|
Plagegeister aller Art und deren Bekämpfung: Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
25.02.2016, 08:43 | #1 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Hallo, mein Browser leitet mich ab und zu auf falsche, zwielichte Seiten. Außerdem wurde in den Einstellungen des Browsers und eventuell auch in den Windows-Einstellungen etwas geändert. Ich habe dämlicherweise eine Datei aus dem Internet geöffnet, die ich nicht hätte öffnen dürfen Mein Virenschutz (Kaspersky) hat zwar gleich angeschlagen, aber anscheinend zu spät. Ich habe dann über botfrei.de (oder so) das Programm Hitman laufen lassen und massig infizierte Dateien gefunden. Leider ließen sich nicht alle Dateien löschen und beim zweiten Durchgang sogar gar keine mehr. Ich bitte dringend um Hilfe. Was soll ich tun? Danke und mit freundlichen Grüßen erebor |
25.02.2016, 09:17 | #2 |
/// Malwareteam | Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenMein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Wir benötigen für eine sinnvolle Analyse zuerst ein FRST-Log. Schritt # 1: FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt # 2: Bitte Posten
__________________ |
25.02.2016, 09:26 | #3 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016 durchgeführt von Chris (Administrator) auf CHRIS-PC (25-02-2016 09:23:30) Gestartet von C:\Users\Chris\Downloads Geladene Profile: Chris (Verfügbare Profile: Chris & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe (PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (NVIDIA Corporation) C:\Users\Chris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\Siber Systems\GoodSync\GoodSync.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe (GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen). HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-07] (Geek Software GmbH) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [GoodSync] => C:\Program Files\Siber Systems\GoodSync\GoodSync.exe [12974600 2015-11-24] () HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Google Update] => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe" HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [9681832 2016-01-14] (SlySoft, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyServer.lnk [2014-12-01] ShortcutTarget: TwonkyServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) AutoConfigURL: [S-1-5-21-2784361696-2099732649-3132497725-1001] => hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{288d840f-bed8-48df-8c41-5268d704db33}: [DhcpNameServer] 192.168.178.1 ManualProxies: 0hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> DefaultScope {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2014-11-20] (DVDVideoSoft Ltd.) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-11-17] (DVDVideoSoft Ltd.) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default FF NewTab: chrome://quick_start/content/index.html FF DefaultSearchEngine: yoursearching FF Homepage: hxxp://google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @networksurveillance.com/camclictrl -> C:\Program Files (x86)\NetworkSurveillanceNP\npCamCliCtrl.dll [2012-04-10] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Chris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-19] (Citrix Online) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS) FF user.js: detected! => C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\user.js [2016-02-25] FF Extension: HTML5 Addon - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\Extensions\{bbfb7082-113a-40cb-bbce-05b8ed8ed6e3}.xpi [2015-12-19] [ist nicht signiert] FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-07-08] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-02-24] FF HKLM-x32\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\extensions\deskCutv2@gmail.com => nicht gefunden Chrome: ======= CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Magic Actions for YouTube™) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-11] CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13] CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05] CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Kaspersky Protection) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-02-24] CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-19] CHR Extension: (Google Keep - notes and lists) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-02-23] CHR Extension: (Gestures for Google Chrome™) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2014-02-13] CHR Extension: (Smooth Gestures) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-02-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-29] CHR Extension: (Hover Zoom) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2015-10-30] CHR Extension: (Google Chrome to Phone Extension [DEPRECATED]) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2015-12-05] CHR Extension: (Amazon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-19] CHR Extension: (Picasa) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-02-13] CHR Extension: (Click&Clean App) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2016-02-08] CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19] CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19] CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-19] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19] CHR Extension: (Bitdefender Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2015-01-20] CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19] CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19] CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19] CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19] CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19] CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19] CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-19] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19] CHR Extension: (Bitdefender Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2015-01-21] CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19] CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19] CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19] CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Chris\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-19] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-02-24] (Kaspersky Lab ZAO) R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2013-05-31] () [Datei ist nicht signiert] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-14] () R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [887352 2016-01-28] (Bitdefender) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH) R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [881480 2013-04-19] () R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-04-19] (PacketVideo) R2 VirtualComService; C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe [16384 2015-06-27] (AK) [Datei ist nicht signiert] S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 evserial7; C:\Windows\System32\drivers\evserial7.sys [71432 2011-10-31] (ELTIMA Software) R3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-02-24] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2016-02-24] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2016-02-24] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-02-24] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2016-02-24] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe) R3 VSBC7; C:\Windows\System32\drivers\evsbc7.sys [36616 2011-10-31] (ELTIMA Software) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-25 09:23 - 2016-02-25 09:23 - 00038100 _____ C:\Users\Chris\Downloads\FRST.txt 2016-02-25 09:23 - 2016-02-25 09:23 - 00000000 ____D C:\FRST 2016-02-25 09:21 - 2016-02-25 09:23 - 02371072 _____ (Farbar) C:\Users\Chris\Downloads\FRST64.exe 2016-02-25 09:19 - 2016-02-25 09:19 - 1148901522 _____ C:\WINDOWS\MEMORY.DMP 2016-02-25 09:19 - 2016-02-25 09:19 - 00256044 _____ C:\WINDOWS\Minidump\022516-7250-01.dmp 2016-02-25 09:19 - 2016-02-25 09:19 - 00000000 ____D C:\WINDOWS\Minidump 2016-02-25 09:12 - 2016-02-25 09:19 - 00002156 _____ C:\Users\Chris\Desktop\Entfernen des Avira PC Cleaners.lnk 2016-02-25 09:12 - 2016-02-25 09:19 - 00002100 _____ C:\Users\Chris\Desktop\Avira PC Cleaner.lnk 2016-02-25 09:10 - 2016-02-25 09:19 - 00000000 ____D C:\Users\Chris\AppData\Local\FSDART 2016-02-25 09:10 - 2016-02-25 09:12 - 02314488 _____ C:\Users\Chris\Downloads\avira_pc_cleaner_de.exe 2016-02-25 09:10 - 2016-02-25 09:10 - 00000000 ____D C:\Users\Chris\AppData\Local\F-Secure 2016-02-25 09:10 - 2016-02-25 09:10 - 00000000 ____D C:\ProgramData\F-Secure 2016-02-25 09:09 - 2016-02-25 09:10 - 00524248 _____ (F-Secure Corporation) C:\Users\Chris\Downloads\F-SecureOnlineScanner.exe 2016-02-25 09:01 - 2016-02-25 09:01 - 00000000 ___HD C:\OneDriveTemp 2016-02-25 08:23 - 2016-02-25 08:59 - 00001592 _____ C:\WINDOWS\system32\.crusader 2016-02-25 08:16 - 2016-02-25 08:23 - 00000000 ____D C:\ProgramData\HitmanPro 2016-02-25 08:16 - 2016-02-25 08:16 - 11443792 _____ (SurfRight B.V.) C:\Users\Chris\Desktop\hitmanpro_x64.exe 2016-02-25 08:13 - 2016-02-25 08:13 - 00001618 _____ C:\Users\Chris\Desktop\Mozilla Firefox.lnk 2016-02-25 07:58 - 2016-02-25 08:02 - 00000302 _____ C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job 2016-02-25 07:58 - 2016-02-25 08:02 - 00000000 ____D C:\Program Files (x86)\Max Driver Updater 2016-02-25 07:58 - 2016-02-25 07:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\csdimedia 2016-02-25 07:58 - 2016-02-25 07:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Driver Updater 2016-02-24 18:56 - 2016-02-25 09:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-02-24 18:56 - 2016-02-24 19:01 - 00934272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2016-02-24 18:56 - 2016-02-24 19:01 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2016-02-24 18:56 - 2016-02-24 18:57 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2016-02-24 18:56 - 2016-02-24 18:56 - 00002588 _____ C:\Users\Chris\Desktop\Sicherer Zahlungsverkehr.lnk 2016-02-24 18:56 - 2016-02-24 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2016-02-24 18:56 - 2016-02-24 18:56 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2016-02-24 18:56 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2016-02-24 18:53 - 2016-02-24 18:55 - 173986008 _____ (Kaspersky Lab) C:\Users\Chris\Downloads\kis16.0.0.614de-de.exe 2016-02-24 18:51 - 2016-02-24 18:51 - 00235717 _____ C:\ProgramData\1456336221.bdinstall.bin 2016-02-24 17:40 - 2016-02-24 17:40 - 00000000 ____D C:\Users\Chris\AppData\Roaming\LibreOffice 2016-02-24 17:39 - 2016-02-24 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1 2016-02-24 17:39 - 2016-02-24 17:39 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2016-02-24 17:37 - 2016-02-24 17:38 - 221544448 _____ C:\Users\Chris\Downloads\LibreOffice_5.1.0_Win_x86.msi 2016-02-23 18:33 - 2016-02-23 18:34 - 09121063 _____ C:\Users\Chris\Downloads\Partizipation.pdf 2016-02-23 18:33 - 2016-02-23 18:33 - 01823265 _____ C:\Users\Chris\Downloads\Handbuch_Demokratie_14_11.pdf 2016-02-23 18:33 - 2016-02-23 18:33 - 00226841 _____ C:\Users\Chris\Downloads\2006_finale_demokratie_lernen.pdf 2016-02-23 18:31 - 2016-02-23 18:31 - 00168240 _____ C:\Users\Chris\Downloads\ia.pdf 2016-02-23 11:57 - 2016-02-23 11:57 - 02130774 _____ C:\Users\Chris\Downloads\antivirus-test-2016-tabelle.pdf 2016-02-22 19:46 - 2016-02-22 19:46 - 00083159 _____ C:\Users\Chris\Downloads\2011-11-04_PM_Weiss_ehrt-Jubilare.pdf 2016-02-19 19:57 - 2016-02-19 19:57 - 00000000 ____D C:\Users\Chris\Desktop\Tieraufnahmen 2016-02-19 19:44 - 2016-02-19 19:44 - 01309440 _____ C:\Users\Chris\Downloads\BedienungsanleitungJumpian.pdf 2016-02-19 19:39 - 2016-02-19 19:39 - 00000000 ____D C:\Users\Chris\Documents\Mikogo 2016-02-19 19:39 - 2016-02-19 19:39 - 00000000 ____D C:\Users\Chris\AppData\Local\Mikogo 2016-02-19 14:01 - 2016-02-19 14:19 - 00009355 _____ C:\Users\Chris\Desktop\Schülerliste.xlsx 2016-02-19 13:49 - 2016-02-19 13:49 - 00000000 ____D C:\Users\Chris\AppData\Local\Synnotech_AG 2016-02-19 13:49 - 2016-02-19 13:49 - 00000000 ____D C:\Users\Chris\AppData\Local\Synnotech AG 2016-02-19 13:48 - 2016-02-19 13:48 - 00002142 _____ C:\Users\Public\Desktop\Jumpian.lnk 2016-02-19 13:48 - 2016-02-19 13:48 - 00000035 _____ C:\ProgramData\Jumpian.global 2016-02-19 13:48 - 2016-02-19 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jumpian 2016-02-19 13:38 - 2016-02-19 13:38 - 00000000 ____D C:\Users\Chris\AppData\Roaming\SumatraPDF 2016-02-19 13:33 - 2016-02-19 13:33 - 00000098 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2016-02-19 13:32 - 2016-02-19 13:48 - 00000000 ____D C:\Program Files (x86)\Synnotech AG 2016-02-19 13:23 - 2016-02-19 13:23 - 88427288 _____ (Synnotech AG) C:\Users\Chris\Downloads\Jumpian_FullSetup.exe 2016-02-19 12:36 - 2016-02-19 12:36 - 11986608 _____ (AWIN-Software ) C:\Users\Chris\Downloads\Setup_NBox_Test.Exe 2016-02-19 11:42 - 2016-02-19 11:42 - 00347816 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run(1).exe 2016-02-19 10:19 - 2016-02-19 10:19 - 00213883 _____ C:\Users\Chris\Downloads\Richtlinie_VII.pdf 2016-02-19 10:18 - 2016-02-19 10:18 - 00075165 _____ C:\Users\Chris\Downloads\Richtlinie I.pdf 2016-02-19 10:15 - 2016-02-19 10:15 - 00091517 _____ C:\Users\Chris\Downloads\Richtlinie_II NEU ab 0712(1).pdf 2016-02-19 10:13 - 2016-02-19 10:13 - 00091517 _____ C:\Users\Chris\Downloads\Richtlinie_II NEU ab 0712.pdf 2016-02-19 09:58 - 2016-02-19 09:58 - 00014293 _____ C:\Users\Chris\Downloads\Auschreibung_Schulleitungen.pdf 2016-02-18 18:19 - 2016-02-18 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-16 06:50 - 2016-02-16 07:31 - 00000000 ____D C:\Users\Chris\Desktop\Tiny 2016-02-16 06:45 - 2016-02-16 06:45 - 00002007 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk 2016-02-15 20:27 - 2016-02-15 20:27 - 00012298 _____ C:\Users\Chris\Downloads\0901c413ae7dccfa.pdf 2016-02-15 20:25 - 2016-02-15 20:25 - 00012389 _____ C:\Users\Chris\Downloads\0901c413b050b57c.pdf 2016-02-15 20:25 - 2016-02-15 20:25 - 00012209 _____ C:\Users\Chris\Downloads\0901c413b26b93f5.pdf 2016-02-14 20:53 - 2016-02-14 20:53 - 00012307 _____ C:\Users\Chris\Downloads\0901c413b1cf0115(1).pdf 2016-02-14 18:54 - 2016-02-14 18:54 - 00058215 _____ C:\Users\Chris\Downloads\embudu.availabilty-2015.pdf 2016-02-14 18:40 - 2016-02-14 18:40 - 00527683 _____ C:\Users\Chris\Downloads\tui_com-mangrove_bay_resort.pdf 2016-02-12 09:45 - 2016-02-12 09:45 - 03501420 _____ C:\Users\Chris\Downloads\1997 - Heft 1 (38).pdf 2016-02-12 09:44 - 2016-02-12 09:44 - 09459863 _____ C:\Users\Chris\Downloads\Exemplare_Izuhara_neu.pdf 2016-02-12 09:44 - 2016-02-12 09:44 - 06370816 _____ C:\Users\Chris\Downloads\sportm_Diagnostik_LV2_groß.pdf 2016-02-12 09:27 - 2016-02-12 09:27 - 00076888 _____ C:\Users\Chris\Downloads\Wiener Koordinationsparcour.pdf 2016-02-12 09:24 - 2016-02-12 09:24 - 01672046 _____ C:\Users\Chris\Downloads\Video_Bewegungsformen zur Musik.wmv 2016-02-12 09:24 - 2016-02-12 09:24 - 00016727 _____ C:\Users\Chris\Downloads\Beschreibung_Bewegungsformen zur Musik.pdf 2016-02-12 09:22 - 2016-02-12 09:22 - 03165790 _____ C:\Users\Chris\Downloads\LA_Koordinationspacours_Maenner.wmv 2016-02-12 09:16 - 2016-02-12 09:16 - 00129853 _____ C:\Users\Chris\Downloads\motorik_modul.pdf 2016-02-12 09:15 - 2016-02-12 09:15 - 00117260 _____ C:\Users\Chris\Downloads\muenchener_fitness_test.pdf 2016-02-10 18:19 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 18:19 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 18:19 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 18:19 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 18:19 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 18:19 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 18:19 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 18:19 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 18:19 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 18:19 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 18:19 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 18:19 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 18:19 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 18:19 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 18:19 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 18:19 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 18:19 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 18:19 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 18:19 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 18:19 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 18:19 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 18:19 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 18:19 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 18:19 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 18:19 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 18:19 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 18:19 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 18:19 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 18:19 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 