|
Log-Analyse und Auswertung: Werbung und Spam im BrowserWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
05.02.2016, 20:43 | #1 |
| Werbung und Spam im Browser Hallo. Vor kurzem war mein AVG Antivirus down und natürlich hab ich mir irgendwas eingefangen. Ich konnte mit hilfe des AVG-Supports den Antivirus wieder zum laufen bringen, jedoch konntem weder AVG noch Malwarebytes Anti-Malware etwas bewirken können. MfG |
06.02.2016, 14:33 | #2 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Werbung und Spam im Browser Hallo und
__________________Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten! Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht! Zudem bitte auch ein Log mit Farbars Tool machen: Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
06.02.2016, 17:16 | #3 |
| Werbung und Spam im Browser Hier erstmal die Funde von Malwarebytes Anti-Malware
__________________Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.02.2016 Suchlaufzeit: 05:16 Protokolldatei: 1.txt Administrator: Ja Version: 2.00.4.1028 Malware-Datenbank: v2015.01.21.11 Rootkit-Datenbank: v2015.01.14.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8 CPU: x64 Dateisystem: NTFS Benutzer: Anton PC Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 387442 Abgelaufene Zeit: 52 Min., 4 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 6 Trojan.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, In Quarantäne, [c091aa4d86034fe7758bc7764cb89c64], Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe, In Quarantäne, [90c1c3343a4fc6705fbacb7264a06e92], Security.Hijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe, In Quarantäne, [72df995e1b6ee452f247162961a330d0], Trojan.Agent, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MRT.exe, In Quarantäne, [5af7ba3ddeabf343af5183ba17ed32ce], Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe, In Quarantäne, [3918ad4a6a1f6fc79584c27b986c5ca4], Security.Hijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\svchost.exe, In Quarantäne, [bb96ec0bbfca0a2cb980ee51729251af], Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.02.2016 Suchlaufzeit: 20:17 Protokolldatei: 2.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2016.02.05.07 Rootkit-Datenbank: v2016.01.20.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: Anton PC Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 443102 Abgelaufene Zeit: 1 Std., 56 Min., 13 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 1 Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-3703029603-77815115-2748889256-1002\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, hxxp://unblockservice.com/wpad.dat?f598151b57ef01ede63fac81b8699d865637481, In Quarantäne, [2af11845ff9a979f08caeff715ed2fd1] Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016 durchgeführt von Anton PC (Administrator) auf ANTON (06-02-2016 16:59:01) Gestartet von C:\Users\Anton PC\Downloads Geladene Profile: Anton PC & (Verfügbare Profile: Anton PC) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagent.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe () C:\Windows\System32\atwtusb.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Windows\System32\atwtusb.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Wacom\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_TouchUser.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\Wacom_Tablet.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe () C:\Windows\System32\AtwtusbIcon.exe (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Pear Media, LLC) C:\Program Files (x86)\Chatango\Chatango.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\main.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (The CefSharp Authors) C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.3.0\OverwolfHelper.exe (Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.3.0\OverwolfHelper64.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.3.0\OverwolfBrowser.exe (Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.3.0\OverwolfBrowser.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AtwtusbIcon] => C:\WINDOWS\system32\AtwtusbIcon.exe [3593728 2012-09-10] () HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-26] (SoftEther VPN Project at University of Tsukuba, Japan.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-07-14] (Razer Inc.) HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe [179624 2016-01-12] (AVG Technologies CZ, s.r.o.) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.) HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Av\avgui.exe [3873704 2016-02-01] (AVG Technologies CZ, s.r.o.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1 HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1 HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Chatango] => C:\Program Files (x86)\Chatango\Chatango.exe [356352 2008-02-05] (Pear Media, LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [uTorrent] => C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-11-08] (BitTorrent Inc.) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-01-20] (Overwolf LTD) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Power2GoExpress8] => 0 HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2016-01-08] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd) HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Chatango] => C:\Program Files (x86)\Chatango\Chatango.exe [356352 2008-02-05] (Pear Media, LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [uTorrent] => C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-11-08] (BitTorrent Inc.) HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-01-20] (Overwolf LTD) HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Power2GoExpress8] => 0 HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2016-01-08] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-08-26] ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{38e9d8c9-7f0d-4c68-a246-630e47bda1c4}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{c2767abb-22b6-4c78-91ae-3381eb80b539}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT13/4 HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT13/4 SearchScopes: HKLM -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-29] (Oracle Corporation) BHO-x32: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-29] (Oracle Corporation) Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365 FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic_0.dll [2015-07-21] (gameon) FF Plugin-x32: pmang.jp/pmangsupport-1 -> C:\GameOn\Common files\nppmangsupport_0.dll [2015-07-21] (gameon) FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-06] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-06] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\wtu-secure-search.xml [2014-11-06] FF Extension: 1-Click YouTube Video Downloader - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-10-05] FF Extension: Easy Translate - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\jid1-f7dnBeTj8ElpWQ@jetpack.xpi [2016-02-05] FF Extension: YouTube Unblocker - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\youtubeunblocker@unblocker.yt [2015-12-03] FF Extension: Video DownloadHelper - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30] FF Extension: Unity Notifier - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{d0c39035-e802-4a28-86d6-d695b56ad322}.xpi [2015-12-18] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19] FF Extension: mpeg4 compiler plus - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{e861859d-4109-4946-85af-882c7e1deb3b}.xpi [2015-11-13] [ist nicht signiert] Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.de/" CHR Profile: C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-24] CHR Extension: (Google Drive) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30] CHR Extension: (YouTube) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google-Suche) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Docs Offline) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-06] CHR Extension: (Google Mail) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [604144 2016-02-01] (AVG Technologies CZ, s.r.o.) R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagent.exe [3881184 2016-02-01] (AVG Technologies CZ, s.r.o.) R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1048488 2016-01-12] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvcx.exe [561104 2016-02-01] (AVG Technologies CZ, s.r.o.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-23] () S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink) R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [174112 2014-11-05] (EasyAntiCheat Ltd) S2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-12-31] (Hi-Rez Studios) [Datei ist nicht signiert] R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-07-14] (Razer Inc.) S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC) R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-26] (SoftEther VPN Project at University of Tsukuba, Japan.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.) R2 WTService; C:\WINDOWS\system32\atwtusb.exe [582144 2013-11-12] () [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.) R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [184240 2015-11-06] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [315312 2016-01-05] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [272304 2016-01-08] (AVG Technologies CZ, s.r.o.) R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [284080 2015-10-21] (AVG Technologies CZ, s.r.o.) R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [398256 2015-08-14] (AVG Technologies CZ, s.r.o.) R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [260528 2016-01-22] (AVG Technologies CZ, s.r.o.) R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [42416 2015-12-04] (AVG Technologies CZ, s.r.o.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.) R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [315840 2015-12-16] (AVG Technologies CZ, s.r.o.) S3 ccpvhid; C:\Windows\System32\drivers\ccpvhid.sys [18184 2015-04-30] () R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd) S3 hidkmdf; C:\Windows\System32\drivers\hidkmdf.sys [15624 2015-04-30] () S3 hxsyol; C:\WINDOWS\system32\hxsy64.sys [86352 2014-10-20] () S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider) R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-08-26] (SoftEther Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-08-28] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC) R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-08-26] (SoftEther Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated) S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider) R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-06 16:59 - 2016-02-06 16:59 - 00032594 _____ C:\Users\Anton PC\Downloads\FRST.txt 2016-02-06 16:58 - 2016-02-06 16:59 - 00000000 ____D C:\FRST 2016-02-06 16:58 - 2016-02-06 16:58 - 02370560 _____ (Farbar) C:\Users\Anton PC\Downloads\FRST64.exe 2016-02-06 16:57 - 2016-02-06 16:57 - 00001449 _____ C:\Users\Anton PC\Desktop\2.txt 2016-02-06 16:55 - 2016-02-06 16:55 - 00002150 _____ C:\Users\Anton PC\Desktop\1.txt 2016-02-06 16:55 - 2016-02-06 16:55 - 00001449 _____ C:\2.txt 2016-02-05 20:16 - 2016-02-05 20:16 - 00001178 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-02-05 05:56 - 2016-02-06 07:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-05 03:01 - 2016-02-05 03:01 - 00001016 _____ C:\Users\Public\Desktop\AVG Protection.lnk 2016-02-05 03:01 - 2016-02-05 03:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2016-02-05 02:58 - 2016-02-05 02:58 - 00000000 ___HD C:\$AVG 2016-02-05 02:55 - 2016-02-06 16:42 - 00000000 ____D C:\ProgramData\MFAData 2016-02-05 02:55 - 2016-02-05 02:55 - 00000000 ____D C:\Users\Anton PC\AppData\Local\MFAData 2016-02-05 02:54 - 2016-02-05 02:57 - 00000000 ____D C:\Program Files (x86)\AVG 2016-02-05 02:53 - 2016-02-05 02:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\AvgSetupLog 2016-02-05 02:41 - 2016-02-05 02:53 - 245273648 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Anton PC\Downloads\AVG_Antivirus_Free_x64_693.exe 2016-02-05 02:04 - 2016-02-05 02:21 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-02-04 04:09 - 2016-02-04 04:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore 2016-02-03 02:38 - 2016-02-03 02:38 - 00000000 ____D C:\Users\Anton PC\Desktop\gifmaterial 2016-01-30 21:33 - 2016-01-30 22:48 - 00001664 _____ C:\WINDOWS\system32\ASOROSet.bin 2016-01-30 21:33 - 2016-01-30 21:33 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup 2016-01-30 21:30 - 2016-01-30 21:30 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-01-30 21:30 - 2016-01-30 21:30 - 00000830 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-30 21:30 - 2016-01-30 21:30 - 00000000 ____D C:\Program Files\CCleaner 2016-01-30 21:29 - 2016-01-30 21:30 - 06828320 _____ (Piriform Ltd) C:\Users\Anton PC\Downloads\ccsetup_514.exe 2016-01-30 21:22 - 2015-11-25 13:01 - 00021624 _____ (solvusoft) C:\WINDOWS\system32\roboot64.exe 2016-01-30 21:21 - 2016-02-01 03:44 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Solvusoft 2016-01-30 21:10 - 2016-01-30 23:15 - 00000000 ____D C:\WINDOWS\LastGood 2016-01-30 20:46 - 2016-01-30 20:48 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-01-28 16:45 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 16:45 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 16:45 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 16:45 - 2016-01-16 07:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-01-28 16:45 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 16:45 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 16:45 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 16:45 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 16:45 - 2016-01-16 07:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-01-28 16:45 - 2016-01-16 07:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-01-28 16:45 - 2016-01-16 07:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-01-28 16:45 - 2016-01-16 07:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-01-28 16:45 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 16:45 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 16:45 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 16:45 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 16:45 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 16:45 - 2016-01-16 06:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-28 16:45 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 16:45 - 2016-01-16 06:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-01-28 16:45 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 16:45 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 16:45 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 16:45 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 16:45 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 16:45 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 16:45 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 16:45 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 16:45 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 16:45 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 16:45 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 16:45 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 16:45 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 16:45 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 16:45 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 16:45 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 16:45 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 16:45 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 16:45 - 2016-01-16 06:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-28 16:45 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 16:45 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 16:45 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 16:45 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 16:45 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 16:45 - 2016-01-16 06:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-28 16:45 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 16:45 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 16:45 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 16:45 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 16:45 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 16:45 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 16:45 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 16:45 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 16:45 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 16:45 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 16:45 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 16:45 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 16:45 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 16:45 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 16:45 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-28 16:44 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 16:44 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 16:44 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 16:44 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 16:44 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 16:44 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 16:44 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-01-28 16:44 - 2016-01-16 06:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-01-24 16:18 - 2016-01-24 16:20 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-01-24 16:18 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series 2016-01-24 16:17 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2016-01-24 16:17 - 2016-01-24 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series Benutzerregistrierung 2016-01-24 16:17 - 2016-01-24 16:17 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool 2016-01-24 16:17 - 2012-02-08 16:34 - 00320000 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9L.dll 2016-01-24 16:17 - 2012-01-26 10:25 - 00081664 _____ C:\WINDOWS\SysWOW64\CNC1763D.TBL 2016-01-24 16:17 - 2012-01-16 14:21 - 00103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9U.dll 2016-01-24 16:17 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\ProgramData\CanonBJ 2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\Program Files\CanonBJ 2016-01-24 16:00 - 2016-01-24 16:00 - 00000000 ____D C:\WINDOWS\SysWOW64\STRING 2016-01-24 15:59 - 2016-01-25 01:45 - 00000000 ____D C:\Users\Anton PC\Desktop\Neuer Ordner (3) 2016-01-24 07:16 - 2016-01-24 07:16 - 00001055 _____ C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk 2016-01-24 07:15 - 2016-01-24 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPadian 2016-01-24 07:14 - 2016-01-24 07:15 - 00000000 ____D C:\Program Files (x86)\iPadian 2016-01-22 15:15 - 2016-01-22 15:15 - 00260528 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx64.sys 2016-01-21 18:08 - 2016-01-21 18:08 - 00867139 _____ C:\Users\Anton PC\Downloads\Dateiordner_Kleinübungen.zip 2016-01-21 18:05 - 2016-01-21 18:05 - 07393841 _____ C:\Users\Anton PC\Downloads\Dateiordner_Vorlesungsfolien.zip 2016-01-21 00:05 - 2016-01-21 00:05 - 00122599 _____ C:\Users\Anton PC\Documents\xsmap13th.mcr 2016-01-14 15:34 - 2016-02-06 03:37 - 00018292 _____ C:\Users\Anton PC\Documents\HLTcalcBETA1.0.xlsx 2016-01-14 08:49 - 2016-01-14 15:35 - 00009304 _____ C:\Users\Anton PC\Desktop\ninjasammy hlt.xlsx 2016-01-13 03:29 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 03:29 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 03:29 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 03:28 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 03:28 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 03:28 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 03:28 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 03:28 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 03:28 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 03:28 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 03:28 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 03:28 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 03:28 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 03:28 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 03:28 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 03:28 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 03:28 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 03:28 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 03:28 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 03:28 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 03:28 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 03:28 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 03:28 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 03:28 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 03:28 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 03:28 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 03:28 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 03:28 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 03:28 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 03:28 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 03:28 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 03:28 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 03:28 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 03:28 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 03:28 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 03:28 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 03:28 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 03:28 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 03:28 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 03:28 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 03:28 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 03:28 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 03:28 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 03:28 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 03:28 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 03:28 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 03:28 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 03:28 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 03:28 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 03:28 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 03:28 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 03:28 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 03:28 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 03:28 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 03:28 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 03:28 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 03:28 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 03:28 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 03:28 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 03:28 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 03:28 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 03:28 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 03:28 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 03:28 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 03:28 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 03:28 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 03:28 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 03:28 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 03:28 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-11 14:09 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUL.dll 2016-01-11 14:09 - 2012-11-26 12:24 - 00095744 _____ C:\WINDOWS\system32\CNC1771D.TBL 2016-01-11 14:09 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUC.dll 2016-01-11 14:09 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUI.dll 2016-01-11 14:08 - 2016-01-11 14:08 - 00103478 _____ C:\Users\Anton PC\Downloads\Entwurf Mietvertrag.pdf 2016-01-11 14:08 - 2016-01-11 14:08 - 00093585 _____ C:\Users\Anton PC\Downloads\schreiben an anton volkov (weiterer beteiligter).pdf 2016-01-09 16:44 - 2016-01-11 02:09 - 00000109 _____ C:\Users\Anton PC\Desktop\soulcraft rate.txt 2016-01-09 06:25 - 2016-01-15 08:27 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2016-01-09 06:00 - 2016-01-02 20:14 - 02660496 _____ (Sysinternals - www.sysinternals.com) C:\Users\Anton PC\Desktop\procexp.exe 2016-01-09 05:45 - 2016-01-09 05:45 - 01250844 _____ C:\Users\Anton PC\Downloads\ProcessExplorer161.zip 2016-01-08 10:46 - 2016-01-08 10:46 - 00272304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsha.sys 2016-01-08 10:46 - 2016-01-08 10:46 - 00023472 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avguniva.sys 2016-01-08 04:07 - 2016-01-08 04:35 - 00000000 ____D C:\Program Files\Sandboxie 2016-01-08 04:07 - 2016-01-08 04:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2016-01-08 03:25 - 2016-01-08 03:25 - 00003432 _____ C:\WINDOWS\System32\Tasks\{1B7C4777-0D52-4B1A-A512-DE9C11AF4ED3} 2016-01-08 03:22 - 2016-01-08 03:53 - 00001520 _____ C:\Users\Anton PC\Desktop\Patcher - Verknüpfung.lnk 2016-01-07 15:03 - 2016-01-07 15:03 - 00021632 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgboota.sys ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-06 16:56 - 2015-01-07 23:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-06 16:47 - 2014-06-22 17:42 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-06 07:01 - 2013-12-19 18:40 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-06 03:13 - 2013-12-24 13:14 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-05 23:14 - 2015-01-25 14:02 - 00000000 ____D C:\Program Files (x86)\Dragon Saga 2016-02-05 23:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-05 20:16 - 2015-01-07 23:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-02-05 20:11 - 2014-06-22 17:42 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-05 20:09 - 2015-08-30 02:55 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Overwolf 2016-02-05 20:08 - 2015-12-10 22:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-02-05 20:08 - 2014-06-29 00:28 - 00000000 __SHD C:\Users\Anton PC\IntelGraphicsProfiles 2016-02-05 16:42 - 2012-07-26 06:26 - 00000182 _____ C:\WINDOWS\win.ini 2016-02-05 14:53 - 2015-08-26 02:52 - 00000000 ____D C:\Program Files\SoftEther VPN Client 2016-02-05 14:52 - 2015-12-10 23:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-05 14:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help 2016-02-05 14:51 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-05 06:22 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-05 03:02 - 2015-11-27 17:27 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\AVG 2016-02-05 03:02 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-05 03:02 - 2014-11-18 17:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Avg 2016-02-05 03:00 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-02-05 02:58 - 2015-11-27 17:18 - 00000000 ____D C:\ProgramData\Avg 2016-02-05 02:45 - 2015-06-25 09:45 - 00000000 ____D C:\Program Files\Common Files\AV 2016-02-05 01:09 - 2013-11-24 22:41 - 00000000 ____D C:\Users\Anton PC\AppData\Local\ElevatedDiagnostics 2016-02-04 23:53 - 2014-06-22 17:43 - 00002643 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-04 04:08 - 2014-06-22 23:10 - 00002767 _____ C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-04 04:08 - 2013-11-10 09:19 - 00001356 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-03 02:38 - 2015-10-05 19:45 - 00000000 ____D C:\Users\Anton PC\dwhelper 2016-02-03 02:28 - 2013-11-14 23:11 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\vlc 2016-02-02 20:09 - 2015-12-10 22:44 - 00000000 ____D C:\Users\Anton PC 2016-02-02 17:42 - 2014-06-22 17:42 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 17:42 - 2014-06-22 17:42 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 03:45 - 2015-10-16 18:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-31 18:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-01-30 23:23 - 2014-06-28 10:14 - 00000000 ____D C:\ProgramData\NVIDIA 2016-01-30 22:49 - 2015-12-10 22:31 - 00363496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-30 22:49 - 2015-10-30 07:28 - 90963968 _____ C:\WINDOWS\system32\config\SOFTWARE.bak 2016-01-30 22:49 - 2015-10-30 07:28 - 17301504 _____ C:\WINDOWS\system32\config\SYSTEM.bak 2016-01-30 22:49 - 2015-10-30 07:28 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.bak 2016-01-30 21:39 - 2015-12-10 22:39 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-01-30 21:39 - 2014-08-01 10:26 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\PhotoScape 2016-01-30 21:39 - 2014-06-20 22:30 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\uTorrent 2016-01-30 21:39 - 2014-04-18 16:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-01-30 21:37 - 2015-12-16 14:56 - 00000000 ____D C:\WINDOWS\Minidump 2016-01-30 21:37 - 2015-12-10 22:29 - 00000000 ___DC C:\WINDOWS\Panther 2016-01-29 19:54 - 2013-11-09 23:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-29 02:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-28 12:20 - 2015-02-25 11:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Steam 2016-01-26 23:20 - 2015-08-30 02:57 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-01-24 16:19 - 2014-04-10 16:30 - 00000000 ___HD C:\ProgramData\CanonIJScan 2016-01-24 16:19 - 2014-04-08 22:42 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Canon 2016-01-24 16:19 - 2014-04-08 22:25 - 00000000 ____D C:\Program Files (x86)\Canon 2016-01-24 16:17 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media 2016-01-24 16:11 - 2015-12-10 22:44 - 02006668 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-24 16:11 - 2015-10-30 19:35 - 00854790 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-24 16:11 - 2015-10-30 19:35 - 00188478 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-15 11:56 - 2013-11-10 13:32 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Skype 2016-01-14 22:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-13 07:04 - 2013-11-10 09:44 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 06:58 - 2013-11-10 09:44 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-10 09:12 - 2015-01-02 01:13 - 00000000 ____D C:\Users\Anton PC\Desktop\Neuer Ordner 2016-01-07 01:15 - 2015-04-26 21:11 - 00000000 ____D C:\Users\Anton PC\Downloads\12234567 ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-02-15 14:38 - 2014-02-15 14:38 - 0041984 ___SH () C:\Users\Anton PC\AppData\Roaming\Thumbs.db 2013-12-30 16:53 - 2015-03-27 20:57 - 0018432 _____ () C:\Users\Anton PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-24 01:50 - 2015-11-24 01:50 - 0001496 _____ () C:\Users\Anton PC\AppData\Local\recently-used.xbel 2013-12-28 18:58 - 2015-03-28 04:33 - 0007603 _____ () C:\Users\Anton PC\AppData\Local\Resmon.ResmonCfg Einige Dateien in TEMP: ==================== C:\Users\Anton PC\AppData\Local\Temp\avg-e83bd579-7d6b-4773-9c00-67345c3e762f.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-31 17:30 ==================== Ende von FRST.txt ============================ |
06.02.2016, 17:19 | #4 |
| Werbung und Spam im BrowserCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016 durchgeführt von Anton PC (2016-02-06 17:00:19) Gestartet von C:\Users\Anton PC\Downloads Windows 10 Home (X64) (2015-12-11 03:11:59) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3703029603-77815115-2748889256-500 - Administrator - Disabled) Anton PC (S-1-5-21-3703029603-77815115-2748889256-1002 - Administrator - Enabled) => C:\Users\Anton PC DefaultAccount (S-1-5-21-3703029603-77815115-2748889256-503 - Limited - Disabled) Gast (S-1-5-21-3703029603-77815115-2748889256-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3703029603-77815115-2748889256-1004 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: AVG AntiVirus Free Edition (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: AVG AntiVirus Free Edition (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) “Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P (HKLM-x32\...\“Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P) (Version: - ) “Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P-KURENAI- (HKLM-x32\...\“Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P-KURENAI-) (Version: - ) µTorrent (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) µTorrent (HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) 3D少女カスタムエボリューション (HKLM-x32\...\{176CAA79-B214-415A-8BA5-AF5443084F29}) (Version: 1.0.0 - Bullet) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard) Artweaver 1.0 (HKLM-x32\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software) Assassin's Creed (HKLM-x32\...\Assassin's Creed_is1) (Version: - R.G. Mechanics) Assassins Creed II (HKLM-x32\...\{BB97B9D4-6F63-4F10-AAF0-F1AC62B5FGBG}_is1) (Version: 1.0.1.17 - ) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.4.0.0 - Auslogics Labs Pty Ltd) AVG (Version: 16.41.7442 - AVG Technologies) Hidden AVG 2016 (Version: 16.0.4522 - AVG Technologies) Hidden AVG Protection (HKLM\...\AVG) (Version: 2016.41.7442 - AVG Technologies) BitComet 1.39 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.39 - CometNetwork) Black Desert (HKLM-x32\...\Pmang_BlackDesert_live) (Version: 35935176 - GameOn) Black Desert Patcher Japan (HKLM-x32\...\{2819E24B-7580-4A4F-B692-5D4986056940}) (Version: 1.0.0.5 - LokiReborn) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.) Cartes du Ciel (HKLM-x32\...\Cartes du Ciel) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform) Chatango Message Catcher (HKLM-x32\...\Chatango) (Version: - ) Common (HKLM-x32\...\Pmang_common) (Version: 11228104 - GameOn) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3026 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3021 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3024 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.2922 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Deadpool (HKLM-x32\...\Deadpool_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Dino D-Day - Dedicated Server (HKLM-x32\...\Steam App 70010) (Version: - ) Dino D-Day (HKLM-x32\...\Steam App 70000) (Version: - 800 North and Digital Ranch) Dino D-Day SDK (HKLM-x32\...\Steam App 70004) (Version: - ) DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Epic Games Launcher (HKLM\...\{3AA63526-B2A9-4480-8C0F-13731E227BE9}) (Version: 1.1.38.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Eternal Senia (HKLM-x32\...