| |
| |||||||
Log-Analyse und Auswertung: Windows 10, www.smartnewtab.comWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
29.01.2016, 23:07
| #1 |
| |  Windows 10, www.smartnewtab.com Hallo zusammen, ich habe versehentlich ein Programm installiert, welches ich zwar schnell wieder deinstalliert habe aber die Folgeschaden waren wohl nicht mehr aufzuhalten. Es kommt regelmäßig vor das, nach dem Klick auf einen Link, sich eine neue Seite öffnet. Regelmäßig taucht die eine Seite von www.smartnewtab.com auf. Ich benutze in der Regel Chrome. FRST.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Phanto (Administrator) auf PHANTO-MSI (28-01-2016 21:45:13)
Gestartet von C:\Users\Phanto\Downloads
Geladene Profile: Phanto (Verfügbare Profile: Phanto & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
() C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(TeamViewer GmbH) D:\teamviewer\TeamViewer_Service.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
konnte nicht auf den Prozess zugreifen -> AllShareFrameworkDMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\MSI\Dragon Gaming Center\Dragon Gaming Center.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(© 2015 Microsoft Corporation) C:\Users\Phanto\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSYNC.EXE
(MSI) C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\GFExperience.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Users\Phanto\AppData\Local\Temp\NVIDIA\DisplayDriver\GeForceGameReadyDriver361.75\setup.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareDesktop.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Installer2\Display.Driver.{652D8EC1-C38A-4E51-B707-FE608F883B49}\NvCplSetupInt.exe
(NVIDIA Corporation) C:\temp\NVIDIA\ControlPanelInstallerTemp\setup.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347680 2015-12-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [405504 2014-09-01] (MSI)
HKLM\...\Run: [MBCfg64] => C:\windows\system32\RunDLL32.exe C:\windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2015-03-18] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe [9574112 2015-12-09] ()
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-10] (MSI)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-10-13] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [230696 2011-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-06-26] (SteelSeries ApS)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Phanto\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [BingSvc] => C:\Users\Phanto\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-16] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [Spotify Web Helper] => C:\Users\Phanto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2021944 2015-06-03] (Spotify Ltd)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [GoogleChromeAutoLaunch_DAA386977797F795B90F1D630584EC5B] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [748872 2016-01-27] (Google Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\MountPoints2: {3c4cf68f-c44f-11e5-9da0-448a5beed61d} - "F:\setup.exe"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\MountPoints2: {7a8dd918-c62a-11e4-99ed-303a64f78082} - "F:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-13] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-13] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1fdd006d-b8d6-4815-b73a-df6c8c6849e2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{265af83c-6258-44cc-89f0-3f1b4afce630}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2948bd3b-4f65-4b3b-b224-71ffc82ac18a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63b2b05d-f126-41a0-b988-829948bd5d1a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a0bceb1d-565c-4f02-b7b0-36d5f97f42da}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {78EB40B5-899A-4C68-B75F-FBF05F01A75A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4238552743-3114925317-4059068160-1000 -> {35FEB0C1-FD19-48EE-903F-649C7C5FAF35} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-01-07] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-27] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-07] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-07] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Phanto\AppData\Roaming\Mozilla\Firefox\Profiles\epl1l8nv.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-07] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-06] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Phanto\AppData\Roaming\Mozilla\Firefox\Profiles\epl1l8nv.default\searchplugins\google-default.xml [2015-10-06]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Phanto\AppData\Roaming\Mozilla\Firefox\Profiles\epl1l8nv.default\Extensions\2020Player_IKEA@2020Technologies.com [2015-06-19] [ist nicht signiert]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2015-12-06]
Chrome:
=======
CHR Profile: C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14]
CHR Extension: (Google Docs) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Kaspersky Protection) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-06]
CHR Extension: (Google Tabellen) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Google Mail) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-10-06] (Kaspersky Lab ZAO)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-30] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2762936 2016-01-07] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2015-12-06] (ELAN Microelectronics Corp.)
R2 gamexpcomsvc; C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe [602352 2015-12-04] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2016-01-27] (SurfRight B.V.)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareService.exe [712432 2015-12-09] ()
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-09-01] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-10] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2015-12-28] (Electronic Arts)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG)
R2 TeamViewer; D:\teamviewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-07-29] (BitDefender)
R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-07-29] (BitDefender)
S3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-07-29] (BitDefender)
R1 BdfNdisf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfndisf6.sys [97816 2015-01-06] (BitDefender LLC)
R1 bdfwfpf; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [107080 2015-01-06] (BitDefender LLC)
R1 BfLwf; C:\Windows\system32\DRIVERS\bflwfx64.sys [80560 2014-02-28] (Qualcomm Atheros, Inc.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-12-30] (BitRaider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-01-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-01-26] (Disc Soft Ltd)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.99.0\gzflt.sys [155912 2015-12-09] (BitDefender LLC)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
R3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-06] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-06] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-21] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
S3 SAlphamBth; C:\Windows\system32\drivers\SAlphabt64.sys [31232 2014-05-16] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SAlphamHid; C:\Windows\system32\drivers\SAlpham64.sys [39168 2014-05-27] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [27520 2014-05-16] (SteelSeries Corporation)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [452040 2015-12-09] (BitDefender S.R.L.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-12-22] (Wellbia.com Co., Ltd.)
U3 idsvc; kein ImagePath
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-28 21:45 - 2016-01-28 21:45 - 00035077 _____ C:\Users\Phanto\Downloads\FRST.txt
2016-01-28 21:44 - 2016-01-28 21:45 - 00000000 ____D C:\FRST
2016-01-28 21:44 - 2016-01-23 04:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 19778944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 14114944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-28 21:39 - 2016-01-28 21:44 - 02370560 _____ (Farbar) C:\Users\Phanto\Downloads\FRST64.exe
2016-01-28 21:35 - 2016-01-28 21:45 - 00000000 ____D C:\WINDOWS\LastGood
2016-01-28 21:34 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-28 21:34 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-28 21:33 - 2016-01-28 21:33 - 00016148 _____ C:\WINDOWS\system32\PHANTO-MSI_Phanto_HistoryPrediction.bin
2016-01-28 21:33 - 2016-01-28 21:33 - 00000000 ___HD C:\OneDriveTemp
2016-01-28 21:02 - 2016-01-28 21:02 - 03079859 _____ C:\Users\Phanto\Downloads\E1759IMS.62D.zip
2016-01-27 20:04 - 2016-01-27 19:52 - 11323704 _____ (SurfRight B.V.) C:\Users\Phanto\Downloads\HitmanPro_x64.exe
2016-01-27 20:02 - 2016-01-27 20:03 - 02870984 _____ (ESET) C:\Users\Phanto\Downloads\esetsmartinstaller_deu.exe
2016-01-27 19:55 - 2016-01-28 21:01 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-01-27 19:55 - 2016-01-27 19:53 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-27 19:55 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-27 19:55 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-27 19:55 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-27 19:54 - 2016-01-27 19:55 - 22908888 _____ (Malwarebytes ) C:\Users\Phanto\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-27 19:53 - 2016-01-27 19:53 - 00001988 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-01-27 19:53 - 2016-01-27 19:53 - 00001758 _____ C:\Users\Phanto\Desktop\Fixlist.txt
2016-01-27 19:53 - 2016-01-27 19:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-01-27 19:53 - 2016-01-27 19:53 - 00000000 ____D C:\Program Files\HitmanPro
2016-01-27 19:52 - 2016-01-27 19:58 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-27 19:49 - 2016-01-27 19:49 - 01507840 _____ C:\Users\Phanto\Downloads\adwcleaner_5.031.exe
2016-01-26 19:59 - 2016-01-26 19:59 - 00000000 ____D C:\ProgramData\BitDefender
2016-01-26 19:59 - 2016-01-26 19:14 - 447335144 _____ () C:\Users\Phanto\Downloads\TC2016_Setup_Originaldaten_v20160110.exe
2016-01-26 19:50 - 2016-01-28 21:14 - 00002412 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2016-01-26 19:50 - 2016-01-26 19:50 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\LavasoftStatistics
2016-01-26 19:50 - 2016-01-26 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2016-01-26 19:50 - 2015-01-06 12:47 - 01061776 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\bdsmtpp.dll
2016-01-26 19:50 - 2015-01-06 12:47 - 00209984 _____ (BitDefender) C:\WINDOWS\system32\BdFirewallSDK.dll
2016-01-26 19:50 - 2015-01-06 12:47 - 00195016 _____ (BitDefender) C:\WINDOWS\system32\httproxy.dll
2016-01-26 19:50 - 2015-01-06 12:47 - 00156936 _____ C:\WINDOWS\system32\bdfwcore.dll
2016-01-26 19:50 - 2015-01-06 12:47 - 00155912 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\bdpop3p.dll
2016-01-26 19:50 - 2015-01-06 12:47 - 00122928 _____ (BitDefender) C:\WINDOWS\system32\OEMbdpredir.dll
2016-01-26 19:50 - 2015-01-06 12:47 - 00096160 _____ (BitDefender) C:\WINDOWS\system32\bdpredir.dll
2016-01-26 19:50 - 2015-01-06 12:37 - 02084072 _____ (Bitdefender) C:\WINDOWS\system32\bdnc.dll
2016-01-26 19:48 - 2016-01-26 19:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-01-26 19:47 - 2016-01-26 19:47 - 00000000 ____D C:\Program Files\Lavasoft
2016-01-26 19:45 - 2016-01-26 19:45 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2016-01-26 19:44 - 2016-01-26 19:44 - 02012504 _____ C:\Users\Phanto\Downloads\AdAwareWeb119Installer.exe
2016-01-26 19:44 - 2016-01-26 19:44 - 02012504 _____ C:\Users\Phanto\Downloads\AdAwareWeb119Installer (1).exe
2016-01-26 19:44 - 2016-01-26 19:44 - 00000000 ____D C:\ProgramData\Lavasoft
2016-01-26 19:34 - 2016-01-26 19:34 - 00000000 ____D C:\ProgramData\Service1104
2016-01-26 19:34 - 2016-01-26 19:34 - 00000000 ____D C:\ProgramData\19a87fa1ec024bbcbb41931263354405
2016-01-26 19:32 - 2016-01-26 19:50 - 17711037 _____ () C:\Users\Phanto\Downloads\update_1_52.exe
2016-01-26 19:13 - 2016-01-26 19:13 - 00000000 ____D C:\Users\Phanto\clubmanager2016
2016-01-26 19:10 - 2016-01-27 20:03 - 00000000 ____D C:\Program Files\Club Manager 2016
2016-01-26 19:10 - 2016-01-27 19:53 - 00000687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Club Manager 2016.lnk
2016-01-26 19:10 - 2016-01-27 19:52 - 00000681 _____ C:\Users\Public\Desktop\Club Manager 2016.lnk
2016-01-26 19:06 - 2016-01-26 19:06 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\Lavasoft
2016-01-26 19:05 - 2016-01-26 19:05 - 01327104 _____ C:\Users\Phanto\Downloads\check1.exe
2016-01-26 19:05 - 2016-01-26 19:05 - 01327104 _____ C:\Users\Phanto\Downloads\check1 (1).exe
2016-01-26 19:04 - 2016-01-26 18:31 - 00000000 ____D C:\Users\Phanto\Downloads\Torchance 2016
2016-01-26 19:03 - 2016-01-26 19:03 - 00339320 _____ C:\WINDOWS\Minidump\012616-26000-01.dmp
2016-01-26 18:36 - 2016-01-26 18:36 - 00000000 ____D C:\Users\Phanto\AppData\Local\Disc_Soft_Ltd
2016-01-26 18:17 - 2016-01-27 19:52 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-01-26 18:17 - 2016-01-26 19:34 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\DAEMON Tools Lite
2016-01-26 18:17 - 2016-01-26 18:17 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-01-26 18:17 - 2016-01-26 18:17 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-01-26 18:12 - 2016-01-26 18:12 - 00689160 _____ (Disc Soft Ltd.) C:\Users\Phanto\Downloads\DTLiteInstaller.exe
2016-01-26 18:10 - 2016-01-26 18:10 - 00000196 _____ C:\Users\Phanto\Downloads\3f981d5e-1226-4514-8f96-dfa28b277ac3.htm
2016-01-26 18:06 - 2016-01-26 18:10 - 10216369 _____ C:\Users\Phanto\Downloads\aa97c18ac48ba2bbf7f8cc712b1f9f0b(1).rar.part
2016-01-24 22:58 - 2016-01-24 22:58 - 00014643 _____ C:\Users\Phanto\Downloads\1516-KL A-01-22-Spieler-Einsatz.zip
2016-01-24 22:58 - 2016-01-24 22:58 - 00002140 _____ C:\Users\Phanto\Downloads\1516-KL A-01-22-Karten-gesamt-bisher.csv
2016-01-24 18:58 - 2016-01-24 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoccerLobby
2016-01-24 18:50 - 2016-01-24 18:50 - 00334978 _____ (SoccerLobby ) C:\Users\Phanto\Downloads\Trainingsplan_Bundesliga_1394279281_2669.exe
2016-01-24 18:48 - 2016-01-24 18:49 - 00328231 _____ (SoccerLobby ) C:\Users\Phanto\Downloads\Trainingsplan_2_Liga_1394279365_2158.exe
2016-01-24 18:47 - 2016-01-24 18:47 - 01018370 _____ C:\Users\Phanto\Downloads\Tutorial---Trainingsplan.pdf
2016-01-24 18:47 - 2016-01-24 18:47 - 00597402 _____ C:\Users\Phanto\Downloads\Fähigkeitenübersicht-FM14.pdf
2016-01-24 18:12 - 2016-01-24 18:12 - 00000000 ____D C:\Users\Phanto\Documents\Fussball Manager 13
2016-01-24 17:49 - 2016-01-24 18:11 - 714065047 _____ () C:\Users\Phanto\Downloads\fm15-16_datensatz_deutschland_v1-0 (1).exe
2016-01-24 15:39 - 2016-01-24 15:39 - 00002419 _____ C:\Users\Phanto\Downloads\ProgrammingAssignment2-master.zip
2016-01-24 15:09 - 2016-01-24 15:09 - 00000153 _____ C:\Users\Phanto\.gitconfig
2016-01-20 21:26 - 2016-01-20 21:26 - 00000097 _____ C:\Users\Phanto\Downloads\Text
2016-01-20 21:19 - 2016-01-20 20:53 - 00037533 _____ C:\Users\Phanto\Downloads\Jugendleiter_Adressen.xlsx
2016-01-20 20:58 - 2016-01-20 20:58 - 00000000 ____D C:\Users\Phanto\AppData\Local\Steam
2016-01-17 10:52 - 2016-01-17 11:05 - 00000000 ____D C:\Users\Phanto\Downloads\Conny
2016-01-17 10:50 - 2016-01-17 10:50 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\Usenet.nl
2016-01-17 10:49 - 2016-01-17 10:50 - 00000000 ____D C:\Program Files (x86)\Usenet.nl
2016-01-17 10:48 - 2016-01-17 10:49 - 07457256 _____ ( ) C:\Users\Phanto\Downloads\canna_power_client_433867f (1).exe
2016-01-17 10:47 - 2016-01-17 10:48 - 07457256 _____ ( ) C:\Users\Phanto\Downloads\canna_power_client_433867f.exe
2016-01-13 23:07 - 2016-01-13 23:07 - 00014731 _____ C:\Users\Phanto\Documents\.RData
