9-4BBBBB1D167C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-10-14] (Acer) Task: {EC9886B9-FAAB-4A02-A4A9-0F2B1E4BEEDF} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {EEC0A7AC-9F3B-43BD-92F6-B51A9D5CEB82} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {FB60061F-401A-4BAE-9CEF-A07FF5A28AF8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {FF58172B-E857-4BC9-AE54-6A708FC0D0BB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-08-06 13:41 - 2015-07-15 03:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 11:48 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-07-30 11:38 - 2010-08-26 16:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe 2015-07-20 16:34 - 2015-07-20 16:34 - 00012288 _____ () C:\Program Files (x86)\No-IP\ducservice.exe 2015-10-20 15:43 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-20 15:43 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2009-01-22 01:45 - 2009-01-22 01:45 - 01401856 _____ () C:\Program Files (x86)\EgisTec MyWinLocker\x64\LIBEAY32.dll 2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-10-20 15:43 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-20 15:43 - 2015-09-17 06:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-20 15:43 - 2015-09-17 06:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-20 15:43 - 2015-09-17 06:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-20 15:43 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-12-15 22:50 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-15 22:50 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-07-30 11:38 - 2010-08-26 16:47 - 04577760 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe 2011-08-11 04:58 - 2011-08-11 04:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2015-07-30 11:38 - 2010-07-09 15:38 - 00331776 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll 2015-07-20 16:34 - 2015-07-20 16:34 - 00073728 _____ () C:\Program Files (x86)\No-IP\ducapi.dll 2015-07-30 11:07 - 2011-10-12 11:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 2015-07-30 11:38 - 2010-02-03 10:31 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll 2011-08-11 04:57 - 2011-08-11 04:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd 2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll 2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd 2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll 2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd 2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd 2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll 2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{187B2014-8157-4FCD-8CE2-A051D3BE2B50}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\PlayMovie.exe FirewallRules: [{77AAC64C-08AB-48BB-9EC8-0098E1AA14C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe FirewallRules: [{849BDC31-19EF-471D-AF35-6EB7FF6B4E82}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{4E13B17C-B5D6-43E6-B054-571042E6D0F5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{2632AAAD-021C-4379-8DE7-79EC14B760E6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{26E795C9-AE70-42D4-B198-DD36411E9BDB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe FirewallRules: [{D9E40424-51C2-48D3-A85B-E7F7BA432DB7}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{57858D5D-9E5A-4CBB-9247-76C978EC9753}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{9F7B19CB-288D-4134-9DA2-F8E42471A6D9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{17BF41BE-7BC0-481C-95FB-229A1FECA73D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe FirewallRules: [{52A1620A-5AF4-42E9-AB10-134F15121CB1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{B4C9E0DC-9DC8-4708-B207-DA669A186962}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{EB4D0BAC-7A11-4B82-B498-D49042BCDD3A}] => (Allow) LPort=1900 FirewallRules: [{D607DD07-F4BF-42C4-A8D7-CC66445DDCCE}] => (Allow) LPort=2869 FirewallRules: [{E146C47D-AB7C-4CE2-909F-97D6A27EED89}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{39430A24-85F1-4FB5-8DB2-C9F81A5024EA}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{9C96DE52-1EDF-45E5-8692-1A5A18CE74CB}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{36040A99-5FB1-40BE-A173-48850C312931}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{D433F503-4768-4B83-AA8A-3C992C781D83}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{40011272-62E3-4F9A-94E3-0525FA6FD189}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{C5070A52-1C88-47DB-9316-0A5BB00192CD}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{6092C0B6-872A-4643-945A-D1BBB1DA7B91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{83C494CF-A8D0-43BA-A5EF-DF695283D3A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D9008354-0B38-4303-8FA6-9A93EE9084DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E023744B-E6D3-4818-9556-2A242E980919}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6E4D3610-AEBD-45F0-84BF-3209FB6B5A81}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{09BDFA37-AC7C-4FE9-8F6C-C3C3DACB8614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{1FC504BC-7F3A-4D6C-A30B-6220B7140078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{2FE59F14-4562-4137-9B45-C3018889C5F9}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe FirewallRules: [{5165CC31-9D12-4202-B76E-51D4141A85CF}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe FirewallRules: [{4FCCD4EF-DB8F-4750-B135-08AEF137FD88}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\starter.exe FirewallRules: [{4227A745-D392-4CAD-B595-69CCD2CA160D}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\starter.exe FirewallRules: [{B7FF52BD-53DE-434C-B94B-28060DB15693}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe FirewallRules: [{2192B533-E2FC-4665-8576-49BF0D39E96F}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe FirewallRules: [{ED91983C-C05B-4E71-A6AD-A504DE4ED77D}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe FirewallRules: [{34F02AC3-22DD-4613-BC50-F6BAC872BE29}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe FirewallRules: [{A75CD4D7-CDA4-4BE7-9F89-42B505B52205}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{5BC5E7E1-F76B-44FA-8BC3-049A4F4A133D}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{09E661C0-18C2-4AA5-A823-C38210FB6A0A}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2C659D4E-E543-40E1-8D2F-79C0D83ABF33}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{F2275C99-1F6D-4E51-BAF5-5C45B12CB71B}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F3052BE2-1B08-470C-BB4C-6D28E38CCFE2}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{1598A493-BD56-4804-AF97-387C00C42E64}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{BA5D3546-35D5-43E0-B7B5-215C7B5D48DD}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{5FFC231F-CB77-4C2C-A3F0-CB64BBC91897}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{835EE619-4807-4AF8-B774-973EA6AAA07E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{3FB8BD93-CCD1-4EA3-B2F8-61868E7E46C8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{110FF951-2117-473F-BB53-EB3254D8B312}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{4FC21E4C-E676-4473-8432-3F79AACE5D14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5C1D4E7C-E634-4B04-8C20-E1273A770F0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B36BA416-5B43-411E-B52A-A52AD361F341}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{79BA1E5D-D164-4937-9017-67FA39D7A2F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6D2309F0-2ACB-4E87-869C-78031104B8F7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{18C7AB8E-8F83-42CE-97CA-E079FF3C7219}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{E7EAAA44-4AD8-44F5-B39B-71EB8007799B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{406D728C-3A13-4AA8-8515-D58843AEBC37}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{367C5B69-A99A-47CA-B3D9-BD8C1511EA40}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{7452CC94-21EC-4C19-BA26-D23F7F9AE594}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{0E1168F1-C0A6-40E5-824D-9ADF29435F64}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{C1FF358F-FCEE-4756-B675-CDF2D67388F4}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DCA25E6F-3CFD-4EE7-A470-29EB6E3738DF}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe ==================== Wiederherstellungspunkte ========================= ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/25/2015 10:38:48 PM) (Source: ESENT) (EventID: 455) (User: ) Description: CCleaner64 (6328) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (12/25/2015 10:38:48 PM) (Source: ESENT) (EventID: 489) (User: ) Description: CCleaner64 (6328) testing: Der Versuch, die Datei "C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (12/25/2015 10:38:38 PM) (Source: ESENT) (EventID: 455) (User: ) Description: CCleaner64 (6328) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (12/25/2015 10:38:38 PM) (Source: ESENT) (EventID: 489) (User: ) Description: CCleaner64 (6328) testing: Der Versuch, die Datei "C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (12/25/2015 10:37:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NetworkUXBroker.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3aa6 Name des fehlerhaften Moduls: WlanMediaManager.dll, Version: 10.0.10240.16461, Zeitstempel: 0x55d2db06 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004ddf2 ID des fehlerhaften Prozesses: 0x1d28 Startzeit der fehlerhaften Anwendung: 0xNetworkUXBroker.exe0 Pfad der fehlerhaften Anwendung: NetworkUXBroker.exe1 Pfad des fehlerhaften Moduls: NetworkUXBroker.exe2 Berichtskennung: NetworkUXBroker.exe3 Vollständiger Name des fehlerhaften Pakets: NetworkUXBroker.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkUXBroker.exe5 Error: (12/25/2015 08:22:30 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2013 - Update "Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127 Error: (12/25/2015 08:21:40 PM) (Source: MsiInstaller) (EventID: 11307) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2013 -- Fehler 1307.Es steht nicht genügend Speicherplatz zum Installieren der folgenden Datei zur Verfügung: 'C:\WINDOWS\Installer\e08dcd.msp'. Geben Sie Speicherplatz frei, und klicken Sie auf 'Wiederholen', oder klicken Sie auf 'Abbrechen', um den Vorgang zu beenden. Error: (12/25/2015 08:16:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (12/25/2015 08:06:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (12/25/2015 08:06:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Systemfehler: ============= Error: (12/26/2015 01:52:22 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 5 Error: (12/26/2015 01:52:05 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Synchronisierungshost_Session1 erreicht. Error: (12/26/2015 01:51:55 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/25/2015 11:20:27 PM) (Source: usbehci) (EventID: 4) (User: ) Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response. Error: (12/25/2015 11:18:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (12/25/2015 11:17:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/25/2015 11:17:16 PM) (Source: usbehci) (EventID: 3) (User: ) Description: A timeout occurred while waiting for the EHCI host controller Asynchronous Schedule to transition to the enabled state. Error: (12/25/2015 11:16:36 PM) (Source: usbehci) (EventID: 4) (User: ) Description: A timeout occurred while waiting for the EHCI host controller Interrupt on Async Advance Doorbell response. Error: (12/25/2015 10:38:16 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000000a (0x0000000000000000, 0x0000000000000002, 0x0000000000000001, 0xfffff803aec66236)C:\WINDOWS\MEMORY.DMP122515-143843-01 Error: (12/25/2015 10:36:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Service KMSELDI" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 CodeIntegrity: =================================== Date: 2015-08-07 21:46:01.281 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:46:01.256 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:39.452 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:39.425 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:00.349 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:00.324 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:50.719 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:50.694 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:32.377 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:32.351 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: AMD FX(tm)-8120 Eight-Core Processor Prozentuale Nutzung des RAM: 23% Installierter physikalischer RAM: 8099.73 MB Verfügbarer physikalischer RAM: 6178.2 MB Summe virtueller Speicher: 16291.73 MB Verfügbarer virtueller Speicher: 14332.44 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:58.09 GB) (Free:3 GB) NTFS Drive d: (Lokaler Datenträger) (Fixed) (Total:913.51 GB) (Free:661.41 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: F94FCA4F) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=58.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F94FCA65) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Not Active) - (Size=913.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
26.12.2015, 13:04 | #4 |
/// Malwareteam | Lösung: Ich glaub ich hab mir einen Virus eingefangen?Lesestoff: Illegale Software: Cracks, Keygens und Co Code:
ATTFilter C:\Program Files\KMSpico Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html Es geht weiter wenn du alles Illegale entfernt hast. Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
26.12.2015, 13:41 | #5 |
| Wie Ich glaub ich hab mir einen Virus eingefangen? Dann muss ich wohl erst mal den Zugang für den PC meines Sohnes sperren, ich entferne diese Illegalen Software. ( Muttersprache ist nicht Deutsch sorry für Rechtschreibfehler) |
26.12.2015, 15:06 | #6 |
/// Malwareteam | Wo Ich glaub ich hab mir einen Virus eingefangen? Lösung! Naja es handelt sich um einen sehr geläufigen Crack für Windows selber oder für Office (wie Word, Excel usw.) also nicht sehr tragisch. Trotzdem hier am Board nicht so gern gesehen.