18:19 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 18:19 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 18:19 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 18:19 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 18:19 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 18:19 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 18:19 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 18:19 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 18:19 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 18:19 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 18:19 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 18:19 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 18:19 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 18:19 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 18:19 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 18:19 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 18:19 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 18:19 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 18:19 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 18:19 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 18:19 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 18:19 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 18:19 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 18:19 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 18:19 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 18:19 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 18:19 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 18:19 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 18:19 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 21:47 - 2016-02-09 21:47 - 00156356 _____ C:\Users\Chris\Downloads\Naehrmedienuebersicht.pdf 2016-02-09 10:05 - 2016-02-09 10:05 - 02104773 _____ C:\Users\Chris\Downloads\TAPUCATE-ImportExport-Handbuch.pdf 2016-02-09 08:33 - 2016-02-09 08:33 - 00227517 _____ C:\Users\Chris\Downloads\Flyer_Conchotomie.pdf 2016-02-09 07:46 - 2016-02-09 07:46 - 00017057 _____ C:\Users\Chris\Downloads\NDM Halle 2016_neuer Zpl.pdf 2016-02-09 06:42 - 2016-02-09 06:42 - 00513670 _____ C:\Users\Chris\Downloads\Info_AdrliImportThunderb.pdf 2016-02-08 16:32 - 2016-02-08 16:32 - 00000000 ____D C:\ProgramData\proDAD 2016-02-08 11:05 - 2016-02-08 11:05 - 00075462 _____ C:\Users\Chris\Downloads\Kontoauszug_48949100__Nr.0012016_vom_29.01.2016_20160208110535.pdf 2016-02-08 11:05 - 2016-02-08 11:05 - 00063730 _____ C:\Users\Chris\Downloads\Mitteilung_48949100_vom_29.01.2016_20160208110527.pdf 2016-01-28 16:44 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 16:44 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 16:44 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 16:44 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 16:44 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 16:44 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 16:44 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:44 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 16:44 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 16:44 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 16:44 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 16:44 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 16:44 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 16:44 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 16:44 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 16:44 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 16:44 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 16:44 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 16:44 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 16:44 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 16:44 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 16:44 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 16:44 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 16:44 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 16:44 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 16:44 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 16:44 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 16:44 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 16:44 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 16:44 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 16:44 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 16:44 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 16:44 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 16:44 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 16:44 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 16:44 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 16:44 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 16:44 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 16:44 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 16:44 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 16:44 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 16:44 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 16:44 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 16:44 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-27 17:09 - 2016-01-27 17:09 - 00312130 _____ C:\Users\Chris\Downloads\3a8ec949-7937-4fc6-8f6a-8075ad36384c.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-25 09:20 - 2015-12-10 21:49 - 00000000 ___RD C:\Users\Chris\OneDrive 2016-02-25 09:20 - 2015-12-07 20:03 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-25 09:20 - 2014-12-01 18:50 - 00000000 ____D C:\ProgramData\TwonkyServer 2016-02-25 09:20 - 2014-02-14 11:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox 2016-02-25 09:19 - 2015-12-10 22:33 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-02-25 09:19 - 2015-12-10 21:51 - 00000000 ____D C:\Program Files\Bitdefender Agent 2016-02-25 09:19 - 2015-12-10 21:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-25 09:19 - 2015-12-10 21:41 - 00000000 ____D C:\Users\Chris 2016-02-25 09:19 - 2015-12-10 21:40 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-25 09:19 - 2014-05-11 18:32 - 00000000 ____D C:\ProgramData\TEMP 2016-02-25 09:19 - 2014-02-13 18:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\GoodSync 2016-02-25 09:19 - 2014-02-13 17:59 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-25 09:10 - 2014-02-14 10:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-25 09:08 - 2014-02-13 18:20 - 00000000 ____D C:\Users\Chris\AppData\Roaming\QuickScan 2016-02-25 09:06 - 2015-12-10 21:40 - 02089590 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-25 09:06 - 2015-10-30 19:35 - 00889114 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-25 09:06 - 2015-10-30 19:35 - 00197696 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-25 09:06 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-25 09:00 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-25 08:54 - 2014-03-11 08:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job 2016-02-25 08:38 - 2015-12-10 22:33 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-02-25 08:26 - 2014-02-13 17:59 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-25 08:22 - 2015-05-25 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-25 08:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-25 08:02 - 2014-03-05 22:46 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-25 08:02 - 2014-02-13 17:59 - 00002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-25 07:51 - 2014-02-13 18:13 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc 2016-02-25 07:43 - 2014-05-15 06:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss 2016-02-25 06:19 - 2015-12-10 21:59 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A13CF640-DD3C-4431-86D8-A0C3483E4A19} 2016-02-24 20:17 - 2015-12-05 11:20 - 00000000 ____D C:\Users\Chris\Documents\MassFaces 2016-02-24 19:01 - 2015-06-26 23:58 - 00087944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2016-02-24 19:01 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys 2016-02-24 18:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-02-24 18:56 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-24 18:56 - 2015-04-11 10:42 - 00000000 ____D C:\Users\Administrator 2016-02-24 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated 2016-02-24 18:52 - 2015-12-10 21:59 - 00000000 ____D C:\Program Files\Bitdefender 2016-02-24 18:52 - 2015-12-10 21:39 - 00526824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-02-24 18:51 - 2014-02-13 18:20 - 00000000 ____D C:\ProgramData\Bitdefender 2016-02-24 18:50 - 2014-02-13 18:28 - 00762291 _____ C:\bdlog.txt 2016-02-24 06:32 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-24 06:28 - 2014-02-14 18:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-02-23 18:46 - 2015-12-10 21:47 - 00000000 ____D C:\Users\Chris\AppData\Local\Packages 2016-02-23 18:38 - 2014-02-16 17:08 - 00007641 _____ C:\Users\Chris\AppData\Local\Resmon.ResmonCfg 2016-02-23 18:34 - 2015-12-17 18:18 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-23 13:45 - 2014-02-13 18:19 - 00000336 _____ C:\WINDOWS\BRCALIB.INI 2016-02-23 09:54 - 2014-03-11 08:06 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job 2016-02-23 06:57 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-23 06:56 - 2014-02-13 18:22 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-02-22 12:13 - 2016-01-18 20:16 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-02-19 14:05 - 2014-02-13 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-19 13:38 - 2015-05-22 08:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Apple Computer 2016-02-19 13:38 - 2015-05-22 08:58 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple Computer 2016-02-19 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-19 11:35 - 2014-02-23 20:25 - 00000000 ____D C:\Users\Chris\AppData\Local\ElevatedDiagnostics 2016-02-18 18:20 - 2015-12-10 22:33 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-02-17 19:28 - 2016-01-12 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-02-17 18:30 - 2015-11-02 06:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-16 06:45 - 2014-07-09 22:33 - 00002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop.lnk 2016-02-16 06:45 - 2014-07-09 22:33 - 00000000 ____D C:\Program Files (x86)\Prezi 2016-02-15 18:49 - 2015-07-23 18:28 - 00000000 ____D C:\Users\Chris\AppData\Local\Windows Live 2016-02-14 20:08 - 2015-09-29 17:36 - 00001444 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2016-02-14 20:08 - 2014-03-04 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-02-14 20:08 - 2014-03-04 13:03 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DVDVideoSoft 2016-02-14 20:08 - 2014-03-04 13:03 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-02-14 09:03 - 2015-06-15 21:11 - 00004608 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-12 09:12 - 2015-08-29 06:42 - 00000013 _____ C:\Users\Chris\Desktop\HEYcontrol.ini 2016-02-11 07:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 06:54 - 2015-12-10 21:47 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 22:24 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 20:34 - 2013-08-22 09:06 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 20:31 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-10 20:31 - 2013-04-22 15:17 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-09 21:37 - 2014-02-24 17:46 - 00000000 ____D C:\ProgramData\Oracle 2016-02-09 21:36 - 2015-11-05 08:53 - 00000000 ____D C:\Users\Chris\.oracle_jre_usage 2016-02-09 21:36 - 2014-10-21 20:12 - 00000000 ____D C:\Program Files (x86)\Java 2016-02-09 21:36 - 2014-04-22 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2016-02-09 21:36 - 2014-04-17 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-02-09 21:35 - 2014-10-21 20:12 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-02-08 10:21 - 2014-02-13 17:59 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-08 10:21 - 2014-02-13 17:59 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-08 09:49 - 2014-03-11 08:06 - 00004256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA 2016-02-08 09:49 - 2014-03-11 08:06 - 00003880 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core 2016-02-08 09:42 - 2015-12-10 21:49 - 00002437 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-06-15 21:11 - 2016-02-14 09:03 - 0004608 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-22 08:56 - 2015-04-22 08:56 - 0000835 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel 2014-02-16 17:08 - 2016-02-23 18:38 - 0007641 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg 2014-03-03 12:53 - 2014-03-03 12:53 - 0000011 _____ () C:\ProgramData\.tv7 2014-02-14 18:12 - 2016-01-24 08:12 - 0000040 ___SH () C:\ProgramData\.zreglib 2016-02-24 18:51 - 2016-02-24 18:51 - 0235717 _____ () C:\ProgramData\1456336221.bdinstall.bin 2014-04-29 07:42 - 2014-04-29 07:43 - 0009868 _____ () C:\ProgramData\DVRClient.log 2014-04-29 07:43 - 2014-04-29 08:02 - 0160512 _____ () C:\ProgramData\DVRServerMediaDevices.log 2014-04-29 07:43 - 2014-04-29 07:44 - 0001088 _____ () C:\ProgramData\DVRServerNetworkCameras.log 2014-04-29 07:41 - 2014-04-29 07:41 - 0000832 _____ () C:\ProgramData\DVRServerTools.log 2016-02-19 13:48 - 2016-02-19 13:48 - 0000035 _____ () C:\ProgramData\Jumpian.global 2016-02-19 13:33 - 2016-02-19 13:33 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuuxx4v.dll C:\Users\Chris\AppData\Local\Temp\hhkH0w8LQ9.exe C:\Users\Chris\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Chris\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Chris\AppData\Local\Temp\mPHzCtKWdd.exe C:\Users\Chris\AppData\Local\Temp\Qfve1VVsPc.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-22 12:11 ==================== Ende von FRST.txt ============================ |
25.02.2016, 09:27 | #4 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016 durchgeführt von Chris (2016-02-25 09:23:52) Gestartet von C:\Users\Chris\Downloads Windows 10 Pro Version 1511 (X64) (2015-12-10 20:47:48) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2784361696-2099732649-3132497725-500 - Administrator - Disabled) Chris (S-1-5-21-2784361696-2099732649-3132497725-1001 - Administrator - Enabled) => C:\Users\Chris DefaultAccount (S-1-5-21-2784361696-2099732649-3132497725-503 - Limited - Disabled) Gast (S-1-5-21-2784361696-2099732649-3132497725-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2784361696-2099732649-3132497725-1004 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Enabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B} AS: Kaspersky Internet Security (Enabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Enabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH) ActivInspire Core Resources (DEU) v1 (HKLM-x32\...\{06C9F624-9F53-4C89-9720-1601A295769A}) (Version: 1.6.3 - Promethean) ActivInspire Help (DEU) v1 (HKLM-x32\...\{B18A62F5-296F-4BC4-B8DD-A9FB16EE9106}) (Version: 1.6.3 - Promethean) ActivInspire HWR Resources (DEU) v1 (HKLM-x32\...\{CB2158F5-B05D-41BF-B8F8-05A85695BA4E}) (Version: 1.7.1 - Promethean) ActivInspire v2 (HKLM-x32\...\{84007E42-A06F-4FFE-90D2-85F82CB48615}) (Version: 2.4.66096 - Promethean) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) AK-VirtualCom (HKLM-x32\...\{55D9A696-A3F5-48D8-82A5-F509BBD28189}) (Version: 2.0.0 - AK-NORD) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.8.0 - SlySoft) Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber) Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.51.0007 - Brother) Brother MFL-Pro Suite DCP-9055CDN (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.) Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward) CamCliCtrl (HKLM-x32\...\{1C38E027-8447-4344-9B8C-A831C628BF63}) (Version: 1.0.6510 - NetworkSurveillanceNP) Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden EZ CD Audio Converter Free (64-bit) (HKLM-x32\...\EZ CD Audio Converter Free (64-bit)) (Version: 1.6.1 - Poikosoft) Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com) Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.) Free Video Editor version 1.4.12.713 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.12.713 - DVDVideoSoft Ltd.) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.7.1117 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.) Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.35.5 - Siber Systems) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Photos Backup (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.) Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod) honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle) Jumpian (HKLM-x32\...\{f2115522-a897-429e-af45-6bdbc85a38e3}) (Version: 1.7.0.7 - Synnotech AG) Jumpian (x32 Version: 1.7.0.7 - Synnotech AG) Hidden Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation) Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech) Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B7802BC1-5F76-48D2-A622-98195BD50B87}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden MakeMKV v1.9.1 (HKLM-x32\...\MakeMKV) (Version: v1.9.1 - GuinpinSoft inc) MassFaces 4.2.5.141 (HKLM-x32\...