2016-01-13 22:38 - 2016-01-05 04:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 22:38 - 2016-01-05 04:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 22:38 - 2016-01-05 04:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 22:38 - 2016-01-05 04:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 22:38 - 2016-01-05 04:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 22:38 - 2016-01-05 04:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 22:38 - 2016-01-05 04:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 22:38 - 2016-01-05 03:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-13 22:38 - 2016-01-05 03:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 22:38 - 2016-01-05 03:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 22:38 - 2016-01-05 03:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 22:38 - 2016-01-05 03:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 22:38 - 2016-01-05 03:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 22:38 - 2016-01-05 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-13 22:38 - 2016-01-05 03:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 22:38 - 2016-01-05 03:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 22:38 - 2016-01-05 03:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-13 22:38 - 2016-01-05 03:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 22:38 - 2016-01-05 03:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 22:38 - 2016-01-05 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-13 22:38 - 2016-01-05 03:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 22:38 - 2016-01-05 03:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 22:38 - 2016-01-05 03:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 22:38 - 2016-01-05 03:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 22:38 - 2016-01-05 03:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 22:38 - 2016-01-05 03:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 22:38 - 2016-01-05 03:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 22:38 - 2016-01-05 03:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 22:38 - 2016-01-05 03:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 22:38 - 2016-01-05 03:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 22:38 - 2016-01-05 03:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 22:38 - 2016-01-05 02:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 22:38 - 2016-01-05 02:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 22:38 - 2016-01-05 02:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 22:38 - 2016-01-05 02:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 22:38 - 2016-01-05 02:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 22:38 - 2016-01-05 02:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 22:38 - 2016-01-05 02:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 22:38 - 2016-01-05 02:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 22:38 - 2016-01-05 02:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 22:38 - 2016-01-05 02:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-13 22:38 - 2016-01-05 02:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 22:38 - 2016-01-05 02:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 22:38 - 2016-01-05 02:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 22:38 - 2016-01-05 02:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 22:38 - 2016-01-05 02:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 22:38 - 2016-01-05 02:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 22:38 - 2016-01-05 02:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 22:38 - 2016-01-05 02:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 22:38 - 2016-01-05 02:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-13 22:38 - 2016-01-05 02:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 09:32 - 2016-01-10 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2016-01-10 09:32 - 2016-01-10 09:32 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2016-01-10 09:32 - 2016-01-10 09:32 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2016-01-10 09:32 - 2006-12-14 12:42 - 00069120 ____R (AVM Berlin) C:\WINDOWS\SysWOW64\avmadd32.dll
2016-01-10 09:32 - 2006-05-29 01:00 - 00016384 ____R (AVM Berlin GmbH) C:\WINDOWS\SysWOW64\avmprmon.dll
2016-01-09 18:45 - 2016-01-09 18:45 - 00052391 _____ C:\Users\Phanto\Desktop\antrag (1).pdf
2016-01-09 18:44 - 2016-01-09 18:44 - 00053786 _____ C:\Users\Phanto\Downloads\antrag (1).pdf
2016-01-07 18:24 - 2016-01-10 09:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 18:15 - 2016-01-07 18:15 - 00000000 _____ C:\Users\Phanto\Desktop\Neues Textdokument.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-01-28 22:08 - 2015-07-14 21:34 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-01-28 21:51 - 2014-09-19 18:57 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-28 21:45 - 2015-08-01 10:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-28 21:45 - 2015-04-29 16:42 - 00000000 ____D C:\Users\Phanto\AppData\Local\NXEPassportClient
2016-01-28 21:45 - 2015-01-19 17:21 - 00000000 ____D C:\temp
2016-01-28 21:44 - 2015-08-01 10:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-28 21:44 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-01-28 21:35 - 2014-12-31 16:20 - 00000000 ____D C:\Users\Phanto\AppData\Local\NVIDIA
2016-01-28 21:33 - 2015-10-06 16:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-01-28 21:33 - 2015-08-01 10:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-01-28 21:33 - 2015-07-14 21:34 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-28 21:33 - 2015-04-03 11:51 - 00000000 ____D C:\Users\Phanto\AppData\Local\HTC MediaHub
2016-01-28 21:33 - 2015-02-24 17:41 - 00000000 ___RD C:\Users\Phanto\OneDrive
2016-01-28 21:33 - 2014-12-31 03:57 - 00000000 __SHD C:\Users\Phanto\IntelGraphicsProfiles
2016-01-28 21:21 - 2015-08-01 10:32 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-28 21:21 - 2015-07-10 17:34 - 00885982 _____ C:\WINDOWS\system32\perfh007.dat
2016-01-28 21:21 - 2015-07-10 17:34 - 00196578 _____ C:\WINDOWS\system32\perfc007.dat
2016-01-28 21:13 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-28 21:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-28 21:13 - 2015-07-10 10:05 - 08912896 ___SH C:\WINDOWS\system32\config\BBI
2016-01-28 21:09 - 2015-07-14 21:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-01-28 20:54 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-28 20:54 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-27 20:33 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2016-01-27 20:17 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-27 20:16 - 2015-12-28 19:16 - 00000000 ____D C:\Users\Phanto\AppData\Local\CrashDumps
2016-01-27 20:00 - 2015-01-08 17:37 - 00000000 ____D C:\ProgramData\Oracle
2016-01-27 19:59 - 2015-08-27 13:36 - 00000000 ____D C:\Users\Phanto\.oracle_jre_usage
2016-01-27 19:59 - 2015-01-08 17:37 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-01-27 19:59 - 2015-01-08 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-27 19:59 - 2015-01-08 17:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-27 19:55 - 2015-03-14 09:34 - 00000000 ____D C:\AdwCleaner
2016-01-27 19:53 - 2015-12-28 20:03 - 00000952 _____ C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-01-27 19:53 - 2015-12-13 15:09 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-27 19:53 - 2015-12-09 18:23 - 00001189 _____ C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk
2016-01-27 19:53 - 2015-11-06 18:43 - 00000556 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2016-01-27 19:53 - 2015-10-06 16:48 - 00002298 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2016-01-27 19:53 - 2015-09-22 17:58 - 00000551 _____ C:\Users\Public\Desktop\KP-Darts.lnk
2016-01-27 19:53 - 2015-09-18 14:21 - 00000633 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-01-27 19:53 - 2015-08-27 16:10 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-01-27 19:53 - 2015-08-01 10:37 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-27 19:53 - 2015-07-06 17:21 - 00001849 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-27 19:53 - 2015-06-23 16:41 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-27 19:53 - 2015-04-27 16:34 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-27 19:53 - 2015-04-14 22:37 - 00002222 _____ C:\Users\Public\Desktop\tax 2015.lnk
2016-01-27 19:53 - 2015-03-20 20:01 - 00000919 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-27 19:53 - 2015-03-12 18:07 - 00000686 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2016-01-27 19:53 - 2015-03-12 18:07 - 00000655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2016-01-27 19:53 - 2015-03-12 18:07 - 00000621 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2016-01-27 19:53 - 2015-03-09 12:12 - 00000933 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-01-27 19:53 - 2015-02-24 17:43 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-27 19:53 - 2015-02-24 17:43 - 00001303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-01-27 19:53 - 2015-01-19 18:48 - 00000568 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-01-27 19:53 - 2015-01-19 18:48 - 00000568 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-01-27 19:53 - 2015-01-09 20:48 - 00000630 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2016-01-27 19:53 - 2015-01-08 19:43 - 00001065 _____ C:\Users\Public\Desktop\R x64 3.1.2.lnk
2016-01-27 19:53 - 2015-01-03 18:30 - 00000528 _____ C:\Users\Public\Desktop\Origin.lnk
2016-01-27 19:53 - 2015-01-03 18:20 - 00000516 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-27 19:53 - 2015-01-01 02:27 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-27 19:53 - 2014-12-30 22:15 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-27 19:53 - 2014-09-19 18:59 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-27 19:53 - 2014-09-19 18:59 - 00001372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-01-27 19:53 - 2014-09-19 18:47 - 00001839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM.lnk
2016-01-27 19:52 - 2015-10-01 17:29 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-27 19:52 - 2015-03-09 12:12 - 00000933 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-01-27 19:52 - 2015-03-09 08:09 - 00001924 _____ C:\Users\Public\Desktop\1&1 Surf-Stick.lnk
2016-01-27 19:52 - 2015-01-09 20:44 - 00001126 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-01-27 19:52 - 2015-01-03 18:58 - 00000848 _____ C:\Users\Public\Desktop\FIFA 15.lnk
2016-01-27 19:51 - 2015-12-28 20:09 - 00001097 _____ C:\Users\Phanto\Desktop\FUSSBALL MANAGER 15-16.lnk
2016-01-27 19:51 - 2015-12-22 22:35 - 00002282 _____ C:\Users\Phanto\Desktop\Git Shell.lnk
2016-01-27 19:51 - 2015-12-14 21:54 - 00000788 _____ C:\Users\Phanto\Desktop\Echo Of Soul.lnk
2016-01-27 19:51 - 2015-11-19 17:47 - 00000965 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-01-27 19:51 - 2015-11-19 17:47 - 00000917 _____ C:\Users\Phanto\Desktop\Start Tor Browser.lnk
2016-01-27 19:51 - 2015-10-06 18:27 - 00001359 _____ C:\Users\Phanto\Desktop\ANSTOSS 2007.lnk
2016-01-27 19:51 - 2015-08-01 10:39 - 00002442 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-01-27 19:51 - 2015-08-01 10:39 - 00001061 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-01-27 19:51 - 2015-07-25 14:50 - 00001975 _____ C:\Users\Phanto\Desktop\Samsung Link post.sventhomas@gmail.com.lnk
2016-01-27 19:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\security
2016-01-27 19:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SchCache
2016-01-27 19:51 - 2015-03-12 18:07 - 00000722 _____ C:\Users\Phanto\Desktop\JDownloader.lnk
2016-01-27 19:51 - 2015-02-23 18:57 - 00001824 _____ C:\Users\Phanto\Desktop\Spotify.lnk
2016-01-27 19:51 - 2015-02-23 18:57 - 00001810 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-01-27 19:51 - 2015-01-08 19:45 - 00000932 _____ C:\Users\Phanto\Desktop\RStudio.lnk
2016-01-27 19:51 - 2015-01-01 16:28 - 00000540 _____ C:\Users\Phanto\Desktop\Glyph.lnk
2016-01-27 19:51 - 2014-12-31 11:45 - 00000649 _____ C:\Users\Phanto\Desktop\Uplay.lnk
2016-01-27 19:51 - 2014-12-31 02:06 - 00000623 _____ C:\Users\Phanto\Desktop\Atlantica Europe.lnk
2016-01-27 19:51 - 2014-09-19 18:57 - 00002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-01-27 19:48 - 2015-09-18 15:06 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01110DE6-B60C-43FF-805A-811430EA9A8D}
2016-01-26 19:53 - 2015-01-08 19:45 - 00000000 ____D C:\Users\Phanto\AppData\Local\RStudio-Desktop
2016-01-26 19:13 - 2015-08-01 10:34 - 00000000 ____D C:\Users\Phanto
2016-01-26 19:04 - 2015-01-09 00:14 - 00007932 _____ C:\Users\Phanto\Documents\.Rhistory
2016-01-26 19:03 - 2015-10-21 10:12 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-26 19:02 - 2015-10-01 17:18 - 00150016 ___SH C:\Users\Phanto\Desktop\Thumbs.db
2016-01-26 18:35 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-26 18:26 - 2014-12-31 15:29 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-26 18:09 - 2014-12-31 15:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-25 18:34 - 2015-07-23 03:02 - 12474312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-24 22:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-24 22:53 - 2015-02-16 20:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-24 22:53 - 2015-02-16 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-24 18:58 - 2015-12-28 20:09 - 00000000 ____D C:\Users\Phanto\Documents\FUSSBALL MANAGER 14
2016-01-24 17:48 - 2015-12-22 22:35 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\GitHub
2016-01-24 17:48 - 2015-12-22 22:35 - 00000000 ____D C:\Users\Phanto\AppData\Local\GitHub
2016-01-24 17:09 - 2015-12-22 22:32 - 00000000 ____D C:\Users\Phanto\AppData\Local\Deployment
2016-01-24 14:55 - 2015-12-22 22:35 - 00000000 ____D C:\Users\Phanto\Documents\GitHub
2016-01-23 04:31 - 2015-07-23 03:02 - 03648552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-23 04:31 - 2015-07-23 03:02 - 03230824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-23 04:31 - 2015-07-23 03:02 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-23 02:01 - 2015-08-01 10:31 - 06366656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-23 02:01 - 2015-08-01 10:31 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-22 03:06 - 2015-08-01 10:31 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-20 21:21 - 2015-08-01 10:37 - 00000000 ____D C:\Users\Phanto\AppData\Local\Packages
2016-01-20 21:13 - 2015-07-10 12:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-20 21:11 - 2014-09-19 18:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-18 19:38 - 2015-01-13 00:10 - 00000000 ____D C:\Users\Phanto\Documents\Youcam
2016-01-17 17:45 - 2015-04-27 16:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-17 10:49 - 2015-03-20 19:46 - 00000000 ____D C:\Users\Phanto\Documents\Usenet.nl
2016-01-13 22:44 - 2015-02-16 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 22:43 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 18:22 - 2015-06-23 16:41 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 05:41 - 2014-12-31 16:20 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-12 05:41 - 2014-12-30 22:00 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-12 05:40 - 2015-12-28 19:29 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2014-12-31 16:20 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-12 05:40 - 2014-12-30 22:00 - 01860120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-10 09:26 - 2015-12-14 21:35 - 00000000 ____D C:\Program Files (x86)\GameXPComService
2016-01-10 09:26 - 2014-12-30 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-01-03 02:40 - 2015-07-10 12:06 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-03 02:40 - 2015-07-10 12:06 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-31 01:42 - 2014-12-31 01:47 - 1572864000 _____ () C:\Program Files (x86)\Atlantica.tmp.001
2014-12-31 01:47 - 2014-12-31 01:52 - 1572864000 _____ () C:\Program Files (x86)\Atlantica.tmp.002
2014-12-31 01:52 - 2014-12-31 01:56 - 1262969925 _____ () C:\Program Files (x86)\Atlantica.tmp.003
2014-12-31 01:42 - 2014-12-31 01:42 - 0435736 _____ () C:\Program Files (x86)\Setup_Atlantica_41025.exe
2015-06-27 08:29 - 2015-06-27 10:10 - 0037173 _____ () C:\Users\Phanto\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2015-06-13 10:34 - 2015-10-19 09:39 - 0000600 _____ () C:\Users\Phanto\AppData\Local\PUTTY.RND
2015-10-21 15:31 - 2015-10-21 15:31 - 0003969 _____ () C:\Users\Phanto\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\Phanto\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Phanto\AppData\Local\Temp\sqlite3.dll
C:\Users\Phanto\AppData\Local\Temp\vmO0silF6n.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-01-20 21:23
==================== Ende von FRST.txt ============================
Viele Grüße Phanto |
|
29.01.2016, 23:08
| #2 |
| | Windows 10, www.smartnewtab.com Addition.txt
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Phanto (2016-01-28 21:45:58)
Gestartet von C:\Users\Phanto\Downloads
Windows 10 Home (X64) (2015-08-01 09:37:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4238552743-3114925317-4059068160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4238552743-3114925317-4059068160-503 - Limited - Disabled)
Gast (S-1-5-21-4238552743-3114925317-4059068160-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4238552743-3114925317-4059068160-1002 - Limited - Enabled)
Phanto (S-1-5-21-4238552743-3114925317-4059068160-1000 - Administrator - Enabled) => C:\Users\Phanto
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: Kaspersky Anti-Virus (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{7438DA7D-782C-450F-BCDC-5FC54E6831B8}) (Version: 1.0.0.2 - ZTE Corporation)
Ad-Aware Antivirus (HKLM\...\{9A711B34-77B5-4DDA-A97E-2FD6663729E1}_AdAwareUpdater) (Version: 11.9.696.8769 - Lavasoft)
AdAwareInstaller (Version: 11.9.696.8769 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.9.696.8769 - Lavasoft) Hidden
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
ANSTOSS 2007 (Version 7.1.0.5) (HKLM-x32\...\{FA031DA5-05D0-4937-BD2B-DCEC47A2506B}_is1) (Version: 7.1.0.5 - ASCARON Entertainment GmbH)
ANSTOSS 3 (HKLM-x32\...\ANSTOSS 3_is1) (Version: - )
AntimalwareEngine (Version: 3.0.99.0 - Lavasoft) Hidden
AntispamEngine (Version: 2.4.4205.0 - Lavasoft) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atlantica Online Europe (HKLM-x32\...\Atlantica Online Europe) (Version: 50110 - Nexon Europe)
AvcEngine (Version: 3.11.11387.0 - Lavasoft) Hidden
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1408.201 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Club Manager 2016 (HKLM\...\Q2x1Yk1hbmFnZXIyMDE2_is1) (Version: 1 - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4612 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Echo of Soul (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\echoofsoul_de) (Version: - )
ELAN Touchpad 15.13.3.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.3.1 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
FirewallEngine (Version: 1.6.0.0 - Lavasoft) Hidden
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GitHub (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\5f7eb300e2ea4ebf) (Version: 3.0.11.0 - GitHub, Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.97 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\HappyCloud) (Version: 5.88 - Happy Cloud, Inc.)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.12.253 - SurfRight B.V.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.44.5 - HTC)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KP-Darts 0.9.9 (HKLM-x32\...\{0A8762F8-B3C7-4015-B10E-DAAC0483C9EB}_is1) (Version: 0.9.9 - wwww.kpdarts.de)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6366.2056 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSI Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.0.1 - Micro-Star International Co., Ltd.)