\Steam App 351640) (Version: - Holy Priest) FMW 1 (Version: 1.52.1 - AVG Technologies) Hidden Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Audio Converter version 5.0.59.525 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.59.525 - DVDVideoSoft Ltd.) Free AVI Video Converter version 5.0.32.1230 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.48.922 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.48.922 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\HPConnectedMusic) (Version: 1.1 (build 71) hp - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\HPConnectedMusic) (Version: 1.1 (build 71) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{61245005-66F1-4001-AEE8-2E2D36F65C28}) (Version: 1.1.0.0 - Hewlett-Packard) HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6838.4521 - Hewlett-Packard) HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{A48BD764-CFDF-40A5-A07A-710908044F5D}) (Version: 2.2.2 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) iPadian version 1.5 (HKLM-x32\...\{0DB90A1C-2C08-429C-8595-FD9848121D28}_is1) (Version: 1.5 - iPadian, Inc.) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team) Mabinogi (HKLM-x32\...\Mabinogi) (Version: - devCAT) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Manga Studio Debut 4.0 (HKLM-x32\...\{3D8D1A54-1A82-4876-985C-56986B47F15D}) (Version: 4.0.5 - Smith Micro) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.2 - Black Tree Gaming) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 151201.123186 - Square Enix Ltd) NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.) Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.12.774.0 - Hi-Rez Studios) Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version: - TamaSoftware) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Pmangインストールマネージャー (HKLM-x32\...\Pmang) (Version: 1.0.1.1 - GameOn,Pmang) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.0.29.0 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 1.1.9200.15 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Sakura Clicker (HKLM-x32\...\Steam App 383080) (Version: - Winged Cloud) SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios) SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.18.9570 - SoftEther VPN Project) Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision) Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamSpeak 3 Client (HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) TI Black Link 32 (HKLM-x32\...\TI Black Link 32) (Version: - ) TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.) Trust tablet driver (HKLM\...\RmTablet) (Version: 5.05 - ) TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac) Unity Web Player (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Unity Web Player (HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.) Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.) Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3703029603-77815115-2748889256-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-3703029603-77815115-2748889256-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {06327FC5-9CA9-40B3-BA61-8FD063D32DA2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {085FAAF2-355F-482E-A63C-9DFCB1570B2B} - System32\Tasks\{1B7C4777-0D52-4B1A-A512-DE9C11AF4ED3} => pcalua.exe -a "C:\Program Files\Sandboxie\Start.exe" -d "C:\Program Files (x86)\Dragon Saga" -c /box:__ask__ "C:\Program Files (x86)\Dragon Saga\Patcher.exe" Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {19B18EF0-802C-4648-9018-4DE60302E0B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {213B4543-ACFE-4E1E-B86A-5B4D0EF1CC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {277339AF-2DE3-414B-A40B-39DFD073D4EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {2BC3A29A-3AE6-4C02-B36D-6A9577110B61} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink) Task: {39CB9CBC-991E-4BA9-BBA8-28188766DEDD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd) Task: {3C2FDB9B-93B7-4573-80A7-40B70B7B2FCA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {484B28FA-8F88-4EF1-877E-9AC23CE56E49} - System32\Tasks\{BDF5685C-5C2D-486A-B0DD-CDD0117252CE} => pcalua.exe -a "C:\Users\Anton PC\Downloads\skse_1_07_01_installer.exe" -d "C:\Users\Anton PC\Downloads" Task: {4A3EBBA7-BAF5-4FC6-829C-5248A34C6EA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {55BC6ED0-C6C5-4886-A443-E5575EF8D7C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {57BE4E8E-7327-4ADE-ACA1-D397FAAE204B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {580E4086-8927-43A6-9939-5C839941AC83} - System32\Tasks\{9A33742B-D214-4D20-AEE8-B0C1F7411A8A} => pcalua.exe -a "C:\Users\Anton PC\Desktop\STARWARS\GameData\Start-MP.exe" -d "C:\Users\Anton PC\Desktop\STARWARS\GameData" Task: {5C5E9305-5AFF-487A-A174-E6695D056150} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {6077BA6D-C07F-40A6-883A-11817EC28E3B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation) Task: {6B5D3D9A-AE86-4374-9780-D0E8D352559C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {75A4C308-895E-47B0-A971-05BC28A7F07E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {8ED48568-A31E-4D8C-A326-55495FD4BE26} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {9AF38656-48F2-4FA4-9C9A-BCC77679EE47} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {A5827087-7757-4D43-A118-91A898777654} - System32\Tasks\PileFile logon => C:\Users\ANTONP~1\AppData\Local\Temp\3D.Custom.GirlDownload_505C\3D.Custom.Girl_Downloader.exe <==== ACHTUNG Task: {B8419565-8F27-4E82-B263-E43089878459} - System32\Tasks\Oxy => C:\Users\Anton PC\AppData\Roaming\Oxy\Updater.exe <==== ACHTUNG Task: {B9A397FD-2BF6-4AE3-BA42-A3A5989FC2B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated) Task: {C3B3C36F-FE11-4023-8991-D5C591C8D35D} - System32\Tasks\{3F6F3723-B3C2-467B-984D-E388399B93D6} => pcalua.exe -a "C:\Users\Anton PC\AppData\Roaming\webssearches\UninstallManager.exe" -d "C:\Users\Anton PC\AppData\Roaming\webssearches" <==== ACHTUNG Task: {C484444E-A09A-4838-90C2-7267168A1C01} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {C606D238-6D5E-484C-8871-21CD71851958} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.) Task: {D9054DA8-0D5D-4D6B-9EB5-2CF2513FD9D1} - System32\Tasks\PileFile reminder => C:\Users\ANTONP~1\AppData\Local\Temp\3D.Custom.GirlDownload_505C\3D.Custom.Girl_Downloader.exe <==== ACHTUNG Task: {FA83EBC0-66D3-4385-B1CD-DA0CFFC25F3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {FBF2BBDB-9E39-42BF-9030-1DF695121323} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {FD94A03E-ACA6-4962-899C-33F10623EC27} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FE528792-A49C-4BC6-A755-A32D39AA0E89} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" --proxy-pac-url=hxxp://unblockservice.com/wpad.dat?f598151b57ef01ede63fac81b8699d865637481 ShortcutWithArgument: C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" ShortcutWithArgument: C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" --proxy-pac-url=hxxp://unblockservice.com/wpad.dat?f598151b57ef01ede63fac81b8699d865637481 ShortcutWithArgument: C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" ShortcutWithArgument: C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" --proxy-pac-url=hxxp://unblockservice.com/wpad.dat?f598151b57ef01ede63fac81b8699d865637481 ShortcutWithArgument: C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" --proxy-pac-url=hxxp://unblockservice.com/wpad.dat?f598151b57ef01ede63fac81b8699d865637481 ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://esurf.biz/?ssid=1454555482&a=1003679&src=sh&uuid=61c9f1bd-1b35-4f29-a8e2-ac6b32355214" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-01-24 16:18 - 2012-03-28 13:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2014-11-23 22:36 - 2013-11-12 14:47 - 00582144 _____ () C:\WINDOWS\system32\atwtusb.exe 2015-06-23 20:11 - 2015-06-23 20:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-10 22:40 - 2015-10-15 04:46 - 00126072 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-12-10 22:23 - 2015-12-10 22:23 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2014-12-12 19:55 - 2013-06-06 03:09 - 01185048 ____N () C:\Program Files\Tablet\Wacom\libxml2.dll 2014-11-23 22:36 - 2012-09-10 13:54 - 03593728 _____ () C:\Windows\System32\AtwtusbIcon.exe 2016-01-15 21:44 - 2016-01-15 21:44 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-01-22 13:41 - 2016-01-22 13:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-10 22:23 - 2015-12-10 22:23 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-13 03:29 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 03:29 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-28 16:45 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-28 16:45 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-12-18 00:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 00:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-12-18 00:43 - 2015-12-07 05:00 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll 2013-09-26 00:37 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2015-08-05 14:43 - 2015-07-14 10:15 - 00264192 _____ () C:\Program Files (x86)\Razer\Razer Cortex\D3DX8Wrapper.dll 2013-09-26 01:07 - 2013-03-12 15:51 - 00626240 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-03-12 21:53 - 2013-03-12 21:53 - 00015424 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2016-02-05 02:54 - 2015-04-07 14:34 - 40500224 _____ () C:\Program Files (x86)\AVG\UiDll\2171\libcef.dll 2015-08-05 14:43 - 2015-07-14 10:15 - 00724480 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.Core.dll 2015-08-05 14:43 - 2015-07-14 10:15 - 41289216 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libcef.dll 2016-01-20 13:20 - 2016-01-20 13:20 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.92.3.0\libcef.DLL 2016-01-20 13:20 - 2016-01-20 13:20 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.92.3.0\CoreAudioApi.dll 2015-08-05 14:43 - 2015-07-14 10:15 - 00544256 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\CefSharp.BrowserSubprocess.Core.dll 2015-08-05 14:43 - 2015-07-14 10:15 - 01482240 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libglesv2.dll 2015-08-05 14:43 - 2015-07-14 10:15 - 00073728 _____ () C:\Program Files (x86)\Razer\Razer Cortex\Cef\libegl.dll 2016-01-22 13:41 - 2016-01-22 13:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 13:41 - 2016-01-22 13:42 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2013-12-24 13:24 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-01-24 20:32 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2014-05-25 14:44 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll 2015-01-24 20:32 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-01-24 20:32 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-08-29 11:39 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-08-29 11:39 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-08-29 11:39 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-08-29 11:39 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-08-29 11:39 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2013-12-24 13:24 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-08-05 23:01 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2013-12-24 13:24 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-01-24 20:32 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll 2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll 2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\aeriagames.com -> hxxp://aeriagames.com IE trusted site: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2016-02-04 04:09 - 00001110 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\StartupFolder: => "Rainmeter.lnk" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "WinThrusterReminder" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "WinThruster" HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Rainmeter.lnk" HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "WinThrusterReminder" HKU\S-1-5-21-3703029603-77815115-2748889256-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "WinThruster" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{E3DB8EF0-70B0-48D3-82AC-3220E9F3E98F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [{87F38B86-86F9-41F5-BFBF-14052D10BC89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [{95F9F96F-E70F-4966-B067-F6989A8BCD23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E2B16ACE-967B-4300-829E-AC3F8BF9483E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{E84151B3-8CC8-41C3-9503-3A4D043D6DE8}C:\program files (x86)\assassins creed ii\assassinscreediigame.exe] => (Allow) C:\program files (x86)\assassins creed ii\assassinscreediigame.exe FirewallRules: [TCP Query User{568676BE-7B89-4F4B-A87B-F322AAC81B66}C:\program files (x86)\assassins creed ii\assassinscreediigame.exe] => (Allow) C:\program files (x86)\assassins creed ii\assassinscreediigame.exe FirewallRules: [{B02CC5A3-2DFB-40B6-A800-33A585E0C431}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{A3DCADFE-7245-4127-88BD-2FE972D74A0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{36EFD361-E5AF-441B-A9E3-897B67840436}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5F4C2094-217A-45A4-9E3D-FD0F71FC1D74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{50D15C0B-7BD0-41B0-A586-51C53353DABA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{8F19C91D-F3F7-466C-8654-76630C5C5889}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [TCP Query User{E2591BDA-AD3C-4EA9-A796-8B190AD65627}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [UDP Query User{EE0B2A88-05E9-4ACA-8DB7-D86715CA92BA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{2C24EFF2-04FB-476E-9332-F5D8690393C8}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [{F7DB1A82-5855-4848-89C2-B99A472A1BCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{5D4E312F-1C99-4A2C-9521-DD9EB160966D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{ABD1150D-21D7-4411-A628-D1B4275467D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{33061ECB-EAD8-4B40-8E5F-D18997C93D4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{113F8585-297D-4BE3-ADFC-6982E43B1CB5}] => (Allow) LPort=23640 FirewallRules: [{EFE263C1-DF6C-42DA-A7CF-4308A1E12679}] => (Allow) LPort=23640 FirewallRules: [UDP Query User{26E9BCFD-30AC-4A54-A10C-C9FD2F2D3F10}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe FirewallRules: [TCP Query User{5855C4CD-8DAD-461C-8696-CCD473502536}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe FirewallRules: [{00E9F44C-EAD6-4989-A396-0AFA2E5C3FE7}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{422AD887-514D-42B9-A848-D1F3BC0CC361}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{C66AE3A1-E6CD-4D98-A6E7-843CA44A5FF2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe FirewallRules: [{3E955B4A-50BB-40F3-A559-C260393C2C92}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe FirewallRules: [{D6BD9C92-6168-416D-8730-2DA5C183C2C6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe FirewallRules: [{53FE65DC-0848-4817-B192-BB9E4BD6F0CA}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe FirewallRules: [{9FC22947-24F1-4144-8865-EC7B604AA835}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe FirewallRules: [{776F793C-E9DB-456E-80D7-15075C2A77CD}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe FirewallRules: [{AA84FA05-DF1D-4661-9AA1-D13AB0FEA8BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eternal Senia\Game.exe FirewallRules: [{48EE42AB-147E-4439-8013-D3B849ABB6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eternal Senia\Game.exe FirewallRules: [{E0EA7CFE-5E2C-42E5-A0A8-BEC4566341B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sakura Clicker\Sakura Clicker.exe FirewallRules: [{D3F64703-9D6C-40DA-B57B-B4106B1B0A2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sakura Clicker\Sakura Clicker.exe FirewallRules: [{D2DB17A9-7431-4571-9298-A54DF2E9B70D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{79164FD2-607F-4D97-A53A-B5A60C675137}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{86ABBC46-1933-4C67-80E7-645A479333A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{90B2B1D2-F772-410F-A367-F80AA4D27FF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{879F2E13-109F-427F-9A2B-282F99D34C25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{1BEEEC13-ADEE-4AC9-B646-A30AA56E87FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{23D0FD85-367B-4882-942C-8B4713B18D1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{66FB5DF7-DC4B-43B0-8E89-89275CD8E5D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{1CE36779-36B7-4D65-8F55-D2177E060C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{6911D81A-20C1-43B9-94B2-A37F6A6656F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{055EAA43-11DA-4065-ACC1-7B8C27A4ED20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{F9F3AF0A-E5B4-4808-A35B-CE68E60C76F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{0B629D1A-D156-41A7-9A63-D3CF5FE52E42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{96740510-9268-4984-BE8A-E84452EA4C7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{656BA90C-DB47-441B-9B59-18590A3426E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{94EAA066-5943-473C-B530-A4DC1120BB62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{391036F2-A620-462E-B4C3-45537027FA71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{6EE6E312-17E4-4ACA-8F79-5F0A4CBAD54E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{0FF5F186-15BB-4D60-98BD-8F601B07261D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{1E4A45EC-4D60-48CE-9C5E-C7D41AFF0432}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{31FC107E-FFFC-4B9B-A349-61B937D6290C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{8906BAFF-6DAE-45FD-8EAC-3BC5D91200C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{1059E80D-C95B-4F1B-B3C5-2B0987F9CF91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{C27CA92A-413F-4F1E-B58E-48C6BB9CB5C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{C406B7AF-8A40-447B-8A8D-EF805D6ECD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{01650EEA-7C80-412A-9DCB-F0A461078514}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{F3E39544-D23B-456B-9EC5-37F742FFD48B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{A8D21F6A-5F5E-40C3-9477-6113913B485F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [UDP