\{D7B24A43-A287-41AC-9957-F616A2B25A9D}_is1) (Version: 4.2.5.141 - Havy Alegria) MediaCoder x64 0.8.41.5815 (HKLM\...\MediaCoder x64) (Version: 0.8.41.5815 - Mediatronic) Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus) Morgan Multimedia Motion JPEG Codec 3.0.0.9 (HKLM-x32\...\Morgan Multimedia Motion JPEG Codec_is1) (Version: 3.0.0.9 - Morgan Multimedia) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom) NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue) NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OEKOWI 5.207.ch (HKLM-x32\...\{0506FA2D-F846-4536-930B-0FC372BDE853}) (Version: 5.207.0 - Ernst Schmidheiny Stiftung) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) PDF24 Creator 7.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Poczta usługi Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname) proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH) proDAD ProDRENALIN 1.0 (64bit) (HKLM\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.74.1 - proDAD GmbH) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform) S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version: - GSC Game World) S3 Browser version 4.9.3 (HKLM\...\S3 Browser_is1) (Version: 4.9.3.0 - NetSDK Software, LLC) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) SecurView Pro 2.1.1 (HKLM-x32\...\DVRServer.Application_is1) (Version: 2.1.1 - TRENDnet) SecurView Pro Codecs 2.1.1 (HKLM-x32\...\DVRCodecs_is1) (Version: 2.1.1 - TRENDnet) Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.) SetupWizard (HKLM-x32\...\{CE7BDBA3-B8F4-4B2A-8FB7-7C439D6E6077}) (Version: 1.0.2904 - TRENDnet) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version: - ) SteuerBerater für Lehrer 2013-2014 (HKLM-x32\...\{E84E9818-988D-44E1-A996-FC05F83A64DC}) (Version: 1.00.9 - Akademische Arbeitsgemeinschaft) SteuerBerater für Lehrer 2014-2015 (HKLM-x32\...\{425E7795-9051-4EA3-8E85-32B9B6725247}) (Version: 15.03.0 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung Lehrer 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.12.92 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung Lehrer 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.36.164 - Akademische Arbeitsgemeinschaft) Supreme Commander (HKLM-x32\...\Steam App 9350) (Version: - Gas Powered Games) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer) Thecus Setup Wizard 2.0.4 (HKLM-x32\...\Thecus Setup Wizard) (Version: 2.0.4 - Thecus, Inc.) Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.1.0 - PacketVideo) TwonkyManager (HKLM-x32\...\TwonkyManager) (Version: 3.1.0 (55) - PacketVideo) Unity Web Player (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft) VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden VIDEO DVR (HKLM-x32\...\{EBD0EE76-2CFC-4EE5-AFE6-7EEAA3B14332}) (Version: 2012.04.17 - -) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VS 2008 CRT Package (HKLM-x32\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F28B7EB-9468-D082-BD27-59EE85889A47} => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5EC3F743-9468-D082-1567-B2AF85889A47} => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0EAD5BD0-E399-4CCD-BB00-1E445ACA3EB5} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe Task: {19E7C7E6-A1B2-4ABE-8B1E-1663E98F7B1C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation) Task: {1DE28569-37E2-4800-84F5-96965BAC7DB8} - \MAXDriverUpdaterRunAtStartup -> Keine Datei <==== ACHTUNG Task: {20FA996A-5F21-400B-B4FF-1F4FC4C56C21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {238E5C74-8143-4713-8CF6-7772CD04C222} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {25C348BF-A43B-4553-8FC1-35F927733361} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2CB7A611-6648-4E15-A5B1-1BFF9E77BD68} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {2F6536DD-1D7F-4F6A-B48C-A8F0F88A4684} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {30322D93-AA36-4B24-9259-6A23DDC8D63A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {31A00C32-9B1A-4666-9CDD-6CD18BC6A83C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {329C6455-D140-4176-A2B1-060296753F8F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {360550D1-9545-418D-A2A3-C1FDFFEC60AD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {39ABCDCC-5CBB-4B1D-9DAB-4119DDD32EF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {3EBC1F2E-8B52-4D38-A8D8-DDBFED624D4B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-01-15] (Bitdefender) Task: {45FD276B-29B2-4629-AE1D-125AEFE5F34D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {4BEE47F8-7A7C-47B5-A100-0ED768743CD5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {5575FF3E-165E-4332-8F79-EEEA7E62AC78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {5669705E-F6B3-41F2-BDB9-AF18D8C8AAC2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {63CCAACF-A9EF-4E21-A61E-4ECE6CBF8205} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {698D1C76-15E2-430D-9655-862A90D959F5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.) Task: {7A8549FA-93F6-4A9E-96CB-8D5CE1BA2B6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {7A895C41-84C7-4084-8D93-3C27E59837F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {84074052-5CF3-4A8E-89D4-503E78C7BC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {8B2B927B-1071-4CBF-A15A-82EB8D2F74DB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {8C701934-5C35-4180-8B41-810A2E6827F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {8C898A53-3106-490A-99BB-11CE5AC6B833} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9CB717A9-CD2F-4415-8583-10C9A069D7FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {A7FAE584-D2D4-4FEC-9884-03038D2A659D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {AC609413-3C03-487C-B28C-5A6554C40270} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {AD320376-9B1E-414E-AB61-E7F4E962DB26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {B04F8EB6-D7E1-4225-AFC4-FC7CD348D5B2} - System32\Tasks\{87744C1F-53F1-4916-8388-6B9518B6203F} => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe [2015-12-07] (Gas Powered Games) Task: {B286AAE8-1334-4432-87B2-FF2AB48700D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {B5220E85-934A-4E3A-90B8-E2F31DE82BC8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B6BFB1CC-939E-433D-B3DC-E6EA92F28013} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {BE28265D-C88D-4A1F-9DA7-53C7F25EADAC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {BF3A86BD-4EFD-48E9-8A79-9A927A1E894F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {C115C74A-62B6-4CF1-BA02-554ADF3C33FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {C23352CC-33FD-4E06-A385-234D2931D254} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C733F89E-2B0B-4C67-B9F1-2338E0DE4D1A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {CB38AA2D-C7E0-4333-BDE8-3C294320D158} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {CDA1BD3F-BDA2-489A-8FE4-66978652720A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated) Task: {CE34CAFC-0242-4A50-BCB0-2321EC97CB51} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {D453B5F2-CC20-40E3-B177-5813F73B06BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DB32C87C-E23D-43AE-9B54-EFD661BFB883} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {DC724AC5-4861-45BB-9F73-4E05E2B09D13} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {EC9BAC6B-06F8-4B47-8D89-B9C7BF640AA1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {F424049C-22F0-44BE-B66C-B643B85C180B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {FA0E5FEA-AC87-43A2-8D0F-981E865B0A3B} - \MAXDriverUpdater_UPDATES -> Keine Datei <==== ACHTUNG Task: {FCF26027-4B4F-4DF2-8048-CAEC3ABDB226} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.) Task: {FD5BFC95-5B38-42C2-ACF7-F0ECF9E3B8E2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {FDF99E09-FC95-4738-9CD4-D12822C80E56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\MAXDriverUpdater_UPDATES.job => C:\Program Files (x86)\Max Driver Updater\maxdu.exe <==== ACHTUNG ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ShortcutWithArgument: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1456383404&a=1003679&src=sh&uuid=6b1de4dc-ca89-446a-8a5a-9e6421d3fb4c" ShortcutWithArgument: C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://esurf.biz/?ssid=1456383404&a=1003679&src=sh&uuid=6b1de4dc-ca89-446a-8a5a-9e6421d3fb4c" ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-10 21:40 - 2015-08-07 01:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe 2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-03 17:47 - 2013-05-31 15:02 - 00099328 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe 2014-03-19 11:36 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-02-14 12:29 - 2014-02-14 12:29 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2014-02-13 18:18 - 2010-03-16 00:18 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll 2013-04-19 09:35 - 2013-04-19 09:35 - 00881480 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe 2015-12-10 21:37 - 2015-12-10 21:37 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-10 21:37 - 2015-12-10 21:37 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-13 06:35 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-28 16:44 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-22 09:25 - 2016-01-22 09:25 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-18 07:02 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 07:02 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 06:35 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 06:35 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-01-28 16:44 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-24 19:21 - 2015-11-24 19:21 - 12974600 _____ () C:\Program Files\Siber Systems\GoodSync\GoodSync.exe 2014-09-30 01:51 - 2014-09-30 01:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe 2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-06-27 13:05 - 2015-06-27 13:05 - 00028672 _____ () C:\Program Files (x86)\AK-NORD\AK-VirtualCom\AxInterop.VSPortLib.dll 2016-01-22 09:25 - 2016-01-22 09:25 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 09:25 - 2016-01-22 09:25 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-04-05 07:04 - 2015-07-24 05:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-12-07 20:04 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-12-07 20:04 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-12-07 20:04 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-12-07 20:04 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-12-07 20:04 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-12-07 20:04 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-12-07 20:04 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2014-02-13 18:18 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-02-14 08:40 - 2015-07-07 12:07 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2014-02-14 08:40 - 2015-07-07 12:07 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll 2015-12-10 22:33 - 2016-01-12 19:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-02-18 18:19 - 2016-01-12 19:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2015-12-10 22:33 - 2016-01-12 19:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2015-12-10 22:33 - 2016-02-16 19:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2015-12-10 22:33 - 2016-01-12 19:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-02-18 18:19 - 2016-01-12 19:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-02-18 18:19 - 2016-02-16 19:39 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-02-18 18:19 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2015-12-10 22:33 - 2016-02-16 19:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-02-18 18:19 - 2016-01-12 19:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2015-12-10 22:33 - 2016-02-16 19:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2015-12-10 22:33 - 2016-01-12 19:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-02-18 18:19 - 2016-01-12 19:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2016-02-18 18:19 - 2016-01-12 19:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2015-12-10 22:33 - 2016-02-16 19:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-12-10 22:33 - 2016-01-12 19:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-12-07 20:04 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2016-02-23 06:54 - 2016-02-23 06:54 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2016-02-23 06:54 - 2016-02-23 06:54 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2015-10-02 23:15 - 2015-10-02 23:15 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll 2014-02-11 13:33 - 2013-08-08 21:27 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 AlternateDataStreams: C:\ProgramData\TEMP:B3ED3AFF AlternateDataStreams: C:\Users\Chris\Downloads\344.11-desktop-win8-win7-winvista-64bit-international-whql.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\344.48-desktop-win8-win7-winvista-64bit-international-whql.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.3.65940_AppOnly_setup(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.3.65940_AppOnly_setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.4.66096_AppOnly_setup(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.4.66096_AppOnly_setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\audacity-win-2.1.0.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\CG.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\DropboxInstaller.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor(2).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor(3).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeYouTube400Download.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeYouTubeDownload.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\GoodSync-Setup-cnetg.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\GoogleEarthProSetup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\GoProStudioPC-2.5.7.549.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Holo Backup Simple ADB Backup - CHIP-Installer.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\InstallMyDriveConnect.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Install_Prezi_5.2.5.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\iTunes6464Setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Jumpian_FullSetup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\jxpiinstall(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\jxpiinstall.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Lame_v3.99.3_for_Windows.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\mbam-setup-2.1.4.1018.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MediaCoder-x64-0.8.33.5680.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MediaCoder-x64-0.8.41.5815.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\mkvtoolnix-amd64-7.4.0-setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\NetDrive2_Setup_2_6_1_689.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\PDF Unlocker - CHIP-Installer.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\PDFCrack - CHIP-Installer.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\prodrenalin-10-full64bit.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\QuickTimeInstaller.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\rcsetup150.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\s3browser-4-9-3.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\setpoint520_g9_x64.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetPoint6.65.62_64.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetPoint6.65.62_smart(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetPoint6.65.62_smart.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetupAnyDVD7550.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetupAnyDVD7680.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Setup_MakeMKV_v1.9.0.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Setup_MakeMKV_v1.9.1.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Setup_NBox_Test.Exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\siw13-setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SketchUpPro-de-x64.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Smart_Switch_PC.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SSELehrer_20.30.147.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SteamSetup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\TeamViewer_Setup_de.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\trial_videodeluxe2016premium_dlm_ecom.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\TwonkyManagerStandardSetup-3.1.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\unifying250.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\xnsw.