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.)
MSI Remind Manager (x32 Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.) Hidden
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1019 - Microsoft Corporation) Hidden
OnlineThreatsEngine (Version: 2.2.3.0 - Lavasoft) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
R for Windows 3.1.2 (HKLM\...\R for Windows 3.1.2_is1) (Version: 3.1.2 - R Core Team)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1091 - RStudio)
Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG)
SCM (HKLM\...\{F5D84549-523F-438F-8ACC-0944E30EF78C}) (Version: 13.014.09014 - Application)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Sphere 3 (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Sphere 3_is1) (Version: - GameXP)
Spotify (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.450.22786 - SteelSeries)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.020 - MSI)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tax 2015 (HKLM-x32\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.05.8946 - Buhl Data Service GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Trainingspläne Version 1.0 (HKLM-x32\...\{F8A382D7-5453-4E2C-AD53-A598D868B3EE}_is1) (Version: 1.0 - SoccerLobby)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
XSplit Gamecaster (HKLM-x32\...\{4B72B9B7-9B87-4792-B9E3-713E6454B25F}) (Version: 1.8.1406.0912 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4238552743-3114925317-4059068160-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {048F2D98-3C25-4A91-915C-5DD709863A04} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {064CAC79-630E-4471-B56C-0192721A2AFF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {080D98F4-501E-471A-B9DD-970E1AC97F71} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {0994319D-14C3-4B0D-82CA-1B43308434DD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-08] (Microsoft Corporation)
Task: {0C249DFE-5E22-440B-BE04-3D426B23012C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {14DE0256-194D-4425-AB83-5A77F5F01895} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1ACE9872-F58A-4CD6-98D9-902DB29110D6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1B662D56-876B-41D6-91C1-D83E8048F1EC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {1E472BE6-0A76-41B3-9376-DF66FBA67C18} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-08] (Microsoft Corporation)
Task: {20C3A3FF-44B0-4352-A005-AEBA869173D0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {215EE479-105A-49DD-B525-7968A01CBBE3} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {21BBAA4C-BA0A-4DAC-9B89-C70222F2134D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {21DFC730-980B-48C5-ABB2-5283AAF398B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {21F170D6-2E64-4B07-92DA-FE4945034559} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-07] (Microsoft Corporation)
Task: {3238A088-70FD-480E-94D0-2DF316F24641} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {341011EB-A0A5-49A5-9B34-DAAC276E4F87} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {34261A13-1D8A-4F67-88CB-2D2F8B0B4C99} - System32\Tasks\{E1CEF4A0-9055-4390-84E7-5A1A535A49B1} => Firefox.exe hxxp://ui.skype.com/ui/0/7.4.80.102/de/abandoninstall?page=tsBing
Task: {3B02140A-0E71-47F0-89FF-9A40E4E62A99} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-26] (Microsoft Corporation)
Task: {4A952494-47BA-466F-A1BA-2D62850649E0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4C821024-9C88-4A33-8226-2F6321E1306D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {4DFC5B4E-FBF9-4C24-98E6-DC1FC7A61421} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {51902728-5A1D-4192-8A66-A57E98D432A8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {67C00E46-2745-4049-88D8-5DC5510A0951} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {69016975-61E8-41B1-AF32-35E438BB4611} - System32\Tasks\{1747D35E-5A2A-49A7-B89C-5DA06058C306} => pcalua.exe -a D:\LoL\lol.launcher.exe -d D:\LoL\
Task: {6E8B1CB5-A596-4897-95ED-1AC0ADEE569C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {6F1A46CF-CA15-41F4-A82C-BB9ED998B42C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6F74DEA4-A5F4-4DA9-88F0-0F86A6AA3EC7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6FD25197-AD86-4CEE-B62C-B0D192B8F61E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {7A9E2538-12BA-4DBF-A04D-DCFF6E3C2C6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {83E3363A-8FA3-4D4C-92E1-3BC1491422D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {876F7FFF-1569-4799-9AFA-1EEAC8B2AEF8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8C68F145-6294-4C7D-BC3C-32ED14197286} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {8D75F864-DA07-4260-A370-9470D2F10667} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {96921671-A948-43C8-82DF-1D586094E6F1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {9A02C6A7-9D8E-4774-AA1D-8A0D85C7333C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {AA1529A3-013C-44F3-BE23-3E0CF4F64D99} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {B8885750-CBAA-4990-93EB-2B3C6E345FFD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BAB7E0C6-5F5C-43B9-9B2D-87ACCA314FD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {BB3C0071-D01F-4483-A0A8-58006823F203} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BB58AA26-F94C-4D52-B177-778376017BB0} - System32\Tasks\GameXPComService Autoupdate => C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe [2015-12-04] ()
Task: {C4699319-C1E3-4975-9DF3-52B39C895E7E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C605721B-24FD-4DF6-88EF-DE759B1936BE} - System32\Tasks\{4A51EB8C-A08C-451F-A0E3-DFE04405AE7A} => pcalua.exe -a "C:\Program Files (x86)\ANSTOSS 3\SGLSetup.exe" -d "C:\Program Files (x86)\ANSTOSS 3"
Task: {C8C4C2CC-04BE-48F0-88BB-E3D158D8E470} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CF3E13F6-BE90-4438-836A-F432330608F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {CFBC4025-4505-4E14-B6F1-7DD4431BC613} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D66AEDB6-924C-4828-93F6-CCC3ED363EC2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D69CCAAD-2C03-4945-9F8D-FEB472AFC9A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D8969DD5-A487-4C82-A87D-3DC5FE779F9B} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {E0BBC497-AE42-477B-8754-9DDF33811797} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E5190D7F-16FE-4838-9C61-7470C3A129D2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {E96B5C88-38C7-4D41-B91D-3D55151FA1D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {FB330F3F-E78A-4806-9874-79155CBCBF88} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-01 11:43 - 2015-08-01 11:43 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-20 07:58 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-21 19:57 - 2016-01-07 06:13 - 00162472 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-12-14 21:35 - 2015-12-04 11:59 - 00602352 _____ () C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-07-19 21:30 - 2015-03-18 14:22 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2015-07-19 21:30 - 2015-03-18 14:22 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2015-07-19 21:30 - 2015-03-18 14:22 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 10:25 - 2013-12-21 10:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 10:26 - 2013-12-21 10:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2015-07-19 21:30 - 2015-03-18 14:22 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2015-08-01 10:33 - 2015-08-01 10:33 - 00669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-10-01 17:09 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-12-09 17:33 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 17:33 - 2015-11-25 05:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-12-09 17:33 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-12-09 17:33 - 2015-11-25 05:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00821600 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe
2015-10-01 17:09 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 17:33 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 17:33 - 2015-11-25 05:24 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-10-01 17:09 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2014-01-22 18:44 - 2014-01-22 18:44 - 00075912 _____ () C:\Program Files (x86)\MSI\Dragon Gaming Center\WinIo64.dll
2014-09-19 18:51 - 2012-11-01 19:23 - 00089600 _____ () C:\windows\SYSTEM32\CmdRtr64.DLL
2014-09-19 18:51 - 2012-11-01 19:21 - 00325120 _____ () C:\windows\SYSTEM32\APOMgr64.DLL
2015-12-09 17:58 - 2015-12-09 17:58 - 09574112 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTray.exe
2015-12-09 17:58 - 2015-12-09 17:58 - 03549904 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\RCF.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00123656 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_filesystem-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00025856 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_system-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00057096 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_date_time-vc120-mt-1_57.dll
2015-12-09 17:59 - 2015-12-09 17:59 - 00107776 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_thread-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00492288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_locale-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00035072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_chrono-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 02266344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\HtmlFramework.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00868600 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareTrayDefaultSkin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-05-16 16:57 - 2014-05-16 16:57 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-05-16 16:57 - 2014-05-16 16:57 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-06-26 19:39 - 2014-06-26 19:39 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-28 19:28 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 17148648 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareDesktop.exe
2015-12-09 17:58 - 2015-12-09 17:58 - 00911616 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_regex-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 00447760 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\boost_program_options-vc120-mt-1_57.dll
2015-12-09 17:58 - 2015-12-09 17:58 - 07432448 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.9.696.8769\AdAwareDesktopDefaultSkin.dll
2015-07-08 22:18 - 2015-07-08 22:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\kpcengine.2.3.dll
2015-03-19 16:16 - 2015-03-19 16:16 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 16:16 - 2015-03-19 16:16 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-03-19 16:18 - 2015-03-19 16:18 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-03-19 16:19 - 2015-03-19 16:19 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-10-22 08:48 - 2013-10-22 08:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 15:38 - 2013-04-19 15:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 18:49 - 2013-10-25 18:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2014-09-19 18:21 - 2013-09-16 20:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-01-28 21:09 - 2016-01-27 18:39 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libglesv2.dll
2016-01-28 21:09 - 2016-01-27 18:39 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.97\libegl.dll
2014-09-19 18:51 - 2012-10-31 23:00 - 00991232 _____ () C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\de-DE\SBCinema.resources.dll
2015-07-15 22:56 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-11-03 18:22 - 2015-11-03 18:22 - 00760832 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ReactiveUI\990c8ae4fdd5f69ba9a8cd7418d74d3b\ReactiveUI.ni.dll
2015-11-03 18:22 - 2015-11-03 18:22 - 01000448 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\a2b887f5ffbeecb04c473b673cf255d7\System.ComponentModel.Composition.ni.dll
2015-11-03 18:24 - 2015-11-03 18:24 - 00310784 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ReactiveUI.Xaml\c9c8cf7170e288394f16833833633576\ReactiveUI.Xaml.ni.dll
2015-11-03 18:24 - 2015-11-03 18:24 - 00147968 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Comp7dda8007#\d597a43999adae5fcb9b9604286a84a6\System.ComponentModel.Composition.Registration.ni.dll
2015-11-03 18:22 - 2015-11-03 18:22 - 00194560 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Reflc3377498#\5f8385f36ed7fe3cbc08676d1f201063\System.Reflection.Context.ni.dll
2016-01-24 13:59 - 2016-01-24 13:59 - 03999232 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MsgPack\092a9a15cc225dbe3199da7f15cb2b8c\MsgPack.ni.dll
2015-04-29 16:42 - 2015-08-20 22:14 - 00228616 _____ () D:\Atlantica\AtlanticaLauncher.exe
2015-04-29 16:42 - 2015-08-20 22:14 - 07998216 _____ () D:\Atlantica\npp_api.dll
2015-04-29 16:42 - 2016-01-28 21:45 - 00457480 _____ () D:\Atlantica\npp.dll
2015-04-29 16:41 - 2015-10-12 13:07 - 46490888 _____ () D:\Atlantica\passport\passport_client.exe
2015-04-29 16:42 - 2015-06-12 14:54 - 01481728 _____ () D:\Atlantica\passport\libglesv2.dll
2015-04-29 16:42 - 2015-06-12 14:54 - 00073728 _____ () D:\Atlantica\passport\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-01-26 18:24 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\oobe\info\Wallpaper\win7wallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: EADM => "D:\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Phanto\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Phanto\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "iCloud"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{86770F7D-6595-4206-88B0-663D0ADBB82A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{56296562-D3F7-4532-9114-640D35175CD7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A0EF6B99-AE45-400A-84A4-032C4050424A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{87D4F657-DDB0-4327-9391-84D7A41F4C27}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9F87469A-5D4A-4236-8006-19854781C8DF}] => (Allow) LPort=1900
FirewallRules: [{C04A542F-C6CC-4642-9AC0-D0E90A60D81A}] => (Allow) LPort=7900
FirewallRules: [{AF01593C-29EE-4A3F-B291-DF6D8FBA08A1}] => (Allow) LPort=24234
FirewallRules: [{F95D9C70-C7C4-4841-90DE-D410E881E6E1}] => (Allow) LPort=7679
FirewallRules: [{54FDA514-C5BE-421F-B49D-33AEBA8167FD}] => (Allow) LPort=7676
FirewallRules: [{FD7BC440-C769-4088-B9D3-092CB028CFDF}] => (Allow) LPort=8643
FirewallRules: [{149CB2BD-C0DB-4893-BEB7-1C5DADBB89BE}] => (Allow) LPort=8743
FirewallRules: [{E77BBF4A-4F4F-463D-8325-273F937BA692}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{F7CCD478-E92D-4D13-88B3-5CFA3E929A1F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{7FFB1A12-9982-42B0-92E3-E7A91E8B712A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{B319BF28-F265-4318-952B-7E2B0FE3F357}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C6C71B84-2CC8-4ADD-8A95-233D7273D10E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{6F2DC108-DC11-4CF3-AF25-164DDDCF0C1D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{1924DEA7-41A3-4CFC-96FE-F20ECFB636D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EBF58911-A06F-4865-8D27-1448A1814EFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42CF0295-F8A3-48C7-A005-874F23AB888C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EA6E9F0A-5B56-42E3-AFE3-C779AF7CEE75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9D7705F8-CB43-429E-9F6F-1005F95ED64B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B6E3B0B6-B0A1-4821-82B3-0CCBD865F83C}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{A9F9BDD9-3DC6-4B01-A587-7E75BC8E3F4D}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{D99A1326-FA94-4F77-827D-994EC8CF629C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6AF58922-1E36-45C0-BAE1-D38BCD35F6E5}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [UDP Query User{483AF1A7-E906-4080-B62E-EB5D8C48ED28}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DB504A58-872B-44D4-ABCD-4E31179BF3DF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CAC1A80D-2F23-4273-B38A-583C9D3A0D6A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{84490DB6-BD5B-486F-95B4-113A56A2BEAF}] => (Allow) LPort=1900
FirewallRules: [{39FD3270-5EA2-415F-A30E-D93E4A17E6BE}] => (Allow) LPort=2869
FirewallRules: [{135D237D-14FD-43C6-AED3-4D5AE46D0FF3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{89CF8B40-23D1-4FE7-8868-9D4E9CD0F33A}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3364509A-967C-49D4-ADAF-28EBB94556C8}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{72A1F7A2-23B1-47B8-9ADF-853CAB967433}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EE9A3162-6C21-4FFF-A6F6-E7C02E16001A}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2AB96FD9-2A1B-4860-BD6B-6AFAFB681C66}] => (Allow) D:\teamviewer\TeamViewer_Service.exe
FirewallRules: [{5AE6C4A9-285C-4657-9272-3B1A5BB030EA}] => (Allow) D:\teamviewer\TeamViewer_Service.exe
FirewallRules: [{D956CB45-9BA7-4B95-96E7-8B0F5BAD75EE}] => (Allow) D:\teamviewer\TeamViewer.exe
FirewallRules: [{4E913255-36F1-4099-970C-2AC01F13E8A5}] => (Allow) D:\teamviewer\TeamViewer.exe
FirewallRules: [{85A859AF-AB67-4535-AD38-4BE513117D95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57DEC05E-9F87-4886-9323-1851D36BE575}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{A88D174A-27A2-4E63-BFA4-C6FABB1A6E93}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{A98DA9D4-D863-435E-BB45-FB4122DACE14}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [{03B88F9E-97BF-4361-8DCC-17D0AE70298C}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{0451974B-2FED-44C6-AF7D-AD3782E9DB09}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{DB11D88E-FEB2-4901-873B-1BA86F83F844}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3CE8B8DC-F924-4217-8C6A-52722B777B2E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{094AFDE6-4BB9-4830-B858-5F728DEDF797}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{F09519D9-0E3B-4B75-B909-DC3A713E030D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [UDP Query User{1C5DD154-A7D3-4A2E-B36B-8075571E1FE3}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [TCP Query User{58F1EFCC-4E7C-4699-AC85-4D9DCE4A0651}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{5CDE8E0D-1C9D-4B24-A3DE-63FDC98E7CA8}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{060AFA2E-56B2-4B73-8771-0EF1FEFE456F}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{86705826-E598-4AC5-B56D-ED6775CB48B0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{E327134F-8B79-4B2B-8ADF-49B0C04A6F86}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{07066F5B-9BE3-421D-BCDE-35DA63FCB245}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF23E5A5-60AA-4C2F-9505-41860C878548}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A7F880D-59FD-4087-B53D-7EE9FACFA1D9}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{DA9A5997-BFC1-492B-98FD-B207C57C23CD}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1E5D0EC8-D552-4440-85EB-E9A1B514EE37}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{EE7CC4EA-3D8E-4252-B8D5-D0C8D4A3B913}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [UDP Query User{2623B6BD-685D-4356-822A-6F062C6F77CA}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{1363954A-562B-4DC8-874B-7E6E43B49318}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [{904F8F7B-94D4-48FA-8089-22E3C5C5535A}] => (Allow) D:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{45B7F4FB-C675-4926-8669-EF7B0CDA65A1}] => (Allow) D:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{696DCBA3-F724-43BD-B196-40A93240592E}] => (Allow) C:\Users\Phanto\Downloads\WLAN-Optimierer (1).exe