__________________ --> Ich glaub ich hab mir einen Virus eingefangen? |
26.12.2015, 17:20 | #7 |
| So Windows hab ich Orginal gekauft, ich weiß jetzt nicht ob ich es entgültig gelöscht habe wir können glaub ich aber weiter machen ? |
26.12.2015, 17:40 | #8 |
/// Malwareteam | Ich glaub ich hab mir einen Virus eingefangen? Was für einen Ordner meinst du denn? Zeig mal bitte die genaue Bezeichnung und den Pfad, am besten mit einem Screenshot oder sowas
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
26.12.2015, 21:31 | #9 |
| Ich glaub ich hab mir einen Virus eingefangen? Das was du mir oben gesagt hast mit dem Kmspico |
26.12.2015, 21:41 | #10 | |
/// Malwareteam | Ich glaub ich hab mir einen Virus eingefangen? [gelöst]Zitat:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
26.12.2015, 22:44 | #11 |
| Ich glaub ich hab mir einen Virus eingefangen? [gelöst]LINK DAZU hxxp://www.bilder-upload.eu/show.php?file=0f26ef-1451167370.png |
26.12.2015, 22:51 | #12 |
/// Malwareteam | Ich glaub ich hab mir einen Virus eingefangen? [gelöst] Okay Danke dir Bitte lasse die Datei einfach mal in Ruhe und folge den weiteren Schritten. Frage Wie ist dir diese chinesische Datei eigentlich aufgefallen? Bemerkst du irgendwelche Probleme auf deinem Computer? Schritt 1 Lade dir folgendes Programm herunter und installiere es: Malwarebytes Anti-Malware Hier findest du dazu eine bebilderte Anleitung
Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3 Bitte starte wieder FRST, setze den Haken bei Addition und drücke auf Untersuchen. Poste bitte wieder die beiden Textdateien, die so entstehen. Bitte poste in deiner nächsten Antwort also:
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
26.12.2015, 23:32 | #13 |
| Ich glaub ich hab mir einen Virus eingefangen? [gelöst] adw Code:
ATTFilter # AdwCleaner v5.026 - Bericht erstellt am 26/12/2015 um 23:16:41 # Aktualisiert am 21/12/2015 von Xplode # Datenbank : 2015-12-23.1 [Server] # Betriebssystem : Windows 10 Home (x64) # Benutzername : -Modz- - ACERGAMERPC # Gestartet von : D:\Downloads\AdwCleaner_5.026.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : Service KMSELDI ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files\FileViewPro [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\kmspico ***** [ Dateien ] ***** ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} [-] Schlüssel Gelöscht : HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\do-search.com [-] Schlüssel Gelöscht : HKCU\SOFTWARE\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\do-search.com ***** [ Internetbrowser ] ***** [-] [C:\Users\-Administrator-\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : websearch ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1714 Bytes] ########## Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 26.12.2015 Suchlaufzeit: 23:00 Protokolldatei: nbamlog.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.26.05 Rootkit-Datenbank: v2015.12.26.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: -Modz- Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 472436 Abgelaufene Zeit: 10 Min., 59 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-12-2015 durchgeführt von -Modz- (Administrator) auf ACERGAMERPC (26-12-2015 23:23:19) Gestartet von C:\Users\-Modz-\Desktop Geladene Profile: -Modz- (Verfügbare Profile: -Administrator- & -Modz- & cihan) Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\ns.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (CyberLink Corp.) C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (CyberLink) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10240.16565_none_1162030161f5c19b\TiWorker.exe (Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\Office15\MSOSYNC.EXE (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe () C:\Program Files (x86)\No-IP\ducservice.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11775592 2011-01-18] (Realtek Semiconductor) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4866760 2015-11-29] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SuiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [341360 2011-06-22] (Egis Technology Inc.) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated) HKLM-x32\...\Run: [ArcadeMovieService] => C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe [185640 2011-08-31] (CyberLink Corp.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] () HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-12-11] (Raptr, Inc) HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [57987712 2015-09-28] (Skype Technologies S.A.) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2901584 2015-10-14] (Valve Corporation) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd) HKU\S-1-5-18\...\RunOnce: [AOD] => C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe AutoTune ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\buShell.dll [2015-11-05] (Symantec Corporation) Startup: C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RebusDrop.lnk [2015-12-26] ShortcutTarget: RebusDrop.lnk -> C:\Users\-Modz-\RebusDrop\App\RebusDrop.exe (Keine Datei) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA3100 Setup-Assistent.lnk [2015-12-26] ShortcutTarget: NETGEAR WNA3100 Setup-Assistent.lnk -> C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe () ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{5c0c63ef-d955-4b85-bdee-9a06994c681f}: [DhcpNameServer] 192.168.1.250 Tcpip\..\Interfaces\{5ca59fec-4fbe-44a1-96df-33c3a6e9a40a}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{c6f3c728-9206-4c2f-adb6-b3dcd2342a78}: [DhcpNameServer] 172.16.255.1 Tcpip\..\Interfaces\{d0f4e0ba-eab2-4369-bdf4-4b1fbc5a48ab}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{eb188895-7e38-46a6-812a-c8e96878e2ba}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2011-06-06] (Adobe Systems Incorporated) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-02-10] (Microsoft Corporation) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation) BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-01-21] (Microsoft Corporation) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\coIEPlg.dll [2015-11-05] (Symantec Corporation) Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL [2015-02-17] (Microsoft Corporation) FireFox: ======== FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-05-21] (Microsoft Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-14] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-07-30] (Nexon) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2015-08-13] () FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2011-06-06] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2014-05-21] (Microsoft Corporation) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon [2015-12-15] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.2.15\coFFAddon Chrome: ======= CHR Profile: C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-03] CHR Extension: (Google Docs) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-03] CHR Extension: (Google Drive) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-24] CHR Extension: (YouTube) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-03] CHR Extension: (Norton Security Toolbar) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-10-06] CHR Extension: (Google-Suche) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Tampermonkey) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmhfaagmiabgebeiogncajjkiddkpbfc [2015-11-19] CHR Extension: (Agar.io Powerups) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\efedcgdhahoncejkihgfnecicebndbhc [2015-12-25] CHR Extension: (Google Tabellen) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-03] CHR Extension: (Google Docs Offline) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Norton Identity Safe) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-03] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-03] CHR Extension: (Google Mail) - C:\Users\-Modz-\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-03] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\Exts\Chrome.crx [2015-11-26] CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 NoIPDUCService4; C:\Program Files (x86)\No-IP\ducservice.exe [12288 2015-07-20] () [Datei ist nicht signiert] R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\NS.exe [282016 2015-11-20] (Symantec Corporation) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] () ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [40720 2015-07-28] (Advanced Micro Devices, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWT6.sys [102912 2015-09-18] (Advanced Micro Devices) R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\BASHDefs\20151218.001\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation) R3 BrSerIf; C:\Windows\system32\DRIVERS\BrSerIf.sys [97280 2006-12-12] (Brother Industries Ltd.) R1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) S3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-09-30] (Disc Soft Ltd) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation) R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.) R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\IPSDefs\20151225.001\IDSvia64.sys [767224 2015-12-04] (Symantec Corporation) R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49312 2014-11-10] (Visicom Media Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-26] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.) R3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151225.001\ENG64.SYS [138488 2015-10-27] (Symantec Corporation) R3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.2.15\Definitions\VirusDefs\20151225.001\EX64.SYS [2148080 2015-10-27] (Symantec Corporation) R3 netr28x; C:\Windows\System32\drivers\netr28x.sys [2512016 2015-07-10] (MediaTek