Query User{9F8FA53D-1651-4080-B22B-18215A69E7D2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{117C2A74-2F76-48BB-BA05-1772C6A9CB87}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{72C8B78B-953F-4EB6-BB28-1671BB1792C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\bin\SDKLauncher.exe FirewallRules: [{D8EE3577-DD73-4E0F-8EA4-477793975F6D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\bin\SDKLauncher.exe FirewallRules: [{FB43DECA-55A3-42C7-B52F-C006C1B647E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\srcds.exe FirewallRules: [{565DB7DA-B680-4CC2-91A5-4ADC36A4C367}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\srcds.exe FirewallRules: [{CA222463-A0BB-418E-955A-B75ACF57F2F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{64180FFD-799B-457B-A1B4-FBA561604ED1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{78059BFF-2616-49EC-BDB4-D0D26C0F8051}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\dinodday.exe FirewallRules: [{A7488152-1C66-48B4-A44D-3B78147E8C1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\dinodday.exe FirewallRules: [{C7794058-168C-4547-9517-705302BA2D1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{17A813FC-2E16-4AAD-8F4B-469D7B2E6C51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{220E4D22-DE61-4F23-82BB-9C48BDF851EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{B262AEC6-57FA-4D6F-A90C-C24292ACF35B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{DAD3B131-6D29-49AC-AFAC-C4189EF8B473}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [{428C0B1C-694C-45D6-8017-5C0518D7C4A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [UDP Query User{F7134694-8E67-49A2-A29E-5E2A6407FB0F}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [TCP Query User{17832D36-3A45-4F18-8DD6-3E714A1BD980}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [UDP Query User{7E249299-D7F3-4B7B-BDF6-923767502554}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Allow) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [TCP Query User{812FE970-3FF0-41B1-83A7-C86A8C1EBD91}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Allow) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [UDP Query User{5D889FB7-F6C7-4919-A8A0-C08F00FCB91D}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe FirewallRules: [TCP Query User{1AC912F3-D19A-49A5-942A-4CBD0D2C54E6}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe FirewallRules: [{14D1061E-3729-4C95-B8F9-E518323B9925}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{A5DA4205-F3CF-40CF-B4CA-1EB0B48CE523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{A72E7293-A8F8-4915-B485-066B0BB2C8DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AED237FB-303D-4D9F-A4C6-BC4AE26E1E79}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8BAAF683-7F31-47B1-9858-E607BF271BF2}] => (Allow) C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3FA3D292-FC13-463E-88F8-764C68F53EE7}] => (Allow) C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{9E7480A9-377E-4BA4-A6C8-057ECF6314F7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{F8FBFF3D-46C8-4864-95C9-77F330857EC3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{6F0CF29B-083F-4461-A084-329036174C13}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{010D3DD5-8602-4766-AC3D-05D10122E350}] => (Allow) LPort=2869 FirewallRules: [{C46CF06C-04E1-4751-9E52-4A14AA488B05}] => (Allow) LPort=1900 FirewallRules: [{76E52E9A-7699-4D23-B349-F455744B744A}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{B1ED4985-8FF8-498A-B3B8-1F842B6C38DA}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{A2E77DA4-A2A4-4BE5-9D1B-98216138F1B4}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{D8067A77-3736-4B74-B505-175B2E2F065D}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{254A3434-D381-416A-BDAE-6C8B781F9A07}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{D54610A9-7815-4072-AAE6-7A8C35BE3357}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{E0F61895-5B80-4440-8A35-48830D254EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3578F3A3-5E8C-4517-9875-7515B5EA510F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{11C1D138-9590-4AF3-BC91-EA7B9694ABC1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{34815F4C-5BBA-4089-8366-44039A4D127A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{93B9F365-802C-4816-A19A-38AFF52C7CDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{FFDA35FE-D1BD-44C6-ABE7-B788EB809236}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{0B5EBBBF-BB9E-4DF8-ADDD-C5DD20287F03}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{DD8EA82F-4371-478B-9D81-F69AE5F2D54D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{D9224232-0F6E-4735-B55C-5968BE52EB49}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{64A6D3C9-BFA6-43D8-9CF0-1FDA2A3512A3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{6A9EFB83-1DA0-4009-B790-7A25977BAC97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CAD53E08-9B41-453F-93C0-9D4CEC3882CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CD24ED56-F6F9-468F-8912-966F724BE825}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe FirewallRules: [{67EB704D-C028-4ED3-8C3C-2EE37A7C8DF4}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe FirewallRules: [TCP Query User{EFBEF195-9C60-43BB-863A-1ECB5F07F82B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{0EF1D8E3-F6F6-4C3C-A8B6-CC65F171ECDE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{0C97BDD7-9A01-4EA1-9C82-D7618150E1BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{54770E8A-913E-47EA-8F72-74AD684EC86D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F41A9B5E-D3C3-4C62-9265-A13CAFD71075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{9159D147-94DA-434F-9AC0-F62FFB1B5948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{977B8BDF-F9B5-446F-A774-67391FDD67D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{596947A3-D231-4D5A-AB0E-42F10A5D0FB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{8F425C5F-42F5-48B1-B367-84F469B04209}C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{8952454D-8090-4648-A00C-ACBF8A5A3AC2}C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{23517EC1-DF2B-48FB-BDBB-86E8BC7BD585}C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe] => (Allow) C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe FirewallRules: [UDP Query User{16856530-D8E4-43CF-B103-F20D5C2725CD}C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe] => (Allow) C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe FirewallRules: [{840FFB48-B8DA-4919-B3C8-709CD1C26EB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe FirewallRules: [{2F4D60BD-EB05-4FC1-B5B1-D5E6BBE25015}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe FirewallRules: [TCP Query User{278345F8-85F9-44F3-B829-87A9280F1248}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{5AC0333F-2755-40B9-A6F9-B052626F73BB}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [{927EB06D-E4DC-4317-BA14-D2052D0C6553}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{BE470CB0-8A63-4EA8-AD18-BF70C79D8215}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{B09BAAC6-DAC1-4413-8936-E8C8C68A7D9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{0FFC754D-BF2D-4730-8E3E-40F2357EFF2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{200760F2-2727-44D7-86D3-4E19A82896EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{437807EA-97F1-4F5F-8F14-AFEC595B28F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{EAC08823-CAA0-4D7C-A7F9-F74EACFA7A70}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{AE329218-60AD-4AC5-B193-FDE40EE2522B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{BB23A8F0-A6FB-4A94-A627-AF641711530F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe FirewallRules: [{7E59637D-A21F-45E4-B331-EA58EA967751}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{475E889B-DED0-4BB4-BC73-B8F3C0D2212B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{F310390D-2525-4741-88E8-DC0FD338E269}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe FirewallRules: [{928F8545-65F4-4D5C-B3C0-676C2FC9273F}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3 ==================== Wiederherstellungspunkte ========================= 05-02-2016 02:55:38 Installed AVG 2016 05-02-2016 02:57:45 Installed AVG ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/06/2016 04:39:02 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt Error: (02/06/2016 04:39:02 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig Error: (02/06/2016 04:38:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 31411703 Error: (02/06/2016 04:38:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 31411703 Error: (02/06/2016 04:38:35 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/06/2016 07:55:52 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 48141 Error: (02/06/2016 07:55:52 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 48141 Error: (02/06/2016 07:55:52 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (02/06/2016 07:55:51 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 47000 Error: (02/06/2016 07:55:51 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 47000 Systemfehler: ============= Error: (02/06/2016 07:55:02 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (02/06/2016 07:55:00 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "CyberLink PowerDVD 12 Media Server Service" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert. Error: (02/06/2016 06:07:46 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:42 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:39 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:35 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:31 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:27 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:23 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. Error: (02/06/2016 06:07:19 AM) (Source: disk) (EventID: 7) (User: ) Description: Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0. CodeIntegrity: =================================== Date: 2016-02-06 16:59:20.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 16:59:20.238 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 16:59:19.542 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 16:59:19.531 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 03:35:35.768 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 03:35:35.756 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 03:20:30.822 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 03:20:30.809 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 03:14:11.743 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-06 03:14:11.717 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Prozentuale Nutzung des RAM: 40% Installierter physikalischer RAM: 7962.15 MB Verfügbarer physikalischer RAM: 4709.42 MB Summe virtueller Speicher: 9242.15 MB Verfügbarer virtueller Speicher: 4944.42 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:909.34 GB) (Free:274.07 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (RECOVERY) (Fixed) (Total:20.61 GB) (Free:2.08 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 298DD091) Partition: GPT. ==================== Ende von Addition.txt ============================ |
06.02.2016, 23:50 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Werbung und Spam im Browser Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
07.02.2016, 03:57 | #6 |
| Werbung und Spam im Browser Ich nutze Win 10 und erhalte folgende Nachricht [IMG][/IMG] |
07.02.2016, 12:51 | #7 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Werbung und Spam im Browser Ach...hab mal wieder nicht dran gedacht, dass CF da noch nicht geht Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ Logfiles bitte immer in CODE-Tags posten |
07.02.2016, 18:17 | #8 |
| Werbung und Spam im Browser Es wurde nichts gefunden Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2016.02.07.03 rootkit: v2016.01.20.01 Windows 10 x64 NTFS Internet Explorer 11.63.10586.0 Anton PC :: ANTON [administrator] 07.02.2016 17:03:21 mbar-log-2016-02-07 (17-03-21).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 439818 Time elapsed: 1 hour(s), 5 minute(s), Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
07.02.2016, 23:31 | #9 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Werbung und Spam im Browser Bitte AVG deinstallieren. Das Teil können wir einfach nicht mehr guten Gewissens empfehlen. => http://www.trojaner-board.de/171261-...zer-daten.html und Antivirensoftware: Schutz für Ihre Dateien, aber auf Kosten Ihrer Privatsphäre? | Emsisoft Blog Auch andere Freewareanbieter wie Avira, Avast oder Panda springen auf diesen oder ähnlichen Zügen rauf, basteln Junkware in die Setups, arbeiten mit ASK zusammen etc - etwas ist bei Sicherheitssoftware einfach inakzeptabel. Wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen. Gib Bescheid wenn AVG weg ist.
__________________ Logfiles bitte immer in CODE-Tags posten |
08.02.2016, 01:52 | #10 |
| Werbung und Spam im Browser Ok, AVG ist weg. Wie gehts weiter? |
08.02.2016, 09:17 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Werbung und Spam im Browser Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten |
08.02.2016, 16:48 | #12 |
| Werbung und Spam im BrowserCode:
ATTFilter # AdwCleaner v5.032 - Bericht erstellt am 08/02/2016 um 16:09:12 # Aktualisiert am 31/01/2016 von Xplode # Datenbank : 2016-02-07.2 [Server] # Betriebssystem : Windows 10 Home (x64) # Benutzername : Anton PC - ANTON # Gestartet von : C:\Users\Anton PC\Desktop\AdwCleaner_5.032.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore [-] Ordner Gelöscht : C:\Users\Anton PC\AppData\Roaming\Solvusoft [-] Ordner Gelöscht : C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Oxy [#] Ordner Gelöscht : C:\WINDOWS\SysNative\Tasks\Oxy ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml [-] Datei Gelöscht : C:\WINDOWS\SysNative\roboot64.exe ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** [-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [-] Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics\Deadpool\Play Deadpool.lnk [-] Verknüpfung Desinfiziert : C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk [-] Verknüpfung Desinfiziert : C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [-] Verknüpfung Desinfiziert : C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk [-] Verknüpfung Desinfiziert : C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk [-] Verknüpfung Desinfiziert : C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk [-] Verknüpfung Desinfiziert : C:\Users\Anton PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk ***** [ Aufgabenplanung ] ***** [-] Geplante Aufgabe Gelöscht : Oxy [-] Geplante Aufgabe Gelöscht : PileFile logon [-] Geplante Aufgabe Gelöscht : PileFile reminder ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A} [-] Schlüssel Gelöscht : HKCU\Software\DriverRestore [-] Schlüssel Gelöscht : HKCU\Software\Escolade [-] Schlüssel Gelöscht : HKCU\Software\eSupport.com [-] Schlüssel Gelöscht : HKCU\Software\Fabulous [!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKLM\SOFTWARE\SimpleFiles [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\DriverRestore [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\Escolade [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\eSupport.com [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\Fabulous [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\Mozilla\Extends [!] Schlüssel Nicht Gelöscht : HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\OCS ***** [ Internetbrowser ] ***** [-] [C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : mysearch.avg.com ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4975 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.2 (01.06.2016) Operating System: Windows 10 Home x64 Ran by Anton PC (Administrator) on 08.02.2016 at 16:26:25,68 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 1 Successfully deleted: C:\Program Files\005 (Folder) Registry: 2 Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{995F4BA9-CC4A-41A0-B361-FA996141DF9F} (Registry Key) Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{995F4BA9-CC4A-41A0-B361-FA996141DF9F} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 08.02.2016 at 16:29:07,87 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-01-2016 durchgeführt von Anton PC (Administrator) auf ANTON (08-02-2016 16:31:11) Gestartet von C:\Users\Anton PC\Desktop Geladene Profile: Anton PC (Verfügbare Profile: Anton PC) Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Wacom Technology, Corp.) C:\Program Files\Tablet\Wacom\WTabletServicePro.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe () C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7188552 2013-05-28] (Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2199840 2014-04-30] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [AtwtusbIcon] => C:\WINDOWS\system32\AtwtusbIcon.exe [3593728 2012-09-10] () HKLM\...\Run: [SoftEther VPN Client UI Helper] => C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-26] (SoftEther VPN Project at University of Tsukuba, Japan.