FirewallRules: [{A2CB6DF4-A48B-484B-8F7E-0619A7102E78}] => (Allow) C:\Users\Phanto\Downloads\WLAN-Optimierer (1).exe
FirewallRules: [TCP Query User{EE7EA38B-1F9A-4C6A-9D2C-6D2C9434E7CE}D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [UDP Query User{9FD00343-C887-4B1A-A0D4-9B5FEDFF650E}D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [{3054945C-4775-4258-BE72-2637E09FA3B0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4F0E297E-1A29-4113-8985-4F9DAA3BEC45}] => (Allow) D:\GameforgeLive\gfl_client.exe
FirewallRules: [{19024840-8AE9-4BC4-81D5-8F464C396768}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2398C1B9-F75D-4EFF-82D5-BF3FB61247AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{234E4BF2-14AC-460C-AB81-5E8EDB26B464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BCD623F-16D2-4111-BE1A-B5E2C2132B46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C74F711F-0243-4D7D-8BA8-9779A6C0E7C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CD2AAD1-C6BA-4EE2-BB01-4DB1D70AC22B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A4F7067-5323-4861-9130-8247A71574FA}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{5B0FD993-BE76-44F2-817E-64732BEAF1B0}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{45A4BFAF-D13A-4D53-AB70-B84633E9E74D}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{604291D3-D935-4FA2-A9F3-610703072C62}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{232B7960-19CF-4C03-9B6B-E27B4468054E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2314BA12-4323-4CC9-A7B7-9807BFA872BE}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\launchpoint.exe
FirewallRules: [{55E8F8AC-CE99-4394-B1A9-689E46A9CC67}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\launchpoint.exe
FirewallRules: [{E704E7C9-DF6B-45BE-8055-95B27552B7CC}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphere3.exe
FirewallRules: [{A832DCA5-5950-4F35-87FA-2F97DB74077E}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphere3.exe
FirewallRules: [{86F981EC-304C-4117-8CEC-90337DDB0006}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphereclient.exe
FirewallRules: [{C340A9E2-B5EF-4A7B-8909-2ED6E0CD6A8E}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphereclient.exe
FirewallRules: [{DBF54A06-9BDE-4728-9CD1-A329F6FBEA89}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{CEC12B7F-0319-4CA9-AE2D-8CB3434AC44A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0EA4AA32-53AD-4B38-99B4-C048D53E0634}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{820FB97A-5634-4967-B146-1B6DDAF361E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E12CBB92-D203-421E-8793-FE4CB9A1040B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FEC42384-6DBE-4155-A66D-F6534965FBE3}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{FDA0A545-F05A-4B49-9AF8-9FBB59539505}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [TCP Query User{2A8E8E0B-3519-4C39-9E31-9C0D3C63527A}D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe] => (Allow) D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe
FirewallRules: [UDP Query User{1D16C6D2-717E-478C-A858-673951AA35A9}D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe] => (Allow) D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe
FirewallRules: [{AFB6348C-F429-4CD3-86D3-79C5024F4097}] => (Allow) E:\fsetup.exe
FirewallRules: [{5A0D8BDF-AF0F-4773-BED1-1B86020113DF}] => (Allow) E:\fsetup.exe
FirewallRules: [{43C72433-772D-4A0E-BDDC-AD3508595BCB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/28/2016 09:14:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x1df4
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x179c
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x17ec
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x12b8
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x1f54
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0xdf8
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x188c
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x1f14
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x1e08
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (01/28/2016 09:14:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0xbd8
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Systemfehler:
=============
Error: (01/28/2016 09:34:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (01/28/2016 09:13:56 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (01/28/2016 09:13:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 09:13:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 09:13:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 09:13:39 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 08:59:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 08:59:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 08:59:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2016 08:59:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session4" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2016-01-09 18:45:11.978
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.961
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.924
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-07 17:30:08.667
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.376
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.349
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210H CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 60%
Installierter physikalischer RAM: 8112.21 MB
Verfügbarer physikalischer RAM: 3169.02 MB
Summe virtueller Speicher: 16304.21 MB
Verfügbarer virtueller Speicher: 10438.84 MB
==================== Laufwerke ================================
Drive c: (OS_Install) (Fixed) (Total:118.7 GB) (Free:7.81 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:917.68 GB) (Free:427.98 GB) NTFS
Drive f: (Club Manager 2016) (CDROM) (Total:0.8 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CFBDCE17)
Partition 1: (Not Active) - (Size=13.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=917.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: CFBDCE32)
Partition 1: (Active) - (Size=100 MB) - (Type=27)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
01.02.2016, 10:04
| #3 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Windows 10, www.smartnewtab.com moin,
__________________Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
03.02.2016, 20:06
| #4 |
| | Windows 10, www.smartnewtab.com Hallo, vielen Dank schonmal für deine Hilfe. Ich war beruflich unterwegs und konnte leider nicht schneller antworten. Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2016.02.03.05
rootkit: v2016.01.20.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16644
Phanto :: PHANTO-MSI [administrator]
03.02.2016 19:51:05
mbar-log-2016-02-03 (19-51-05).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 454906
Time elapsed: 11 minute(s), 58 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
04.02.2016, 14:08
| #5 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10, www.smartnewtab.comZitat:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
04.02.2016, 18:00
| #6 |
| | Windows 10, www.smartnewtab.com Hallo cosinus, habe es deinstalliert. Viele Grüße |
|
04.02.2016, 19:21
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10, www.smartnewtab.com Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2016, 12:44
| #8 |
| | Windows 10, www.smartnewtab.com Hi, hier der erste Report Code:
ATTFilter # AdwCleaner v5.032 - Bericht erstellt am 05/02/2016 um 18:45:40
# Aktualisiert am 31/01/2016 von Xplode
# Datenbank : 2016-02-05.1 [Server]
# Betriebssystem : Windows 10 Home (x64)
# Benutzername : Phanto - PHANTO-MSI
# Gestartet von : C:\Users\Phanto\Desktop\AdwCleaner_5.032.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
[-] Datei Gelöscht : C:\Users\Phanto\AppData\Local\Temp\Utils.dll
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\adawarebp
[!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\Software\AppDataLow\Software\adawarebp
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1066 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.2 (01.06.2016)
Operating System: Windows 10 Home x64
Ran by Phanto (Administrator) on 05.02.2016 at 18:34:54,48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 4
Successfully deleted: C:\ProgramData\19a87fa1ec024bbcbb41931263354405 (Folder)
Successfully deleted: C:\ProgramData\Service1104 (Folder)
Successfully deleted: C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage-journal (File)
Successfully deleted: C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.audienceinsights.net_0.localstorage (File)
Registry: 1
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DAA386977797F795B90F1D630584EC5B (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.02.2016 at 18:36:32,72
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016
durchgeführt von Phanto (Administrator) auf PHANTO-MSI (05-02-2016 18:37:53)
Gestartet von C:\Users\Phanto\Downloads
Geladene Profile: Phanto (Verfügbare Profile: Phanto & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
(TeamViewer GmbH) D:\teamviewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Users\Phanto\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Phanto\Downloads\FRST64 (1).exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3347680 2015-12-06] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-31] (Intel Corporation)
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [405504 2014-09-01] (MSI)
HKLM\...\Run: [MBCfg64] => C:\windows\system32\RunDLL32.exe C:\windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2015-03-18] (Copyright 2013 SAMSUNG)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema] => C:\Program Files (x86)\Creative\Sound Blaster Cinema\Sound Blaster Cinema\SBCinema.exe [711680 2013-08-16] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\windows\UpdReg.EXE
HKLM-x32\...\Run: [Super-Charger] => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe [490480 2013-09-10] (MSI)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2011-10-13] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe [230696 2011-10-13] (CyberLink Corp.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2015-06-16] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-06-26] (SteelSeries ApS)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Phanto\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [BingSvc] => C:\Users\Phanto\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-16] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [Spotify Web Helper] => C:\Users\Phanto\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2030648 2016-02-03] (Spotify Ltd)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8590760 2015-12-08] (Piriform Ltd)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4177784 2016-01-15] (Disc Soft Ltd)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\MountPoints2: {3c4cf68f-c44f-11e5-9da0-448a5beed61d} - "F:\setup.exe"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\MountPoints2: {7a8dd918-c62a-11e4-99ed-303a64f78082} - "F:\AutoRun.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-05] (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-05] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1fdd006d-b8d6-4815-b73a-df6c8c6849e2}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{265af83c-6258-44cc-89f0-3f1b4afce630}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{2948bd3b-4f65-4b3b-b224-71ffc82ac18a}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{63b2b05d-f126-41a0-b988-829948bd5d1a}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{a0bceb1d-565c-4f02-b7b0-36d5f97f42da}: [DhcpNameServer] 192.168.42.129
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM-x32 -> {78EB40B5-899A-4C68-B75F-FBF05F01A75A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSITDF&pc=MAM3&src=IE-SearchBox
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4238552743-3114925317-4059068160-1000 -> {35FEB0C1-FD19-48EE-903F-649C7C5FAF35} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-01-18] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2016-01-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-01-27] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-01-17] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-27] (Oracle Corporation)
Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\IEExt\ie_plugin.dll [2015-10-21] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-01-17] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Phanto\AppData\Roaming\Mozilla\Firefox\Profiles\epl1l8nv.default
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Yahoo!
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll [2015-05-07] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-19] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-01-17] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nielsen/FirefoxTracker -> C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\npfirefoxtracker.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-03] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Phanto\AppData\Roaming\Mozilla\Firefox\Profiles\epl1l8nv.default\searchplugins\google-default.xml [2015-10-06]
FF Extension: 20-20 3D Viewer - IKEA - C:\Users\Phanto\AppData\Roaming\Mozilla\Firefox\Profiles\epl1l8nv.default\Extensions\2020Player_IKEA@2020Technologies.com [2015-06-19] [ist nicht signiert]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06]
FF HKLM-x32\...\Firefox\Extensions: [netsight@nielsen.com] - C:\Program Files (x86)\NetRatingsNetSight\NetSight\meter1\FirefoxAddOns\netsight@nielsen.xpi => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox
FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\FFExt\light_plugin_firefox [2015-12-06]
Chrome:
=======
CHR Profile: C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-07-14]
CHR Extension: (Google Docs) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-07-14]
CHR Extension: (Google Drive) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26]
CHR Extension: (Google-Suche) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-24]
CHR Extension: (Kaspersky Protection) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2015-10-06]
CHR Extension: (Google Tabellen) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-07-14]
CHR Extension: (Google Docs Offline) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25]
CHR Extension: (Google Mail) - C:\Users\Phanto\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-14]
CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [Datei ist nicht signiert]
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
S2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\avp.exe [194000 2015-10-06] (Kaspersky Lab ZAO)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2014-12-30] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2772720 2016-01-17] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369464 2016-01-15] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144096 2015-12-06] (ELAN Microelectronics Corp.)
R2 gamexpcomsvc; C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe [602352 2015-12-04] ()
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-31] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-09-16] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2014-09-01] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [161776 2013-09-10] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2104840 2015-12-28] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-03-04] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG)
R2 TeamViewer; D:\teamviewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\x64\vssbridge64.exe [144640 2015-07-08] (AO Kaspersky Lab)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bflwfx64.sys [80560 2014-02-28] (Qualcomm Atheros, Inc.)
S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2014-12-30] (BitRaider)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-05] (Kaspersky Lab ZAO)
S3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2016-01-26] (Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2016-01-26] (Disc Soft Ltd)
S3 hitmanpro37; C:\WINDOWS\system32\drivers\hitmanpro37.sys [41080 2016-02-05] ()
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [263952 2015-07-14] (Intel Corporation)
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19952 2013-02-01] (Windows (R) Win 7 DDK provider)
R3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [154320 2013-03-20] (Qualcomm Atheros, Inc.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2015-10-21] (AO Kaspersky Lab)
R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2015-10-21] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2015-12-06] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2015-10-06] (AO Kaspersky Lab)
R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-21] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NETwNb64; C:\Windows\System32\drivers\Netwbw02.sys [3496216 2015-07-10] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [466648 2014-02-21] (Realsil Semiconductor Corporation)
S3 SAlphamBth; C:\Windows\system32\drivers\SAlphabt64.sys [31232 2014-05-16] (SteelSeries Corporation) [Datei ist nicht signiert]
S3 SAlphamHid; C:\Windows\system32\drivers\SAlpham64.sys [39168 2014-05-27] (SteelSeries Corporation)
R3 SAlphaPS2; C:\Windows\System32\drivers\SAlphaPS264.sys [27520 2014-05-16] (SteelSeries Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 WINIO; C:\Program Files (x86)\MSI\Dragon Gaming Center\winio64.sys [15160 2010-06-07] ()
S3 xhunter1; C:\WINDOWS\xhunter1.sys [35880 2015-12-22] (Wellbia.com Co., Ltd.)