Inc.) S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\NSx64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-30] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\NSx64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 VCam_WDM; C:\Windows\system32\DRIVERS\VCam_WDM.sys [104120 2012-05-25] (e2eSoft) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-11-10] (Wellbia.com Co., Ltd.) S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X] U3 idsvc; kein ImagePath S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-26 23:18 - 2015-12-26 23:18 - 00016148 _____ C:\WINDOWS\system32\ACERGAMERPC_-Modz-_HistoryPrediction.bin 2015-12-26 23:18 - 2015-12-26 23:18 - 00001796 _____ C:\Users\-Modz-\Desktop\AdwCleaner[C1].txt 2015-12-26 23:14 - 2015-12-26 23:16 - 00000000 ____D C:\AdwCleaner 2015-12-26 23:11 - 2015-12-26 23:13 - 00001187 _____ C:\Users\-Modz-\Desktop\nbamlog.txt 2015-12-26 22:57 - 2015-12-26 23:19 - 00001169 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2015-12-26 22:57 - 2015-12-26 23:18 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2015-12-26 22:57 - 2015-12-26 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-12-26 22:57 - 2015-12-26 22:57 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-12-26 22:57 - 2015-12-26 22:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-12-26 22:57 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2015-12-26 22:57 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2015-12-26 22:57 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2015-12-26 12:43 - 2015-12-26 23:23 - 00021388 _____ C:\Users\-Modz-\Desktop\FRST.txt 2015-12-26 12:43 - 2015-12-26 23:23 - 00000000 ____D C:\FRST 2015-12-26 12:43 - 2015-12-26 12:43 - 02370560 _____ (Farbar) C:\Users\-Modz-\Desktop\FRST64.exe 2015-12-25 23:47 - 2015-12-25 23:51 - 00000000 ____D C:\Users\-Modz-\Desktop\Testminion 2015-12-25 20:23 - 2015-12-25 20:25 - 00000000 ____D C:\WINDOWS\Panther 2015-12-25 20:22 - 2015-12-25 20:23 - 00000000 ___HD C:\$WINDOWS.~BT 2015-12-25 12:18 - 2015-12-25 12:18 - 00000000 ____D C:\Users\-Modz-\Desktop\test 2015-12-23 15:17 - 2015-12-26 22:53 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Infamous GTAV Menu 2015-12-23 15:16 - 2015-12-26 20:55 - 02176582 _____ C:\Users\-Modz-\Desktop\Infamous v4.zip 2015-12-22 15:54 - 2015-12-22 15:54 - 00000000 ____D C:\Users\-Modz-\Desktop\Agar Minions 2015-12-21 18:42 - 2015-12-21 18:42 - 00000000 ____D C:\Users\-Modz-\Desktop\new turkish musik 2015-12-21 15:28 - 2015-12-21 15:29 - 00000000 ____D C:\Users\-Modz-\Desktop\old musik 2015-12-21 15:01 - 2015-11-08 12:46 - 00000000 ____D C:\Users\-Modz-\Desktop\Agar.io 50 Minions Free! 2015-12-20 19:37 - 2013-06-01 11:08 - 00000000 ____D C:\Users\-Modz-\Desktop\locale_de 2015-12-20 19:19 - 2015-12-20 19:22 - 00000000 ____D C:\EterNexus 1.0.3.1 a 2015-12-20 17:43 - 2015-12-20 17:48 - 00000000 ____D C:\Users\-Modz-\Documents\Bewerbung 2015-12-19 15:06 - 2015-12-26 23:18 - 00002062 _____ C:\Users\-Modz-\Desktop\Hideman.lnk 2015-12-19 15:06 - 2015-12-24 10:15 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Hideman 2015-12-19 15:06 - 2015-12-19 15:06 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hideman 2015-12-19 15:05 - 2015-12-19 15:05 - 00000000 ____D C:\Program Files (x86)\Hideman 2015-12-16 12:00 - 2015-12-16 12:00 - 00016148 _____ C:\WINDOWS\system32\ACERGAMERPC_-Administrator-_HistoryPrediction.bin 2015-12-14 19:56 - 2015-12-20 10:44 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\FileZilla 2015-12-14 19:39 - 2015-12-14 19:40 - 00000000 ____D C:\Program Files\FileZilla FTP Client 2015-12-14 19:39 - 2015-12-14 19:39 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client 2015-12-13 18:00 - 2015-12-13 18:07 - 00000000 ___RD C:\Users\-Modz-\Documents\Scanned Documents 2015-12-13 18:00 - 2015-12-13 18:00 - 00000000 ____D C:\Users\-Modz-\Documents\Fax 2015-12-13 15:10 - 2015-12-13 15:33 - 00002043 _____ C:\Users\-Modz-\Desktop\Quest.txt 2015-12-13 15:09 - 2015-12-26 23:19 - 00001104 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2015-12-13 15:09 - 2015-12-26 23:19 - 00001098 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2015-12-13 15:09 - 2015-12-13 15:17 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\TeamViewer 2015-12-13 15:09 - 2015-12-13 15:15 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2015-12-12 14:16 - 2015-12-25 16:14 - 00000000 ____D C:\Users\-Modz-\Desktop\Mt2-Queste 2015-12-10 16:48 - 2015-12-10 16:48 - 00000000 ____D C:\Users\-Modz-\Desktop\Tor Browser 2015-12-07 19:28 - 2015-12-07 19:28 - 00000000 ____D C:\ProgramData\ATI 2015-12-07 19:23 - 2015-12-07 19:23 - 00004296 _____ C:\WINDOWS\System32\Tasks\AMD Updater 2015-12-07 19:23 - 2015-12-07 19:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Radeon Settings 2015-12-06 14:28 - 2015-12-16 11:59 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\LogMeIn Hamachi 2015-12-06 14:28 - 2015-12-06 14:28 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\LogMeIn 2015-12-05 17:52 - 2015-12-05 17:57 - 00000000 ____D C:\Users\-Modz-\Desktop\Chatters 2015-12-05 09:58 - 2015-12-21 15:14 - 00000000 ____D C:\Users\-Modz-\Desktop\agar game server 2015-12-05 09:51 - 2015-12-26 23:18 - 00000000 ____D C:\Users\-Modz-\AppData\Local\LogMeIn Hamachi 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\Users\-Modz-\AppData\Local\LogMeIn 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\ProgramData\LogMeIn 2015-12-05 09:51 - 2015-12-05 09:51 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi 2015-11-29 22:19 - 2015-11-29 22:19 - 00458472 _____ C:\WINDOWS\system32\amdmiracast.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00133016 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiuxpag.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00120656 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiu9p64.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00102616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiu9pag.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00078432 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll 2015-11-29 22:19 - 2015-11-29 22:19 - 00071704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 10907328 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atidxx32.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 10815664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd64.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 09070320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdag.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 09017808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiumd6a.dll 2015-11-29 22:18 - 2015-11-29 22:18 - 01229984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll 2015-11-29 22:15 - 2015-11-29 22:15 - 00296648 _____ (Advanced Micro Devices) C:\WINDOWS\system32\Drivers\amdacpksd.sys 2015-11-29 22:08 - 2015-11-29 22:08 - 49984512 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl64.dll 2015-11-29 22:08 - 2015-11-29 22:08 - 00235008 _____ C:\WINDOWS\system32\clinfo.exe 2015-11-29 22:05 - 2015-11-29 22:05 - 00065024 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll 2015-11-29 22:05 - 2015-11-29 22:05 - 00059392 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll 2015-11-29 22:04 - 2015-11-29 22:04 - 27596288 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\amdocl12cl64.dll 2015-11-29 21:44 - 2015-11-29 21:44 - 00677888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 06643200 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmantle64.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 00562688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 00127488 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll 2015-11-29 21:43 - 2015-11-29 21:43 - 00113664 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll 2015-11-29 21:38 - 2015-11-29 21:38 - 05223936 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmantle32.dll 2015-11-29 21:36 - 2015-11-29 21:36 - 00134656 _____ C:\WINDOWS\system32\amdhdl64.dll 2015-11-29 21:36 - 2015-11-29 21:36 - 00123392 _____ C:\WINDOWS\SysWOW64\amdhdl32.dll 2015-11-29 21:35 - 2015-11-29 21:35 - 31376896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atio6axx.dll 2015-11-29 21:34 - 2015-11-29 21:34 - 00096256 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll 2015-11-29 21:34 - 2015-11-29 21:34 - 00089088 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll 2015-11-29 21:33 - 2015-11-29 21:33 - 08344064 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll 2015-11-29 21:32 - 2015-11-29 21:32 - 10240000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll 2015-11-29 21:32 - 2015-11-29 21:32 - 00865280 _____ (AMD) C:\WINDOWS\system32\coinst_15.30.dll 2015-11-29 21:32 - 2015-11-29 21:32 - 00683968 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb 2015-11-29 21:32 - 2015-11-29 21:32 - 00683968 _____ C:\WINDOWS\system32\atiapfxx.blb 2015-11-29 21:32 - 2015-11-29 21:32 - 00367104 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe 2015-11-29 21:30 - 2015-11-29 21:30 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll 2015-11-29 21:29 - 2015-11-29 21:29 - 25840128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atioglxx.dll 2015-11-29 21:29 - 2015-11-29 21:29 - 00050688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmmcl6.dll 2015-11-29 21:29 - 2015-11-29 21:29 - 00039424 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmmcl.dll 2015-11-29 21:27 - 2015-11-29 21:27 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap 2015-11-29 21:25 - 2015-11-29 21:25 - 15711744 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticaldd64.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00062464 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalrt64.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00055808 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\system32\aticalcl64.