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-17] (Synaptics Incorporated) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-10-13] (Apple Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [77088 2013-07-24] (Hewlett-Packard Company) HKLM-x32\...\Run: [RazerCortex] => C:\Program Files (x86)\Razer\Razer Cortex\RazerCortex.exe [98256 2015-07-14] (Razer Inc.) HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirnx.exe" /lps=fmw HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKLM\...\Policies\Explorer: [AllowLegacyWebView] 1 HKLM\...\Policies\Explorer: [AllowUnhashedWebView] 1 HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Chatango] => C:\Program Files (x86)\Chatango\Chatango.exe [356352 2008-02-05] (Pear Media, LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [uTorrent] => C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe [1822048 2015-11-08] (BitTorrent Inc.) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-01-20] (Overwolf LTD) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [Power2GoExpress8] => 0 HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2016-01-08] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8619224 2016-01-15] (Piriform Ltd) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileSyncShell64.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileSyncShell.dll [2015-12-12] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftEther VPN Client Manager Startup.lnk [2015-08-26] ShortcutTarget: SoftEther VPN Client Manager Startup.lnk -> C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe (SoftEther VPN Project at University of Tsukuba, Japan.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{38e9d8c9-7f0d-4c68-a246-630e47bda1c4}: [DhcpNameServer] 192.168.2.1 Tcpip\..\Interfaces\{c2767abb-22b6-4c78-91ae-3381eb80b539}: [DhcpNameServer] 192.168.2.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Software\Microsoft\Internet Explorer\Main,First Home Page = hxxp://g.uk.msn.com/HPNOT13/4 SearchScopes: HKLM -> {995F4BA9-CC4A-41A0-B361-FA996141DF9F} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files\BitComet\tools\BitCometBHO_1.5.4.11.dll [2013-11-29] (BitComet) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-11-29] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-11-29] (Oracle Corporation) Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> Kein Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Keine Datei Toolbar: HKU\S-1-5-21-3703029603-77815115-2748889256-1002 -> Kein Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365 FF Homepage: google.de FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-20] () FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-20] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll [2013-04-03] (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-11-29] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-11-29] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-09-12] (Microsoft Corporation) FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Plugin-x32: pmang.jp/pmangdiagnostic-1 -> C:\GameOn\Common files\nppmangdiagnostic_0.dll [2015-07-21] (gameon) FF Plugin-x32: pmang.jp/pmangsupport-1 -> C:\GameOn\Common files\nppmangsupport_0.dll [2015-07-21] (gameon) FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anton PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-10-06] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-3703029603-77815115-2748889256-1002: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom) FF Extension: 1-Click YouTube Video Downloader - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\extensions\YoutubeDownloader@PeterOlayev.com.xpi [2015-10-05] FF Extension: Easy Translate - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\jid1-f7dnBeTj8ElpWQ@jetpack.xpi [2016-02-05] FF Extension: YouTube Unblocker - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\youtubeunblocker@unblocker.yt [2015-12-03] FF Extension: Video DownloadHelper - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2015-10-30] FF Extension: Unity Notifier - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{d0c39035-e802-4a28-86d6-d695b56ad322}.xpi [2015-12-18] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-19] FF Extension: mpeg4 compiler plus - C:\Users\Anton PC\AppData\Roaming\Mozilla\Firefox\Profiles\lmvdbcpt.default-1440448851365\Extensions\{e861859d-4109-4946-85af-882c7e1deb3b}.xpi [2015-11-13] [ist nicht signiert] Chrome: ======= CHR StartupUrls: Default -> "hxxp://google.de/" CHR Profile: C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-24] CHR Extension: (Google Drive) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30] CHR Extension: (YouTube) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google-Suche) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Google Docs Offline) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-06] CHR Extension: (Google Mail) - C:\Users\Anton PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR HKLM-x32\...\Chrome\Extension: [dhigneefebkcagnpnpbibganpmfgebnk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1225216 2015-09-23] () S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2013-11-29] (www.BitComet.com) R2 CyberLink PowerDVD 12 Media Server Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-06-26] (CyberLink) R2 CyberLink PowerDVD 12 Media Server Service; C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-06-26] (CyberLink) S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [174112 2014-11-05] (EasyAntiCheat Ltd) U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2015-12-31] (Hi-Rez Studios) [Datei ist nicht signiert] R2 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [1039160 2013-10-08] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [373160 2015-12-19] (Intel Corporation) R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [140456 2012-03-28] () R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-05-08] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-08] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [3191392 2014-05-15] (INCA Internet Co., Ltd.) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1617696 2014-04-30] (NVIDIA Corporation) S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21007192 2014-04-30] (NVIDIA Corporation) S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009392 2016-01-20] (Overwolf LTD) R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [187048 2015-06-23] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [245832 2013-05-17] (Realtek Semiconductor) R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [129168 2015-07-14] (Razer Inc.) S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC) R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [5207272 2015-08-26] (SoftEther VPN Project at University of Tsukuba, Japan.) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) R2 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-06] (Wacom Technology, Corp.) S2 WTService; C:\WINDOWS\system32\atwtusb.exe [582144 2013-11-12] () [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 Avguniva; C:\Windows\System32\DRIVERS\avguniva.sys [23472 2016-01-08] (AVG Technologies CZ, s.r.o.) S3 ccpvhid; C:\Windows\System32\drivers\ccpvhid.sys [18184 2015-04-30] () R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-09-29] (Disc Soft Ltd) S3 hidkmdf; C:\Windows\System32\drivers\hidkmdf.sys [15624 2015-04-30] () S3 hxsyol; C:\WINDOWS\system32\hxsy64.sys [86352 2014-10-20] () R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R3 moufiltr; C:\Windows\System32\drivers\moufiltr.sys [7680 2009-03-08] (Windows (R) Codename Longhorn DDK provider) R3 Neo_VPN; C:\Windows\System32\drivers\Neo_VPN.sys [40704 2015-08-26] (SoftEther Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [18776 2014-04-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [4629744 2015-08-28] (Realtek Semiconductor Corporation ) R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [37184 2015-06-12] (Razer, Inc.) S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC) R1 SeLow; C:\Windows\system32\DRIVERS\SeLow_x64.sys [48896 2015-08-26] (SoftEther Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-07-17] (Synaptics Incorporated) S3 TabletFilter; C:\Windows\System32\drivers\TabletFilter.sys [7680 2012-08-15] (Windows (R) Win 7 DDK provider) R3 vhidmini; C:\Windows\System32\drivers\walvhid.sys [7552 2009-08-26] (Windows (R) Win 7 DDK provider) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-08 16:31 - 2016-02-08 16:31 - 00023914 _____ C:\Users\Anton PC\Desktop\FRST.txt 2016-02-08 16:29 - 2016-02-08 16:29 - 00000868 _____ C:\Users\Anton PC\Desktop\JRT.txt 2016-02-08 16:23 - 2016-02-08 16:26 - 01609032 _____ (Malwarebytes) C:\Users\Anton PC\Desktop\JRT.exe 2016-02-08 16:06 - 2016-02-08 16:13 - 00000000 ____D C:\AdwCleaner 2016-02-08 16:04 - 2016-02-08 16:06 - 01508352 _____ C:\Users\Anton PC\Desktop\AdwCleaner_5.032.exe 2016-02-08 15:18 - 2016-02-08 15:53 - 00000000 ____D C:\AVG_Remover 2016-02-08 02:04 - 2016-02-08 02:04 - 00000000 ____D C:\Users\Anton PC\AppData\LocalLow\Temp 2016-02-08 01:56 - 2016-02-08 15:18 - 07814344 _____ ( ) C:\Users\Anton PC\Downloads\AVG_Remover.exe 2016-02-07 15:58 - 2016-02-07 18:12 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-02-07 15:50 - 2016-02-07 18:12 - 00000000 ____D C:\Users\Anton PC\Desktop\mbar 2016-02-07 15:42 - 2016-02-07 15:50 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Anton PC\Desktop\mbar-1.09.3.1001.exe 2016-02-06 17:00 - 2016-02-06 17:02 - 00070495 _____ C:\Users\Anton PC\Downloads\Addition.txt 2016-02-06 16:59 - 2016-02-06 17:08 - 00070024 _____ C:\Users\Anton PC\Downloads\FRST.txt 2016-02-06 16:58 - 2016-02-08 16:31 - 00000000 ____D C:\FRST 2016-02-06 16:58 - 2016-02-06 17:07 - 02370560 _____ (Farbar) C:\Users\Anton PC\Desktop\FRST64.exe 2016-02-06 16:55 - 2016-02-06 16:55 - 00001449 _____ C:\2.txt 2016-02-05 20:16 - 2016-02-05 20:16 - 00001178 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-02-05 05:56 - 2016-02-07 00:31 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-05 02:54 - 2016-02-08 15:53 - 00000000 ____D C:\Program Files (x86)\AVG 2016-02-05 02:41 - 2016-02-05 02:53 - 245273648 _____ (AVG Technologies CZ, s.r.o.) C:\Users\Anton PC\Downloads\AVG_Antivirus_Free_x64_693.exe 2016-02-05 02:04 - 2016-02-05 02:21 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job 2016-02-03 02:38 - 2016-02-03 02:38 - 00000000 ____D C:\Users\Anton PC\Desktop\gifmaterial 2016-01-30 21:33 - 2016-01-30 22:48 - 00001664 _____ C:\WINDOWS\system32\ASOROSet.bin 2016-01-30 21:33 - 2016-01-30 21:33 - 00000000 ____D C:\WINDOWS\system32\config\RCCBakup 2016-01-30 21:30 - 2016-01-30 21:30 - 00002856 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC 2016-01-30 21:30 - 2016-01-30 21:30 - 00000830 _____ C:\Users\Public\Desktop\CCleaner.lnk 2016-01-30 21:30 - 2016-01-30 21:30 - 00000000 ____D C:\Program Files\CCleaner 2016-01-30 21:29 - 2016-01-30 21:30 - 06828320 _____ (Piriform Ltd) C:\Users\Anton PC\Downloads\ccsetup_514.exe 2016-01-30 21:10 - 2016-01-30 23:15 - 00000000 ____D C:\WINDOWS\LastGood 2016-01-30 20:46 - 2016-01-30 20:48 - 00000000 ____D C:\WINDOWS\LastGood.Tmp 2016-01-28 16:45 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 16:45 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 16:45 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 16:45 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 16:45 - 2016-01-16 07:21 - 22572624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-01-28 16:45 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 16:45 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 06600904 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 16:45 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 16:45 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 16:45 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 16:45 - 2016-01-16 07:17 - 21125400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-01-28 16:45 - 2016-01-16 07:16 - 05238360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-01-28 16:45 - 2016-01-16 07:13 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-01-28 16:45 - 2016-01-16 07:13 - 00576864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-01-28 16:45 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 16:45 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 16:45 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 16:45 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 16:45 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 16:45 - 2016-01-16 06:44 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-28 16:45 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 16:45 - 2016-01-16 06:40 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-01-28 16:45 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 16:45 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 16:45 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 16:45 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 16:45 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 16:45 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 16:45 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 16:45 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 16:45 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 16:45 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 16:45 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 16:45 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 16:45 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 16:45 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 16:45 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 16:45 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 16:45 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 16:45 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 16:45 - 2016-01-16 06:32 - 24602624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-01-28 16:45 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 16:45 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 16:45 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 16:45 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 16:45 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 16:45 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 16:45 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 16:45 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 16:45 - 2016-01-16 06:26 - 19338752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-01-28 16:45 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 16:45 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 16:45 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 16:45 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 16:45 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 16:45 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 16:45 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 16:45 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 16:45 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 12126208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 16:45 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 16:45 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 16:45 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 16:45 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 16:45 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 16:45 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 16:45 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 16:45 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 16:45 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-28 16:44 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 16:44 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 16:44 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 16:44 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 16:44 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 16:44 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 16:44 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:18 - 03593216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-01-28 16:44 - 2016-01-16 06:09 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-01-24 16:18 - 2016-01-24 16:20 - 00000000 ____D C:\ProgramData\CanonIJPLM 2016-01-24 16:18 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series 2016-01-24 16:17 - 2016-01-24 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities 2016-01-24 16:17 - 2016-01-24 16:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG4200 series Benutzerregistrierung 2016-01-24 16:17 - 2016-01-24 16:17 - 00000000 ____D C:\ProgramData\Canon IJ Network Tool 2016-01-24 16:17 - 2012-02-08 16:34 - 00320000 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9L.dll 2016-01-24 16:17 - 2012-01-26 10:25 - 00081664 _____ C:\WINDOWS\SysWOW64\CNC1763D.TBL 2016-01-24 16:17 - 2012-01-16 14:21 - 00103424 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC_B9U.dll 2016-01-24 16:17 - 2008-08-25 18:02 - 00015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll 2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information 2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\ProgramData\CanonBJ 2016-01-24 16:16 - 2016-01-24 16:16 - 00000000 ___HD C:\Program Files\CanonBJ 2016-01-24 16:00 - 2016-01-24 16:00 - 00000000 ____D C:\WINDOWS\SysWOW64\STRING 2016-01-24 15:59 - 2016-02-08 02:01 - 00000000 ____D C:\Users\Anton PC\Desktop\Neuer Ordner (3) 2016-01-24 07:16 - 2016-01-24 07:16 - 00001055 _____ C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iPadian.lnk 2016-01-24 07:15 - 2016-01-24 07:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iPadian 2016-01-24 