S3 avchv; \SystemRoot\system32\DRIVERS\avchv.sys [X]
U3 idsvc; kein ImagePath
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-05 18:44 - 2016-02-05 18:44 - 01508352 _____ C:\Users\Phanto\Desktop\AdwCleaner_5.032.exe
2016-02-05 18:42 - 2016-02-05 18:42 - 00000000 ___HD C:\OneDriveTemp
2016-02-05 18:41 - 2016-02-05 18:41 - 00016148 _____ C:\WINDOWS\system32\PHANTO-MSI_Phanto_HistoryPrediction.bin
2016-02-05 18:37 - 2016-02-05 18:37 - 02370560 _____ (Farbar) C:\Users\Phanto\Downloads\FRST64 (1).exe
2016-02-05 18:36 - 2016-02-05 18:36 - 00001156 _____ C:\Users\Phanto\Desktop\JRT.txt
2016-02-05 18:34 - 2016-02-05 18:34 - 01609032 _____ (Malwarebytes) C:\Users\Phanto\Downloads\JRT.exe
2016-02-05 18:34 - 2016-02-05 18:34 - 00041080 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2016-02-05 18:33 - 2016-02-05 18:33 - 00001148 _____ C:\Users\Phanto\Desktop\AdwCleaner[C1].txt
2016-02-03 20:04 - 2016-02-03 20:11 - 02040919 _____ C:\Users\Phanto\Downloads\ruSamsungTVCommunicator_V0.0.18.0 (1).zip
2016-02-03 19:50 - 2016-02-03 20:03 - 00000000 ____D C:\Users\Phanto\Desktop\mbar
2016-02-03 19:50 - 2016-02-03 20:03 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-02-02 00:22 - 2016-02-03 19:49 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Phanto\Downloads\mbar-1.09.3.1001.exe
2016-01-28 21:47 - 2016-01-28 21:56 - 00000000 ____D C:\ProgramData\Overwolf
2016-01-28 21:47 - 2016-01-28 21:56 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-01-28 21:47 - 2016-01-28 21:47 - 00003804 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2016-01-28 21:47 - 2016-01-28 21:47 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2016-01-28 21:46 - 2016-01-28 22:06 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\TS3Client
2016-01-28 21:46 - 2016-01-28 21:56 - 00000000 ____D C:\Users\Phanto\AppData\Local\Overwolf
2016-01-28 21:46 - 2016-01-28 21:46 - 00001018 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2016-01-28 21:46 - 2016-01-28 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2016-01-28 21:46 - 2016-01-28 21:46 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2016-01-28 21:45 - 2016-02-05 18:37 - 00031577 _____ C:\Users\Phanto\Downloads\FRST.txt
2016-01-28 21:45 - 2016-01-28 21:46 - 31017664 _____ (TeamSpeak Systems GmbH) C:\Users\Phanto\Downloads\TeamSpeak3-Client-win64-3.0.18.2.exe
2016-01-28 21:45 - 2016-01-28 21:46 - 00077677 _____ C:\Users\Phanto\Downloads\Addition.txt
2016-01-28 21:44 - 2016-02-05 18:37 - 00000000 ____D C:\FRST
2016-01-28 21:44 - 2016-01-23 04:31 - 42983992 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 37615040 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 31115712 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 24941112 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 21202488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 20741880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 19778944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17632544 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17224664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17174032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 17116616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 14114944 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 02543160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 02187712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 01924152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436175.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436175.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00948672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00882232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00786872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00745408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00689600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00632336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00423360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00378784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00377792 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00316960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00175368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2016-01-28 21:44 - 2016-01-23 04:31 - 00153208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2016-01-28 21:39 - 2016-01-28 21:44 - 02370560 _____ (Farbar) C:\Users\Phanto\Downloads\FRST64.exe
2016-01-28 21:35 - 2016-01-28 21:45 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-01-28 21:34 - 2015-12-18 07:10 - 00099472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-01-28 21:34 - 2015-12-18 07:10 - 00090768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-01-28 21:02 - 2016-01-28 21:02 - 03079859 _____ C:\Users\Phanto\Downloads\E1759IMS.62D.zip
2016-01-27 20:04 - 2016-01-27 19:52 - 11323704 _____ (SurfRight B.V.) C:\Users\Phanto\Downloads\HitmanPro_x64.exe
2016-01-27 20:02 - 2016-01-27 20:03 - 02870984 _____ (ESET) C:\Users\Phanto\Downloads\esetsmartinstaller_deu.exe
2016-01-27 19:55 - 2016-02-03 19:50 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-27 19:55 - 2016-02-03 19:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-01-27 19:55 - 2016-01-27 19:55 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2016-01-27 19:55 - 2016-01-27 19:53 - 00001179 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-01-27 19:55 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-27 19:55 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-27 19:54 - 2016-01-27 19:55 - 22908888 _____ (Malwarebytes ) C:\Users\Phanto\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-27 19:53 - 2016-02-05 18:34 - 00000000 ____D C:\Program Files\HitmanPro
2016-01-27 19:53 - 2016-01-27 19:53 - 00001758 _____ C:\Users\Phanto\Desktop\Fixlist.txt
2016-01-27 19:52 - 2016-01-27 19:58 - 00000000 ____D C:\ProgramData\HitmanPro
2016-01-27 19:49 - 2016-01-27 19:49 - 01507840 _____ C:\Users\Phanto\Downloads\adwcleaner_5.031.exe
2016-01-26 19:59 - 2016-01-26 19:14 - 447335144 _____ () C:\Users\Phanto\Downloads\TC2016_Setup_Originaldaten_v20160110.exe
2016-01-26 19:48 - 2016-01-26 19:48 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf
2016-01-26 19:44 - 2016-01-26 19:44 - 02012504 _____ C:\Users\Phanto\Downloads\AdAwareWeb119Installer.exe
2016-01-26 19:44 - 2016-01-26 19:44 - 02012504 _____ C:\Users\Phanto\Downloads\AdAwareWeb119Installer (1).exe
2016-01-26 19:32 - 2016-01-26 19:50 - 17711037 _____ () C:\Users\Phanto\Downloads\update_1_52.exe
2016-01-26 19:13 - 2016-01-26 19:13 - 00000000 ____D C:\Users\Phanto\clubmanager2016
2016-01-26 19:10 - 2016-01-27 20:03 - 00000000 ____D C:\Program Files\Club Manager 2016
2016-01-26 19:10 - 2016-01-27 19:53 - 00000687 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Club Manager 2016.lnk
2016-01-26 19:10 - 2016-01-27 19:52 - 00000681 _____ C:\Users\Public\Desktop\Club Manager 2016.lnk
2016-01-26 19:05 - 2016-01-26 19:05 - 01327104 _____ C:\Users\Phanto\Downloads\check1.exe
2016-01-26 19:05 - 2016-01-26 19:05 - 01327104 _____ C:\Users\Phanto\Downloads\check1 (1).exe
2016-01-26 19:04 - 2016-01-26 18:31 - 00000000 ____D C:\Users\Phanto\Downloads\Torchance 2016
2016-01-26 19:03 - 2016-01-26 19:03 - 00339320 _____ C:\WINDOWS\Minidump\012616-26000-01.dmp
2016-01-26 18:36 - 2016-01-26 18:36 - 00000000 ____D C:\Users\Phanto\AppData\Local\Disc_Soft_Ltd
2016-01-26 18:17 - 2016-01-27 19:52 - 00001862 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2016-01-26 18:17 - 2016-01-26 19:34 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\DAEMON Tools Lite
2016-01-26 18:17 - 2016-01-26 18:17 - 00047672 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtliteusbbus.sys
2016-01-26 18:17 - 2016-01-26 18:17 - 00030264 _____ (Disc Soft Ltd) C:\WINDOWS\system32\Drivers\dtlitescsibus.sys
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Lite
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\ProgramData\DAEMON Tools Lite
2016-01-26 18:17 - 2016-01-26 18:17 - 00000000 ____D C:\Program Files\DAEMON Tools Lite
2016-01-26 18:12 - 2016-01-26 18:12 - 00689160 _____ (Disc Soft Ltd.) C:\Users\Phanto\Downloads\DTLiteInstaller.exe
2016-01-26 18:10 - 2016-01-26 18:10 - 00000196 _____ C:\Users\Phanto\Downloads\3f981d5e-1226-4514-8f96-dfa28b277ac3.htm
2016-01-26 18:06 - 2016-01-26 18:10 - 10216369 _____ C:\Users\Phanto\Downloads\aa97c18ac48ba2bbf7f8cc712b1f9f0b(1).rar.part
2016-01-24 22:58 - 2016-01-24 22:58 - 00014643 _____ C:\Users\Phanto\Downloads\1516-KL A-01-22-Spieler-Einsatz.zip
2016-01-24 22:58 - 2016-01-24 22:58 - 00002140 _____ C:\Users\Phanto\Downloads\1516-KL A-01-22-Karten-gesamt-bisher.csv
2016-01-24 18:58 - 2016-01-24 18:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoccerLobby
2016-01-24 18:50 - 2016-01-24 18:50 - 00334978 _____ (SoccerLobby ) C:\Users\Phanto\Downloads\Trainingsplan_Bundesliga_1394279281_2669.exe
2016-01-24 18:48 - 2016-01-24 18:49 - 00328231 _____ (SoccerLobby ) C:\Users\Phanto\Downloads\Trainingsplan_2_Liga_1394279365_2158.exe
2016-01-24 18:47 - 2016-01-24 18:47 - 01018370 _____ C:\Users\Phanto\Downloads\Tutorial---Trainingsplan.pdf
2016-01-24 18:47 - 2016-01-24 18:47 - 00597402 _____ C:\Users\Phanto\Downloads\Fähigkeitenübersicht-FM14.pdf
2016-01-24 18:12 - 2016-01-24 18:12 - 00000000 ____D C:\Users\Phanto\Documents\Fussball Manager 13
2016-01-24 17:49 - 2016-01-24 18:11 - 714065047 _____ () C:\Users\Phanto\Downloads\fm15-16_datensatz_deutschland_v1-0 (1).exe
2016-01-24 15:39 - 2016-01-24 15:39 - 00002419 _____ C:\Users\Phanto\Downloads\ProgrammingAssignment2-master.zip
2016-01-24 15:09 - 2016-01-24 15:09 - 00000153 _____ C:\Users\Phanto\.gitconfig
2016-01-20 21:26 - 2016-01-20 21:26 - 00000097 _____ C:\Users\Phanto\Downloads\Text
2016-01-20 21:19 - 2016-01-20 20:53 - 00037533 _____ C:\Users\Phanto\Downloads\Jugendleiter_Adressen.xlsx
2016-01-20 20:58 - 2016-01-20 20:58 - 00000000 ____D C:\Users\Phanto\AppData\Local\Steam
2016-01-17 10:52 - 2016-01-17 11:05 - 00000000 ____D C:\Users\Phanto\Downloads\Conny
2016-01-17 10:50 - 2016-01-17 10:50 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\Usenet.nl
2016-01-17 10:49 - 2016-01-17 10:50 - 00000000 ____D C:\Program Files (x86)\Usenet.nl
2016-01-17 10:48 - 2016-01-17 10:49 - 07457256 _____ ( ) C:\Users\Phanto\Downloads\canna_power_client_433867f (1).exe
2016-01-17 10:47 - 2016-01-17 10:48 - 07457256 _____ ( ) C:\Users\Phanto\Downloads\canna_power_client_433867f.exe
2016-01-13 23:07 - 2016-01-13 23:07 - 00014731 _____ C:\Users\Phanto\Documents\.RData
2016-01-13 22:38 - 2016-01-05 04:07 - 02463704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 22:38 - 2016-01-05 04:07 - 00377592 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 22:38 - 2016-01-05 04:06 - 08022368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 22:38 - 2016-01-05 04:06 - 01991120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 22:38 - 2016-01-05 04:06 - 01270104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 22:38 - 2016-01-05 04:06 - 01063504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 22:38 - 2016-01-05 04:06 - 00119800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 02824248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 02641928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 01591848 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 01150816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00862056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00787720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00784136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00779928 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00772448 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00751992 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00667856 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00249464 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00243248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00233992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 22:38 - 2016-01-05 04:04 - 00090912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 22:38 - 2016-01-05 04:04 - 00083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 22:38 - 2016-01-05 03:59 - 00781976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-01-13 22:38 - 2016-01-05 03:52 - 00441696 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 01817064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 00723648 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 22:38 - 2016-01-05 03:50 - 00345080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 22:38 - 2016-01-05 03:50 - 00251544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 22:38 - 2016-01-05 03:50 - 00205072 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 22:38 - 2016-01-05 03:31 - 01365576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 02459096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 02162064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 02152744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 01106872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 00882208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 22:38 - 2016-01-05 03:30 - 00368776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 22:38 - 2016-01-05 03:30 - 00100712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 22:38 - 2016-01-05 03:29 - 00208688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 02445128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00714808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00696192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00645144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00635312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00497896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00277400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00107952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 22:38 - 2016-01-05 03:28 - 00082096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 22:38 - 2016-01-05 03:28 - 00072808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 22:38 - 2016-01-05 03:21 - 00658528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-01-13 22:38 - 2016-01-05 03:18 - 21873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-01-13 22:38 - 2016-01-05 03:15 - 24592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 22:38 - 2016-01-05 03:15 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-01-13 22:38 - 2016-01-05 03:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-01-13 22:38 - 2016-01-05 03:15 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-01-13 22:38 - 2016-01-05 03:10 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2016-01-13 22:38 - 2016-01-05 03:10 - 00305776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 22:38 - 2016-01-05 03:10 - 00278424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 22:38 - 2016-01-05 03:10 - 00188032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 22:38 - 2016-01-05 03:09 - 01234944 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-01-13 22:38 - 2016-01-05 03:09 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 22:38 - 2016-01-05 03:02 - 01672192 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 22:38 - 2016-01-05 03:02 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 22:38 - 2016-01-05 03:02 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 22:38 - 2016-01-05 03:01 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 22:38 - 2016-01-05 03:00 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 22:38 - 2016-01-05 03:00 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-01-13 22:38 - 2016-01-05 02:59 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 22:38 - 2016-01-05 02:57 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-01-13 22:38 - 2016-01-05 02:57 - 00578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-01-13 22:38 - 2016-01-05 02:57 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 22:38 - 2016-01-05 02:56 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-01-13 22:38 - 2016-01-05 02:51 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 01009664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 22:38 - 2016-01-05 02:51 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:44 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-01-13 22:38 - 2016-01-05 02:44 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-01-13 22:38 - 2016-01-05 02:43 - 19324928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 22:38 - 2016-01-05 02:42 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-01-13 22:38 - 2016-01-05 02:38 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2016-01-13 22:38 - 2016-01-05 02:32 - 01541632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 22:38 - 2016-01-05 02:32 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 22:38 - 2016-01-05 02:31 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 22:38 - 2016-01-05 02:31 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 22:38 - 2016-01-05 02:30 - 18802176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-01-13 22:38 - 2016-01-05 02:29 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 22:38 - 2016-01-05 02:29 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 22:38 - 2016-01-05 02:26 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 22:38 - 2016-01-05 02:24 - 05454848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-01-13 22:38 - 2016-01-05 02:20 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 22:38 - 2016-01-05 02:19 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-10 09:32 - 2016-01-10 09:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
2016-01-10 09:32 - 2016-01-10 09:32 - 00000000 ____D C:\Program Files (x86)\FRITZ!BoxPrint
2016-01-10 09:32 - 2016-01-10 09:32 - 00000000 ____D C:\Program Files (x86)\FRITZ!Box
2016-01-10 09:32 - 2006-12-14 12:42 - 00069120 ____R (AVM Berlin) C:\WINDOWS\SysWOW64\avmadd32.dll
2016-01-10 09:32 - 2006-05-29 01:00 - 00016384 ____R (AVM Berlin GmbH) C:\WINDOWS\SysWOW64\avmprmon.dll
2016-01-09 18:45 - 2016-01-09 18:45 - 00052391 _____ C:\Users\Phanto\Desktop\antrag (1).pdf
2016-01-09 18:44 - 2016-01-09 18:44 - 00053786 _____ C:\Users\Phanto\Downloads\antrag (1).pdf
2016-01-07 18:24 - 2016-01-10 09:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-01-07 18:15 - 2016-01-07 18:15 - 00000000 _____ C:\Users\Phanto\Desktop\Neues Textdokument.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-05 19:20 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2016-02-05 19:15 - 2015-07-14 21:35 - 00002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-05 19:14 - 2015-07-14 21:34 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-05 18:51 - 2014-09-19 18:57 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-02-05 18:46 - 2015-07-10 10:05 - 08912896 ___SH C:\WINDOWS\system32\config\BBI