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00052224 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalrt.dll 2015-11-29 21:25 - 2015-11-29 21:25 - 00049152 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticalcl.dll 2015-11-29 21:24 - 2015-11-29 21:24 - 14302208 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\aticaldd.dll 2015-11-29 21:22 - 2015-11-29 21:22 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap 2015-11-29 21:20 - 2015-11-29 21:20 - 00552448 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00442368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00246272 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00223744 _____ C:\WINDOWS\system32\dgtrayicon.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00204800 _____ C:\WINDOWS\system32\amdgfxinfo64.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00190976 _____ (AMD) C:\WINDOWS\system32\atitmm64.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00189952 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll 2015-11-29 21:20 - 2015-11-29 21:20 - 00162304 _____ C:\WINDOWS\system32\atieah64.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00145408 _____ C:\WINDOWS\SysWOW64\atieah32.exe 2015-11-29 21:20 - 2015-11-29 21:20 - 00031744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 01272832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00157696 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00075776 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6pxx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiglpxx.dll 2015-11-29 21:18 - 2015-11-29 21:18 - 00070144 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiglpxx.dll 2015-11-29 21:17 - 2015-11-29 21:17 - 00195072 _____ C:\WINDOWS\system32\hsa-thunk64.dll 2015-11-29 21:17 - 2015-11-29 21:17 - 00174592 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll 2015-11-29 21:17 - 2015-11-29 21:17 - 00043520 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\ati2erec.dll 2015-11-29 14:57 - 2015-12-26 23:22 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security 2015-11-29 14:52 - 2015-12-25 22:39 - 00000000 ____D C:\WINDOWS\Minidump 2015-11-29 14:52 - 2015-11-29 14:52 - 00003386 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration 2015-11-29 14:51 - 2015-11-29 14:52 - 00016770 _____ C:\ProgramData\SMRResults501.dat 2015-11-28 21:33 - 2015-11-28 21:33 - 00016148 _____ C:\WINDOWS\system32\ACERGAMERPC_cihan_HistoryPrediction.bin 2015-11-28 20:52 - 2015-11-28 20:53 - 00000000 ____D C:\ProgramData\AVG 2015-11-28 20:52 - 2015-11-28 20:52 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\AVG 2015-11-28 20:52 - 2015-11-28 20:52 - 00000000 ____D C:\Users\-Modz-\AppData\Local\Avg 2015-11-28 20:24 - 2015-11-28 20:24 - 00000000 ____D C:\Python27 2015-11-28 20:24 - 2015-11-28 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 2015-11-28 20:13 - 2015-11-28 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JXcore 2015-11-28 20:13 - 2015-11-28 20:13 - 00000000 ____D C:\Program Files (x86)\JXcore 2015-11-28 19:55 - 2015-11-28 19:55 - 00000000 ____D C:\Users\cihan\AppData\Local\EgisTec IPS 2015-11-27 16:03 - 2015-11-28 20:26 - 00000000 ____D C:\Users\-Modz-\node_modules 2015-11-27 16:02 - 2015-11-28 20:15 - 00000000 ____D C:\Program Files\nodejs 2015-11-27 16:02 - 2015-11-27 16:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Node.js 2015-11-27 15:19 - 2015-11-27 15:41 - 00000041 _____ C:\Users\-Modz-\.node_repl_history 2015-11-27 15:17 - 2015-11-28 20:21 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\npm-cache 2015-11-27 15:16 - 2015-11-28 20:21 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\npm 2015-11-26 13:17 - 2015-11-26 13:17 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\paint.net ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-26 23:22 - 2015-08-05 21:17 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Skype 2015-12-26 23:20 - 2015-07-10 10:05 - 00000000 ____D C:\Windows 2015-12-26 23:19 - 2015-11-24 17:22 - 00001090 _____ C:\Users\Public\Desktop\ManyCam.lnk 2015-12-26 23:19 - 2015-11-15 11:26 - 00001262 _____ C:\Users\Public\Desktop\Einfaches Video und Filmschnittprogramm LoiLo.lnk 2015-12-26 23:19 - 2015-11-15 11:26 - 00001113 _____ C:\Users\Public\Desktop\LoiLo Game Recorder.lnk 2015-12-26 23:19 - 2015-11-13 18:26 - 00001080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk 2015-12-26 23:19 - 2015-11-13 18:26 - 00001074 _____ C:\Users\Public\Desktop\Audacity.lnk 2015-12-26 23:19 - 2015-11-13 18:24 - 00001257 _____ C:\Users\Public\Desktop\aTube Catcher.lnk 2015-12-26 23:19 - 2015-10-25 13:55 - 00000932 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk 2015-12-26 23:19 - 2015-10-14 20:01 - 00001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2015-12-26 23:19 - 2015-09-30 18:41 - 00005402 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for AcerGamerPC--Modz- AcerGamerPC 2015-12-26 23:19 - 2015-07-30 13:56 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2015-12-26 23:19 - 2015-07-30 11:10 - 00001862 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fooz Kids.lnk 2015-12-26 23:19 - 2011-11-07 18:49 - 00002429 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-12-26 23:19 - 2011-11-07 18:36 - 00001364 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk 2015-12-26 23:19 - 2011-11-07 18:36 - 00001295 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk 2015-12-26 23:19 - 2011-11-07 18:34 - 00001448 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk 2015-12-26 23:19 - 2011-11-07 18:31 - 00002476 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk 2015-12-26 23:19 - 2011-11-07 18:01 - 00002566 _____ C:\Users\Public\Desktop\WildTangent Games App - acer.lnk 2015-12-26 23:18 - 2015-10-24 13:20 - 00000758 _____ C:\Users\-Modz-\Desktop\CombatArms.lnk 2015-12-26 23:18 - 2015-10-18 13:21 - 00001589 _____ C:\Users\-Modz-\Desktop\CPU Information und Ram Auslastung.lnk 2015-12-26 23:18 - 2015-10-10 18:25 - 00000911 _____ C:\Users\-Modz-\Desktop\CCleaner.lnk 2015-12-26 23:18 - 2015-10-05 18:12 - 00001051 _____ C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk 2015-12-26 23:18 - 2015-09-30 17:44 - 00001637 _____ C:\Users\-Modz-\Desktop\League of Legends.lnk 2015-12-26 23:18 - 2015-09-18 14:03 - 00001016 _____ C:\Users\-Modz-\Desktop\DS3 Tool.lnk 2015-12-26 23:18 - 2015-09-13 15:33 - 00000279 _____ C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk 2015-12-26 23:18 - 2015-09-02 12:24 - 00000000 ____D C:\Program Files (x86)\Steam 2015-12-26 23:18 - 2015-07-30 14:15 - 00002390 _____ C:\Users\-Modz-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-26 23:18 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz-\AppData\Roaming\Raptr 2015-12-26 23:18 - 2015-07-30 11:43 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-12-26 23:18 - 2015-07-30 11:07 - 00002163 _____ C:\Users\-Modz-\Desktop\clear.fi.lnk 2015-12-26 23:17 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2015-12-26 23:17 - 2015-07-10 10:05 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2015-12-26 23:17 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2015-12-26 23:17 - 2011-11-07 18:38 - 00000000 ____D C:\WINDOWS\ro 2015-12-26 22:51 - 2015-07-30 11:43 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-26 22:46 - 2015-10-21 14:07 - 00000080 _____ C:\Users\-Modz-\AppData\Local剜捯獫慴慇敭屳呇⁁屖湥楴汴浥湥湩潦 2015-12-26 22:46 - 2015-07-30 14:03 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2015-12-26 22:46 - 2015-07-10 17:34 - 00771100 _____ C:\WINDOWS\system32\perfh007.dat 2015-12-26 22:46 - 2015-07-10 17:34 - 00153964 _____ C:\WINDOWS\system32\perfc007.dat 2015-12-26 22:46 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF 2015-12-26 20:49 - 2015-07-30 15:39 - 00000000 ____D C:\Users\-Modz-\AppData\Local\CrashDumps 2015-12-26 20:25 - 2015-09-18 13:09 - 00000000 ____D C:\Users\-Modz-\AppData\Local\BetterDS3 2015-12-26 18:50 - 2015-08-04 19:44 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5B47F70A-D3F0-4C2B-93FE-8C7AC35F87B4} 2015-12-26 18:48 - 2015-08-12 14:23 - 00000000 ____D C:\Program Files (x86)\No-IP 2015-12-26 18:48 - 2015-07-30 14:10 - 00000000 ____D C:\Program Files (x86)\Raptr 2015-12-26 18:45 - 2015-07-10 12:04 - 00000000 ____D C:\Program Files\Common Files\microsoft shared 2015-12-26 12:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness 2015-12-25 22:36 - 2015-08-04 16:28 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-25 22:36 - 2015-08-04 16:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-25 22:36 - 2015-07-10 13:20 - 00354816 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-25 20:31 - 2015-09-28 20:02 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-12-25 20:31 - 2015-08-04 16:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-25 20:29 - 2015-07-30 12:26 - 00000000 ____D C:\WINDOWS\system32\MRT 2015-12-25 20:25 - 2015-07-30 12:26 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2015-12-25 20:25 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp 2015-12-25 12:34 - 2015-07-30 14:08 - 00000000 ____D C:\AMD 2015-12-23 13:42 - 2015-11-01 15:03 - 00000000 ____D C:\Users\-Modz-\Documents\Rockstar Games 2015-12-22 12:24 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-20 17:16 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz-\AppData\Local\Packages 2015-12-20 14:59 - 2015-11-13 18:28 - 00000000 ____D C:\Users\-Modz-\Desktop\Dateien 2015-12-20 10:44 - 2015-11-01 14:59 - 00000000 ____D C:\Program Files\Rockstar Games 2015-12-20 10:44 - 2015-11-01 14:59 - 00000000 ____D C:\Program Files (x86)\Rockstar Games 2015-12-19 21:50 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\NDF 2015-12-16 20:26 - 2015-09-30 18:41 - 00000000 ____D C:\Users\-Modz-\Documents\Kaufmännische schule nagold hausaufgaben 2015-12-16 12:00 - 