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2016-02-24 17:50 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: ActivControl => 2 MSCONFIG\Services: TwonkyProxy => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TwonkyServer.lnk => C:\Windows\pss\TwonkyServer.lnk.CommonStartup MSCONFIG\startupreg: ActivManager => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Chris\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{F81DA445-0A20-45FC-8F3C-0BE02B3ABB18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{AA5D992F-3889-4A48-8DDF-CA0DE60CC912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{C0D3BBA8-B508-4046-93FC-12BC0A6E4D53}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{F88D6433-5C95-4D37-8DF5-77EA668E2A9C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{7AEA68DA-2252-4F5E-8076-85ACB5294B55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C52578EF-8E5A-49DD-A039-283EECBF1FFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{0CECECD2-71C4-4451-BC77-D2836A59BD42}] => (Allow) LPort=3 FirewallRules: [{48A42C0B-F223-4F10-87C2-BD01209CAA94}] => (Allow) C FirewallRules: [{7F9BE81A-6024-4F95-8E48-E4FA08FBE27B}] => (Allow) C FirewallRules: [{5DBEDD95-C0C2-4640-8881-741671098026}] => (Allow) C FirewallRules: [{D9D56B75-C224-4BC6-9642-EB7198060D6F}] => (Allow) C FirewallRules: [{7F62A092-BC12-476B-BBB6-53461CA4713E}] => (Allow) C FirewallRules: [{DE17DC0E-A3AA-441E-9F05-4DDF2B61FC21}] => (Allow) C FirewallRules: [{22FCAA54-1523-4716-ABA3-A5757DBD1970}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe FirewallRules: [{CF2550B5-9690-47B3-B7A0-D5D129592503}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe FirewallRules: [{8BE80EDF-C82F-410F-9AAD-8E57ED859838}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe FirewallRules: [{015E2CDC-5BF3-49E8-B5A9-B80CD29EB81E}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe FirewallRules: [{A5300B72-AFC8-4C82-B5B3-82E2B938EBCE}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe FirewallRules: [{D7323C18-B3A5-4582-8558-2831CEEF8196}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe FirewallRules: [{F1E198F8-9D99-40C4-B5F2-8A693638A34C}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe FirewallRules: [{F17B068A-E39B-4D40-955E-B66E03274DAF}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe FirewallRules: [{2860BF5E-FC21-474B-89DA-7BE82102FB3E}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe FirewallRules: [{1174B74E-E4A8-4423-9C28-D3D549F1E163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BF82E3FB-2C9B-4A40-ABEF-F1AD88DD71DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CD37C495-C1DC-4D80-9E4C-AA56F000B587}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F7F0D25F-DE63-425E-B6D0-0FAC77CF8183}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C03A4D85-B5B6-4163-AAED-D92B72DAD52E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E309845C-1B36-4FD1-B1A0-20FEF36F86C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5F334ECD-8481-48B6-86DC-97EFB2CDD91E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5BB0E675-6DA9-419D-8F3D-1D349BF29D7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FAE3138D-FEA0-4535-AB7D-EA6E46B82A05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C28CBE78-434B-4189-8B8C-3446BB415BC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{87CB2900-DCC7-4B1E-91B7-9EAA3FA21D33}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{ECFEE597-159C-406E-A5F2-491E6FA38062}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AF1CB072-0379-4918-92ED-E8F9A9CCA6B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{FD3BBE53-7E80-439B-9F0D-6A94D20C60F1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{9128E7DA-F5DD-42D6-9CFB-257FC672AC62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{75F81465-0498-4BAD-A5DC-6D856F7404B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{6DA4CDF8-8CF9-46AC-9AC2-B725022CD225}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{1315387C-50E7-4F21-9A52-B95FDD2963A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe FirewallRules: [{651E8259-6B09-49D0-A75C-788A0CE02416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe FirewallRules: [{84E7850B-7399-4C46-9D4C-8A3856342BCC}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{316C7C74-FCED-483D-91B4-523C1AC33CF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{4314ECF5-ADD9-40E3-B71E-6BAC1C41EBF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{18CD0A41-B660-4A3F-BFFB-D3BA6B20F5B6}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe FirewallRules: [{02D0A772-2760-4566-8C95-120E142967AC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{918AF8DD-F501-4C4D-A2CB-00C7A8EF3221}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{95B32B05-27AF-4608-B17C-7841E05D66BC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{2E01AE2E-D438-4BB4-9F31-4570CD54B670}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0D825679-4D21-45C9-8332-63AB48E275FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CEEBA497-C853-4894-9F51-DCEEC0FED989}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{08E59C8B-6D4C-4A8F-A9C3-0D53E4D644A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DA82BCE4-5D3E-4960-AACD-946C896DE138}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{841E2F4F-6E7D-4C21-AEAC-14EA4350E943}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe ==================== Wiederherstellungspunkte ========================= 08-02-2016 11:39:00 Geplanter Prüfpunkt 18-02-2016 16:09:04 Geplanter Prüfpunkt 23-02-2016 18:34:41 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 25-02-2016 08:22:18 Prüfpunkt von HitmanPro ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/25/2016 08:22:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (02/25/2016 08:22:18 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {a1500588-7b9a-4897-8ec8-a242ea1b2a39} Error: (02/25/2016 08:02:48 AM) (Source: ESENT) (EventID: 454) (User: ) Description: svchost (1540) SRUJet: Unerwarteter Fehler "-1216" bei der Datenbankwiederherstellung. Error: (02/25/2016 08:02:48 AM) (Source: ESENT) (EventID: 494) (User: ) Description: svchost (1540) SRUJet: Fehler -1216 bei der Datenbankwiederherstellung, da Verweise auf die Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung. Error: (02/25/2016 08:02:18 AM) (Source: ESENT) (EventID: 530) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Fehler bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 258048 (0x000000000003f000) (Datenbankseite 62 (0x3E)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite durch eine Inkonsistenz des Zeitstempels für verlorene Leerungserkennung. Der Lesevorgang wird mit dem Fehler "-1119 (0xfffffba1)" beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank mithilfe einer früheren Sicherung wieder her. Dieses Problem wird wahrscheinlich durch fehlerhafte Hardware verursacht. Wenden Sie sich an den Hardwarehersteller, um Hilfe bei der Problemdiagnose zu erhalten. Error: (02/25/2016 08:02:18 AM) (Source: ESENT) (EventID: 476) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 258048 (0x000000000003f000) (Datenbankseite 62 (0x3E)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite ist ein Fehler aufgetreten, weil sie keine Seitendaten enthält. Fehler -1019 (0xfffffc05) bei Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (02/25/2016 08:00:57 AM) (Source: ESENT) (EventID: 530) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Fehler bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 434176 (0x000000000006a000) (Datenbankseite 105 (0x69)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite durch eine Inkonsistenz des Zeitstempels für verlorene Leerungserkennung. Der Lesevorgang wird mit dem Fehler "-1119 (0xfffffba1)" beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank mithilfe einer früheren Sicherung wieder her. Dieses Problem wird wahrscheinlich durch fehlerhafte Hardware verursacht. Wenden Sie sich an den Hardwarehersteller, um Hilfe bei der Problemdiagnose zu erhalten. Error: (02/25/2016 08:00:57 AM) (Source: ESENT) (EventID: 476) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 434176 (0x000000000006a000) (Datenbankseite 105 (0x69)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite ist ein Fehler aufgetreten, weil sie keine Seitendaten enthält. Fehler -1019 (0xfffffc05) bei Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Error: (02/25/2016 08:00:57 AM) (Source: ESENT) (EventID: 530) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Fehler bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 684032 (0x00000000000a7000) (Datenbankseite 166 (0xA6)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite durch eine Inkonsistenz des Zeitstempels für verlorene Leerungserkennung. Der Lesevorgang wird mit dem Fehler "-1119 (0xfffffba1)" beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank mithilfe einer früheren Sicherung wieder her. Dieses Problem wird wahrscheinlich durch fehlerhafte Hardware verursacht. Wenden Sie sich an den Hardwarehersteller, um Hilfe bei der Problemdiagnose zu erhalten. Error: (02/25/2016 08:00:57 AM) (Source: ESENT) (EventID: 476) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 684032 (0x00000000000a7000) (Datenbankseite 166 (0xA6)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite ist ein Fehler aufgetreten, weil sie keine Seitendaten enthält. Fehler -1019 (0xfffffc05) bei Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Datenbank aus einer vorherigen Sicherung wieder her. Dieses Problem ist vermutlich durch fehlerhafte Hardware bedingt. Wenden Sie sich für weitere Unterstützung bei der Diagnose des Problems an Ihren Hardwarehersteller. Systemfehler: ============= Error: (02/25/2016 09:19:31 AM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x00000101 (0x0000000000000018, 0x0000000000000000, 0xffffd0005905f180, 0x0000000000000007)C:\WINDOWS\MEMORY.DMPa47c0049-fe5a-4aeb-9546-8b8fe097b9d4 Error: (02/25/2016 09:19:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (02/25/2016 09:19:29 AM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 25.02.2016 um 09:00:34 unerwartet heruntergefahren. Error: (02/25/2016 09:16:42 AM) (Source: NTFS) (EventID: 137) (User: ) Description: Auf dem Volume "Z:" konnte der Transaktionsressourcen-Manager aufgrund eines nicht wiederholbaren Fehlers nicht gestartet werden. Der Fehlercode ist in den Daten enthalten. Error: (02/25/2016 09:00:37 AM) (Source: Service Control Manager) (EventID: 7024) (User: ) Description: Der Dienst "HitmanPro 3.7 Crusader (Boot)" wurde mit dem folgenden dienstspezifischen Fehler beendet: %%0 Error: (02/25/2016 09:00:35 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (02/25/2016 08:59:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_56334" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 08:59:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _56334" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 08:59:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_56334" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 08:59:54 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_56334" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-02-11 07:46:12.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.624 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.601 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.564 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.553 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.541 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:11.942 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:11.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:42:22.981 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:42:22.962 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Xeon(R) CPU E3-1240 v3 @ 3.40GHz Prozentuale Nutzung des RAM: 18% Installierter physikalischer RAM: 16324.79 MB Verfügbarer physikalischer RAM: 13289.41 MB Summe virtueller Speicher: 32708.79 MB Verfügbarer virtueller Speicher: 29302.14 MB ==================== Laufwerke ================================ Drive c: (Win7Prox64) (Fixed) (Total:223.13 GB) (Free:57 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:161.08 GB) NTFS Drive g: (Work) (Fixed) (Total:238.47 GB) (Free:16.47 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 96F600A9) Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 54ED8154) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 341E10E5) Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
25.02.2016, 09:32 | #5 |
/// Malwareteam | Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Hi, Schritt # 1: AdwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt # 2: FRST Bitte noch ein frisches FRST-Log. Schritt # 3: Bitte Posten
|
25.02.2016, 09:54 | #6 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenCode:
ATTFilter # AdwCleaner v5.036 - Bericht erstellt am 25/02/2016 um 09:51:17 # Aktualisiert am 22/02/2016 von Xplode # Datenbank : 2016-02-24.1 [Server] # Betriebssystem : Windows 10 Pro (x64) # Benutzername : Chris - CHRIS-PC # Gestartet von : C:\Users\Chris\Desktop\AdwCleaner_5.036.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Max Driver Updater [-] Ordner Gelöscht : C:\Program Files (x86)\myfree codec [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Driver Updater [-] Ordner Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [-] Ordner Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [-] Ordner Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [-] Ordner Gelöscht : C:\Users\Chris\AppData\Local\Temp\MAXDriverUpdater [-] Ordner Gelöscht : C:\Users\Chris\AppData\Roaming\csdimedia [-] Ordner Gelöscht : C:\Users\Chris\AppData\Roaming\Security Systems [-] Ordner Gelöscht : C:\Users\Chris\AppData\Roaming\Windows Open Service ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oadboiipflhobonjjffjbfekfjcgkhco_0.localstorage [-] Datei Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oadboiipflhobonjjffjbfekfjcgkhco_0.localstorage-journal [-] Datei Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage [-] Datei Gelöscht : C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_nonjdcjchghhkdoolnlbekcfllmednbl_0.localstorage-journal [-] Datei Gelöscht : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\extensions\{bbfb7082-113a-40cb-bbce-05b8ed8ed6e3}.xpi [-] Datei Gelöscht : C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\user.js ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** [-] Verknüpfung Desinfiziert : C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk [-] Verknüpfung Desinfiziert : C:\Users\Chris\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ***** [ Aufgabenplanung ] ***** [-] Geplante Aufgabe Gelöscht : MAXDriverUpdater_UPDATES [-] Geplante Aufgabe Gelöscht : MAXDriverUpdaterRunAtStartup ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends [-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [deskCutv2@gmail.com] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Appscion [-] Schlüssel Gelöscht : HKCU\Software\csdimedia [!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKLM\SOFTWARE\csdimedia ***** [ Internetbrowser ] ***** [-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\prefs.js] [Preference] Gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); [-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "yoursearching"); [-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false); [-] [C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); [-] [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : facebook-video.softonic.de [-] [C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : veoh.com ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [5298 Bytes] - [25/02/2016 09:51:17] C:\AdwCleaner\AdwCleaner[S1].txt - [355 Bytes] - [25/02/2016 09:34:46] C:\AdwCleaner\AdwCleaner[S2].txt - [355 Bytes] - [25/02/2016 09:37:32] C:\AdwCleaner\AdwCleaner[S3].txt - [355 Bytes] - [25/02/2016 09:38:49] C:\AdwCleaner\AdwCleaner[S4].txt - [355 Bytes] - [25/02/2016 09:40:36] C:\AdwCleaner\AdwCleaner[S5].txt - [355 Bytes] - [25/02/2016 09:43:33] C:\AdwCleaner\AdwCleaner[S6].txt - [5626 Bytes] - [25/02/2016 09:47:58] ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [5804 Bytes] ########## Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016 durchgeführt von Chris (Administrator) auf CHRIS-PC (25-02-2016 09:53:14) Gestartet von C:\Users\Chris\Desktop Geladene Profile: Chris (Verfügbare Profile: Chris & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe (PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.0_none_95e4f9a171a1ad95\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Users\Chris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\Siber Systems\GoodSync\GoodSync.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe (GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen). HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-07] (Geek Software GmbH) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [GoodSync] => C:\Program Files\Siber Systems\GoodSync\GoodSync.exe [12974600 2015-11-24] () HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Google Update] => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe" HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [9681832 2016-01-14] (SlySoft, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyServer.lnk [2014-12-01] ShortcutTarget: TwonkyServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) AutoConfigURL: [S-1-5-21-2784361696-2099732649-3132497725-1001] => hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{288d840f-bed8-48df-8c41-5268d704db33}: [DhcpNameServer] 192.168.178.1 ManualProxies: 0hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> DefaultScope {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default FF Homepage: hxxp://google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @networksurveillance.com/camclictrl -> C:\Program Files (x86)\NetworkSurveillanceNP\npCamCliCtrl.dll [2012-04-10] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Chris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-19] (Citrix Online) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS) FF Extension: Adblock Plus - C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\pc9zsj1q.