2016-02-05 18:45 - 2015-03-14 09:34 - 00000000 ____D C:\AdwCleaner
2016-02-05 18:42 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-05 18:42 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-02-05 18:41 - 2015-08-01 10:34 - 00000000 ____D C:\Users\Phanto
2016-02-05 18:38 - 2015-08-01 10:32 - 02080612 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-02-05 18:38 - 2015-07-10 17:34 - 00885982 _____ C:\WINDOWS\system32\perfh007.dat
2016-02-05 18:38 - 2015-07-10 17:34 - 00196578 _____ C:\WINDOWS\system32\perfc007.dat
2016-02-05 18:38 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2016-02-05 18:38 - 2015-04-29 16:42 - 00000000 ____D C:\Users\Phanto\AppData\Local\NXEPassportClient
2016-02-05 18:35 - 2015-02-24 17:41 - 00000000 ___RD C:\Users\Phanto\OneDrive
2016-02-05 18:32 - 2015-10-06 16:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-02-05 18:32 - 2015-09-18 15:06 - 00004164 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{01110DE6-B60C-43FF-805A-811430EA9A8D}
2016-02-05 18:32 - 2015-08-01 10:39 - 00002442 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-02-05 18:32 - 2015-08-01 10:31 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-02-05 18:32 - 2015-08-01 10:31 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-05 18:32 - 2015-07-14 21:34 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-05 18:32 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-02-05 18:32 - 2015-04-03 11:51 - 00000000 ____D C:\Users\Phanto\AppData\Local\HTC MediaHub
2016-02-05 18:32 - 2014-12-31 03:57 - 00000000 __SHD C:\Users\Phanto\IntelGraphicsProfiles
2016-02-03 20:19 - 2015-12-14 21:35 - 00000000 ____D C:\Program Files (x86)\GameXPComService
2016-02-03 20:18 - 2015-01-19 17:19 - 00000000 ____D C:\Users\Phanto\AppData\Local\ElevatedDiagnostics
2016-02-03 20:09 - 2015-07-14 21:34 - 00004198 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-03 20:09 - 2015-07-14 21:34 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-03 20:04 - 2015-02-23 18:57 - 00000000 ____D C:\Users\Phanto\AppData\Local\Spotify
2016-02-03 19:53 - 2015-02-23 18:56 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\Spotify
2016-01-28 21:56 - 2015-07-10 12:04 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-01-28 21:55 - 2014-09-19 18:58 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-01-28 21:45 - 2015-08-01 10:31 - 00000000 ____D C:\ProgramData\NVIDIA
2016-01-28 21:45 - 2015-01-19 17:21 - 00000000 ____D C:\temp
2016-01-28 21:44 - 2015-08-01 10:31 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-01-28 21:35 - 2014-12-31 16:20 - 00000000 ____D C:\Users\Phanto\AppData\Local\NVIDIA
2016-01-28 21:13 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\Provisioning
2016-01-27 20:17 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-01-27 20:16 - 2015-12-28 19:16 - 00000000 ____D C:\Users\Phanto\AppData\Local\CrashDumps
2016-01-27 20:00 - 2015-01-08 17:37 - 00000000 ____D C:\ProgramData\Oracle
2016-01-27 19:59 - 2015-08-27 13:36 - 00000000 ____D C:\Users\Phanto\.oracle_jre_usage
2016-01-27 19:59 - 2015-01-08 17:37 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-01-27 19:59 - 2015-01-08 17:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-27 19:59 - 2015-01-08 17:37 - 00000000 ____D C:\Program Files (x86)\Java
2016-01-27 19:53 - 2015-12-28 20:03 - 00000952 _____ C:\Users\Public\Desktop\FUSSBALL MANAGER 14.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002584 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002581 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002577 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002556 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002534 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002531 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-01-27 19:53 - 2015-12-21 20:14 - 00002467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-01-27 19:53 - 2015-12-13 15:09 - 00001826 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-01-27 19:53 - 2015-12-09 18:23 - 00001189 _____ C:\Users\Public\Desktop\FINAL FANTASY XIV - A Realm Reborn.lnk
2016-01-27 19:53 - 2015-11-06 18:43 - 00000556 _____ C:\Users\Public\Desktop\Guild Wars 2.lnk
2016-01-27 19:53 - 2015-10-06 16:48 - 00002298 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk
2016-01-27 19:53 - 2015-09-22 17:58 - 00000551 _____ C:\Users\Public\Desktop\KP-Darts.lnk
2016-01-27 19:53 - 2015-09-18 14:21 - 00000633 _____ C:\Users\Public\Desktop\Gameforge Live.lnk
2016-01-27 19:53 - 2015-08-27 16:10 - 00000981 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-01-27 19:53 - 2015-08-01 10:37 - 00001540 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-01-27 19:53 - 2015-07-06 17:21 - 00001849 _____ C:\Users\Public\Desktop\QuickTime Player.lnk
2016-01-27 19:53 - 2015-06-23 16:41 - 00002445 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-27 19:53 - 2015-04-27 16:34 - 00002693 _____ C:\Users\Public\Desktop\Skype.lnk
2016-01-27 19:53 - 2015-04-14 22:37 - 00002222 _____ C:\Users\Public\Desktop\tax 2015.lnk
2016-01-27 19:53 - 2015-03-20 20:01 - 00000919 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-01-27 19:53 - 2015-03-12 18:07 - 00000686 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader.lnk
2016-01-27 19:53 - 2015-03-12 18:07 - 00000655 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Deinstallationsprogramm.lnk
2016-01-27 19:53 - 2015-03-12 18:07 - 00000621 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JDownloader Update.lnk
2016-01-27 19:53 - 2015-03-09 12:12 - 00000933 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epic Games Launcher.lnk
2016-01-27 19:53 - 2015-02-24 17:43 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-01-27 19:53 - 2015-02-24 17:43 - 00001303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2016-01-27 19:53 - 2015-01-19 18:48 - 00000568 _____ C:\Users\Public\Desktop\TeamViewer 10.lnk
2016-01-27 19:53 - 2015-01-19 18:48 - 00000568 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2016-01-27 19:53 - 2015-01-09 20:48 - 00000630 _____ C:\Users\Public\Desktop\StarCraft II.lnk
2016-01-27 19:53 - 2015-01-08 19:43 - 00001065 _____ C:\Users\Public\Desktop\R x64 3.1.2.lnk
2016-01-27 19:53 - 2015-01-03 18:30 - 00000528 _____ C:\Users\Public\Desktop\Origin.lnk
2016-01-27 19:53 - 2015-01-03 18:20 - 00000516 _____ C:\Users\Public\Desktop\Steam.lnk
2016-01-27 19:53 - 2015-01-01 02:27 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-01-27 19:53 - 2014-12-30 22:15 - 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-01-27 19:53 - 2014-09-19 18:59 - 00001488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-01-27 19:53 - 2014-09-19 18:59 - 00001372 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-01-27 19:53 - 2014-09-19 18:47 - 00001839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCM.lnk
2016-01-27 19:52 - 2015-10-01 17:29 - 00000911 _____ C:\Users\Public\Desktop\CCleaner.lnk
2016-01-27 19:52 - 2015-03-09 12:12 - 00000933 _____ C:\Users\Public\Desktop\Epic Games Launcher.lnk
2016-01-27 19:52 - 2015-03-09 08:09 - 00001924 _____ C:\Users\Public\Desktop\1&1 Surf-Stick.lnk
2016-01-27 19:52 - 2015-01-09 20:44 - 00001126 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-01-27 19:52 - 2015-01-03 18:58 - 00000848 _____ C:\Users\Public\Desktop\FIFA 15.lnk
2016-01-27 19:51 - 2015-12-28 20:09 - 00001097 _____ C:\Users\Phanto\Desktop\FUSSBALL MANAGER 15-16.lnk
2016-01-27 19:51 - 2015-12-22 22:35 - 00002282 _____ C:\Users\Phanto\Desktop\Git Shell.lnk
2016-01-27 19:51 - 2015-12-14 21:54 - 00000788 _____ C:\Users\Phanto\Desktop\Echo Of Soul.lnk
2016-01-27 19:51 - 2015-11-19 17:47 - 00000965 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2016-01-27 19:51 - 2015-11-19 17:47 - 00000917 _____ C:\Users\Phanto\Desktop\Start Tor Browser.lnk
2016-01-27 19:51 - 2015-10-06 18:27 - 00001359 _____ C:\Users\Phanto\Desktop\ANSTOSS 2007.lnk
2016-01-27 19:51 - 2015-08-01 10:39 - 00001061 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-01-27 19:51 - 2015-07-25 14:50 - 00001975 _____ C:\Users\Phanto\Desktop\Samsung Link post.sventhomas@gmail.com.lnk
2016-01-27 19:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\security
2016-01-27 19:51 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SchCache
2016-01-27 19:51 - 2015-03-12 18:07 - 00000722 _____ C:\Users\Phanto\Desktop\JDownloader.lnk
2016-01-27 19:51 - 2015-02-23 18:57 - 00001824 _____ C:\Users\Phanto\Desktop\Spotify.lnk
2016-01-27 19:51 - 2015-02-23 18:57 - 00001810 _____ C:\Users\Phanto\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2016-01-27 19:51 - 2015-01-08 19:45 - 00000932 _____ C:\Users\Phanto\Desktop\RStudio.lnk
2016-01-27 19:51 - 2015-01-01 16:28 - 00000540 _____ C:\Users\Phanto\Desktop\Glyph.lnk
2016-01-27 19:51 - 2014-12-31 11:45 - 00000649 _____ C:\Users\Phanto\Desktop\Uplay.lnk
2016-01-27 19:51 - 2014-12-31 02:06 - 00000623 _____ C:\Users\Phanto\Desktop\Atlantica Europe.lnk
2016-01-27 19:51 - 2014-09-19 18:57 - 00002263 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2016-01-26 19:53 - 2015-01-08 19:45 - 00000000 ____D C:\Users\Phanto\AppData\Local\RStudio-Desktop
2016-01-26 19:04 - 2015-01-09 00:14 - 00007932 _____ C:\Users\Phanto\Documents\.Rhistory
2016-01-26 19:03 - 2015-10-21 10:12 - 00000000 ____D C:\WINDOWS\Minidump
2016-01-26 19:02 - 2015-10-01 17:18 - 00150016 ___SH C:\Users\Phanto\Desktop\Thumbs.db
2016-01-26 18:35 - 2015-07-10 10:05 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-01-26 18:26 - 2014-12-31 15:29 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-26 18:09 - 2014-12-31 15:29 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-25 18:34 - 2015-07-23 03:02 - 12474312 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-01-24 22:53 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-01-24 22:53 - 2015-02-16 20:40 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-24 22:53 - 2015-02-16 20:40 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-24 18:58 - 2015-12-28 20:09 - 00000000 ____D C:\Users\Phanto\Documents\FUSSBALL MANAGER 14
2016-01-24 17:48 - 2015-12-22 22:35 - 00000000 ____D C:\Users\Phanto\AppData\Roaming\GitHub
2016-01-24 17:48 - 2015-12-22 22:35 - 00000000 ____D C:\Users\Phanto\AppData\Local\GitHub
2016-01-24 17:09 - 2015-12-22 22:32 - 00000000 ____D C:\Users\Phanto\AppData\Local\Deployment
2016-01-24 14:55 - 2015-12-22 22:35 - 00000000 ____D C:\Users\Phanto\Documents\GitHub
2016-01-23 04:31 - 2015-07-23 03:02 - 03648552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-01-23 04:31 - 2015-07-23 03:02 - 03230824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-01-23 04:31 - 2015-07-23 03:02 - 00035832 _____ C:\WINDOWS\system32\nvinfo.pb
2016-01-23 02:01 - 2015-08-01 10:31 - 06366656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 02992064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 02563128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 01263040 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-01-23 02:01 - 2015-08-01 10:31 - 00530368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 00393784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 00083512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-01-23 02:01 - 2015-08-01 10:31 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-01-22 03:06 - 2015-08-01 10:31 - 06125650 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-01-20 21:21 - 2015-08-01 10:37 - 00000000 ____D C:\Users\Phanto\AppData\Local\Packages
2016-01-18 19:38 - 2015-01-13 00:10 - 00000000 ____D C:\Users\Phanto\Documents\Youcam
2016-01-17 17:45 - 2015-04-27 16:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-01-17 10:49 - 2015-03-20 19:46 - 00000000 ____D C:\Users\Phanto\Documents\Usenet.nl
2016-01-13 22:44 - 2015-02-16 20:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 22:43 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-12 18:22 - 2015-06-23 16:41 - 00003972 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-01-12 05:41 - 2014-12-31 16:20 - 01316184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2016-01-12 05:41 - 2014-12-30 22:00 - 01542600 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2016-01-12 05:40 - 2015-12-28 19:29 - 00112032 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2016-01-12 05:40 - 2014-12-31 16:20 - 01756608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2016-01-12 05:40 - 2014-12-30 22:00 - 01860120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2016-01-10 09:26 - 2014-12-30 22:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-31 01:42 - 2014-12-31 01:47 - 1572864000 _____ () C:\Program Files (x86)\Atlantica.tmp.001
2014-12-31 01:47 - 2014-12-31 01:52 - 1572864000 _____ () C:\Program Files (x86)\Atlantica.tmp.002
2014-12-31 01:52 - 2014-12-31 01:56 - 1262969925 _____ () C:\Program Files (x86)\Atlantica.tmp.003
2014-12-31 01:42 - 2014-12-31 01:42 - 0435736 _____ () C:\Program Files (x86)\Setup_Atlantica_41025.exe
2015-06-27 08:29 - 2015-06-27 10:10 - 0037173 _____ () C:\Users\Phanto\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2015-06-13 10:34 - 2015-10-19 09:39 - 0000600 _____ () C:\Users\Phanto\AppData\Local\PUTTY.RND
2015-10-21 15:31 - 2015-10-21 15:31 - 0003969 _____ () C:\Users\Phanto\AppData\Local\recently-used.xbel
Einige Dateien in TEMP:
====================
C:\Users\Phanto\AppData\Local\Temp\HitmanPro.exe
C:\Users\Phanto\AppData\Local\Temp\jre-8u71-windows-au.exe
C:\Users\Phanto\AppData\Local\Temp\sqlite3.dll
C:\Users\Phanto\AppData\Local\Temp\vmO0silF6n.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-03 20:17
==================== Ende von FRST.txt ============================
Viele Grüße |
|
07.02.2016, 13:05
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10, www.smartnewtab.com Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Untersuchen klicken.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2016, 13:32
| #10 |
| | Windows 10, www.smartnewtab.com Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Phanto (2016-02-05 19:26:47)
Gestartet von C:\Users\Phanto\Downloads
Windows 10 Home (X64) (2015-08-01 09:37:17)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4238552743-3114925317-4059068160-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4238552743-3114925317-4059068160-503 - Limited - Disabled)
Gast (S-1-5-21-4238552743-3114925317-4059068160-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4238552743-3114925317-4059068160-1002 - Limited - Enabled)
Phanto (S-1-5-21-4238552743-3114925317-4059068160-1000 - Administrator - Enabled) => C:\Users\Phanto
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
1&1 Surf-Stick (HKLM-x32\...\{7438DA7D-782C-450F-BCDC-5FC54E6831B8}) (Version: 1.0.0.2 - ZTE Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.8.158 - Adobe Systems, Inc.)
Akamai NetSession Interface (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
ANSTOSS 2007 (Version 7.1.0.5) (HKLM-x32\...\{FA031DA5-05D0-4937-BD2B-DCEC47A2506B}_is1) (Version: 7.1.0.5 - ASCARON Entertainment GmbH)
ANSTOSS 3 (HKLM-x32\...\ANSTOSS 3_is1) (Version: - )
Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Atlantica Online Europe (HKLM-x32\...\Atlantica Online Europe) (Version: 50110 - Nexon Europe)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 4.0.1408.201 - )
CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
Club Manager 2016 (HKLM\...\Q2x1Yk1hbmFnZXIyMDE2_is1) (Version: 1 - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4612 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0115 - Disc Soft Ltd)
Dragon Gaming Center (HKLM-x32\...\InstallShield_{965B16C7-0778-4C45-B7D1-83A59E6FBBCB}) (Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.)
Dragon Gaming Center (x32 Version: 1.0.1403.0501 - Micro-Star International Co., Ltd.) Hidden
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Echo of Soul (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\echoofsoul_de) (Version: - )
ELAN Touchpad 15.13.3.1_X64_WHQL (HKLM\...\Elantech) (Version: 15.13.3.1 - ELAN Microelectronic Corp.)
Epic Games Launcher (HKLM\...\{325AC861-EDAF-440B-97DD-259906E216D3}) (Version: 1.1.24.0 - Epic Games, Inc.)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FUSSBALL MANAGER 14 (HKLM-x32\...\{5FC27E1E-08C0-4346-A321-ED2D31FAE936}) (Version: 1.0.0.0 - Electronic Arts)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GitHub (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\5f7eb300e2ea4ebf) (Version: 3.0.11.0 - GitHub, Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Happy Cloud Client (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\HappyCloud) (Version: 5.88 - Happy Cloud, Inc.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.16.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.44.5 - HTC)
iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: 5.1.0.34 - Apple Inc.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1405.3) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.2.1000 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{85b9d34f-7397-4e39-8600-07942ef6ca04}) (Version: 17.0.5 - Intel Corporation)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden
KP-Darts 0.9.9 (HKLM-x32\...\{0A8762F8-B3C7-4015-B10E-DAAC0483C9EB}_is1) (Version: 0.9.9 - wwww.kpdarts.de)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6366.2062 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSI Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.0.1 - Micro-Star International Co., Ltd.)
MSI Remind Manager (HKLM-x32\...\InstallShield_{3E23F267-3E35-40F9-B6BF-BC034D214717}) (Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.)
MSI Remind Manager (x32 Version: 1.0.1408.1401 - Micro-Star International Co., Ltd.) Hidden
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9.2 - Notepad++ Team)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6326.1022 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.5.3.636 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.)
Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Network Manager (Version: 1.1.41.1283 - Qualcomm Atheros) Hidden
Qualcomm Atheros Performance Suite (HKLM-x32\...\{68DD86DD-8E02-4921-926B-B358D51EAF3A}) (Version: 1.1.41.1283 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{627FFC10-CE0A-497F-BA2B-208CAC638010}) (Version: 7.77.80.95 - Apple Inc.)