07:14 - 2016-01-24 07:15 - 00000000 ____D C:\Program Files (x86)\iPadian 2016-01-21 18:08 - 2016-01-21 18:08 - 00867139 _____ C:\Users\Anton PC\Downloads\Dateiordner_Kleinübungen.zip 2016-01-21 18:05 - 2016-01-21 18:05 - 07393841 _____ C:\Users\Anton PC\Downloads\Dateiordner_Vorlesungsfolien.zip 2016-01-21 00:05 - 2016-01-21 00:05 - 00122599 _____ C:\Users\Anton PC\Documents\xsmap13th.mcr 2016-01-14 15:34 - 2016-02-06 03:37 - 00018292 _____ C:\Users\Anton PC\Documents\HLTcalcBETA1.0.xlsx 2016-01-14 08:49 - 2016-01-14 15:35 - 00009304 _____ C:\Users\Anton PC\Desktop\ninjasammy hlt.xlsx 2016-01-13 03:29 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 03:29 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 03:29 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 03:28 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 03:28 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 03:28 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 03:28 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 03:28 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 03:28 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 03:28 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 03:28 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 03:28 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 03:28 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 03:28 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 03:28 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 03:28 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 03:28 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 03:28 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 03:28 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 03:28 - 2016-01-05 03:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2016-01-13 03:28 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 03:28 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 03:28 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 03:28 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 03:28 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 03:28 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 03:28 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 03:28 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 03:28 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 03:28 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 03:28 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 03:28 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 03:28 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 03:28 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 03:28 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 03:28 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 03:28 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 03:28 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 03:28 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 03:28 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 03:28 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 03:28 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 03:28 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 03:28 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 03:28 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 03:28 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 03:28 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 03:28 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 03:28 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 03:28 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 03:28 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 03:28 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 03:28 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 03:28 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 03:28 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 03:28 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 03:28 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 03:28 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 03:28 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 03:28 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 03:28 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 03:28 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 03:28 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 03:28 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 03:28 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 03:28 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 03:28 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 03:28 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 03:28 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 03:28 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-11 14:09 - 2013-02-04 15:12 - 00367104 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUL.dll 2016-01-11 14:09 - 2012-11-26 12:24 - 00095744 _____ C:\WINDOWS\system32\CNC1771D.TBL 2016-01-11 14:09 - 2012-11-08 13:04 - 00282624 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUC.dll 2016-01-11 14:09 - 2012-11-08 13:03 - 00106496 _____ (CANON INC.) C:\WINDOWS\system32\CNC_BUI.dll 2016-01-11 14:08 - 2016-01-11 14:08 - 00103478 _____ C:\Users\Anton PC\Downloads\Entwurf Mietvertrag.pdf 2016-01-11 14:08 - 2016-01-11 14:08 - 00093585 _____ C:\Users\Anton PC\Downloads\schreiben an anton volkov (weiterer beteiligter).pdf 2016-01-09 16:44 - 2016-01-11 02:09 - 00000109 _____ C:\Users\Anton PC\Desktop\soulcraft rate.txt 2016-01-09 06:25 - 2016-01-15 08:27 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS 2016-01-09 06:00 - 2016-01-02 20:14 - 02660496 _____ (Sysinternals - www.sysinternals.com) C:\Users\Anton PC\Desktop\procexp.exe 2016-01-09 05:45 - 2016-01-09 05:45 - 01250844 _____ C:\Users\Anton PC\Downloads\ProcessExplorer161.zip ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-08 16:28 - 2015-08-26 02:52 - 00000000 ____D C:\Program Files\SoftEther VPN Client 2016-02-08 16:14 - 2014-06-22 17:42 - 00001126 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-08 16:13 - 2015-08-30 02:55 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Overwolf 2016-02-08 16:12 - 2015-12-10 22:39 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-02-08 16:12 - 2014-06-29 00:28 - 00000000 __SHD C:\Users\Anton PC\IntelGraphicsProfiles 2016-02-08 16:10 - 2015-12-10 23:14 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-08 16:10 - 2012-07-26 06:26 - 00000182 _____ C:\WINDOWS\win.ini 2016-02-08 16:09 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-08 16:09 - 2014-06-22 23:10 - 00001392 _____ C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-08 16:09 - 2014-06-22 17:43 - 00001374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-08 16:09 - 2013-11-10 09:19 - 00001137 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-08 16:01 - 2013-12-19 18:40 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-08 15:51 - 2015-11-27 17:27 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\AVG 2016-02-08 15:51 - 2015-11-27 17:18 - 00000000 ____D C:\ProgramData\Avg 2016-02-08 15:51 - 2015-10-30 08:24 - 00000000 ___HD C:\WINDOWS\ELAMBKUP 2016-02-08 15:51 - 2014-11-18 17:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Avg 2016-02-08 15:47 - 2014-06-22 17:42 - 00001130 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-08 11:40 - 2015-01-25 14:02 - 00000000 ____D C:\Program Files (x86)\Dragon Saga 2016-02-08 01:58 - 2013-12-24 13:14 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-07 17:03 - 2015-01-07 23:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-02-07 17:00 - 2015-01-07 23:51 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-02-07 16:51 - 2013-11-10 13:32 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Skype 2016-02-05 23:10 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-05 20:16 - 2015-01-07 23:51 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-02-05 14:52 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\Help 2016-02-05 06:22 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-05 03:02 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-05 02:45 - 2015-06-25 09:45 - 00000000 ____D C:\Program Files\Common Files\AV 2016-02-05 01:09 - 2013-11-24 22:41 - 00000000 ____D C:\Users\Anton PC\AppData\Local\ElevatedDiagnostics 2016-02-03 02:38 - 2015-10-05 19:45 - 00000000 ____D C:\Users\Anton PC\dwhelper 2016-02-03 02:28 - 2013-11-14 23:11 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\vlc 2016-02-02 20:09 - 2015-12-10 22:44 - 00000000 ____D C:\Users\Anton PC 2016-02-02 17:42 - 2014-06-22 17:42 - 00004188 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-02 17:42 - 2014-06-22 17:42 - 00003956 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-01 03:45 - 2015-10-16 18:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-31 18:46 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-01-30 23:23 - 2014-06-28 10:14 - 00000000 ____D C:\ProgramData\NVIDIA 2016-01-30 22:49 - 2015-12-10 22:31 - 00363496 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-01-30 22:49 - 2015-10-30 07:28 - 90963968 _____ C:\WINDOWS\system32\config\SOFTWARE.bak 2016-01-30 22:49 - 2015-10-30 07:28 - 17301504 _____ C:\WINDOWS\system32\config\SYSTEM.bak 2016-01-30 22:49 - 2015-10-30 07:28 - 00028672 _____ C:\WINDOWS\system32\config\SECURITY.bak 2016-01-30 21:39 - 2015-12-10 22:39 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2016-01-30 21:39 - 2014-08-01 10:26 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\PhotoScape 2016-01-30 21:39 - 2014-06-20 22:30 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\uTorrent 2016-01-30 21:39 - 2014-04-18 16:55 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-01-30 21:37 - 2015-12-16 14:56 - 00000000 ____D C:\WINDOWS\Minidump 2016-01-30 21:37 - 2015-12-10 22:29 - 00000000 ___DC C:\WINDOWS\Panther 2016-01-29 19:54 - 2013-11-09 23:05 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-29 03:43 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-01-29 02:44 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-28 12:20 - 2015-02-25 11:54 - 00000000 ____D C:\Users\Anton PC\AppData\Local\Steam 2016-01-26 23:20 - 2015-08-30 02:57 - 00000000 ____D C:\Program Files (x86)\Overwolf 2016-01-24 16:19 - 2014-04-10 16:30 - 00000000 ___HD C:\ProgramData\CanonIJScan 2016-01-24 16:19 - 2014-04-08 22:42 - 00000000 ____D C:\Users\Anton PC\AppData\Roaming\Canon 2016-01-24 16:19 - 2014-04-08 22:25 - 00000000 ____D C:\Program Files (x86)\Canon 2016-01-24 16:17 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media 2016-01-24 16:11 - 2015-12-10 22:44 - 02006668 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-24 16:11 - 2015-10-30 19:35 - 00854790 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-24 16:11 - 2015-10-30 19:35 - 00188478 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-14 22:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-13 07:04 - 2013-11-10 09:44 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-13 06:58 - 2013-11-10 09:44 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-10 09:12 - 2015-01-02 01:13 - 00000000 ____D C:\Users\Anton PC\Desktop\Neuer Ordner ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-02-15 14:38 - 2014-02-15 14:38 - 0041984 ___SH () C:\Users\Anton PC\AppData\Roaming\Thumbs.db 2013-12-30 16:53 - 2015-03-27 20:57 - 0018432 _____ () C:\Users\Anton PC\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-11-24 01:50 - 2015-11-24 01:50 - 0001496 _____ () C:\Users\Anton PC\AppData\Local\recently-used.xbel 2013-12-28 18:58 - 2015-03-28 04:33 - 0007603 _____ () C:\Users\Anton PC\AppData\Local\Resmon.ResmonCfg Einige Dateien in TEMP: ==================== C:\Users\Anton PC\AppData\Local\Temp\avg-e83bd579-7d6b-4773-9c00-67345c3e762f.exe C:\Users\Anton PC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-31 17:30 ==================== Ende von FRST.txt ============================ |
08.02.2016, 16:48 | #13 |
| Werbung und Spam im BrowserCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016 durchgeführt von Anton PC (2016-02-08 16:32:20) Gestartet von C:\Users\Anton PC\Desktop Windows 10 Home (X64) (2015-12-11 03:11:59) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3703029603-77815115-2748889256-500 - Administrator - Disabled) Anton PC (S-1-5-21-3703029603-77815115-2748889256-1002 - Administrator - Enabled) => C:\Users\Anton PC DefaultAccount (S-1-5-21-3703029603-77815115-2748889256-503 - Limited - Disabled) Gast (S-1-5-21-3703029603-77815115-2748889256-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3703029603-77815115-2748889256-1004 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) “Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P (HKLM-x32\...\“Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P) (Version: - ) “Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P-KURENAI- (HKLM-x32\...\“Œ•ûƒXƒJƒCƒAƒŠ[ƒiEŒ¶‘z‹½‹óí•P-KURENAI-) (Version: - ) µTorrent (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\uTorrent) (Version: 3.4.5.41202 - BitTorrent Inc.) 3D少女カスタムエボリューション (HKLM-x32\...\{176CAA79-B214-415A-8BA5-AF5443084F29}) (Version: 1.0.0 - Bullet) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.) Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ARK: Survival Evolved (HKLM-x32\...\Steam App 346110) (Version: - Studio Wildcard) Artweaver 1.0 (HKLM-x32\...\{A025CFB8-64E7-4432-824F-11E7C5ED2ECE}_is1) (Version: 1.0 - Boris Eyrich Software) Assassin's Creed (HKLM-x32\...\Assassin's Creed_is1) (Version: - R.G. Mechanics) Assassins Creed II (HKLM-x32\...\{BB97B9D4-6F63-4F10-AAF0-F1AC62B5FGBG}_is1) (Version: 1.0.1.17 - ) Auslogics DiskDefrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 5.4.0.0 - Auslogics Labs Pty Ltd) BitComet 1.39 64-bit (HKLM-x32\...\BitComet_x64) (Version: 1.39 - CometNetwork) Black Desert (HKLM-x32\...\Pmang_BlackDesert_live) (Version: 35935176 - GameOn) Black Desert Patcher Japan (HKLM-x32\...\{2819E24B-7580-4A4F-B692-5D4986056940}) (Version: 1.0.0.5 - LokiReborn) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.0.0 - Canon Inc.) Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.) Cartes du Ciel (HKLM-x32\...\Cartes du Ciel) (Version: - ) CCleaner (HKLM\...\CCleaner) (Version: 5.14 - Piriform) Chatango Message Catcher (HKLM-x32\...\Chatango) (Version: - ) Common (HKLM-x32\...\Pmang_common) (Version: 11228104 - GameOn) Curse (HKLM-x32\...\{1F2611FB-6F69-4AA8-BECD-243BD8CB45F3}) (Version: 6.0.0.0 - Curse) CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4.6515 - CyberLink Corp.) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.4.2928 - CyberLink Corp.) Cyberlink PhotoDirector (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.2.4128 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3026 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.4.3021 - CyberLink Corp.) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.1.3024 - CyberLink Corp.) CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 5.0.1.2922 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd) Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version: - FromSoftware) DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive) Deadpool (HKLM-x32\...\Deadpool_R.G. Mechanics_is1) (Version: - R.G. Mechanics, spider91) Dino D-Day - Dedicated Server (HKLM-x32\...\Steam App 70010) (Version: - ) Dino D-Day (HKLM-x32\...\Steam App 70000) (Version: - 800 North and Digital Ranch) Dino D-Day SDK (HKLM-x32\...\Steam App 70004) (Version: - ) DisableMSDefender (Version: 1.0.0 - Hewlett-Packard Company) Hidden Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Epic Games Launcher (HKLM\...\{3AA63526-B2A9-4480-8C0F-13731E227BE9}) (Version: 1.1.38.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Eternal Senia (HKLM-x32\...\Steam App 351640) (Version: - Holy Priest) Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Fraps (HKLM-x32\...\Fraps) (Version: - ) Free Audio Converter version 5.0.59.525 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.59.525 - DVDVideoSoft Ltd.) Free AVI Video Converter version 5.0.32.1230 (HKLM-x32\...\Free AVI Video Converter_is1) (Version: 5.0.32.1230 - DVDVideoSoft Ltd.) Free Video to MP3 Converter version 5.0.48.922 (HKLM-x32\...\Free Video to MP3 Converter_is1) (Version: 5.0.48.922 - DVDVideoSoft Ltd.) Free YouTube Download version 3.2.49.1022 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.49.1022 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.) Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios) GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.103 - Google Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden Guns of Icarus Online (HKLM-x32\...\Steam App 209080) (Version: - Muse Games) Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios) HP 3D DriveGuard (HKLM-x32\...\{07F6DC37-0857-4B68-A675-4E35989E85E3}) (Version: 6.0.15.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\HPConnectedMusic) (Version: 1.1 (build 71) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{59F8C5AA-91BD-423D-BF05-09A80F39898F}) (Version: 2.10.62 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{61245005-66F1-4001-AEE8-2E2D36F65C28}) (Version: 1.1.0.0 - Hewlett-Packard) HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6838.4521 - Hewlett-Packard) HP System Event Utility (HKLM-x32\...\{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}) (Version: 1.0.10 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{A48BD764-CFDF-40A5-A07A-710908044F5D}) (Version: 2.2.2 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.3.1520 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation) iPadian version 1.5 (HKLM-x32\...