2015-07-30 14:02 - 00002417 _____ C:\Users\-Administrator-\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2015-12-16 12:00 - 2015-07-30 14:02 - 00000000 ___RD C:\Users\-Administrator-\OneDrive 2015-12-16 11:59 - 2015-07-30 11:46 - 00000000 ____D C:\ProgramData\clear.fi 2015-12-15 20:51 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz- 2015-12-13 19:51 - 2015-07-30 15:00 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\CrashDumps 2015-12-13 19:47 - 2015-07-30 14:12 - 00004182 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{8EB8C160-0213-480F-AC20-8A9F72A16FCF} 2015-12-13 19:44 - 2015-07-30 14:00 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\Packages 2015-12-09 15:54 - 2015-07-30 14:15 - 00000000 ___RD C:\Users\-Modz-\OneDrive 2015-12-09 00:19 - 2015-07-30 14:18 - 00000000 ____D C:\Users\-Administrator-\AppData\Local\AMD 2015-12-08 18:01 - 2015-10-23 19:56 - 00000000 ____D C:\Users\-Modz-\Documents\Firma Rechnungen 2015-12-07 19:23 - 2015-10-27 18:32 - 00000000 ____D C:\Program Files (x86)\AMD 2015-12-07 19:23 - 2015-07-30 14:14 - 00000000 ____D C:\Users\-Modz-\AppData\Local\AMD 2015-12-07 19:23 - 2015-07-30 14:09 - 00000000 ____D C:\Program Files\AMD 2015-12-07 19:09 - 2015-11-24 17:23 - 00000000 ____D C:\Users\-Modz-\AppData\Local\ManyCam 2015-12-07 19:08 - 2015-07-10 12:04 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2015-12-06 14:29 - 2015-07-30 14:10 - 00000000 ____D C:\Users\-Administrator-\AppData\Roaming\Raptr 2015-12-05 17:56 - 2015-10-24 13:07 - 00000000 ____D C:\Users\-Modz-\Documents\Visual Studio 2010 2015-12-05 09:46 - 2015-07-30 11:43 - 00004200 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2015-12-05 09:46 - 2015-07-30 11:43 - 00003968 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2015-12-01 01:32 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2015-12-01 01:32 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-29 22:19 - 2015-07-16 03:11 - 00152568 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atiuxp64.dll 2015-11-29 22:18 - 2015-08-25 09:31 - 08089248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atiumdva.dll 2015-11-29 22:18 - 2015-07-16 03:11 - 13189336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atidxx64.dll 2015-11-29 22:18 - 2015-07-16 03:11 - 01497248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll 2015-11-29 22:12 - 2015-10-24 11:38 - 23961088 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmdag.sys 2015-11-29 22:07 - 2015-10-24 11:38 - 41510912 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl.dll 2015-11-29 22:04 - 2015-10-24 11:38 - 22348800 _____ (Advanced Micro Devices Inc.) C:\WINDOWS\SysWOW64\amdocl12cl.dll 2015-11-29 21:30 - 2015-10-24 11:38 - 00941568 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll 2015-11-29 21:17 - 2015-10-24 11:38 - 00671232 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Drivers\atikmpag.sys 2015-11-29 21:17 - 2015-10-24 11:38 - 00142336 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll 2015-11-29 15:08 - 2015-11-24 17:01 - 00000000 ____D C:\Users\-Modz-\AppData\Local\NPE 2015-11-29 14:52 - 2015-07-30 14:33 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security 2015-11-29 14:52 - 2015-07-30 14:33 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-11-01 14:22 - 2015-11-01 14:22 - 0000000 _____ () C:\Program Files\Microsoft Office 2015-11-01 14:22 - 2015-11-01 14:22 - 0000000 _____ () C:\Program Files (x86)\Common Files\AMD 2015-10-18 13:16 - 2015-10-18 13:16 - 0000148 _____ () C:\Users\-Modz-\AppData\Roaming\version.ini 2015-07-30 11:06 - 2015-07-30 11:07 - 0002640 _____ () C:\ProgramData\ArcadeDeluxe5.log 2015-11-29 14:51 - 2015-11-29 14:52 - 0016770 _____ () C:\ProgramData\SMRResults501.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\SMRResults501.dat Einige Dateien in TEMP: ==================== C:\Users\-Modz-\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-12-20 14:50 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-12-2015 durchgeführt von -Modz- (2015-12-26 23:23:50) Gestartet von C:\Users\-Modz-\Desktop Windows 10 Home (X64) (2015-07-30 13:00:38) Start-Modus: Normal ========================================================== ==================== Konten: ============================= -Administrator- (S-1-5-21-2460867539-720680438-1151803929-1000 - Administrator - Enabled) => C:\Users\-Administrator- -Modz- (S-1-5-21-2460867539-720680438-1151803929-1001 - Administrator - Enabled) => C:\Users\-Modz- Administrator (S-1-5-21-2460867539-720680438-1151803929-500 - Administrator - Disabled) cihan (S-1-5-21-2460867539-720680438-1151803929-1004 - Administrator - Enabled) => C:\Users\cihan DefaultAccount (S-1-5-21-2460867539-720680438-1151803929-503 - Limited - Disabled) Gast (S-1-5-21-2460867539-720680438-1151803929-501 - Limited - Disabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Norton Security (Enabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton Security (Enabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton Security (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3506 - Acer Incorporated) Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.2.5 - WildTangent) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0708.2011 - Acer Incorporated) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated) Adobe Reader X (10.1.0) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.0 - Adobe Systems Incorporated) Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.) Arma 3 Tools (HKLM-x32\...\Steam App 233800) (Version: - Bohemia Interactive) ATI AVIVO64 Codecs (Version: 11.6.0.10405 - ATI Technologies Inc.) Hidden aTube Catcher Version 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp) Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team) Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Bing Bar (HKLM-x32\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation) Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation) Call of Duty: Modern Warfare 2 - Multiplayer (HKLM-x32\...\Steam App 10190) (Version: - Infinity Ward) Catalyst Control Center Next Localization BR (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHS (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CHT (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization CS (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DA (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization DE (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization EL (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization ES (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FI (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization FR (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization HU (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization IT (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization JA (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization KO (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NL (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization NO (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization PL (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization RU (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization SV (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TH (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Next Localization TR (Version: 2015.1129.1552.28517 - Advanced Micro Devices, Inc.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform) clear.fi (x32 Version: 1.5.1717_38186 - CyberLink Corp.) Hidden clear.fi (x32 Version: 9.0.8031 - CyberLink Corp.) Hidden clear.fi (HKLM-x32\...\InstallShield_{37126D87-E4FD-4614-B908-A0BB7ECE3992}) (Version: 1.5.2212.35 - CyberLink Corp.) clear.fi (x32 Version: 1.5.2212.35 - CyberLink Corp.) Hidden clear.fi Client (HKLM-x32\...\{43AAE145-83CF-4C96-9A5E-756CEFCE879F}) (Version: 1.05.3002 - Acer Incorporated) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM) Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version: - SCS Software) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden FileZilla Client 3.14.1 (HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.) Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Free Video Player 2.1 (HKLM-x32\...\FreeVideoPlayer) (Version: 2.1 - FreeVideoPlayer Software Inc) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games) Hideman (HKLM-x32\...\Hideman) (Version: - ) Hotfix für Microsoft Visual Basic 2010 Express - DEU (KB2635973) (HKLM-x32\...\{CCAC7E52-ECCE-3C4D-B1BE-BC2ACF1C1C0E}.KB2635973) (Version: 1 - Microsoft Corporation) Hotfix für Microsoft Visual C# 2010 Express - DEU (KB2635973) (HKLM-x32\...\{D81641E8-ABF1-3D07-803B-60E8FC619368}.KB2635973) (Version: 1 - Microsoft Corporation) Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden JXcore version 3.0.7 (HKLM-x32\...\{3ECB57C5-7C51-4526-8DD6-D4AD94823A17}_is1) (Version: 3.0.7 - Nubisa Inc.) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.) LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.) LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) ManyCam 4.1.0 (HKLM-x32\...\ManyCam) (Version: 4.1.0 - Visicom Media Inc.) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation) Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation) Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4420.1017 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{E9089B6A-1FDE-47F3-8D29-175F5B7A0722}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation) Microsoft SQL Server System CLR Types (HKLM-x32\...\{C668416A-9213-4058-B7F2-01A42D85559D}) (Version: 10.50.1750.9 - Microsoft Corporation) Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C# 2010 Express - DEU (HKLM-x32\...\Microsoft Visual C# 2010 Express - DEU) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Runtime - 10.0.40219 (HKLM\...