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-02-24] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-07-08] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-02-24] Chrome: ======= CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Magic Actions for YouTube™) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2016-02-11] CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-13] CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-05] CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30] CHR Extension: (Kaspersky Protection) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka [2016-02-24] CHR Extension: (Google Docs Offline) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (AdBlock) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2016-02-19] CHR Extension: (Google Keep - notes and lists) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2016-02-23] CHR Extension: (Gestures for Google Chrome™) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpkfjicglakibpenojifdiepckckakgk [2014-02-13] CHR Extension: (Smooth Gestures) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfkgmnnajiljnolcgolmmgnecgldgeld [2014-02-13] CHR Extension: (Chrome Web Store Payments) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-29] CHR Extension: (Amazon) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj [2015-02-19] CHR Extension: (Picasa) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-02-13] CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29] CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1 CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19] CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19] CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-19] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19] CHR Extension: (Bitdefender Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2015-01-20] CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19] CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19] CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19] CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19] CHR Profile: C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2 CHR Extension: (Google Slides) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-01-19] CHR Extension: (Google Docs) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-01-19] CHR Extension: (Google Drive) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-01-19] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-01-19] CHR Extension: (YouTube) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19] CHR Extension: (Bitdefender Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl [2015-01-21] CHR Extension: (Google Search) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19] CHR Extension: (Google Sheets) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19] CHR Extension: (Google Wallet) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19] CHR Extension: (Gmail) - C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19] CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Chris\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-19] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-02-24] (Kaspersky Lab ZAO) R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2013-05-31] () [Datei ist nicht signiert] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-14] () R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [887352 2016-01-28] (Bitdefender) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH) R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [881480 2013-04-19] () R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-04-19] (PacketVideo) R2 VirtualComService; C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe [16384 2015-06-27] (AK) [Datei ist nicht signiert] S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] () S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 evserial7; C:\Windows\System32\drivers\evserial7.sys [71432 2011-10-31] (ELTIMA Software) R3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-02-24] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2016-02-24] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2016-02-24] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-02-24] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2016-02-24] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe) R3 VSBC7; C:\Windows\System32\drivers\evsbc7.sys [36616 2011-10-31] (ELTIMA Software) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-25 09:53 - 2016-02-25 09:53 - 00036649 _____ C:\Users\Chris\Desktop\FRST.txt 2016-02-25 09:52 - 2016-02-25 09:52 - 00000000 ___HD C:\OneDriveTemp 2016-02-25 09:33 - 2016-02-25 09:51 - 00000000 ____D C:\AdwCleaner 2016-02-25 09:33 - 2016-02-25 09:33 - 01511936 _____ C:\Users\Chris\Desktop\AdwCleaner_5.036.exe 2016-02-25 09:23 - 2016-02-25 09:53 - 00000000 ____D C:\FRST 2016-02-25 09:23 - 2016-02-25 09:24 - 00078828 _____ C:\Users\Chris\Downloads\FRST.txt 2016-02-25 09:23 - 2016-02-25 09:24 - 00078224 _____ C:\Users\Chris\Downloads\Addition.txt 2016-02-25 09:21 - 2016-02-25 09:23 - 02371072 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe 2016-02-25 09:19 - 2016-02-25 09:19 - 1148901522 _____ C:\WINDOWS\MEMORY.DMP 2016-02-25 09:19 - 2016-02-25 09:19 - 00256044 _____ C:\WINDOWS\Minidump\022516-7250-01.dmp 2016-02-25 09:19 - 2016-02-25 09:19 - 00000000 ____D C:\WINDOWS\Minidump 2016-02-25 09:10 - 2016-02-25 09:19 - 00000000 ____D C:\Users\Chris\AppData\Local\FSDART 2016-02-25 09:10 - 2016-02-25 09:12 - 02314488 _____ C:\Users\Chris\Downloads\avira_pc_cleaner_de.exe 2016-02-25 09:10 - 2016-02-25 09:10 - 00000000 ____D C:\Users\Chris\AppData\Local\F-Secure 2016-02-25 09:10 - 2016-02-25 09:10 - 00000000 ____D C:\ProgramData\F-Secure 2016-02-25 09:09 - 2016-02-25 09:10 - 00524248 _____ (F-Secure Corporation) C:\Users\Chris\Downloads\F-SecureOnlineScanner.exe 2016-02-25 08:23 - 2016-02-25 08:59 - 00001592 _____ C:\WINDOWS\system32\.crusader 2016-02-25 08:16 - 2016-02-25 08:23 - 00000000 ____D C:\ProgramData\HitmanPro 2016-02-25 08:16 - 2016-02-25 08:16 - 11443792 _____ (SurfRight B.V.) C:\Users\Chris\Desktop\hitmanpro_x64.exe 2016-02-25 08:13 - 2016-02-25 08:13 - 00001618 _____ C:\Users\Chris\Desktop\Mozilla Firefox.lnk 2016-02-24 18:56 - 2016-02-25 09:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-02-24 18:56 - 2016-02-24 19:01 - 00934272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2016-02-24 18:56 - 2016-02-24 19:01 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2016-02-24 18:56 - 2016-02-24 18:57 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2016-02-24 18:56 - 2016-02-24 18:56 - 00002588 _____ C:\Users\Chris\Desktop\Sicherer Zahlungsverkehr.lnk 2016-02-24 18:56 - 2016-02-24 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2016-02-24 18:56 - 2016-02-24 18:56 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2016-02-24 18:56 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2016-02-24 18:53 - 2016-02-24 18:55 - 173986008 _____ (Kaspersky Lab) C:\Users\Chris\Downloads\kis16.0.0.614de-de.exe 2016-02-24 18:51 - 2016-02-24 18:51 - 00235717 _____ C:\ProgramData\1456336221.bdinstall.bin 2016-02-24 17:40 - 2016-02-24 17:40 - 00000000 ____D C:\Users\Chris\AppData\Roaming\LibreOffice 2016-02-24 17:39 - 2016-02-24 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1 2016-02-24 17:39 - 2016-02-24 17:39 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2016-02-24 17:37 - 2016-02-24 17:38 - 221544448 _____ C:\Users\Chris\Downloads\LibreOffice_5.1.0_Win_x86.msi 2016-02-23 18:33 - 2016-02-23 18:34 - 09121063 _____ C:\Users\Chris\Downloads\Partizipation.pdf 2016-02-23 18:33 - 2016-02-23 18:33 - 01823265 _____ C:\Users\Chris\Downloads\Handbuch_Demokratie_14_11.pdf 2016-02-23 18:33 - 2016-02-23 18:33 - 00226841 _____ C:\Users\Chris\Downloads\2006_finale_demokratie_lernen.pdf 2016-02-23 18:31 - 2016-02-23 18:31 - 00168240 _____ C:\Users\Chris\Downloads\ia.pdf 2016-02-23 11:57 - 2016-02-23 11:57 - 02130774 _____ C:\Users\Chris\Downloads\antivirus-test-2016-tabelle.pdf 2016-02-22 19:46 - 2016-02-22 19:46 - 00083159 _____ C:\Users\Chris\Downloads\2011-11-04_PM_Weiss_ehrt-Jubilare.pdf 2016-02-19 19:57 - 2016-02-19 19:57 - 00000000 ____D C:\Users\Chris\Desktop\Tieraufnahmen 2016-02-19 19:44 - 2016-02-19 19:44 - 01309440 _____ C:\Users\Chris\Downloads\BedienungsanleitungJumpian.pdf 2016-02-19 19:39 - 2016-02-19 19:39 - 00000000 ____D C:\Users\Chris\Documents\Mikogo 2016-02-19 19:39 - 2016-02-19 19:39 - 00000000 ____D C:\Users\Chris\AppData\Local\Mikogo 2016-02-19 14:01 - 2016-02-19 14:19 - 00009355 _____ C:\Users\Chris\Desktop\Schülerliste.xlsx 2016-02-19 13:49 - 2016-02-19 13:49 - 00000000 ____D C:\Users\Chris\AppData\Local\Synnotech_AG 2016-02-19 13:49 - 2016-02-19 13:49 - 00000000 ____D C:\Users\Chris\AppData\Local\Synnotech AG 2016-02-19 13:48 - 2016-02-19 13:48 - 00002142 _____ C:\Users\Public\Desktop\Jumpian.lnk 2016-02-19 13:48 - 2016-02-19 13:48 - 00000035 _____ C:\ProgramData\Jumpian.global 2016-02-19 13:48 - 2016-02-19 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jumpian 2016-02-19 13:38 - 2016-02-19 13:38 - 00000000 ____D C:\Users\Chris\AppData\Roaming\SumatraPDF 2016-02-19 13:33 - 2016-02-19 13:33 - 00000098 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2016-02-19 13:32 - 2016-02-19 13:48 - 00000000 ____D C:\Program Files (x86)\Synnotech AG 2016-02-19 13:23 - 2016-02-19 13:23 - 88427288 _____ (Synnotech AG) C:\Users\Chris\Downloads\Jumpian_FullSetup.exe 2016-02-19 12:36 - 2016-02-19 12:36 - 11986608 _____ (AWIN-Software ) C:\Users\Chris\Downloads\Setup_NBox_Test.Exe 2016-02-19 11:42 - 2016-02-19 11:42 - 00347816 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run(1).exe 2016-02-19 10:19 - 2016-02-19 10:19 - 00213883 _____ C:\Users\Chris\Downloads\Richtlinie_VII.pdf 2016-02-19 10:18 - 2016-02-19 10:18 - 00075165 _____ C:\Users\Chris\Downloads\Richtlinie I.pdf 2016-02-19 10:15 - 2016-02-19 10:15 - 00091517 _____ C:\Users\Chris\Downloads\Richtlinie_II NEU ab 0712(1).pdf 2016-02-19 10:13 - 2016-02-19 10:13 - 00091517 _____ C:\Users\Chris\Downloads\Richtlinie_II NEU ab 0712.pdf 2016-02-19 09:58 - 2016-02-19 09:58 - 00014293 _____ C:\Users\Chris\Downloads\Auschreibung_Schulleitungen.pdf 2016-02-18 18:19 - 2016-02-18 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-16 06:50 - 2016-02-16 07:31 - 00000000 ____D C:\Users\Chris\Desktop\Tiny 2016-02-16 06:45 - 2016-02-16 06:45 - 00002007 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk 2016-02-15 20:27 - 2016-02-15 20:27 - 00012298 _____ C:\Users\Chris\Downloads\0901c413ae7dccfa.pdf 2016-02-15 20:25 - 2016-02-15 20:25 - 00012389 _____ C:\Users\Chris\Downloads\0901c413b050b57c.pdf 2016-02-15 20:25 - 2016-02-15 20:25 - 00012209 _____ C:\Users\Chris\Downloads\0901c413b26b93f5.pdf 2016-02-14 20:53 - 2016-02-14 20:53 - 00012307 _____ C:\Users\Chris\Downloads\0901c413b1cf0115(1).pdf 2016-02-14 18:54 - 2016-02-14 18:54 - 00058215 _____ C:\Users\Chris\Downloads\embudu.availabilty-2015.pdf 2016-02-14 18:40 - 2016-02-14 18:40 - 00527683 _____ C:\Users\Chris\Downloads\tui_com-mangrove_bay_resort.pdf 2016-02-12 09:45 - 2016-02-12 09:45 - 03501420 _____ C:\Users\Chris\Downloads\1997 - Heft 1 (38).pdf 2016-02-12 09:44 - 2016-02-12 09:44 - 09459863 _____ C:\Users\Chris\Downloads\Exemplare_Izuhara_neu.pdf 2016-02-12 09:44 - 2016-02-12 09:44 - 06370816 _____ C:\Users\Chris\Downloads\sportm_Diagnostik_LV2_groß.pdf 2016-02-12 09:27 - 2016-02-12 09:27 - 00076888 _____ C:\Users\Chris\Downloads\Wiener Koordinationsparcour.pdf 2016-02-12 09:24 - 2016-02-12 09:24 - 01672046 _____ C:\Users\Chris\Downloads\Video_Bewegungsformen zur Musik.wmv 2016-02-12 09:24 - 2016-02-12 09:24 - 00016727 _____ C:\Users\Chris\Downloads\Beschreibung_Bewegungsformen zur Musik.pdf 2016-02-12 09:22 - 2016-02-12 09:22 - 03165790 _____ C:\Users\Chris\Downloads\LA_Koordinationspacours_Maenner.wmv 2016-02-12 09:16 - 2016-02-12 09:16 - 00129853 _____ C:\Users\Chris\Downloads\motorik_modul.pdf 2016-02-12 09:15 - 2016-02-12 09:15 - 00117260 _____ C:\Users\Chris\Downloads\muenchener_fitness_test.pdf 2016-02-10 18:19 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 18:19 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 18:19 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 18:19 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 18:19 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 18:19 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 18:19 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 18:19 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 18:19 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 18:19 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 18:19 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 18:19 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 18:19 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 18:19 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 18:19 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 18:19 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 18:19 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 18:19 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 18:19 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 18:19 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 18:19 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 18:19 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 18:19 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 18:19 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 18:19 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 18:19 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 18:19 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 18:19 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 18:19 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 18:19 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 18:19 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 18:19 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 18:19 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 18:19 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 18:19 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 18:19 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 18:19 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 18:19 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 18:19 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 18:19 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 18:19 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 18:19 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 18:19 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 18:19 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 18:19 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 18:19 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 18:19 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 18:19 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 18:19 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 18:19 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 18:19 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 18:19 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 18:19 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 18:19 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 18:19 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 18:19 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 18:19 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 18:19 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 21:47 - 2016-02-09 21:47 - 00156356 _____ C:\Users\Chris\Downloads\Naehrmedienuebersicht.pdf 2016-02-09 10:05 - 2016-02-09 10:05 - 02104773 _____ C:\Users\Chris\Downloads\TAPUCATE-ImportExport-Handbuch.pdf 2016-02-09 08:33 - 2016-02-09 08:33 - 00227517 _____ C:\Users\Chris\Downloads\Flyer_Conchotomie.pdf 2016-02-09 07:46 - 2016-02-09 07:46 - 00017057 _____ C:\Users\Chris\Downloads\NDM Halle 2016_neuer Zpl.pdf 2016-02-09 06:42 - 2016-02-09 06:42 - 00513670 _____ C:\Users\Chris\Downloads\Info_AdrliImportThunderb.pdf 2016-02-08 16:32 - 2016-02-08 16:32 - 00000000 ____D C:\ProgramData\proDAD 2016-02-08 11:05 - 2016-02-08 11:05 - 00075462 _____ C:\Users\Chris\Downloads\Kontoauszug_48949100__Nr.0012016_vom_29.01.2016_20160208110535.pdf 2016-02-08 11:05 - 2016-02-08 11:05 - 00063730 _____ C:\Users\Chris\Downloads\Mitteilung_48949100_vom_29.01.2016_20160208110527.pdf 2016-01-28 16:44 - 2016-01-16 07:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2016-01-28 16:44 - 2016-01-16 07:36 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-28 16:44 - 2016-01-16 07:36 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-28 16:44 - 2016-01-16 07:34 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-28 16:44 - 2016-01-16 07:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 08728920 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-01-28 16:44 - 2016-01-16 07:23 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-01-28 16:44 - 2016-01-16 07:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2016-01-28 16:44 - 2016-01-16 07:20 - 06971752 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-01-28 16:44 - 2016-01-16 07:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-28 16:44 - 2016-01-16 07:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll 2016-01-28 16:44 - 2016-01-16 07:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll 2016-01-28 16:44 - 2016-01-16 07:19 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-28 16:44 - 2016-01-16 07:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll 2016-01-28 16:44 - 2016-01-16 07:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2016-01-28 16:44 - 2016-01-16 07:09 - 01089880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2016-01-28 16:44 - 2016-01-16 07:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll 2016-01-28 16:44 - 2016-01-16 07:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe 2016-01-28 16:44 - 2016-01-16 06:46 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys 2016-01-28 16:44 - 2016-01-16 06:45 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-28 16:44 - 2016-01-16 06:44 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe 2016-01-28 16:44 - 2016-01-16 06:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:42 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll 2016-01-28 16:44 - 2016-01-16 06:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll 2016-01-28 16:44 - 2016-01-16 06:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll 2016-01-28 16:44 - 2016-01-16 06:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 07979008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll 2016-01-28 16:44 - 2016-01-16 06:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2016-01-28 16:44 - 2016-01-16 06:37 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2016-01-28 16:44 - 2016-01-16 06:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll 2016-01-28 16:44 - 2016-01-16 06:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2016-01-28 16:44 - 2016-01-16 06:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-01-28 16:44 - 2016-01-16 06:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll 2016-01-28 16:44 - 2016-01-16 06:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2016-01-28 16:44 - 2016-01-16 06:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll 2016-01-28 16:44 - 2016-01-16 06:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll 2016-01-28 16:44 - 2016-01-16 06:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2016-01-28 16:44 - 2016-01-16 06:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe 2016-01-28 16:44 - 2016-01-16 06:31 - 00851456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2016-01-28 16:44 - 2016-01-16 06:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe 2016-01-28 16:44 - 2016-01-16 06:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2016-01-28 16:44 - 2016-01-16 06:30 - 01053696 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-01-28 16:44 - 2016-01-16 06:30 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2016-01-28 16:44 - 2016-01-16 06:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll 2016-01-28 16:44 - 2016-01-16 06:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll 2016-01-28 16:44 - 2016-01-16 06:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2016-01-28 16:44 - 2016-01-16 06:29 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll 2016-01-28 16:44 - 2016-01-16 06:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll 2016-01-28 16:44 - 2016-01-16 06:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll 2016-01-28 16:44 - 2016-01-16 06:26 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-01-28 16:44 - 2016-01-16 06:25 - 00235008 _____ C:\WINDOWS\system32\MTF.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 00613888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 00350720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll 2016-01-28 16:44 - 2016-01-16 06:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll 2016-01-28 16:44 - 2016-01-16 06:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2016-01-28 16:44 - 2016-01-16 06:23 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2016-01-28 16:44 - 2016-01-16 06:21 - 06297088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 07199232 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-01-28 16:44 - 2016-01-16 06:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll 2016-01-28 16:44 - 2016-01-16 06:19 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-01-28 16:44 - 2016-01-16 06:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-28 16:44 - 2016-01-16 06:17 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll 2016-01-28 16:44 - 2016-01-16 06:16 - 05202944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll 2016-01-28 16:44 - 2016-01-16 06:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-28 16:44 - 2016-01-16 06:15 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll 2016-01-28 16:44 - 2016-01-16 06:14 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-01-28 16:44 - 2016-01-16 06:14 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-01-28 16:44 - 2016-01-16 06:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll 2016-01-27 17:09 - 2016-01-27 17:09 - 00312130 _____ C:\Users\Chris\Downloads\3a8ec949-7937-4fc6-8f6a-8075ad36384c.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-25 09:52 - 2015-12-10 22:33 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-02-25 09:52 - 2015-12-10 21:51 - 00000000 ____D C:\Program Files\Bitdefender Agent 2016-02-25 09:52 - 2015-12-10 21:49 - 00000000 ___RD C:\Users\Chris\OneDrive 2016-02-25 09:52 - 2015-12-10 21:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-25 09:52 - 2015-12-10 21:40 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-25 09:52 - 2015-12-07 20:03 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-25 09:52 - 2014-12-01 18:50 - 00000000 ____D C:\ProgramData\TwonkyServer 2016-02-25 09:52 - 2014-05-11 18:32 - 00000000 ____D C:\ProgramData\TEMP 2016-02-25 09:52 - 2014-02-14 11:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox 2016-02-25 09:52 - 2014-02-13 18:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\GoodSync 2016-02-25 09:52 - 2014-02-13 17:59 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-25 09:51 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-25 09:45 - 2015-12-10 21:41 - 00000000 ____D C:\Users\Chris 2016-02-25 09:38 - 2015-12-10 22:33 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-02-25 09:30 - 2014-02-14 18:44 - 00001127 _____ C:\Users\Chris\Desktop\MediaCoder x64.lnk 2016-02-25 09:26 - 2015-12-10 21:40 - 02089590 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-25 09:26 - 2015-10-30 19:35 - 00889114 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-25 09:26 - 2015-10-30 19:35 - 00197696 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-25 09:26 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-25 09:26 - 2014-02-13 17:59 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-25 09:10 - 2014-02-14 10:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-25 09:08 - 2014-02-13 18:20 - 00000000 ____D C:\Users\Chris\AppData\Roaming\QuickScan 2016-02-25 08:54 - 2014-03-11 08:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job 2016-02-25 08:22 - 2015-05-25 15:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-02-25 08:09 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-25 08:02 - 2014-03-05 22:46 - 00001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-25 08:02 - 2014-02-13 17:59 - 00002329 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-25 07:51 - 2014-02-13 18:13 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc 2016-02-25 07:43 - 2014-05-15 06:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss 2016-02-25 06:19 - 2015-12-10 21:59 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A13CF640-DD3C-4431-86D8-A0C3483E4A19} 2016-02-24 20:17 - 2015-12-05 11:20 - 00000000 ____D C:\Users\Chris\Documents\MassFaces 2016-02-24 19:01 - 2015-06-26 23:58 - 00087944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2016-02-24 19:01 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys 2016-02-24 18:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-02-24 18:56 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-24 18:56 - 2015-04-11 10:42 - 00000000 ____D C:\Users\Administrator 2016-02-24 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated 2016-02-24 18:52 - 2015-12-10 21:59 - 00000000 ____D C:\Program Files\Bitdefender 2016-02-24 18:52 - 2015-12-10 21:39 - 00526824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-02-24 18:51 - 2014-02-13 18:20 - 00000000 ____D C:\ProgramData\Bitdefender 2016-02-24 18:50 - 2014-02-13 18:28 - 00762291 _____ C:\bdlog.txt 2016-02-24 06:32 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-24 06:28 - 2014-02-14 18:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-02-23 18:46 - 2015-12-10 21:47 - 00000000 ____D C:\Users\Chris\AppData\Local\Packages 2016-02-23 18:38 - 2014-02-16 17:08 - 00007641 _____ C:\Users\Chris\AppData\Local\Resmon.ResmonCfg 2016-02-23 18:34 - 2015-12-17 18:18 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-23 13:45 - 2014-02-13 18:19 - 00000336 _____ C:\WINDOWS\BRCALIB.INI 2016-02-23 09:54 - 2014-03-11 08:06 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job 2016-02-23 06:57 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-23 06:56 - 2014-02-13 18:22 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-02-22 12:13 - 2016-01-18 20:16 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-02-19 14:05 - 2014-02-13 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-19 13:38 - 2015-05-22 08:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Apple Computer 2016-02-19 13:38 - 2015-05-22 08:58 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple Computer 2016-02-19 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-19 11:35 - 2014-02-23 20:25 - 00000000 ____D C:\Users\Chris\AppData\Local\ElevatedDiagnostics 2016-02-18 18:20 - 2015-12-10 22:33 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-02-17 19:28 - 2016-01-12 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-02-17 18:30 - 2015-11-02 06:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-16 06:45 - 2014-07-09 22:33 - 00002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop.lnk 2016-02-16 06:45 - 2014-07-09 22:33 - 00000000 ____D C:\Program Files (x86)\Prezi 2016-02-15 18:49 - 2015-07-23 18:28 - 00000000 ____D C:\Users\Chris\AppData\Local\Windows Live 2016-02-14 20:08 - 2015-09-29 17:36 - 00001444 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2016-02-14 20:08 - 2014-03-04 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-02-14 20:08 - 2014-03-04 13:03 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DVDVideoSoft 2016-02-14 20:08 - 2014-03-04 13:03 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-02-14 09:03 - 2015-06-15 21:11 - 00004608 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-12 09:12 - 2015-08-29 06:42 - 00000013 _____ C:\Users\Chris\Desktop\HEYcontrol.ini 2016-02-11 07:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 06:54 - 2015-12-10 21:47 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 22:24 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 20:34 - 2013-08-22 09:06 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 20:31 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-10 20:31 - 2013-04-22 15:17 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-09 21:37 - 2014-02-24 17:46 - 00000000 ____D C:\ProgramData\Oracle 2016-02-09 21:36 - 2015-11-05 08:53 - 00000000 ____D C:\Users\Chris\.oracle_jre_usage 2016-02-09 21:36 - 2014-10-21 20:12 - 00000000 ____D C:\Program Files (x86)\Java 2016-02-09 21:36 - 2014-04-22 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2016-02-09 21:36 - 2014-04-17 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-02-09 21:35 - 2014-10-21 20:12 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-02-08 10:21 - 2014-02-13 17:59 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-08 10:21 - 2014-02-13 17:59 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-08 09:49 - 2014-03-11 08:06 - 00004256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA 2016-02-08 09:49 - 2014-03-11 08:06 - 00003880 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core 2016-02-08 09:42 - 2015-12-10 21:49 - 00002437 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-28 22:10 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-06-15 21:11 - 2016-02-14 09:03 - 0004608 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-22 08:56 - 2015-04-22 08:56 - 0000835 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel 2014-02-16 17:08 - 2016-02-23 18:38 - 0007641 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg 2014-03-03 12:53 - 2014-03-03 12:53 - 0000011 _____ () C:\ProgramData\.tv7 2014-02-14 18:12 - 2016-01-24 08:12 - 0000040 ___SH () C:\ProgramData\.zreglib 2016-02-24 18:51 - 2016-02-24 18:51 - 0235717 _____ () C:\ProgramData\1456336221.bdinstall.bin 2014-04-29 07:42 - 2014-04-29 07:43 - 0009868 _____ () C:\ProgramData\DVRClient.log 2014-04-29 07:43 - 2014-04-29 08:02 - 0160512 _____ () C:\ProgramData\DVRServerMediaDevices.log 2014-04-29 07:43 - 2014-04-29 07:44 - 0001088 _____ () C:\ProgramData\DVRServerNetworkCameras.log 2014-04-29 07:41 - 2014-04-29 07:41 - 0000832 _____ () C:\ProgramData\DVRServerTools.log 2016-02-19 13:48 - 2016-02-19 13:48 - 0000035 _____ () C:\ProgramData\Jumpian.global 2016-02-19 13:33 - 2016-02-19 13:33 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc Einige Dateien in TEMP: ==================== C:\Users\Chris\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuuxx4v.dll C:\Users\Chris\AppData\Local\Temp\hhkH0w8LQ9.exe C:\Users\Chris\AppData\Local\Temp\jre-8u71-windows-au.exe C:\Users\Chris\AppData\Local\Temp\jre-8u73-windows-au.exe C:\Users\Chris\AppData\Local\Temp\mPHzCtKWdd.exe C:\Users\Chris\AppData\Local\Temp\Qfve1VVsPc.exe C:\Users\Chris\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-22 12:11 ==================== Ende von FRST.txt ============================ |