\{0DB90A1C-2C08-429C-8595-FD9848121D28}_is1) (Version: 1.5 - iPadian, Inc.) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan) iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.) Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle) Launcher Prerequisites (x64) (x32 Version: 1.0.0.0 - Epic Games, Inc.) Hidden LOOT (HKLM-x32\...\LOOT) (Version: 0.6.1 - LOOT Development Team) Mabinogi (HKLM-x32\...\Mabinogi) (Version: - devCAT) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Manga Studio Debut 4.0 (HKLM-x32\...\{3D8D1A54-1A82-4876-985C-56986B47F15D}) (Version: 4.0.5 - Smith Micro) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.61.2 - Black Tree Gaming) Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 151201.123186 - Square Enix Ltd) NVIDIA GeForce Experience 2.0.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.0.1 - NVIDIA Corporation) NVIDIA Grafiktreiber 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation) Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - ) ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version: - Spiral Game Studios) Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.3.0 - Overwolf Ltd.) Paladins (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF402}) (Version: 0.12.774.0 - Hi-Rez Studios) Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version: - TamaSoftware) PhotoScape (HKLM-x32\...\PhotoScape) (Version: - ) Pmangインストールマネージャー (HKLM-x32\...\Pmang) (Version: 1.0.1.1 - GameOn,Pmang) Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 6.0.29.0 - Razer Inc.) Realtek Card Reader (HKLM-x32\...\{F0A8BF4A-972F-41E0-9800-1EFE3BF28266}) (Version: 1.1.9200.15 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.15.410.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6923 - Realtek Semiconductor Corp.) REALTEK Wireless LAN Driver (HKLM-x32\...\{A5107464-AA9B-4177-8129-5FF2F42DD322}) (Version: 1.00.12.0906 - REALTEK Semiconductor Corp.) Robocraft (HKLM-x32\...\Steam App 301520) (Version: - Freejam) Sakura Clicker (HKLM-x32\...\Steam App 383080) (Version: - Winged Cloud) SHIELD Streaming (Version: 2.1.108 - NVIDIA Corporation) Hidden Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.103 - Skype Technologies S.A.) SMITE (HKLM-x32\...\Steam App 386360) (Version: - Hi-Rez Studios) SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.18.9570 - SoftEther VPN Project) Star Wars: The Force Unleashed (HKLM-x32\...\Star Wars: The Force Unleashed_is1) (Version: 1.0 - Activision) Star Wars: The Force Unleashed 2 (HKLM-x32\...\Star Wars: The Force Unleashed 2_is1) (Version: 1.0 - LucasArts) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.95 - Synaptics Incorporated) TeamSpeak 3 Client (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer) The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios) TI Black Link 32 (HKLM-x32\...\TI Black Link 32) (Version: - ) TI Connect™ (HKLM-x32\...\{D06BA64C-4447-49B4-B99D-E85BEA9E1035}) (Version: 4.0.0.218 - Texas Instruments Inc.) Trust tablet driver (HKLM\...\RmTablet) (Version: 5.05 - ) TuxGuitar (HKLM-x32\...\{03534DA5-2F88-4B8E-A978-849B979E1B8F}) (Version: 1.2 - Herac) Unity Web Player (HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\UnityWebPlayer) (Version: - Unity Technologies ApS) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN) Wacom Tablett (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.) Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.) Windows Driver Package - Texas Instruments Inc. (SilvrLnk) USB (06/11/2009 1.0.0.0) (HKLM\...\EC3E466026556D3EB760B01C4772277614354E11) (Version: 06/11/2009 1.0.0.0 - Texas Instruments Inc.) Windows Driver Package - Texas Instruments Inc. (TIEHDUSB) USB (09/02/2009 1.0.0.1) (HKLM\...\7511B29C86C398B4D11A0B0E4176CAD68D1B7057) (Version: 09/02/2009 1.0.0.1 - Texas Instruments Inc.) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation) WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3703029603-77815115-2748889256-1002_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) CustomCLSID: HKU\S-1-5-21-3703029603-77815115-2748889256-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Anton PC\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {06327FC5-9CA9-40B3-BA61-8FD063D32DA2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {085FAAF2-355F-482E-A63C-9DFCB1570B2B} - System32\Tasks\{1B7C4777-0D52-4B1A-A512-DE9C11AF4ED3} => pcalua.exe -a "C:\Program Files\Sandboxie\Start.exe" -d "C:\Program Files (x86)\Dragon Saga" -c /box:__ask__ "C:\Program Files (x86)\Dragon Saga\Patcher.exe" Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {19B18EF0-802C-4648-9018-4DE60302E0B1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {213B4543-ACFE-4E1E-B86A-5B4D0EF1CC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {277339AF-2DE3-414B-A40B-39DFD073D4EC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe Task: {2BC3A29A-3AE6-4C02-B36D-6A9577110B61} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-03-12] (CyberLink) Task: {39CB9CBC-991E-4BA9-BBA8-28188766DEDD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-01-15] (Piriform Ltd) Task: {3C2FDB9B-93B7-4573-80A7-40B70B7B2FCA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {484B28FA-8F88-4EF1-877E-9AC23CE56E49} - System32\Tasks\{BDF5685C-5C2D-486A-B0DD-CDD0117252CE} => pcalua.exe -a "C:\Users\Anton PC\Downloads\skse_1_07_01_installer.exe" -d "C:\Users\Anton PC\Downloads" Task: {4A3EBBA7-BAF5-4FC6-829C-5248A34C6EA9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {55BC6ED0-C6C5-4886-A443-E5575EF8D7C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {57BE4E8E-7327-4ADE-ACA1-D397FAAE204B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {580E4086-8927-43A6-9939-5C839941AC83} - System32\Tasks\{9A33742B-D214-4D20-AEE8-B0C1F7411A8A} => pcalua.exe -a "C:\Users\Anton PC\Desktop\STARWARS\GameData\Start-MP.exe" -d "C:\Users\Anton PC\Desktop\STARWARS\GameData" Task: {5C5E9305-5AFF-487A-A174-E6695D056150} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {6B5D3D9A-AE86-4374-9780-D0E8D352559C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {75A4C308-895E-47B0-A971-05BC28A7F07E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {8ED48568-A31E-4D8C-A326-55495FD4BE26} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {9AF38656-48F2-4FA4-9C9A-BCC77679EE47} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {9C385D64-3672-42BC-9B33-BF9E3C8D9471} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation) Task: {B9A397FD-2BF6-4AE3-BA42-A3A5989FC2B8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-20] (Adobe Systems Incorporated) Task: {C3B3C36F-FE11-4023-8991-D5C591C8D35D} - System32\Tasks\{3F6F3723-B3C2-467B-984D-E388399B93D6} => pcalua.exe -a "C:\Users\Anton PC\AppData\Roaming\webssearches\UninstallManager.exe" -d "C:\Users\Anton PC\AppData\Roaming\webssearches" <==== ACHTUNG Task: {C484444E-A09A-4838-90C2-7267168A1C01} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {C606D238-6D5E-484C-8871-21CD71851958} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-06-07] (Hewlett-Packard Development Company, L.P.) Task: {FA83EBC0-66D3-4385-B1CD-DA0CFFC25F3F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {FBF2BBDB-9E39-42BF-9030-1DF695121323} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {FD94A03E-ACA6-4962-899C-33F10623EC27} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {FE528792-A49C-4BC6-A755-A32D39AA0E89} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-01-20] (Overwolf LTD) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 04:45 - 2015-10-13 04:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2016-01-24 16:18 - 2012-03-28 13:49 - 00140456 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE 2015-12-10 22:23 - 2015-12-10 22:23 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-10 22:23 - 2015-12-10 22:23 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-22 13:41 - 2016-01-22 13:42 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-06-23 20:11 - 2015-06-23 20:11 - 00187048 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe 2015-12-18 00:43 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 00:43 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 03:29 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 03:29 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-28 16:45 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-28 16:45 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-01-22 13:41 - 2016-01-22 13:42 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 13:41 - 2016-01-22 13:42 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2013-09-26 00:37 - 2013-05-08 22:23 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\aeriagames.com -> hxxps://aeriagames.com IE trusted site: HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\aeriagames.com -> hxxp://aeriagames.com ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 14:25 - 2016-02-04 04:09 - 00001110 ____A C:\WINDOWS\system32\Drivers\etc\hosts 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com 127.0.0.1 down.baidu2016.com 127.0.0.1 123.sogou.com 127.0.0.1 www.czzsyzgm.com 127.0.0.1 www.czzsyzxl.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3703029603-77815115-2748889256-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Anton PC\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: 192.168.2.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\StartupFolder: => "SoftEther VPN Client Manager Startup.lnk" HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "APSDaemon" HKLM\...\StartupApproved\Run32: => "GrooveMonitor" HKLM\...\StartupApproved\Run32: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "CanonQuickMenu" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\StartupFolder: => "Rainmeter.lnk" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "uTorrent" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "WinThrusterReminder" HKU\S-1-5-21-3703029603-77815115-2748889256-1002\...\StartupApproved\Run: => "WinThruster" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{E3DB8EF0-70B0-48D3-82AC-3220E9F3E98F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [{87F38B86-86F9-41F5-BFBF-14052D10BC89}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [{95F9F96F-E70F-4966-B067-F6989A8BCD23}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E2B16ACE-967B-4300-829E-AC3F8BF9483E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{E84151B3-8CC8-41C3-9503-3A4D043D6DE8}C:\program files (x86)\assassins creed ii\assassinscreediigame.exe] => (Allow) C:\program files (x86)\assassins creed ii\assassinscreediigame.exe FirewallRules: [TCP Query User{568676BE-7B89-4F4B-A87B-F322AAC81B66}C:\program files (x86)\assassins creed ii\assassinscreediigame.exe] => (Allow) C:\program files (x86)\assassins creed ii\assassinscreediigame.exe FirewallRules: [{B02CC5A3-2DFB-40B6-A800-33A585E0C431}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{A3DCADFE-7245-4127-88BD-2FE972D74A0D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{36EFD361-E5AF-441B-A9E3-897B67840436}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{5F4C2094-217A-45A4-9E3D-FD0F71FC1D74}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{50D15C0B-7BD0-41B0-A586-51C53353DABA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [UDP Query User{8F19C91D-F3F7-466C-8654-76630C5C5889}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [TCP Query User{E2591BDA-AD3C-4EA9-A796-8B190AD65627}C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe] => (Allow) C:\program files\epic games\unrealtournamentdev\engine\binaries\win64\ue4-win64-test.exe FirewallRules: [UDP Query User{EE0B2A88-05E9-4ACA-8DB7-D86715CA92BA}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [TCP Query User{2C24EFF2-04FB-476E-9332-F5D8690393C8}C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\smite\binaries\win32\smite.exe FirewallRules: [{F7DB1A82-5855-4848-89C2-B99A472A1BCD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{5D4E312F-1C99-4A2C-9521-DD9EB160966D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SMITE\Binaries\Win32\HirezBridge.exe FirewallRules: [{ABD1150D-21D7-4411-A628-D1B4275467D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{33061ECB-EAD8-4B40-8E5F-D18997C93D4A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dark Souls Prepare to Die Edition\DATA\DARKSOULS.exe FirewallRules: [{113F8585-297D-4BE3-ADFC-6982E43B1CB5}] => (Allow) LPort=23640 FirewallRules: [{EFE263C1-DF6C-42DA-A7CF-4308A1E12679}] => (Allow) LPort=23640 FirewallRules: [UDP Query User{26E9BCFD-30AC-4A54-A10C-C9FD2F2D3F10}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe FirewallRules: [TCP Query User{5855C4CD-8DAD-461C-8696-CCD473502536}C:\program files\bitcomet\bitcomet.exe] => (Allow) C:\program files\bitcomet\bitcomet.exe FirewallRules: [{00E9F44C-EAD6-4989-A396-0AFA2E5C3FE7}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{422AD887-514D-42B9-A848-D1F3BC0CC361}] => (Allow) C:\Program Files\BitComet\BitComet.exe FirewallRules: [{C66AE3A1-E6CD-4D98-A6E7-843CA44A5FF2}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd_x64.exe FirewallRules: [{3E955B4A-50BB-40F3-A559-C260393C2C92}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmd.exe FirewallRules: [{D6BD9C92-6168-416D-8730-2DA5C183C2C6}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr_x64.exe FirewallRules: [{53FE65DC-0848-4817-B192-BB9E4BD6F0CA}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient.exe FirewallRules: [{9FC22947-24F1-4144-8865-EC7B604AA835}] => (Allow) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe FirewallRules: [{776F793C-E9DB-456E-80D7-15075C2A77CD}] => (Allow) C:\Program Files\SoftEther VPN Client\vpncmgr.exe FirewallRules: [{AA84FA05-DF1D-4661-9AA1-D13AB0FEA8BA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eternal Senia\Game.exe FirewallRules: [{48EE42AB-147E-4439-8013-D3B849ABB6B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Eternal Senia\Game.exe FirewallRules: [{E0EA7CFE-5E2C-42E5-A0A8-BEC4566341B3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sakura Clicker\Sakura Clicker.exe FirewallRules: [{D3F64703-9D6C-40DA-B57B-B4106B1B0A2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Sakura Clicker\Sakura Clicker.exe FirewallRules: [{D2DB17A9-7431-4571-9298-A54DF2E9B70D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{79164FD2-607F-4D97-A53A-B5A60C675137}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{86ABBC46-1933-4C67-80E7-645A479333A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{90B2B1D2-F772-410F-A367-F80AA4D27FF0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{879F2E13-109F-427F-9A2B-282F99D34C25}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{1BEEEC13-ADEE-4AC9-B646-A30AA56E87FE}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{23D0FD85-367B-4882-942C-8B4713B18D1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{66FB5DF7-DC4B-43B0-8E89-89275CD8E5D5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{1CE36779-36B7-4D65-8F55-D2177E060C8A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{6911D81A-20C1-43B9-94B2-A37F6A6656F4}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{055EAA43-11DA-4065-ACC1-7B8C27A4ED20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\RemoteCrashSender.exe FirewallRules: [{F9F3AF0A-E5B4-4808-A35B-CE68E60C76F9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{0B629D1A-D156-41A7-9A63-D3CF5FE52E42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{96740510-9268-4984-BE8A-E84452EA4C7C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{656BA90C-DB47-441B-9B59-18590A3426E5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.x64.exe FirewallRules: [{94EAA066-5943-473C-B530-A4DC1120BB62}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Warframe\Warframe.exe FirewallRules: [{391036F2-A620-462E-B4C3-45537027FA71}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{6EE6E312-17E4-4ACA-8F79-5F0A4CBAD54E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe FirewallRules: [{0FF5F186-15BB-4D60-98BD-8F601B07261D}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{1E4A45EC-4D60-48CE-9C5E-C7D41AFF0432}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{31FC107E-FFFC-4B9B-A349-61B937D6290C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{8906BAFF-6DAE-45FD-8EAC-3BC5D91200C2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe FirewallRules: [{1059E80D-C95B-4F1B-B3C5-2B0987F9CF91}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{C27CA92A-413F-4F1E-B58E-48C6BB9CB5C1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\GunsOfIcarusOnline.exe FirewallRules: [{C406B7AF-8A40-447B-8A8D-EF805D6ECD0D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{01650EEA-7C80-412A-9DCB-F0A461078514}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Skyrim\SkyrimLauncher.exe FirewallRules: [{F3E39544-D23B-456B-9EC5-37F742FFD48B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [{A8D21F6A-5F5E-40C3-9477-6113913B485F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe FirewallRules: [UDP Query User{9F8FA53D-1651-4080-B22B-18215A69E7D2}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{117C2A74-2F76-48BB-BA05-1772C6A9CB87}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{72C8B78B-953F-4EB6-BB28-1671BB1792C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\bin\SDKLauncher.exe FirewallRules: [{D8EE3577-DD73-4E0F-8EA4-477793975F6D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\bin\SDKLauncher.exe FirewallRules: [{FB43DECA-55A3-42C7-B52F-C006C1B647E3}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\srcds.exe FirewallRules: [{565DB7DA-B680-4CC2-91A5-4ADC36A4C367}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\srcds.exe