\{1C7C8AAF-A16D-32E8-89E5-F6D165DE0BCE}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Service Pack 1 (HKLM-x32\...\Microsoft Visual Studio 2010 Service Pack 1) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden MyWinLocker (Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.27 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.18 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.18 - Egis Technology Inc.) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR) Node.js (HKLM\...\{4A184F20-65CB-49D8-AF28-808B4A6A1FCD}) (Version: 5.0.0 - Node.js Foundation) No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) Norton Security (HKLM-x32\...\NS) (Version: 22.5.5.15 - Symantec Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team) Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC) Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Python 2.7.10 (64-bit) (HKLM\...\{E2B51919-207A-43EB-AE78-733F9C6797C3}) (Version: 2.7.10150 - Python Software Foundation) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Raptr (HKLM-x32\...\Raptr) (Version: - ) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6299 - Realtek Semiconductor Corp.) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.9 - Rockstar Games) Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Skype™ 7.12 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.12.101 - Skype Technologies S.A.) Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) TeamSpeak 3 Client (HKU\S-1-5-21-2460867539-720680438-1151803929-1001\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.52465 - TeamViewer) Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden Update for Skype for Business 2015 (KB3039776) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{5D2260D6-DB16-41DC-915B-A39BF4F66362}) (Version: - Microsoft) Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation) Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) WildTangent Games App (Acer Games) (x32 Version: 4.0.5.14 - WildTangent) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation) WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2460867539-720680438-1151803929-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\-Modz-\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01084ACA-227D-482F-B9FC-969E8F0C4828} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {01B4A6FC-5A15-41C8-91B2-5961601A24F1} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {15FE4BF7-2E19-4ED0-A85F-4084BF22F695} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\WSCStub.exe [2015-11-20] (Symantec Corporation) Task: {1808CAAB-5F3E-4DCF-9EB5-5AB9AB40657E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd) Task: {18964D87-007B-4BA5-8780-C0066565F5CA} - System32\Tasks\Norton Security\Norton Error Processor => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {1F8C911D-539F-4298-94FF-909FD4959023} - System32\Tasks\clear.fiAgent => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe [2011-10-12] (CyberLink Corp.) Task: {2B935BB6-71D8-494B-BB71-839122719B68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.) Task: {32048B5C-3143-4C3D-A2B2-45CFF9693554} - System32\Tasks\DMREngine => C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe [2011-10-12] (CyberLink) Task: {47FA0A9B-88CF-408A-AE4E-4511F29F22F8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\msoia.exe Task: {4C5925C9-7161-4144-BED2-265FAAB0DF5F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-30] (Google Inc.) Task: {5BC98968-DD21-4E89-8C74-8FEA734D136F} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {5F637823-2F28-458D-A23F-CE17AFAA258E} - System32\Tasks\Microsoft Office 15 Sync Maintenance for AcerGamerPC--Modz- AcerGamerPC => D:\Program Files (x86)\Microsoft Office\Office15\MsoSync.exe [2015-02-10] (Microsoft Corporation) Task: {6B32E276-5C1A-495D-BEF5-0E9CE5C8CF0B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {6F6166EA-50D1-400E-85C6-A8C77CD0F1CA} - System32\Tasks\Norton Security\Norton Autofix => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {755CB63D-A049-4FA3-86B3-49E94F724F8B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {7B12E6A5-6993-48FD-ABB9-85A2C867FD05} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation) Task: {7CD3FDE0-2A0A-4F62-8AB4-85A29A5E4914} - System32\Tasks\PMMUpdate => C:\Program Files\EgisTec IPS\PMMUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {8318485A-D6A1-4C04-8455-BDF6474D58B8} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {8D2A1A87-87AE-4E00-B00C-D3CBA34789F2} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {90AA5DF7-00EC-4AAC-9407-EE9F2E8E7429} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {9132E55B-72BA-4970-81E3-93030734DB51} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {9460F9AC-0E92-46BB-BD19-2927597310FE} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {967D59ED-ECD8-45EC-816A-2C1918915198} - System32\Tasks\AMD Updater => C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe [2015-11-29] (Advanced Micro Devices, Inc.) Task: {9B433667-1E4F-4ACC-9ABB-506FBC7D1056} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {C02DA7EC-7EDE-4B28-8B18-678D1D131E0A} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {C0845E86-A69C-41B4-B676-0091CFAD27D0} - \AutoPico Daily Restart -> Keine Datei <==== ACHTUNG Task: {C10783D3-CB0B-45FB-9B0F-2C509F978644} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {C10FF07E-200B-4F9F-B9CC-B1BB12E27BE7} - System32\Tasks\EgisUpdate => C:\Program Files\EgisTec IPS\EgisUpdate.exe [2011-03-29] (Egis Technology Inc.) Task: {C68AE6DD-BB7C-49B0-821D-2CB0CE12EE63} - System32\Tasks\clear.fi => C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe [2011-10-12] (Acer Incorporated) Task: {CAD3BB77-6BD8-4D7E-8876-62F2818CB916} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe Task: {D0B7DE8E-CA33-4F86-A8B6-0DE6C580EA3C} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {D0BC65D8-4257-45DC-BCB6-D5488A88A9DC} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {D4BD9890-C401-47AC-9126-F79E87EA3950} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-25] (Microsoft Corporation) Task: {D69E4355-9538-41EB-A483-5979325E5786} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {DAFDF1C5-FD69-47E2-8136-45CC81D443FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\msoia.exe Task: {DD832DBA-C03D-4A93-AF68-AE432376AB60} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DEAC86D9-C8F8-4EFB-AC0E-BDC194DF2762} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {E268F7AD-78E9-4A2B-8DE8-4C217EBF3C20} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E5FCB07B-2071-4816-87C9-4BBBBB1D167C} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe [2011-10-14] (Acer) Task: {EC9886B9-FAAB-4A02-A4A9-0F2B1E4BEEDF} - System32\Tasks\Norton Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Security\Engine\22.5.5.15\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {EEC0A7AC-9F3B-43BD-92F6-B51A9D5CEB82} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {FB60061F-401A-4BAE-9CEF-A07FF5A28AF8} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {FF58172B-E857-4BC9-AE54-6A708FC0D0BB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-08-06 13:41 - 2015-07-15 03:04 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll 2015-08-19 11:48 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll 2015-07-30 11:38 - 2010-08-26 16:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe 2015-10-20 15:43 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-10-20 15:43 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-20 15:43 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-10-20 15:43 - 2015-09-17 06:44 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-10-20 15:43 - 2015-09-17 06:42 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-10-20 15:43 - 2015-09-17 06:42 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2015-10-20 15:43 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll 2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll 2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll 2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll 2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll 2015-07-30 11:38 - 2010-08-26 16:47 - 04577760 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WNA3100.exe 2015-09-16 20:33 - 2015-09-16 20:33 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2011-08-11 04:58 - 2011-08-11 04:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-12-15 22:50 - 2015-12-11 13:34 - 01971528 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll 2015-12-15 22:50 - 2015-12-11 13:34 - 00093512 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll 2015-07-20 16:34 - 2015-07-20 16:34 - 00012288 _____ () C:\Program Files (x86)\No-IP\ducservice.exe 2015-07-30 11:38 - 2010-07-09 15:38 - 00331776 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll 2015-07-30 11:38 - 2010-02-03 10:31 - 00282624 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvcLib.dll 2011-08-11 04:57 - 2011-08-11 04:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2015-07-30 11:07 - 2011-10-12 11:22 - 00370984 _____ () C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLNetMediaDMA.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd 2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll 2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd 2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd 2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd 2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll 2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll 2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd 2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd 2014-06-18 01:56 - 2014-06-18 01:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd 2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll 2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll 2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll 2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll 2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll 2015-07-20 16:34 - 2015-07-20 16:34 - 00073728 _____ () C:\Program Files (x86)\No-IP\ducapi.