25.02.2016, 09:55 | #7 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016 durchgeführt von Chris (2016-02-25 09:53:36) Gestartet von C:\Users\Chris\Desktop Windows 10 Pro Version 1511 (X64) (2015-12-10 20:47:48) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2784361696-2099732649-3132497725-500 - Administrator - Disabled) Chris (S-1-5-21-2784361696-2099732649-3132497725-1001 - Administrator - Enabled) => C:\Users\Chris DefaultAccount (S-1-5-21-2784361696-2099732649-3132497725-503 - Limited - Disabled) Gast (S-1-5-21-2784361696-2099732649-3132497725-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2784361696-2099732649-3132497725-1004 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Kaspersky Internet Security (Disabled - Up to date) {B41C7598-35F6-4D89-7D0E-7ADE69B4047B} AS: Kaspersky Internet Security (Disabled - Up to date) {0F7D947C-13CC-4207-47BE-41AC12334EC6} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security (Disabled) {8C27F4BD-7F99-4CD1-5651-D3EB97674300} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) AAVUpdateManager (HKLM-x32\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH) ActivInspire Core Resources (DEU) v1 (HKLM-x32\...\{06C9F624-9F53-4C89-9720-1601A295769A}) (Version: 1.6.3 - Promethean) ActivInspire Help (DEU) v1 (HKLM-x32\...\{B18A62F5-296F-4BC4-B8DD-A9FB16EE9106}) (Version: 1.6.3 - Promethean) ActivInspire HWR Resources (DEU) v1 (HKLM-x32\...\{CB2158F5-B05D-41BF-B8F8-05A85695BA4E}) (Version: 1.7.1 - Promethean) ActivInspire v2 (HKLM-x32\...\{84007E42-A06F-4FFE-90D2-85F82CB48615}) (Version: 2.4.66096 - Promethean) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated) AK-VirtualCom (HKLM-x32\...\{55D9A696-A3F5-48D8-82A5-F509BBD28189}) (Version: 2.0.0 - AK-NORD) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.6.8.0 - SlySoft) Apple Application Support (32-Bit) (HKLM-x32\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{691F30EB-9009-475A-B8A9-E1BF39598FD5}) (Version: 4.1.2 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Assassins Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft) Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team) Audiograbber 1.83 SE (HKLM-x32\...\Audiograbber) (Version: 1.83 SE - Audiograbber) Audiograbber MP3-Plugin (HKLM-x32\...\Audiograbber-Lame) (Version: 1.0 - AG) Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender) Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.) BRAdmin Professional 3 (HKLM-x32\...\{75C885D4-C758-4896-A3B4-90DA34B44C31}) (Version: 3.51.0007 - Brother) Brother MFL-Pro Suite DCP-9055CDN (HKLM-x32\...\{979742CC-2CBB-49D8-9BEE-C2F7875F5393}) (Version: 1.1.5.0 - Brother Industries, Ltd.) Call of Duty: Modern Warfare 3 (HKLM-x32\...\Steam App 42680) (Version: - Infinity Ward) CamCliCtrl (HKLM-x32\...\{1C38E027-8447-4344-9B8C-A831C628BF63}) (Version: 1.0.6510 - NetworkSurveillanceNP) Citrix Online Launcher (HKLM-x32\...\{678753E6-E526-4AE5-A144-00240772543A}) (Version: 1.0.393 - Citrix) CloneCD (HKLM-x32\...\CloneCD) (Version: - SlySoft) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Dropbox (HKLM-x32\...\Dropbox) (Version: 3.14.7 - Dropbox, Inc.) Dropbox Update Helper (x32 Version: 1.3.27.77 - Dropbox, Inc.) Hidden EZ CD Audio Converter Free (64-bit) (HKLM-x32\...\EZ CD Audio Converter Free (64-bit)) (Version: 1.6.1 - Poikosoft) Fotogalerie (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com) Free Studio version 6.4.3.128 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.3.128 - DVDVideoSoft Ltd.) Free Video Editor version 1.4.12.713 (HKLM-x32\...\Free Video Editor_is1) (Version: 1.4.12.713 - DVDVideoSoft Ltd.) Free YouTube Download (HKLM-x32\...\Free YouTube Download_is1) (Version: 4.0.7.1117 - DVDVideoSoft Ltd.) Free YouTube to MP3 Converter version 3.12.27.225 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.27.225 - DVDVideoSoft Ltd.) Galería de fotos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galeria fotografii (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team) GoodSync (HKLM\...\{B26B00DA-2E5D-4CF2-83C5-911198C0F009}) (Version: 9.9.35.5 - Siber Systems) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google) Google Earth Pro (HKLM-x32\...\{44FC61F0-2F8A-11E3-8CAE-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Photos Backup (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Google Photos Backup) (Version: 1.1.1.276 - Google, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden GoPro App (x32 Version: 5.7.549 - GoPro, Inc.) Hidden GoPro Studio 2.5.7 (HKLM-x32\...\{b996dca2-156c-4d2c-b9a3-59fac08cef33}) (Version: 2.5.7.549 - GoPro, Inc.) Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod) honestech VHS to DVD 2.0 SE (HKLM-x32\...\{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}) (Version: 2.0 - honestech) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.20.1447 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation) iTunes (HKLM\...\{FBEB98F8-64E4-4FA3-A15E-4A9F42FF962E}) (Version: 12.3.2.35 - Apple Inc.) Java 8 Update 73 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation) Java SE Development Kit 7 Update 55 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170550}) (Version: 1.7.0.550 - Oracle) Jumpian (HKLM-x32\...\{f2115522-a897-429e-af45-6bdbc85a38e3}) (Version: 1.7.0.7 - Synnotech AG) Jumpian (x32 Version: 1.7.0.7 - Synnotech AG) Hidden Junk Mail filter update (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab) Kaspersky Internet Security (x32 Version: 16.0.0.614 - Kaspersky Lab) Hidden LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - ) LibreOffice 5.1.0.3 (HKLM-x32\...\{2F75F86D-8362-4F49-9536-D87DCBF6ABAE}) (Version: 5.1.0.3 - The Document Foundation) Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech) Logitech Unifying-Software 2.50 (HKLM\...\Logitech Unifying) (Version: 2.50.25 - Logitech) MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{B7802BC1-5F76-48D2-A622-98195BD50B87}) (Version: 7.0.2.6 - MAGIX Software GmbH) MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (HKLM\...\MX.{E9D2A2BC-900E-4CBE-8543-E2EEF79163CB}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Filmvorlagen 1) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (HKLM\...\MX.{38B2C12F-B11F-40A5-B04C-9819949FFE01}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Filmvorlagen 2) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (HKLM\...\MX.{1759FCEB-940B-4D92-9F45-E55E7E6736C0}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Filmvorlagen 3) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (HKLM\...\MX.{B9D9D873-ADDA-4D0C-B691-0F323C6DD62A}) (Version: 15.0.0.62 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (HKLM\...\MX.{02C01AE1-F497-475A-AA45-43E41A495136}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (NewBlue ActionCam Package) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (HKLM\...\MX.{89CF4765-0012-4619-BA4E-1571376A25CA}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (proDAD Mercalli V4) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Titeleffekte) (HKLM\...\MX.{28FE7891-77C0-45E1-9CA4-35E9250F91DA}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Titeleffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Überblendeffekte) (HKLM\...\MX.{585234EA-CDB3-48A7-B6C4-0EFF9A86D244}) (Version: 1.0.0.0 - MAGIX Software GmbH) MAGIX Video deluxe 2016 Premium (Überblendeffekte) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium (Version: 15.0.0.62 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.90 - MAGIX Software GmbH) Hidden MakeMKV v1.9.1 (HKLM-x32\...\MakeMKV) (Version: v1.9.1 - GuinpinSoft inc) MassFaces 4.2.5.141 (HKLM-x32\...\{D7B24A43-A287-41AC-9957-F616A2B25A9D}_is1) (Version: 4.2.5.141 - Havy Alegria) MediaCoder x64 0.8.41.5815 (HKLM\...\MediaCoder x64) (Version: 0.8.41.5815 - Mediatronic) Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA) Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation) Microsoft Office Home and Student 2013 - de-de (HKLM\...\HomeStudentRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) MKVToolNix 7.4.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.4.0 - Moritz Bunkus) Morgan Multimedia Motion JPEG Codec 3.0.0.9 (HKLM-x32\...\Morgan Multimedia Motion JPEG Codec_is1) (Version: 3.0.0.9 - Morgan Multimedia) Movie Maker (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek) Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) Mozilla Thunderbird 38.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MyDriveConnect 4.0.3.2180 (HKLM-x32\...\MyDriveConnect) (Version: 4.0.3.2180 - TomTom) NewBlue ActionCam Package (HKLM-x32\...\NewBlue ActionCam Package) (Version: 1.0 - NewBlue) NewBlue Titler EX for MAGIX (HKLM-x32\...\NewBlue Titler EX for MAGIX) (Version: 1.0 - NewBlue) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation) NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation) NVIDIA Grafiktreiber 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation) NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) OEKOWI 5.207.ch (HKLM-x32\...\{0506FA2D-F846-4536-930B-0FC372BDE853}) (Version: 5.207.0 - Ernst Schmidheiny Stiftung) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.0.4 - CEWE Stiftung u Co. KGaA) OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation) PDF24 Creator 7.0.4 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org) Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.) Poczta usługi Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Prezi (HKLM-x32\...\{63B8F931-2BF3-4D5D-9C28-E2EF88D83DFD}) (Version: 5.2.8 - Ihr Firmenname) proDAD Mercalli NLE 4.0 (64bit) (HKLM\...\proDAD-MercalliPlugins-4.0) (Version: 4.0.467.1 - proDAD GmbH) proDAD ProDRENALIN 1.0 (64bit) (HKLM\...\proDAD-ProDRENALIN-1.0) (Version: 1.0.74.1 - proDAD GmbH) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.) Raccolta foto (x32 Version: 16.4.3503.0728 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6971 - Realtek Semiconductor Corp.) Recuva (HKLM\...\Recuva) (Version: 1.50 - Piriform) S.T.A.L.K.E.R.: Clear Sky (HKLM-x32\...\Steam App 20510) (Version: - GSC Game World) S3 Browser version 4.9.3 (HKLM\...\S3 Browser_is1) (Version: 4.9.3.0 - NetSDK Software, LLC) Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.14083.9 - Samsung Electronics Co., Ltd.) Hidden SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) SecurView Pro 2.1.1 (HKLM-x32\...\DVRServer.Application_is1) (Version: 2.1.1 - TRENDnet) SecurView Pro Codecs 2.1.1 (HKLM-x32\...\DVRCodecs_is1) (Version: 2.1.1 - TRENDnet) Sentinel System Driver Installer 7.5.1 (HKLM-x32\...\{BF9E346B-5ECE-4A18-9510-55729FD08323}) (Version: 7.5.1 - SafeNet, Inc.) SetupWizard (HKLM-x32\...\{CE7BDBA3-B8F4-4B2A-8FB7-7C439D6E6077}) (Version: 1.0.2904 - TRENDnet) SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: 2.5.12.11 - NVIDIA Corporation) Hidden SIW 2013 Home Edition (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2013.05.14 - Topala Software Solutions) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Stellarium 0.11.2 (HKLM-x32\...\Stellarium_is1) (Version: - ) SteuerBerater für Lehrer 2013-2014 (HKLM-x32\...\{E84E9818-988D-44E1-A996-FC05F83A64DC}) (Version: 1.00.9 - Akademische Arbeitsgemeinschaft) SteuerBerater für Lehrer 2014-2015 (HKLM-x32\...\{425E7795-9051-4EA3-8E85-32B9B6725247}) (Version: 15.03.0 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung Lehrer 2014 (HKLM-x32\...\{A463EB06-22A6-47F5-9593-E52B291EF13E}) (Version: 19.12.92 - Akademische Arbeitsgemeinschaft) SteuerSparErklärung Lehrer 2015 (HKLM-x32\...\{312C0E08-8F94-4536-AAF6-3413F784AC5F}) (Version: 20.36.164 - Akademische Arbeitsgemeinschaft) Supreme Commander (HKLM-x32\...\Steam App 9350) (Version: - Gas Powered Games) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.55321 - TeamViewer) Thecus Setup Wizard 2.0.4 (HKLM-x32\...\Thecus Setup Wizard) (Version: 2.0.4 - Thecus, Inc.) Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler) TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation) Twonky Windows Components (HKLM-x32\...\{7CC673E7-5271-409D-B196-BB76DA60300B}) (Version: 3.1.0 - PacketVideo) TwonkyManager (HKLM-x32\...\TwonkyManager) (Version: 3.1.0 (55) - PacketVideo) Unity Web Player (HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\UnityWebPlayer) (Version: 4.6.4f1 - Unity Technologies ApS) Uplay (HKLM-x32\...\Uplay) (Version: 4.2 - Ubisoft) VFW_Codec32 (x32 Version: 0.1.160.0 - GoPro, Inc.) Hidden VFW_Codec64 (Version: 0.1.160.0 - GoPro, Inc.) Hidden VIDEO DVR (HKLM-x32\...\{EBD0EE76-2CFC-4EE5-AFE6-7EEAA3B14332}) (Version: 2012.04.17 - -) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.) VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN) VS 2008 CRT Package (HKLM-x32\...\{ED79C920-2FF2-4742-AF32-B58BE68B0FA6}) (Version: 1.1.0 - Microsoft) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3503.0728 - Microsoft Corporation) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F28B7EB-9468-D082-BD27-59EE85889A47} => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5EC3F743-9468-D082-1567-B2AF85889A47} => Keine Datei CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll (Google Inc.) CustomCLSID: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll => Keine Datei ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {0EAD5BD0-E399-4CCD-BB00-1E445ACA3EB5} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender\bdproductdata.exe Task: {19E7C7E6-A1B2-4ABE-8B1E-1663E98F7B1C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation) Task: {20FA996A-5F21-400B-B4FF-1F4FC4C56C21} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {238E5C74-8143-4713-8CF6-7772CD04C222} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {25C348BF-A43B-4553-8FC1-35F927733361} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {2CB7A611-6648-4E15-A5B1-1BFF9E77BD68} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe Task: {2F6536DD-1D7F-4F6A-B48C-A8F0F88A4684} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {30322D93-AA36-4B24-9259-6A23DDC8D63A} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {31A00C32-9B1A-4666-9CDD-6CD18BC6A83C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {329C6455-D140-4176-A2B1-060296753F8F} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe Task: {360550D1-9545-418D-A2A3-C1FDFFEC60AD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {39ABCDCC-5CBB-4B1D-9DAB-4119DDD32EF6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {3EBC1F2E-8B52-4D38-A8D8-DDBFED624D4B} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-01-15] (Bitdefender) Task: {45FD276B-29B2-4629-AE1D-125AEFE5F34D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {4BEE47F8-7A7C-47B5-A100-0ED768743CD5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {5575FF3E-165E-4332-8F79-EEEA7E62AC78} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {5669705E-F6B3-41F2-BDB9-AF18D8C8AAC2} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {63CCAACF-A9EF-4E21-A61E-4ECE6CBF8205} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {698D1C76-15E2-430D-9655-862A90D959F5} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.) Task: {7A8549FA-93F6-4A9E-96CB-8D5CE1BA2B6C} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {7A895C41-84C7-4084-8D93-3C27E59837F3} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {84074052-5CF3-4A8E-89D4-503E78C7BC42} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {8B2B927B-1071-4CBF-A15A-82EB8D2F74DB} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {8C701934-5C35-4180-8B41-810A2E6827F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {8C898A53-3106-490A-99BB-11CE5AC6B833} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {9CB717A9-CD2F-4415-8583-10C9A069D7FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {A7FAE584-D2D4-4FEC-9884-03038D2A659D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {AC609413-3C03-487C-B28C-5A6554C40270} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {AD320376-9B1E-414E-AB61-E7F4E962DB26} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {B04F8EB6-D7E1-4225-AFC4-FC7CD348D5B2} - System32\Tasks\{87744C1F-53F1-4916-8388-6B9518B6203F} => C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe [2015-12-07] (Gas Powered Games) Task: {B286AAE8-1334-4432-87B2-FF2AB48700D8} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {B5220E85-934A-4E3A-90B8-E2F31DE82BC8} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {B6BFB1CC-939E-433D-B3DC-E6EA92F28013} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {BE28265D-C88D-4A1F-9DA7-53C7F25EADAC} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {BF3A86BD-4EFD-48E9-8A79-9A927A1E894F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {C115C74A-62B6-4CF1-BA02-554ADF3C33FE} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {C23352CC-33FD-4E06-A385-234D2931D254} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C733F89E-2B0B-4C67-B9F1-2338E0DE4D1A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {CB38AA2D-C7E0-4333-BDE8-3C294320D158} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {CDA1BD3F-BDA2-489A-8FE4-66978652720A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated) Task: {CE34CAFC-0242-4A50-BCB0-2321EC97CB51} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {D453B5F2-CC20-40E3-B177-5813F73B06BD} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DB32C87C-E23D-43AE-9B54-EFD661BFB883} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {DC724AC5-4861-45BB-9F73-4E05E2B09D13} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {EC9BAC6B-06F8-4B47-8D89-B9C7BF640AA1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {F424049C-22F0-44BE-B66C-B643B85C180B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {FCF26027-4B4F-4DF2-8048-CAEC3ABDB226} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-12-10] (Dropbox, Inc.) Task: {FD5BFC95-5B38-42C2-ACF7-F0ECF9E3B8E2} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe Task: {FDF99E09-FC95-4738-9CD4-D12822C80E56} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:17 - 2015-10-30 08:17 - 00028672 _____ () C:\WINDOWS\SYSTEM32\efsext.dll 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-10 21:40 - 2015-08-07 01:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2008-10-24 15:35 - 2008-10-24 15:35 - 00128296 _____ () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe 2015-03-20 17:12 - 2015-03-20 17:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-12-17 18:38 - 2015-12-17 18:38 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-03-03 17:47 - 2013-05-31 15:02 - 00099328 _____ () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe 2014-03-19 11:36 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2014-02-13 18:18 - 2010-03-16 00:18 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll 2014-02-14 12:29 - 2014-02-14 12:29 - 00075136 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe 2013-04-19 09:35 - 2013-04-19 09:35 - 00881480 _____ () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe 2015-12-10 21:37 - 2015-12-10 21:37 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-10 21:37 - 2015-12-10 21:37 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-01-13 06:35 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-22 09:25 - 2016-01-22 09:25 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-18 07:02 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 07:02 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 06:35 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 06:35 - 2016-01-05 02:24 - 00936960 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll 2016-01-28 16:44 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-28 16:44 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-11-24 19:21 - 2015-11-24 19:21 - 12974600 _____ () C:\Program Files\Siber Systems\GoodSync\GoodSync.exe 2014-09-30 01:51 - 2014-09-30 01:51 - 00074664 _____ () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe 2015-07-08 23:18 - 2015-07-08 23:18 - 00794920 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\kpcengine.2.3.