R for Windows 3.1.2 (HKLM\...\R for Windows 3.1.2_is1) (Version: 3.1.2 - R Core Team)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21249 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
RStudio (HKLM-x32\...\RStudio) (Version: 0.98.1091 - RStudio)
Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG)
SCM (HKLM\...\{F5D84549-523F-438F-8ACC-0944E30EF78C}) (Version: 13.014.09014 - Application)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Sound Blaster Cinema (HKLM-x32\...\{8801CA65-921A-4CCC-9D63-879D1D0BAA97}) (Version: 1.00.05 - Creative Technology Limited)
Sphere 3 (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Sphere 3_is1) (Version: - GameXP)
Spotify (HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\Spotify) (Version: 1.0.8.59.gee82e7e6 - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.450.22786 - SteelSeries)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.020 - MSI)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tax 2015 (HKLM-x32\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.05.8946 - Buhl Data Service GmbH)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
The Crew (Worldwide) (HKLM-x32\...\Uplay Install 413) (Version: - Ubisoft)
Trainingspläne Version 1.0 (HKLM-x32\...\{F8A382D7-5453-4E2C-AD53-A598D868B3EE}_is1) (Version: 1.0 - SoccerLobby)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.0 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C1}) (Version: 15.0.9411 - WinZip Computing, S.L. )
XSplit Gamecaster (HKLM-x32\...\{4B72B9B7-9B87-4792-B9E3-713E6454B25F}) (Version: 1.8.1406.0912 - SplitmediaLabs)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4238552743-3114925317-4059068160-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Phanto\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {048F2D98-3C25-4A91-915C-5DD709863A04} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {064CAC79-630E-4471-B56C-0192721A2AFF} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {080D98F4-501E-471A-B9DD-970E1AC97F71} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {0C249DFE-5E22-440B-BE04-3D426B23012C} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {10D4E9ED-83BF-4DC8-B7A5-0DDD0FF3ED70} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {14DE0256-194D-4425-AB83-5A77F5F01895} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1ACE9872-F58A-4CD6-98D9-902DB29110D6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {1B027CC9-53D0-4F4B-B262-CD8896EC4D50} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD)
Task: {1B662D56-876B-41D6-91C1-D83E8048F1EC} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {20C3A3FF-44B0-4352-A005-AEBA869173D0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {21BBAA4C-BA0A-4DAC-9B89-C70222F2134D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {21DFC730-980B-48C5-ABB2-5283AAF398B9} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated)
Task: {3238A088-70FD-480E-94D0-2DF316F24641} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {341011EB-A0A5-49A5-9B34-DAAC276E4F87} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {34261A13-1D8A-4F67-88CB-2D2F8B0B4C99} - System32\Tasks\{E1CEF4A0-9055-4390-84E7-5A1A535A49B1} => Firefox.exe hxxp://ui.skype.com/ui/0/7.4.80.102/de/abandoninstall?page=tsBing
Task: {3C8CECCF-D10D-4966-B79B-19DD1F9A1506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {4A952494-47BA-466F-A1BA-2D62850649E0} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {4C821024-9C88-4A33-8226-2F6321E1306D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {4DFC5B4E-FBF9-4C24-98E6-DC1FC7A61421} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {51902728-5A1D-4192-8A66-A57E98D432A8} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {67C00E46-2745-4049-88D8-5DC5510A0951} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {6819D980-16BF-4F0C-A3D6-6C14E2E8EC74} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-01-17] (Microsoft Corporation)
Task: {69016975-61E8-41B1-AF32-35E438BB4611} - System32\Tasks\{1747D35E-5A2A-49A7-B89C-5DA06058C306} => pcalua.exe -a D:\LoL\lol.launcher.exe -d D:\LoL\
Task: {6E8B1CB5-A596-4897-95ED-1AC0ADEE569C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {6F1A46CF-CA15-41F4-A82C-BB9ED998B42C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6F74DEA4-A5F4-4DA9-88F0-0F86A6AA3EC7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6FD25197-AD86-4CEE-B62C-B0D192B8F61E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {7A9E2538-12BA-4DBF-A04D-DCFF6E3C2C6B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-07-14] (Google Inc.)
Task: {83E3363A-8FA3-4D4C-92E1-3BC1491422D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {876F7FFF-1569-4799-9AFA-1EEAC8B2AEF8} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {8C68F145-6294-4C7D-BC3C-32ED14197286} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-08] (Piriform Ltd)
Task: {8D75F864-DA07-4260-A370-9470D2F10667} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {96921671-A948-43C8-82DF-1D586094E6F1} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {9A02C6A7-9D8E-4774-AA1D-8A0D85C7333C} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {9D08FA0B-98DE-4186-ADB9-51F2DB8FB847} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2016-01-19] (Microsoft Corporation)
Task: {A20B2CAE-96B0-4388-B8C9-A8AC43E1FEAA} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {AA1529A3-013C-44F3-BE23-3E0CF4F64D99} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated)
Task: {B8885750-CBAA-4990-93EB-2B3C6E345FFD} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BAB7E0C6-5F5C-43B9-9B2D-87ACCA314FD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {BB3C0071-D01F-4483-A0A8-58006823F203} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {BB58AA26-F94C-4D52-B177-778376017BB0} - System32\Tasks\GameXPComService Autoupdate => C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe [2015-12-04] ()
Task: {C4699319-C1E3-4975-9DF3-52B39C895E7E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {C605721B-24FD-4DF6-88EF-DE759B1936BE} - System32\Tasks\{4A51EB8C-A08C-451F-A0E3-DFE04405AE7A} => pcalua.exe -a "C:\Program Files (x86)\ANSTOSS 3\SGLSetup.exe" -d "C:\Program Files (x86)\ANSTOSS 3"
Task: {C8C4C2CC-04BE-48F0-88BB-E3D158D8E470} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CF3E13F6-BE90-4438-836A-F432330608F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {CFBC4025-4505-4E14-B6F1-7DD4431BC613} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {D66AEDB6-924C-4828-93F6-CCC3ED363EC2} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D69CCAAD-2C03-4945-9F8D-FEB472AFC9A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {D8969DD5-A487-4C82-A87D-3DC5FE779F9B} - System32\Tasks\MSI_Dragon Gaming Center => C:\Program Files (x86)\MSI\Dragon Gaming Center\mDispatch.exe [2014-01-23] (TODO: <公司名稱>)
Task: {E0BBC497-AE42-477B-8754-9DDF33811797} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {E5190D7F-16FE-4838-9C61-7470C3A129D2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {E96B5C88-38C7-4D41-B91D-3D55151FA1D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {FB28F2CA-F65F-4B32-ACE2-1B1A75803FC9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-26] (Microsoft Corporation)
Task: {FB330F3F-E78A-4806-9874-79155CBCBF88} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-07-10 12:00 - 2015-07-10 12:00 - 00028160 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-08-01 11:43 - 2015-08-01 11:43 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-01-20 22:35 - 2015-01-20 22:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-20 07:58 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-12-21 19:57 - 2016-01-17 14:46 - 00171712 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-12-14 21:35 - 2015-12-04 11:59 - 00602352 _____ () C:\Program Files (x86)\GameXPComService\gamexpcomsvc.exe
2015-12-28 19:28 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2013-10-17 14:27 - 2013-10-17 14:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2015-07-19 21:30 - 2015-03-18 14:22 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2015-07-19 21:30 - 2015-03-18 14:22 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2015-07-19 21:30 - 2015-03-18 14:22 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 10:25 - 2013-12-21 10:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 10:26 - 2013-12-21 10:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00030720 _____ () C:\WINDOWS\SYSTEM32\MediaDB64.dll
2013-10-22 08:52 - 2013-10-22 08:52 - 00908800 _____ () C:\WINDOWS\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 10:27 - 2013-12-21 10:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00049152 _____ () C:\WINDOWS\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00016896 _____ () C:\WINDOWS\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00058880 _____ () C:\WINDOWS\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 18:19 - 2013-07-23 18:19 - 00299520 _____ () C:\WINDOWS\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2015-07-19 21:30 - 2015-03-18 14:22 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2015-08-01 10:33 - 2015-08-01 10:33 - 00669696 ____N () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 17:09 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-12-08 20:25 - 2015-12-08 20:25 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-10-01 17:09 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-12-09 17:33 - 2015-11-25 05:20 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 17:33 - 2015-11-25 05:17 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 17:33 - 2015-11-25 05:24 - 00884736 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2015-12-09 17:33 - 2015-11-25 05:17 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 17:09 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-12-09 17:33 - 2015-11-25 05:18 - 00928768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesBackgroundTasks.dll
2015-12-09 17:33 - 2015-11-25 05:17 - 00619008 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SignalsManager.dll
2015-10-01 17:09 - 2015-09-17 06:43 - 02028544 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RulesService.dll
2015-03-19 16:16 - 2015-03-19 16:16 - 00031080 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2015-03-19 16:16 - 2015-03-19 16:16 - 00607376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00059752 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00036216 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2015-03-19 16:17 - 2015-03-19 16:17 - 00080248 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2015-03-19 16:18 - 2015-03-19 16:18 - 00129376 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2015-03-19 16:19 - 2015-03-19 16:19 - 00223592 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 08:48 - 2013-10-22 08:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 15:53 - 2013-10-24 15:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 15:38 - 2013-04-19 15:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-12-11 15:46 - 2013-12-11 15:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 18:49 - 2013-10-25 18:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 15:45 - 2013-12-11 15:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 18:53 - 2013-10-25 18:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 18:48 - 2013-10-25 18:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 18:42 - 2013-02-14 18:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2014-09-19 18:21 - 2013-09-16 20:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-07-15 22:56 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-02-05 19:15 - 2016-02-03 08:27 - 01632584 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libglesv2.dll
2016-02-05 19:15 - 2016-02-03 08:27 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.103\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2016-01-26 18:24 - 00000967 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\Control Panel\Desktop\\Wallpaper -> C:\Windows\system32\oobe\info\Wallpaper\win7wallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupreg: EADM => "D:\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Spotify => "C:\Users\Phanto\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Phanto\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "KeePass 2 PreLoad"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "ApplePhotoStreams"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-4238552743-3114925317-4059068160-1000\...\StartupApproved\Run: => "iCloud"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{86770F7D-6595-4206-88B0-663D0ADBB82A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{56296562-D3F7-4532-9114-640D35175CD7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A0EF6B99-AE45-400A-84A4-032C4050424A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{87D4F657-DDB0-4327-9391-84D7A41F4C27}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9F87469A-5D4A-4236-8006-19854781C8DF}] => (Allow) LPort=1900
FirewallRules: [{C04A542F-C6CC-4642-9AC0-D0E90A60D81A}] => (Allow) LPort=7900
FirewallRules: [{AF01593C-29EE-4A3F-B291-DF6D8FBA08A1}] => (Allow) LPort=24234
FirewallRules: [{F95D9C70-C7C4-4841-90DE-D410E881E6E1}] => (Allow) LPort=7679
FirewallRules: [{54FDA514-C5BE-421F-B49D-33AEBA8167FD}] => (Allow) LPort=7676
FirewallRules: [{FD7BC440-C769-4088-B9D3-092CB028CFDF}] => (Allow) LPort=8643
FirewallRules: [{149CB2BD-C0DB-4893-BEB7-1C5DADBB89BE}] => (Allow) LPort=8743
FirewallRules: [{E77BBF4A-4F4F-463D-8325-273F937BA692}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{F7CCD478-E92D-4D13-88B3-5CFA3E929A1F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{7FFB1A12-9982-42B0-92E3-E7A91E8B712A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{B319BF28-F265-4318-952B-7E2B0FE3F357}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{C6C71B84-2CC8-4ADD-8A95-233D7273D10E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{6F2DC108-DC11-4CF3-AF25-164DDDCF0C1D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{1924DEA7-41A3-4CFC-96FE-F20ECFB636D6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EBF58911-A06F-4865-8D27-1448A1814EFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{42CF0295-F8A3-48C7-A005-874F23AB888C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{EA6E9F0A-5B56-42E3-AFE3-C779AF7CEE75}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{9D7705F8-CB43-429E-9F6F-1005F95ED64B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{B6E3B0B6-B0A1-4821-82B3-0CCBD865F83C}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{A9F9BDD9-3DC6-4B01-A587-7E75BC8E3F4D}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{D99A1326-FA94-4F77-827D-994EC8CF629C}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{6AF58922-1E36-45C0-BAE1-D38BCD35F6E5}] => (Allow) C:\Program Files (x86)\HTC\HTC Sync Manager\HTCSyncManager.exe
FirewallRules: [UDP Query User{483AF1A7-E906-4080-B62E-EB5D8C48ED28}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{DB504A58-872B-44D4-ABCD-4E31179BF3DF}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{CAC1A80D-2F23-4273-B38A-583C9D3A0D6A}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{84490DB6-BD5B-486F-95B4-113A56A2BEAF}] => (Allow) LPort=1900
FirewallRules: [{39FD3270-5EA2-415F-A30E-D93E4A17E6BE}] => (Allow) LPort=2869
FirewallRules: [{135D237D-14FD-43C6-AED3-4D5AE46D0FF3}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{89CF8B40-23D1-4FE7-8868-9D4E9CD0F33A}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{3364509A-967C-49D4-ADAF-28EBB94556C8}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{72A1F7A2-23B1-47B8-9ADF-853CAB967433}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{EE9A3162-6C21-4FFF-A6F6-E7C02E16001A}C:\users\phanto\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\phanto\appdata\roaming\spotify\spotify.exe
FirewallRules: [{2AB96FD9-2A1B-4860-BD6B-6AFAFB681C66}] => (Allow) D:\teamviewer\TeamViewer_Service.exe
FirewallRules: [{5AE6C4A9-285C-4657-9272-3B1A5BB030EA}] => (Allow) D:\teamviewer\TeamViewer_Service.exe
FirewallRules: [{D956CB45-9BA7-4B95-96E7-8B0F5BAD75EE}] => (Allow) D:\teamviewer\TeamViewer.exe
FirewallRules: [{4E913255-36F1-4099-970C-2AC01F13E8A5}] => (Allow) D:\teamviewer\TeamViewer.exe
FirewallRules: [{85A859AF-AB67-4535-AD38-4BE513117D95}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{57DEC05E-9F87-4886-9323-1851D36BE575}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{A88D174A-27A2-4E63-BFA4-C6FABB1A6E93}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{A98DA9D4-D863-435E-BB45-FB4122DACE14}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [{03B88F9E-97BF-4361-8DCC-17D0AE70298C}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{0451974B-2FED-44C6-AF7D-AD3782E9DB09}] => (Allow) D:\StarCraft II\StarCraft II.exe
FirewallRules: [{DB11D88E-FEB2-4901-873B-1BA86F83F844}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{3CE8B8DC-F924-4217-8C6A-52722B777B2E}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{094AFDE6-4BB9-4830-B858-5F728DEDF797}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [{F09519D9-0E3B-4B75-B909-DC3A713E030D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3634\Agent.exe
FirewallRules: [UDP Query User{1C5DD154-A7D3-4A2E-B36B-8075571E1FE3}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [TCP Query User{58F1EFCC-4E7C-4699-AC85-4D9DCE4A0651}D:\program files (x86)\origin games\fifa 15\fifa15.exe] => (Allow) D:\program files (x86)\origin games\fifa 15\fifa15.exe
FirewallRules: [{5CDE8E0D-1C9D-4B24-A3DE-63FDC98E7CA8}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{060AFA2E-56B2-4B73-8771-0EF1FEFE456F}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{86705826-E598-4AC5-B56D-ED6775CB48B0}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{E327134F-8B79-4B2B-8ADF-49B0C04A6F86}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{07066F5B-9BE3-421D-BCDE-35DA63FCB245}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{CF23E5A5-60AA-4C2F-9505-41860C878548}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{8A7F880D-59FD-4087-B53D-7EE9FACFA1D9}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{DA9A5997-BFC1-492B-98FD-B207C57C23CD}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\IGE_WPF64.exe
FirewallRules: [{1E5D0EC8-D552-4440-85EB-E9A1B514EE37}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [{EE7CC4EA-3D8E-4252-B8D5-D0C8D4A3B913}] => (Allow) D:\Ubisoft Game Launcher\games\Far Cry 4\bin\FarCry4.exe
FirewallRules: [UDP Query User{2623B6BD-685D-4356-822A-6F062C6F77CA}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{1363954A-562B-4DC8-874B-7E6E43B49318}C:\users\phanto\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\phanto\appdata\local\akamai\netsession_win.exe
FirewallRules: [{904F8F7B-94D4-48FA-8089-22E3C5C5535A}] => (Allow) D:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{45B7F4FB-C675-4926-8669-EF7B0CDA65A1}] => (Allow) D:\Ubisoft Game Launcher\games\The Crew (Worldwide)\TheCrew.exe
FirewallRules: [{696DCBA3-F724-43BD-B196-40A93240592E}] => (Allow) C:\Users\Phanto\Downloads\WLAN-Optimierer (1).exe
FirewallRules: [{A2CB6DF4-A48B-484B-8F7E-0619A7102E78}] => (Allow) C:\Users\Phanto\Downloads\WLAN-Optimierer (1).exe
FirewallRules: [TCP Query User{EE7EA38B-1F9A-4C6A-9D2C-6D2C9434E7CE}D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [UDP Query User{9FD00343-C887-4B1A-A0D4-9B5FEDFF650E}D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe] => (Allow) D:\ubisoft game launcher\games\the crew (worldwide)\thecrew.exe
FirewallRules: [{3054945C-4775-4258-BE72-2637E09FA3B0}] => (Allow) %systemroot%\system32\alg.exe
FirewallRules: [{4F0E297E-1A29-4113-8985-4F9DAA3BEC45}] => (Allow) D:\GameforgeLive\gfl_client.exe
FirewallRules: [{19024840-8AE9-4BC4-81D5-8F464C396768}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2398C1B9-F75D-4EFF-82D5-BF3FB61247AE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{234E4BF2-14AC-460C-AB81-5E8EDB26B464}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7BCD623F-16D2-4111-BE1A-B5E2C2132B46}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C74F711F-0243-4D7D-8BA8-9779A6C0E7C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6CD2AAD1-C6BA-4EE2-BB01-4DB1D70AC22B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A4F7067-5323-4861-9130-8247A71574FA}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{5B0FD993-BE76-44F2-817E-64732BEAF1B0}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivboot.exe
FirewallRules: [{45A4BFAF-D13A-4D53-AB70-B84633E9E74D}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{604291D3-D935-4FA2-A9F3-610703072C62}] => (Allow) D:\FF\SquareEnix\FINAL FANTASY XIV - A Realm Reborn\boot\ffxivlauncher.exe
FirewallRules: [{232B7960-19CF-4C03-9B6B-E27B4468054E}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{2314BA12-4323-4CC9-A7B7-9807BFA872BE}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\launchpoint.exe
FirewallRules: [{55E8F8AC-CE99-4394-B1A9-689E46A9CC67}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\launchpoint.exe
FirewallRules: [{E704E7C9-DF6B-45BE-8055-95B27552B7CC}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphere3.exe
FirewallRules: [{A832DCA5-5950-4F35-87FA-2F97DB74077E}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphere3.exe
FirewallRules: [{86F981EC-304C-4117-8CEC-90337DDB0006}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphereclient.exe
FirewallRules: [{C340A9E2-B5EF-4A7B-8909-2ED6E0CD6A8E}] => (Allow) D:\GameXPCom\AccessPoint\installed\Sphere 3\sphereclient.exe
FirewallRules: [{DBF54A06-9BDE-4728-9CD1-A329F6FBEA89}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{CEC12B7F-0319-4CA9-AE2D-8CB3434AC44A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0EA4AA32-53AD-4B38-99B4-C048D53E0634}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{820FB97A-5634-4967-B146-1B6DDAF361E1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{E12CBB92-D203-421E-8793-FE4CB9A1040B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{FEC42384-6DBE-4155-A66D-F6534965FBE3}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [{FDA0A545-F05A-4B49-9AF8-9FBB59539505}] => (Allow) D:\Program Files (x86)\Origin Games\FIFA Manager 14\Manager14.exe
FirewallRules: [TCP Query User{2A8E8E0B-3519-4C39-9E31-9C0D3C63527A}D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe] => (Allow) D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe
FirewallRules: [UDP Query User{1D16C6D2-717E-478C-A858-673951AA35A9}D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe] => (Allow) D:\program files (x86)\origin games\fifa manager 14\manager15-16.exe
FirewallRules: [{AFB6348C-F429-4CD3-86D3-79C5024F4097}] => (Allow) E:\fsetup.exe
FirewallRules: [{5A0D8BDF-AF0F-4773-BED1-1B86020113DF}] => (Allow) E:\fsetup.exe
FirewallRules: [{48735391-B3A3-4C7D-8875-3AC59288E9F6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/05/2016 06:40:11 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_f41f7b285750ef43.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10240.16384_none_3bccb1ff6bcd1849.manifest.