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2460867539-720680438-1151803929-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{187B2014-8157-4FCD-8CE2-A051D3BE2B50}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\Movie\PlayMovie.exe FirewallRules: [{77AAC64C-08AB-48BB-9EC8-0098E1AA14C1}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\CLMSService.exe FirewallRules: [{849BDC31-19EF-471D-AF35-6EB7FF6B4E82}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{4E13B17C-B5D6-43E6-B054-571042E6D0F5}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{2632AAAD-021C-4379-8DE7-79EC14B760E6}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\DMR\DMREngine.exe FirewallRules: [{26E795C9-AE70-42D4-B198-DD36411E9BDB}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\Kernel\CLML\CLMLSvc.exe FirewallRules: [{D9E40424-51C2-48D3-A85B-E7F7BA432DB7}] => (Block) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{57858D5D-9E5A-4CBB-9247-76C978EC9753}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{9F7B19CB-288D-4134-9DA2-F8E42471A6D9}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe FirewallRules: [{17BF41BE-7BC0-481C-95FB-229A1FECA73D}] => (Allow) C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe FirewallRules: [{52A1620A-5AF4-42E9-AB10-134F15121CB1}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe FirewallRules: [{B4C9E0DC-9DC8-4708-B207-DA669A186962}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{EB4D0BAC-7A11-4B82-B498-D49042BCDD3A}] => (Allow) LPort=1900 FirewallRules: [{D607DD07-F4BF-42C4-A8D7-CC66445DDCCE}] => (Allow) LPort=2869 FirewallRules: [{E146C47D-AB7C-4CE2-909F-97D6A27EED89}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{39430A24-85F1-4FB5-8DB2-C9F81A5024EA}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{9C96DE52-1EDF-45E5-8692-1A5A18CE74CB}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{36040A99-5FB1-40BE-A173-48850C312931}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{D433F503-4768-4B83-AA8A-3C992C781D83}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{40011272-62E3-4F9A-94E3-0525FA6FD189}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{C5070A52-1C88-47DB-9316-0A5BB00192CD}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{6092C0B6-872A-4643-945A-D1BBB1DA7B91}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{83C494CF-A8D0-43BA-A5EF-DF695283D3A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D9008354-0B38-4303-8FA6-9A93EE9084DF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E023744B-E6D3-4818-9556-2A242E980919}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{6E4D3610-AEBD-45F0-84BF-3209FB6B5A81}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{09BDFA37-AC7C-4FE9-8F6C-C3C3DACB8614}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{1FC504BC-7F3A-4D6C-A30B-6220B7140078}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{2FE59F14-4562-4137-9B45-C3018889C5F9}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe FirewallRules: [{5165CC31-9D12-4202-B76E-51D4141A85CF}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Arma3Tools.exe FirewallRules: [{4FCCD4EF-DB8F-4750-B135-08AEF137FD88}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\starter.exe FirewallRules: [{4227A745-D392-4CAD-B595-69CCD2CA160D}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\starter.exe FirewallRules: [{B7FF52BD-53DE-434C-B94B-28060DB15693}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe FirewallRules: [{2192B533-E2FC-4665-8576-49BF0D39E96F}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\AddonBuilder\AddonBuilder.exe FirewallRules: [{ED91983C-C05B-4E71-A6AD-A504DE4ED77D}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe FirewallRules: [{34F02AC3-22DD-4613-BC50-F6BAC872BE29}] => (Allow) D:\Downloads\Steam\steamapps\common\Arma 3 Tools\Publisher\Publisher.exe FirewallRules: [{A75CD4D7-CDA4-4BE7-9F89-42B505B52205}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{5BC5E7E1-F76B-44FA-8BC3-049A4F4A133D}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{09E661C0-18C2-4AA5-A823-C38210FB6A0A}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{2C659D4E-E543-40E1-8D2F-79C0D83ABF33}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{F2275C99-1F6D-4E51-BAF5-5C45B12CB71B}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{F3052BE2-1B08-470C-BB4C-6D28E38CCFE2}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe FirewallRules: [{1598A493-BD56-4804-AF97-387C00C42E64}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{BA5D3546-35D5-43E0-B7B5-215C7B5D48DD}] => (Allow) D:\Downloads\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe FirewallRules: [{5FFC231F-CB77-4C2C-A3F0-CB64BBC91897}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{835EE619-4807-4AF8-B774-973EA6AAA07E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{3FB8BD93-CCD1-4EA3-B2F8-61868E7E46C8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{110FF951-2117-473F-BB53-EB3254D8B312}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{4FC21E4C-E676-4473-8432-3F79AACE5D14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{5C1D4E7C-E634-4B04-8C20-E1273A770F0D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{B36BA416-5B43-411E-B52A-A52AD361F341}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{79BA1E5D-D164-4937-9017-67FA39D7A2F0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{6D2309F0-2ACB-4E87-869C-78031104B8F7}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{18C7AB8E-8F83-42CE-97CA-E079FF3C7219}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{E7EAAA44-4AD8-44F5-B39B-71EB8007799B}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe FirewallRules: [{406D728C-3A13-4AA8-8515-D58843AEBC37}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{367C5B69-A99A-47CA-B3D9-BD8C1511EA40}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe FirewallRules: [{7452CC94-21EC-4C19-BA26-D23F7F9AE594}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{0E1168F1-C0A6-40E5-824D-9ADF29435F64}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\lync.exe FirewallRules: [{C1FF358F-FCEE-4756-B675-CDF2D67388F4}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe FirewallRules: [{DCA25E6F-3CFD-4EE7-A470-29EB6E3738DF}] => (Allow) D:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe ==================== Wiederherstellungspunkte ========================= 26-12-2015 22:45:56 Gerätetreiber-Paketinstallation: www.MotioninJoy.com Xbox 360 Peripherals ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/26/2015 10:45:57 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (12/26/2015 08:49:54 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: GTA5.exe, Version: 1.0.573.1, Zeitstempel: 0x5666eb27 Name des fehlerhaften Moduls: GTA5.exe, Version: 1.0.573.1, Zeitstempel: 0x5666eb27 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000662b6a ID des fehlerhaften Prozesses: 0x926c Startzeit der fehlerhaften Anwendung: 0xGTA5.exe0 Pfad der fehlerhaften Anwendung: GTA5.exe1 Pfad des fehlerhaften Moduls: GTA5.exe2 Berichtskennung: GTA5.exe3 Vollständiger Name des fehlerhaften Pakets: GTA5.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: GTA5.exe5 Error: (12/26/2015 06:46:07 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2013 - Update "Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127 Error: (12/26/2015 06:45:45 PM) (Source: MsiInstaller) (EventID: 11307) (User: NT-AUTORITÄT) Description: Produkt: Microsoft Office Professional Plus 2013 -- Fehler 1307.Es steht nicht genügend Speicherplatz zum Installieren der folgenden Datei zur Verfügung: 'C:\Program Files (x86)\Microsoft Analysis Services\AS OLEDB\110\msmdlocal.dll'. Geben Sie Speicherplatz frei, und klicken Sie auf 'Wiederholen', oder klicken Sie auf 'Abbrechen', um den Vorgang zu beenden. Error: (12/26/2015 06:42:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (12/25/2015 10:38:48 PM) (Source: ESENT) (EventID: 455) (User: ) Description: CCleaner64 (6328) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (12/25/2015 10:38:48 PM) (Source: ESENT) (EventID: 489) (User: ) Description: CCleaner64 (6328) testing: Der Versuch, die Datei "C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (12/25/2015 10:38:38 PM) (Source: ESENT) (EventID: 455) (User: ) Description: CCleaner64 (6328) testing: Fehler -1032 (0xfffffbf8) beim Öffnen von Protokolldatei C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log. Error: (12/25/2015 10:38:38 PM) (Source: ESENT) (EventID: 489) (User: ) Description: CCleaner64 (6328) testing: Der Versuch, die Datei "C:\Users\-Modz-\AppData\Local\Microsoft\Windows\WebCache\V01.log" für den Lesezugriff zu öffnen, ist mit Systemfehler 32 (0x00000020): "Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Öffnen von Dateien. Error: (12/25/2015 10:37:41 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: NetworkUXBroker.exe, Version: 10.0.10240.16384, Zeitstempel: 0x559f3aa6 Name des fehlerhaften Moduls: WlanMediaManager.dll, Version: 10.0.10240.16461, Zeitstempel: 0x55d2db06 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004ddf2 ID des fehlerhaften Prozesses: 0x1d28 Startzeit der fehlerhaften Anwendung: 0xNetworkUXBroker.exe0 Pfad der fehlerhaften Anwendung: NetworkUXBroker.exe1 Pfad des fehlerhaften Moduls: NetworkUXBroker.exe2 Berichtskennung: NetworkUXBroker.exe3 Vollständiger Name des fehlerhaften Pakets: NetworkUXBroker.