FirewallRules: [{CA222463-A0BB-418E-955A-B75ACF57F2F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{64180FFD-799B-457B-A1B4-FBA561604ED1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{78059BFF-2616-49EC-BDB4-D0D26C0F8051}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\dinodday.exe FirewallRules: [{A7488152-1C66-48B4-A44D-3B78147E8C1E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dino D-Day\dinodday.exe FirewallRules: [{C7794058-168C-4547-9517-705302BA2D1F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{17A813FC-2E16-4AAD-8F4B-469D7B2E6C51}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{220E4D22-DE61-4F23-82BB-9C48BDF851EC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{B262AEC6-57FA-4D6F-A90C-C24292ACF35B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Robocraft\Robocraft.exe FirewallRules: [{DAD3B131-6D29-49AC-AFAC-C4189EF8B473}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [{428C0B1C-694C-45D6-8017-5C0518D7C4A6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\Binaries\Win32\Nosgoth.exe FirewallRules: [UDP Query User{F7134694-8E67-49A2-A29E-5E2A6407FB0F}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [TCP Query User{17832D36-3A45-4F18-8DD6-3E714A1BD980}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [UDP Query User{7E249299-D7F3-4B7B-BDF6-923767502554}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Allow) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [TCP Query User{812FE970-3FF0-41B1-83A7-C86A8C1EBD91}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe] => (Allow) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒi\tsa.exe FirewallRules: [UDP Query User{5D889FB7-F6C7-4919-A8A0-C08F00FCB91D}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe FirewallRules: [TCP Query User{1AC912F3-D19A-49A5-942A-4CBD0D2C54E6}C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe] => (Block) C:\program files (x86)\—ìˆæzero\“œ•ûƒxƒjƒcƒaƒš[ƒikurenai\tsa_k.exe FirewallRules: [{14D1061E-3729-4C95-B8F9-E518323B9925}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{A5DA4205-F3CF-40CF-B4CA-1EB0B48CE523}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe FirewallRules: [{A72E7293-A8F8-4915-B485-066B0BB2C8DC}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{AED237FB-303D-4D9F-A4C6-BC4AE26E1E79}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{8BAAF683-7F31-47B1-9858-E607BF271BF2}] => (Allow) C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [{3FA3D292-FC13-463E-88F8-764C68F53EE7}] => (Allow) C:\Users\Anton PC\AppData\Roaming\uTorrent\uTorrent.exe FirewallRules: [UDP Query User{9E7480A9-377E-4BA4-A6C8-057ECF6314F7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [TCP Query User{F8FBFF3D-46C8-4864-95C9-77F330857EC3}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{6F0CF29B-083F-4461-A084-329036174C13}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{010D3DD5-8602-4766-AC3D-05D10122E350}] => (Allow) LPort=2869 FirewallRules: [{C46CF06C-04E1-4751-9E52-4A14AA488B05}] => (Allow) LPort=1900 FirewallRules: [{76E52E9A-7699-4D23-B349-F455744B744A}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{B1ED4985-8FF8-498A-B3B8-1F842B6C38DA}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{A2E77DA4-A2A4-4BE5-9D1B-98216138F1B4}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{D8067A77-3736-4B74-B505-175B2E2F065D}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\HPConnectedMusic.exe FirewallRules: [{254A3434-D381-416A-BDAE-6C8B781F9A07}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{D54610A9-7815-4072-AAE6-7A8C35BE3357}] => (Allow) %LocalAppData%\HPConnectedMusic\Application\spotify_helper.exe FirewallRules: [{E0F61895-5B80-4440-8A35-48830D254EBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3578F3A3-5E8C-4517-9875-7515B5EA510F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{11C1D138-9590-4AF3-BC91-EA7B9694ABC1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{34815F4C-5BBA-4089-8366-44039A4D127A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{93B9F365-802C-4816-A19A-38AFF52C7CDA}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{FFDA35FE-D1BD-44C6-ABE7-B788EB809236}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe FirewallRules: [{0B5EBBBF-BB9E-4DF8-ADDD-C5DD20287F03}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{DD8EA82F-4371-478B-9D81-F69AE5F2D54D}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{D9224232-0F6E-4735-B55C-5968BE52EB49}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{64A6D3C9-BFA6-43D8-9CF0-1FDA2A3512A3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{6A9EFB83-1DA0-4009-B790-7A25977BAC97}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CAD53E08-9B41-453F-93C0-9D4CEC3882CB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{CD24ED56-F6F9-468F-8912-966F724BE825}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe FirewallRules: [{67EB704D-C028-4ED3-8C3C-2EE37A7C8DF4}] => (Allow) C:\Program Files (x86)\LucasArts\Star Wars The Force Unleashed 2\SWTFU2.exe FirewallRules: [TCP Query User{EFBEF195-9C60-43BB-863A-1ECB5F07F82B}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [UDP Query User{0EF1D8E3-F6F6-4C3C-A8B6-CC65F171ECDE}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe FirewallRules: [{0C97BDD7-9A01-4EA1-9C82-D7618150E1BE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{54770E8A-913E-47EA-8F72-74AD684EC86D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{F41A9B5E-D3C3-4C62-9265-A13CAFD71075}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{9159D147-94DA-434F-9AC0-F62FFB1B5948}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe FirewallRules: [{977B8BDF-F9B5-446F-A774-67391FDD67D0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{596947A3-D231-4D5A-AB0E-42F10A5D0FB0}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [TCP Query User{8F425C5F-42F5-48B1-B367-84F469B04209}C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe FirewallRules: [UDP Query User{8952454D-8090-4648-A00C-ACBF8A5A3AC2}C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\anton pc\appdata\roaming\utorrent\utorrent.exe FirewallRules: [TCP Query User{23517EC1-DF2B-48FB-BDBB-86E8BC7BD585}C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe] => (Allow) C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe FirewallRules: [UDP Query User{16856530-D8E4-43CF-B103-F20D5C2725CD}C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe] => (Allow) C:\users\anton pc\desktop\starwars\gamedata\jk2mp.exe FirewallRules: [{840FFB48-B8DA-4919-B3C8-709CD1C26EB8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe FirewallRules: [{2F4D60BD-EB05-4FC1-B5B1-D5E6BBE25015}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\nosgoth\NosgothLauncher.exe FirewallRules: [TCP Query User{278345F8-85F9-44F3-B829-87A9280F1248}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [UDP Query User{5AC0333F-2755-40B9-A6F9-B052626F73BB}C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe] => (Allow) C:\program files (x86)\hi-rez studios\hirezgames\paladins\binaries\win32\paladins.exe FirewallRules: [{927EB06D-E4DC-4317-BA14-D2052D0C6553}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{BE470CB0-8A63-4EA8-AD18-BF70C79D8215}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{B09BAAC6-DAC1-4413-8936-E8C8C68A7D9A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{0FFC754D-BF2D-4730-8E3E-40F2357EFF2A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe FirewallRules: [{200760F2-2727-44D7-86D3-4E19A82896EB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{437807EA-97F1-4F5F-8F14-AFEC595B28F5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Guns of Icarus Online\workshop\Workshop.exe FirewallRules: [{EAC08823-CAA0-4D7C-A7F9-F74EACFA7A70}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{7E59637D-A21F-45E4-B331-EA58EA967751}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe FirewallRules: [{475E889B-DED0-4BB4-BC73-B8F3C0D2212B}] => (Allow) C:\Program Files (x86)\AVG\Av\avgdiagex.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe] => Enabled:Flashget3 ==================== Wiederherstellungspunkte ========================= 05-02-2016 02:55:38 Installed AVG 2016 05-02-2016 02:57:45 Installed AVG 08-02-2016 16:26:30 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/08/2016 04:26:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (02/08/2016 04:18:55 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt Error: (02/08/2016 04:18:55 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig Error: (02/08/2016 04:02:34 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt Error: (02/08/2016 04:02:34 PM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig Error: (02/08/2016 03:53:20 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: ) Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008] Error: (02/08/2016 11:45:24 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt Error: (02/08/2016 11:45:23 AM) (Source: OverwolfUpdater) (EventID: 0) (User: ) Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig Error: (02/08/2016 02:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 14860 Error: (02/08/2016 02:42:48 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 14860 Systemfehler: ============= Error: (02/08/2016 04:27:13 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "SoftEther VPN Client" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/08/2016 04:27:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/08/2016 04:27:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "WTService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/08/2016 04:27:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/08/2016 04:20:04 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {B91D5831-B1BD-4608-8198-D72E155020F7} Error: (02/08/2016 04:18:03 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {B91D5831-B1BD-4608-8198-D72E155020F7} Error: (02/08/2016 04:15:14 PM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Übermittlungsoptimierung" wurde nicht richtig gestartet. Error: (02/08/2016 04:11:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "MBAMService" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/08/2016 04:11:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Razer Game Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error: (02/08/2016 04:11:12 PM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Razer Game Scanner Service erreicht. CodeIntegrity: =================================== Date: 2016-02-08 11:43:44.438 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 11:43:44.428 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 11:43:44.034 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 11:43:44.024 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 11:43:44.015 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 11:43:44.004 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 01:54:55.873 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 01:54:55.855 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 01:54:55.251 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2016-02-08 01:54:55.204 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\AVG\Av\avgidsagent.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz Prozentuale Nutzung des RAM: 30% Installierter physikalischer RAM: 7962.15 MB Verfügbarer physikalischer RAM: 5513.93 MB Summe virtueller Speicher: 9242.15 MB Verfügbarer virtueller Speicher: 6919.75 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:909.34 GB) (Free:273.58 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: (RECOVERY) (Fixed) (Total:20.61 GB) (Free:2.08 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 298DD091) Partition: GPT. ==================== Ende von Addition.txt ============================ |
08.02.2016, 19:43 | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Werbung und Spam im Browser FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {06327FC5-9CA9-40B3-BA61-8FD063D32DA2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {213B4543-ACFE-4E1E-B86A-5B4D0EF1CC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {3C2FDB9B-93B7-4573-80A7-40B70B7B2FCA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {55BC6ED0-C6C5-4886-A443-E5575EF8D7C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {57BE4E8E-7327-4ADE-ACA1-D397FAAE204B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {5C5E9305-5AFF-487A-A174-E6695D056150} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {75A4C308-895E-47B0-A971-05BC28A7F07E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {8ED48568-A31E-4D8C-A326-55495FD4BE26} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {C3B3C36F-FE11-4023-8991-D5C591C8D35D} - System32\Tasks\{3F6F3723-B3C2-467B-984D-E388399B93D6} => pcalua.exe -a "C:\Users\Anton PC\AppData\Roaming\webssearches\UninstallManager.exe" -d "C:\Users\Anton PC\AppData\Roaming\webssearches" <==== ACHTUNG Task: {C484444E-A09A-4838-90C2-7267168A1C01} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {FBF2BBDB-9E39-42BF-9030-1DF695121323} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {FD94A03E-ACA6-4962-899C-33F10623EC27} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
08.02.2016, 20:23 | #15 |
| Werbung und Spam im BrowserCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-01-2016 durchgeführt von Anton PC (2016-02-08 20:17:05) Run:1 Gestartet von C:\Users\Anton PC\Desktop Geladene Profile: Anton PC (Verfügbare Profile: Anton PC) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** Task: {06327FC5-9CA9-40B3-BA61-8FD063D32DA2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {213B4543-ACFE-4E1E-B86A-5B4D0EF1CC72} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {3C2FDB9B-93B7-4573-80A7-40B70B7B2FCA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {55BC6ED0-C6C5-4886-A443-E5575EF8D7C6} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {57BE4E8E-7327-4ADE-ACA1-D397FAAE204B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {5C5E9305-5AFF-487A-A174-E6695D056150} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {75A4C308-895E-47B0-A971-05BC28A7F07E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {8ED48568-A31E-4D8C-A326-55495FD4BE26} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {C3B3C36F-FE11-4023-8991-D5C591C8D35D} - System32\Tasks\{3F6F3723-B3C2-467B-984D-E388399B93D6} => pcalua.exe -a "C:\Users\Anton PC\AppData\Roaming\webssearches\UninstallManager.exe" -d "C:\Users\Anton PC\AppData\Roaming\webssearches" <==== ACHTUNG Task: {C484444E-A09A-4838-90C2-7267168A1C01} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {FBF2BBDB-9E39-42BF-9030-1DF695121323} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {FD94A03E-ACA6-4962-899C-33F10623EC27} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG emptytemp: ***************** "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06327FC5-9CA9-40B3-BA61-8FD063D32DA2}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06327FC5-9CA9-40B3-BA61-8FD063D32DA2}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{213B4543-ACFE-4E1E-B86A-5B4D0EF1CC72}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{213B4543-ACFE-4E1E-B86A-5B4D0EF1CC72}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3C2FDB9B-93B7-4573-80A7-40B70B7B2FCA}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3C2FDB9B-93B7-4573-80A7-40B70B7B2FCA}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{55BC6ED0-C6C5-4886-A443-E5575EF8D7C6}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{55BC6ED0-C6C5-4886-A443-E5575EF8D7C6}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57BE4E8E-7327-4ADE-ACA1-D397FAAE204B}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57BE4E8E-7327-4ADE-ACA1-D397FAAE204B}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C5E9305-5AFF-487A-A174-E6695D056150}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C5E9305-5AFF-487A-A174-E6695D056150}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{75A4C308-895E-47B0-A971-05BC28A7F07E}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{75A4C308-895E-47B0-A971-05BC28A7F07E}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8ED48568-A31E-4D8C-A326-55495FD4BE26}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8ED48568-A31E-4D8C-A326-55495FD4BE26}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3B3C36F-FE11-4023-8991-D5C591C8D35D}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3B3C36F-FE11-4023-8991-D5C591C8D35D}" => Schlüssel erfolgreich entfernt C:\WINDOWS\System32\Tasks\{3F6F3723-B3C2-467B-984D-E388399B93D6} => erfolgreich verschoben "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3F6F3723-B3C2-467B-984D-E388399B93D6}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C484444E-A09A-4838-90C2-7267168A1C01}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C484444E-A09A-4838-90C2-7267168A1C01}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FBF2BBDB-9E39-42BF-9030-1DF695121323}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FBF2BBDB-9E39-42BF-9030-1DF695121323}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FD94A03E-ACA6-4962-899C-33F10623EC27}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FD94A03E-ACA6-4962-899C-33F10623EC27}" => Schlüssel erfolgreich entfernt "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt EmptyTemp: => 503.6 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 20:17:24 ==== |
Themen zu Werbung und Spam im Browser |
anti-malware, antivirus, avg, avg antivirus, bringe, browse, browser, browser adware, browser fenster mit werbung öffnen sich, down, hilfe, konnte, kurzem, laufe, laufen, malwarebytes, malwarebytes anti-malware, natürlich, spam, werbung |