Error: (02/05/2016 06:32:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0xcfc
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x2a20
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:34 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0xa34
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x2620
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:24 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0xb44
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x2628
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x2978
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x242c
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Error: (02/05/2016 06:33:04 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: AllShareFrameworkDMS.exe, Version: 1.3.0.23, Zeitstempel: 0x52b52bb2
Name des fehlerhaften Moduls: DMSManager.dll, Version: 0.0.0.0, Zeitstempel: 0x52a81842
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001d30e
ID des fehlerhaften Prozesses: 0x152c
Startzeit der fehlerhaften Anwendung: 0xAllShareFrameworkDMS.exe0
Pfad der fehlerhaften Anwendung: AllShareFrameworkDMS.exe1
Pfad des fehlerhaften Moduls: AllShareFrameworkDMS.exe2
Berichtskennung: AllShareFrameworkDMS.exe3
Vollständiger Name des fehlerhaften Pakets: AllShareFrameworkDMS.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: AllShareFrameworkDMS.exe5
Systemfehler:
=============
Error: (02/05/2016 06:35:02 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/05/2016 06:32:06 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1058
Error: (02/05/2016 06:46:05 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (02/05/2016 06:45:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/05/2016 06:45:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/05/2016 06:45:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/05/2016 06:45:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session2" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/05/2016 06:45:37 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (02/05/2016 06:45:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (02/05/2016 06:45:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-01-09 18:45:11.978
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.961
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.924
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-09 18:45:11.904
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-07 17:30:08.667
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.397
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.376
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.349
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-01-05 17:36:55.324
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4210H CPU @ 2.90GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8112.21 MB
Verfügbarer physikalischer RAM: 4061.68 MB
Summe virtueller Speicher: 16304.21 MB
Verfügbarer virtueller Speicher: 11264.86 MB
==================== Laufwerke ================================
Drive c: (OS_Install) (Fixed) (Total:118.7 GB) (Free:14.44 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (Data) (Fixed) (Total:917.68 GB) (Free:424.98 GB) NTFS
Drive f: (Club Manager 2016) (CDROM) (Total:0.8 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: CFBDCE17)
Partition 1: (Not Active) - (Size=13.8 GB) - (Type=27)
Partition 2: (Not Active) - (Size=917.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: CFBDCE32)
Partition 1: (Active) - (Size=100 MB) - (Type=27)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
07.02.2016, 13:33
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10, www.smartnewtab.com FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {21BBAA4C-BA0A-4DAC-9B89-C70222F2134D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {6F1A46CF-CA15-41F4-A82C-BB9ED998B42C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6F74DEA4-A5F4-4DA9-88F0-0F86A6AA3EC7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6FD25197-AD86-4CEE-B62C-B0D192B8F61E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {83E3363A-8FA3-4D4C-92E1-3BC1491422D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8D75F864-DA07-4260-A370-9470D2F10667} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BAB7E0C6-5F5C-43B9-9B2D-87ACCA314FD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C8C4C2CC-04BE-48F0-88BB-E3D158D8E470} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CF3E13F6-BE90-4438-836A-F432330608F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D69CCAAD-2C03-4945-9F8D-FEB472AFC9A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E96B5C88-38C7-4D41-B91D-3D55151FA1D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2016, 13:42
| #12 |
| | Windows 10, www.smartnewtab.comCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016
durchgeführt von Phanto (2016-02-05 18:35:04) Run:1
Gestartet von C:\Users\Phanto\Downloads
Geladene Profile: Phanto (Verfügbare Profile: Phanto & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: {21BBAA4C-BA0A-4DAC-9B89-C70222F2134D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {6F1A46CF-CA15-41F4-A82C-BB9ED998B42C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6F74DEA4-A5F4-4DA9-88F0-0F86A6AA3EC7} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {6FD25197-AD86-4CEE-B62C-B0D192B8F61E} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {83E3363A-8FA3-4D4C-92E1-3BC1491422D4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {8D75F864-DA07-4260-A370-9470D2F10667} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {BAB7E0C6-5F5C-43B9-9B2D-87ACCA314FD4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {C8C4C2CC-04BE-48F0-88BB-E3D158D8E470} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {CF3E13F6-BE90-4438-836A-F432330608F9} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D69CCAAD-2C03-4945-9F8D-FEB472AFC9A2} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {E96B5C88-38C7-4D41-B91D-3D55151FA1D5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
emptytemp:
*****************
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{21BBAA4C-BA0A-4DAC-9B89-C70222F2134D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{21BBAA4C-BA0A-4DAC-9B89-C70222F2134D}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6F1A46CF-CA15-41F4-A82C-BB9ED998B42C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F1A46CF-CA15-41F4-A82C-BB9ED998B42C}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6F74DEA4-A5F4-4DA9-88F0-0F86A6AA3EC7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6F74DEA4-A5F4-4DA9-88F0-0F86A6AA3EC7}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6FD25197-AD86-4CEE-B62C-B0D192B8F61E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6FD25197-AD86-4CEE-B62C-B0D192B8F61E}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{83E3363A-8FA3-4D4C-92E1-3BC1491422D4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{83E3363A-8FA3-4D4C-92E1-3BC1491422D4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8D75F864-DA07-4260-A370-9470D2F10667}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D75F864-DA07-4260-A370-9470D2F10667}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAB7E0C6-5F5C-43B9-9B2D-87ACCA314FD4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAB7E0C6-5F5C-43B9-9B2D-87ACCA314FD4}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8C4C2CC-04BE-48F0-88BB-E3D158D8E470}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8C4C2CC-04BE-48F0-88BB-E3D158D8E470}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CF3E13F6-BE90-4438-836A-F432330608F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CF3E13F6-BE90-4438-836A-F432330608F9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D69CCAAD-2C03-4945-9F8D-FEB472AFC9A2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D69CCAAD-2C03-4945-9F8D-FEB472AFC9A2}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E96B5C88-38C7-4D41-B91D-3D55151FA1D5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E96B5C88-38C7-4D41-B91D-3D55151FA1D5}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
EmptyTemp: => 423.7 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:35:35 ====
|
|
07.02.2016, 13:46
| #13 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10, www.smartnewtab.com Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.02.2016, 20:35
| #14 |
| | Windows 10, www.smartnewtab.com MBAM.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.02.2016 Suchlaufzeit: 18:44 Protokolldatei: MBAM.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.07.02 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Phanto Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 454626 Abgelaufene Zeit: 14 Min., 2 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=08fb2ffa3aa03d4e922a5314c9bd86f5
# end=init
# utc_time=2016-02-05 06:00:22
# local_time=2016-02-05 07:00:22 (+0100, Mitteleuropäische Zeit )
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 28012
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=08fb2ffa3aa03d4e922a5314c9bd86f5
# end=updated
# utc_time=2016-02-05 06:02:31
# local_time=2016-02-05 07:02:31 (+0100, Mitteleuropäische Zeit )
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=08fb2ffa3aa03d4e922a5314c9bd86f5
# engine=28012
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-02-07 06:28:52
# local_time=2016-02-07 07:28:52 (+0100, Mitteleuropäische Zeit )
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Anti-Virus'
# compatibility_mode=1306 16777213 100 100 176206 19091984 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 176007 18343744 0 0
# scanned=498553
# found=26
# cleaned=0
# scan_time=1580
sh=DE4070D945994DD96D88CE2098899F1C9F1DC577 ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-03-08 190000\Backup Files 2015-03-15 190001\Backup files 1.zip"
sh=CAFFD95808E237F6A2FA887E8CF74EE452BF5819 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-03-08 190000\Backup Files 2015-03-22 190001\Backup files 3.zip"
sh=7ACD56A80E56FDF45396366546A839327E77BD4A ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-10 190001\Backup Files 2015-05-10 190001\Backup files 40.zip"
sh=3828F89C4798754AF813C75AB92FAAEDCA5E2344 ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-10 190001\Backup Files 2015-05-10 190001\Backup files 9.zip"
sh=D8A4DA1498BC32AE547A0C8D1F10BDEDAB5F48CE ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-13 234504\Backup Files 2015-05-13 234741\Backup files 10.zip"
sh=8E80B02EF826B338E3159CD0BAAE11FE1D56062F ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-13 234504\Backup Files 2015-05-13 234741\Backup files 6.zip"
sh=E3A6E11513354E45EE5862CFE575B8538E2B3756 ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-13 234504\Backup Files 2015-05-13 234741\Backup files 9.zip"
sh=A845A464EDD6177D78DA096061A6BE7FA0880D87 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-13 234504\Backup Files 2015-06-08 154517\Backup files 2.zip"
sh=2D41060B0CDEFF1FB7B30C035F1B34D1602603AF ft=0 fh=0000000000000000 vn="Variante von Win32/GetNow.I evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-13 234504\Backup Files 2015-06-21 190003\Backup files 1.zip"
sh=785CE93D9675BCDB2063B1A330EC129B67ECEB4C ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-05-13 234504\Backup Files 2015-07-19 212819\Backup files 1.zip"
sh=FBD1AFA7F073B4850C9CA6FEBB9D012B9E3958BD ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-08-03 182813\Backup Files 2015-08-03 182813\Backup files 11.zip"
sh=E153FEA07C2A4B496EE7F119B8FFDFA962D813ED ft=0 fh=0000000000000000 vn="Variante von Win32/GetNow.I evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-08-03 182813\Backup Files 2015-08-03 182813\Backup files 5.zip"
sh=8FD634287C44078BEBC51C658A02529D9917D0FE ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-08-03 182813\Backup Files 2015-08-03 182813\Backup files 6.zip"
sh=48BB901A260F1878EBADF1A8BE16E5FA8AD4AF4B ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-08-03 182813\Backup Files 2015-08-03 182813\Backup files 65.zip"
sh=0F775AA39D00E866C0441BD698FD27F7F7D84BC8 ft=0 fh=0000000000000000 vn="Variante von Win32/GetNow.I evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-08-03 182813\Backup Files 2015-09-21 192806\Backup files 4.zip"
sh=042FADE715A8112CC882ECD238F5A4CC5142C110 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-08-03 182813\Backup Files 2015-09-21 192806\Backup files 5.zip"
sh=FAD25ABABF0476CAD45031C8A769AF7703AC7AB6 ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-10-01 180228\Backup Files 2015-10-01 180228\Backup files 12.zip"
sh=C75B7E1EB0A8A5C2E677CBB3B419DFB4CF61EA48 ft=0 fh=0000000000000000 vn="Variante von Win32/GetNow.I evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-10-01 180228\Backup Files 2015-10-01 180228\Backup files 5.zip"
sh=02F39488BA27FA0A13619F7E8EE018769921C83D ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-10-01 180228\Backup Files 2015-10-01 180228\Backup files 6.zip"
sh=35061C0813406CCEE6B9F725111331CCCADCCC4E ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-10-01 180228\Backup Files 2015-10-01 180228\Backup files 66.zip"
sh=B53F51501E3D5209063B778B92999034210AADD4 ft=0 fh=0000000000000000 vn="Variante von Win32/GetNow.I evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-10-01 180228\Backup Files 2015-10-12 192406\Backup files 2.zip"
sh=B3E472A1D00CD81876EA3643F3E85403C47F181D ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2015-10-01 180228\Backup Files 2015-10-12 192406\Backup files 3.zip"
sh=66B5E95E4CEDE78878E419E21D5D62E4C64FAE8A ft=0 fh=0000000000000000 vn="JS/Lightning.A evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2016-01-12 180221\Backup Files 2016-01-12 180221\Backup files 18.zip"
sh=AD899942795BE0E2C91EF7B5F6E2621D08A39105 ft=0 fh=0000000000000000 vn="Variante von Win32/GetNow.I evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2016-01-12 180221\Backup Files 2016-01-12 180221\Backup files 6.zip"
sh=0A88C20F6DD24E75E87078BE0D8429F24D073A36 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2016-01-12 180221\Backup Files 2016-01-12 180221\Backup files 7.zip"
sh=E197041AD57FB277EC575C9CF94CC707DF2F7388 ft=0 fh=0000000000000000 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\PHANTO-MSI\Backup Set 2016-01-12 180221\Backup Files 2016-01-12 180221\Backup files 8.zip"
Code:
ATTFilter Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
Kaspersky Anti-Virus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 71
Java version 32-bit out of Date!
Adobe Flash Player 20.0.0.286
Mozilla Firefox (43.0.4)
Google Chrome (48.0.2564.103)
Google Chrome (48.0.2564.97)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Kaspersky Lab Kaspersky Anti-Virus 16.0.0 avp.exe
Kaspersky Lab Kaspersky Anti-Virus 16.0.0 avpui.exe
Windows Defender MpCmdRun.exe
windows defender MpCmdRun.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
|
|
07.02.2016, 23:41
| #15 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows 10, www.smartnewtab.com Da sind nur Funde in Backups-Sets. Die evtl. mal löschen. Ich empfehle auch die Deinstallation von Java. Braucht man kaum noch. Ansonsten muss es immer aktuell gehalten werden. Das gleich gilt für Flash. Firefox braucht auch ein Update. Sieht soweit ok aus  Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Windows 10, www.smartnewtab.com |
| .dll, ad-aware, adobe, akamai, antivirus, bonjour, defender, dnsapi.dll, excel, explorer, flash player, google, home, homepage, kaspersky, mozilla, onedrive, programm, prozesse, realtek, registry, rundll, scan, software, system, temp, windows |
Linear-Darstellung