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: NetworkUXBroker.exe5 Systemfehler: ============= Error: (12/26/2015 11:17:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error: (12/26/2015 11:17:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error: (12/26/2015 11:17:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (12/26/2015 11:17:07 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (12/26/2015 11:17:06 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (12/26/2015 11:17:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/26/2015 11:16:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/26/2015 11:16:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/26/2015 11:16:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NO-IP DUC v4.1.1" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/26/2015 11:16:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. CodeIntegrity: =================================== Date: 2015-08-07 21:46:01.281 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:46:01.256 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:39.452 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:39.425 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:00.349 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:45:00.324 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:50.719 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:50.694 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:32.377 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2015-08-07 21:44:32.351 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\-Modz-\AppData\Local\Temp\Rar$EXa0.568\x86\UnlockerDriver5.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: AMD FX(tm)-8120 Eight-Core Processor Prozentuale Nutzung des RAM: 31% Installierter physikalischer RAM: 8099.73 MB Verfügbarer physikalischer RAM: 5587.74 MB Summe virtueller Speicher: 16291.73 MB Verfügbarer virtueller Speicher: 13736.13 MB ==================== Laufwerke ================================ Drive c: (Acer) (Fixed) (Total:58.09 GB) (Free:2.88 GB) NTFS Drive d: (Lokaler Datenträger) (Fixed) (Total:913.51 GB) (Free:661.39 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 59.6 GB) (Disk ID: F94FCA4F) Partition 1: (Not Active) - (Size=1 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=58.1 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=450 MB) - (Type=27) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: F94FCA65) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Not Active) - (Size=913.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
26.12.2015, 23:42 | #14 |
/// Malwareteam | Ich glaub ich hab mir einen Virus eingefangen? [gelöst] Deine Datei gehört zu Grand Theft Auto V, also ist absolut harmlos. Sie entsteht auf Grund einer nicht ganz optimalen Programmierung von dem Spiel und sollte dich nicht weiter stören. Schritt 1 ESET Online Scanner
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
30.12.2015, 22:56 | #15 |
| Ich glaub ich hab mir einen Virus eingefangen? [gelöst]Code:
ATTFilter ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=502e35b9312df94d94133e1d752cbaf8 # end=init # utc_time=2015-12-26 10:44:46 # local_time=2015-12-26 11:44:46 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 27369 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=502e35b9312df94d94133e1d752cbaf8 # end=updated # utc_time=2015-12-26 10:47:50 # local_time=2015-12-26 11:47:50 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=502e35b9312df94d94133e1d752cbaf8 # engine=27369 # end=stopped # remove_checked=false # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-12-26 11:29:35 # local_time=2015-12-27 12:29:35 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Norton Security' # compatibility_mode=3604 16777213 100 97 622422 43875101 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 7106975 14646587 0 0 # scanned=167537 # found=6 # cleaned=0 # scan_time=2505 sh=0584C9CB92243B7573E279ED02BD398B879F0E48 ft=1 fh=2db76d2503b75670 vn="MSIL/Solvusoft.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileViewPro\FileViewPro.exe.vir" sh=D48D2DB53EA006816CB168994409675697ED8D97 ft=1 fh=c71c0011cb0de367 vn="Win32/PSW.Fareit.A Trojaner" ac=I fn="C:\EterNexus 1.0.3.1 a\EterNexus.exe" sh=6C188EBE7A42393D664185FCA34E7D819180922C ft=1 fh=04c580f2a7f00534 vn="Variante von Win32/Agent.SZW Trojaner" ac=I fn="C:\Users\-Administrator-\AppData\Local\TempImg\AutoUpdate.exe" sh=3976DD49918D4EAB8A6EF9CCE777AB93318BC727 ft=1 fh=1a093b6902387986 vn="Variante von Win32/Agent.SZW Trojaner" ac=I fn="C:\Users\-Administrator-\Downloads\FreeVideoPlayerSetup (1).exe" sh=3976DD49918D4EAB8A6EF9CCE777AB93318BC727 ft=1 fh=1a093b6902387986 vn="Variante von Win32/Agent.SZW Trojaner" ac=I fn="C:\Users\-Administrator-\Downloads\FreeVideoPlayerSetup.exe" sh=6BF2FF3B52E6E9A46742BF95B16D3C493C795069 ft=1 fh=2dc772735ccf2226 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\-Administrator-\Downloads\VLC media player 32 Bit - CHIP-Installer.exe" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=502e35b9312df94d94133e1d752cbaf8 # end=init # utc_time=2015-12-30 07:55:12 # local_time=2015-12-30 08:55:12 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT Update Init Update Download Update Finalize Updated modules version: 27429 # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # EOSSerial=502e35b9312df94d94133e1d752cbaf8 # end=updated # utc_time=2015-12-30 07:55:40 # local_time=2015-12-30 08:55:40 (+0100, Mitteleuropäische Zeit) # country="Germany" # osver=6.2.9200 NT # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7777 # api_version=3.1.1 # EOSSerial=502e35b9312df94d94133e1d752cbaf8 # engine=27429 # end=finished # remove_checked=true # archives_checked=false # unwanted_checked=true # unsafe_checked=false # antistealth_checked=true # utc_time=2015-12-30 09:25:16 # local_time=2015-12-30 10:25:16 (+0100, Mitteleuropäische Zeit) # country="Germany" # lang=1031 # osver=6.2.9200 NT # compatibility_mode_1='Norton Security' # compatibility_mode=3604 16777213 100 97 956963 44213242 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 7445116 14984728 0 0 # scanned=391697 # found=17 # cleaned=16 # scan_time=5374 sh=84FE61ACEE90134C6BFBD3CECF1FB07BC22C997C ft=1 fh=dc261decc3a37fad vn="Variante von Win32/DealPly.H evtl. unerwünschte Anwendung" ac=I fn="D:\Backup\Admin 2\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe" sh=0584C9CB92243B7573E279ED02BD398B879F0E48 ft=1 fh=2db76d2503b75670 vn="MSIL/Solvusoft.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files\FileViewPro\FileViewPro.exe.vir" sh=D48D2DB53EA006816CB168994409675697ED8D97 ft=1 fh=c71c0011cb0de367 vn="Win32/PSW.Fareit.A Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\EterNexus 1.0.3.1 a\EterNexus.exe" sh=6C188EBE7A42393D664185FCA34E7D819180922C ft=1 fh=04c580f2a7f00534 vn="Variante von Win32/Agent.SZW Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\-Administrator-\AppData\Local\TempImg\AutoUpdate.exe" sh=3976DD49918D4EAB8A6EF9CCE777AB93318BC727 ft=1 fh=1a093b6902387986 vn="Variante von Win32/Agent.SZW Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\-Administrator-\Downloads\FreeVideoPlayerSetup (1).exe" sh=3976DD49918D4EAB8A6EF9CCE777AB93318BC727 ft=1 fh=1a093b6902387986 vn="Variante von Win32/Agent.SZW Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\-Administrator-\Downloads\FreeVideoPlayerSetup.exe" sh=6BF2FF3B52E6E9A46742BF95B16D3C493C795069 ft=1 fh=2dc772735ccf2226 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\Users\-Administrator-\Downloads\VLC media player 32 Bit - CHIP-Installer.exe" sh=E03305DF1A0B05DE0ECF3AEFE84D32FFAFD7A79C ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.I Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Backup\Admin 2\AppData\Local\Google\Chrome\Solo_50177\Default\Extensions\ijogblljgnipoekfagkmdgdeccfegcoo\1.6\oaB9mOli.js" sh=ABA95CFA15620F1E24FDF3B164D3E9B2178200A6 ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Backup\Admin 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\background.js" sh=500B150C5DED7FD5C2A247090D41052CE500468D ft=0 fh=0000000000000000 vn="Win32/BrowseFox.B evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Backup\Admin 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlmdlmoekcipeicfbnohedgkglmbhcla\1.0.0_0\content.js" sh=E03305DF1A0B05DE0ECF3AEFE84D32FFAFD7A79C ft=0 fh=0000000000000000 vn="JS/Adware.MultiPlug.I Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Backup\Admin 2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijogblljgnipoekfagkmdgdeccfegcoo\1.6\oaB9mOli.js" sh=4EA7F5056F3F1210345AFA4EBF87108AB6F3190E ft=1 fh=f4b352d233b864d3 vn="Variante von Win32/DownloadGuide.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Downloads\Fiddler_2.1.2_EN.exe" sh=04B5CBCBC02E8572E83307E89E52F14337FFF321 ft=1 fh=af3f0b77f639adfc vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Downloads\ManyCam - CHIP-Installer (1).exe" sh=72B3E376F867D7C966DB86D3A72F7AC9FC14F513 ft=1 fh=4957549bced511a7 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Downloads\ManyCam - CHIP-Installer.exe" sh=BC767E01BE5299768910981666C20C52B9E01853 ft=1 fh=e7e54f40aa28eae8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Downloads\Tor Browser Paket - CHIP-Installer.exe" sh=E844B835DAC8AF1070FD1134E5A9BAE614CBCD14 ft=1 fh=e3ec2e5107cefcc1 vn="Win32/Somoto.T evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Windows.old\Users\-Modz-\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RCCWZMFO\BiTool[1].dll" sh=E844B835DAC8AF1070FD1134E5A9BAE614CBCD14 ft=1 fh=e3ec2e5107cefcc1 vn="Win32/Somoto.T evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Windows.old\Users\-Modz-\AppData\Local\Temp\bitool.dll" |
Themen zu Ich glaub ich hab mir einen Virus eingefangen? |
ahnung, appdata, board, chinesische, datei, eingefangen, erstell, erstellt, gefangen, gen, immer wieder, komische, lösch, meinem, ordner, troja, trojaner, trojaner board, verzeichnis, virus, virus eingefangen, woche, wochen |