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2014-09-24 18:42 - 2015-11-17 14:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-06-27 13:05 - 2015-06-27 13:05 - 00028672 _____ () C:\Program Files (x86)\AK-NORD\AK-VirtualCom\AxInterop.VSPortLib.dll 2016-01-22 09:25 - 2016-01-22 09:25 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-04-05 07:04 - 2015-07-24 05:22 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll 2015-12-07 20:04 - 2015-12-15 06:54 - 00782336 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-12-07 20:04 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-12-07 20:04 - 2016-02-04 22:02 - 02546768 _____ () C:\Program Files (x86)\Steam\video.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-12-07 20:04 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-12-07 20:04 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-12-07 20:04 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-12-07 20:04 - 2016-02-04 22:01 - 00802896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-12-07 20:04 - 2015-12-30 02:51 - 00208896 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-12-07 20:04 - 2016-01-06 02:52 - 48387872 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-02-13 18:18 - 2009-02-27 16:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll 2014-02-14 08:40 - 2015-07-07 12:07 - 00074272 _____ () C:\Program Files (x86)\PDF24\zlib.dll 2014-02-14 08:40 - 2015-07-07 12:07 - 00051744 _____ () C:\Program Files (x86)\PDF24\OperationUI.dll 2015-12-10 22:33 - 2016-01-12 19:44 - 00034768 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd 2016-02-18 18:19 - 2016-01-12 19:45 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll 2015-12-10 22:33 - 2016-01-12 19:44 - 00093640 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00018376 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll 2015-12-10 22:33 - 2016-02-16 19:39 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00692688 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd 2015-12-10 22:33 - 2016-01-12 19:45 - 00112592 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_python_x66cf7a7cx17a72769.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00021840 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00021832 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd 2015-12-10 22:33 - 2016-01-12 19:46 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00117056 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd 2016-02-18 18:19 - 2016-01-12 19:47 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll 2016-02-18 18:19 - 2016-02-16 19:39 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd 2016-02-18 18:19 - 2015-11-05 01:04 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll 2015-12-10 22:33 - 2016-02-16 19:39 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00134608 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd 2015-12-10 22:33 - 2016-01-12 19:44 - 00134088 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd 2016-02-18 18:19 - 2016-01-12 19:45 - 00240584 _____ () C:\Program Files (x86)\Dropbox\Client\jpegtran.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00021824 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32._winffi_kernel32.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd 2016-02-18 18:19 - 2016-02-16 19:38 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd 2015-12-10 22:33 - 2016-01-12 19:47 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00084792 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL 2015-12-10 22:33 - 2016-02-16 19:39 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd 2015-12-10 22:33 - 2016-01-12 19:45 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 03928880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 01971504 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00223544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00158008 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd 2016-02-18 18:19 - 2016-02-16 19:39 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd 2016-02-18 18:19 - 2016-01-12 19:49 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll 2016-02-18 18:19 - 2016-01-12 19:49 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll 2015-12-10 22:33 - 2016-02-16 19:39 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd 2015-12-10 22:33 - 2016-02-16 19:39 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd 2015-12-10 22:33 - 2016-01-12 19:52 - 00697304 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll 2016-02-23 06:54 - 2016-02-23 06:54 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll 2016-02-23 06:54 - 2016-02-23 06:54 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll 2015-10-02 23:15 - 2015-10-02 23:15 - 02287616 _____ () C:\Program Files (x86)\GoPro\Tools\Importer\gopro-lib-win-analytics.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm AlternateDataStreams: C:\ProgramData\TEMP:72CCCD14 AlternateDataStreams: C:\ProgramData\TEMP:B3ED3AFF AlternateDataStreams: C:\Users\Chris\Downloads\344.11-desktop-win8-win7-winvista-64bit-international-whql.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\344.48-desktop-win8-win7-winvista-64bit-international-whql.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.3.65940_AppOnly_setup(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.3.65940_AppOnly_setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.4.66096_AppOnly_setup(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\ActivInspire_v2.4.66096_AppOnly_setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\audacity-win-2.1.0.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\CG.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\DropboxInstaller.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor(2).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor(3).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeVideoEditor.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeYouTube400Download.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\FreeYouTubeDownload.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\GoodSync-Setup-cnetg.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\GoogleEarthProSetup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\GoProStudioPC-2.5.7.549.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Holo Backup Simple ADB Backup - CHIP-Installer.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\InstallMyDriveConnect.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Install_Prezi_5.2.5.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\iTunes6464Setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Jumpian_FullSetup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\jxpiinstall(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\jxpiinstall.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Lame_v3.99.3_for_Windows.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\mbam-setup-2.1.4.1018.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MediaCoder-x64-0.8.33.5680.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MediaCoder-x64-0.8.41.5815.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\mkvtoolnix-amd64-7.4.0-setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\NetDrive2_Setup_2_6_1_689.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\PDF Unlocker - CHIP-Installer.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\PDFCrack - CHIP-Installer.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\prodrenalin-10-full64bit.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\QuickTimeInstaller.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\rcsetup150.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\s3browser-4-9-3.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\setpoint520_g9_x64.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetPoint6.65.62_64.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetPoint6.65.62_smart(1).exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetPoint6.65.62_smart.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetupAnyDVD7550.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SetupAnyDVD7680.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Setup_MakeMKV_v1.9.0.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Setup_MakeMKV_v1.9.1.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Setup_NBox_Test.Exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\siw13-setup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SketchUpPro-de-x64.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\Smart_Switch_PC.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SSELehrer_20.30.147.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\SteamSetup.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\TeamViewer_Setup_de.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\trial_videodeluxe2016premium_dlm_ecom.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\TwonkyManagerStandardSetup-3.1.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\unifying250.exe:BDU AlternateDataStreams: C:\Users\Chris\Downloads\xnsw.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2016-02-24 17:50 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: ActivControl => 2 MSCONFIG\Services: TwonkyProxy => 2 MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TwonkyServer.lnk => C:\Windows\pss\TwonkyServer.lnk.CommonStartup MSCONFIG\startupreg: ActivManager => C:\Program Files\Activ Software\ActivDriver\ActivMgr.exe MSCONFIG\startupreg: Google+ Auto Backup => "C:\Users\Chris\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart HKLM\...\StartupApproved\Run: => "InstallerLauncher" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{F81DA445-0A20-45FC-8F3C-0BE02B3ABB18}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{AA5D992F-3889-4A48-8DDF-CA0DE60CC912}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{C0D3BBA8-B508-4046-93FC-12BC0A6E4D53}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{F88D6433-5C95-4D37-8DF5-77EA668E2A9C}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{7AEA68DA-2252-4F5E-8076-85ACB5294B55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{C52578EF-8E5A-49DD-A039-283EECBF1FFB}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{0CECECD2-71C4-4451-BC77-D2836A59BD42}] => (Allow) LPort=3 FirewallRules: [{48A42C0B-F223-4F10-87C2-BD01209CAA94}] => (Allow) C FirewallRules: [{7F9BE81A-6024-4F95-8E48-E4FA08FBE27B}] => (Allow) C FirewallRules: [{5DBEDD95-C0C2-4640-8881-741671098026}] => (Allow) C FirewallRules: [{D9D56B75-C224-4BC6-9642-EB7198060D6F}] => (Allow) C FirewallRules: [{7F62A092-BC12-476B-BBB6-53461CA4713E}] => (Allow) C FirewallRules: [{DE17DC0E-A3AA-441E-9F05-4DDF2B61FC21}] => (Allow) C FirewallRules: [{22FCAA54-1523-4716-ABA3-A5757DBD1970}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe FirewallRules: [{CF2550B5-9690-47B3-B7A0-D5D129592503}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe FirewallRules: [{8BE80EDF-C82F-410F-9AAD-8E57ED859838}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe FirewallRules: [{015E2CDC-5BF3-49E8-B5A9-B80CD29EB81E}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe FirewallRules: [{A5300B72-AFC8-4C82-B5B3-82E2B938EBCE}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe FirewallRules: [{D7323C18-B3A5-4582-8558-2831CEEF8196}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe FirewallRules: [{F1E198F8-9D99-40C4-B5F2-8A693638A34C}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe FirewallRules: [{F17B068A-E39B-4D40-955E-B66E03274DAF}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe FirewallRules: [{2860BF5E-FC21-474B-89DA-7BE82102FB3E}] => (Allow) C:\Program Files\NetDrive2\nd2svc.exe FirewallRules: [{1174B74E-E4A8-4423-9C28-D3D549F1E163}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{BF82E3FB-2C9B-4A40-ABEF-F1AD88DD71DE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{CD37C495-C1DC-4D80-9E4C-AA56F000B587}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{F7F0D25F-DE63-425E-B6D0-0FAC77CF8183}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{C03A4D85-B5B6-4163-AAED-D92B72DAD52E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{E309845C-1B36-4FD1-B1A0-20FEF36F86C6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{5F334ECD-8481-48B6-86DC-97EFB2CDD91E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{5BB0E675-6DA9-419D-8F3D-1D349BF29D7E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{FAE3138D-FEA0-4535-AB7D-EA6E46B82A05}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{C28CBE78-434B-4189-8B8C-3446BB415BC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{87CB2900-DCC7-4B1E-91B7-9EAA3FA21D33}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{ECFEE597-159C-406E-A5F2-491E6FA38062}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AF1CB072-0379-4918-92ED-E8F9A9CCA6B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{FD3BBE53-7E80-439B-9F0D-6A94D20C60F1}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{9128E7DA-F5DD-42D6-9CFB-257FC672AC62}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{75F81465-0498-4BAD-A5DC-6D856F7404B9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{6DA4CDF8-8CF9-46AC-9AC2-B725022CD225}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{1315387C-50E7-4F21-9A52-B95FDD2963A2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe FirewallRules: [{651E8259-6B09-49D0-A75C-788A0CE02416}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\STALKER Clear Sky\bin\xrEngine.exe FirewallRules: [{84E7850B-7399-4C46-9D4C-8A3856342BCC}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{316C7C74-FCED-483D-91B4-523C1AC33CF3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{4314ECF5-ADD9-40E3-B71E-6BAC1C41EBF9}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Modern Warfare 3\iw5sp.exe FirewallRules: [{18CD0A41-B660-4A3F-BFFB-D3BA6B20F5B6}] => (Allow) C:\Program Files\MAGIX\Video deluxe 2016 Premium\Videodeluxe.exe FirewallRules: [{02D0A772-2760-4566-8C95-120E142967AC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{918AF8DD-F501-4C4D-A2CB-00C7A8EF3221}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{95B32B05-27AF-4608-B17C-7841E05D66BC}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe FirewallRules: [{2E01AE2E-D438-4BB4-9F31-4570CD54B670}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{0D825679-4D21-45C9-8332-63AB48E275FF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{CEEBA497-C853-4894-9F51-DCEEC0FED989}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{08E59C8B-6D4C-4A8F-A9C3-0D53E4D644A4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{DA82BCE4-5D3E-4960-AACD-946C896DE138}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{841E2F4F-6E7D-4C21-AEAC-14EA4350E943}] => (Allow) C:\Program Files (x86)\Max Driver Updater\maxdu.exe ==================== Wiederherstellungspunkte ========================= 08-02-2016 11:39:00 Geplanter Prüfpunkt 18-02-2016 16:09:04 Geplanter Prüfpunkt 23-02-2016 18:34:41 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 25-02-2016 08:22:18 Prüfpunkt von HitmanPro ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (02/25/2016 09:44:17 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm AdwCleaner_5.036.exe, Version 5.0.3.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 309c Startzeit: 01d16fa893dbf4de Beendigungszeit: 4 Anwendungspfad: C:\Users\Chris\Downloads\AdwCleaner_5.036.exe Berichts-ID: f23cb5a5-db9b-11e5-814c-448a5b2b9575 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (02/25/2016 09:41:11 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm AdwCleaner_5.036.exe, Version 5.0.3.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1cb8 Startzeit: 01d16fa8283efa5f Beendigungszeit: 2 Anwendungspfad: C:\Users\Chris\Downloads\AdwCleaner_5.036.exe Berichts-ID: 83a25a73-db9b-11e5-814c-448a5b2b9575 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (02/25/2016 09:39:26 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm AdwCleaner_5.036.exe, Version 5.0.3.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 2358 Startzeit: 01d16fa7d85e2ab7 Beendigungszeit: 12 Anwendungspfad: C:\Users\Chris\Downloads\AdwCleaner_5.036.exe Berichts-ID: 44ea89f9-db9b-11e5-814c-448a5b2b9575 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (02/25/2016 09:37:57 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm AdwCleaner_5.036.exe, Version 5.0.3.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 20a4 Startzeit: 01d16fa7b8fbe18d Beendigungszeit: 13 Anwendungspfad: C:\Users\Chris\Downloads\AdwCleaner_5.036.exe Berichts-ID: 0fc53f76-db9b-11e5-814c-448a5b2b9575 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (02/25/2016 09:37:07 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm AdwCleaner_5.036.exe, Version 5.0.3.6 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 19d8 Startzeit: 01d16fa739ca53b3 Beendigungszeit: 4 Anwendungspfad: C:\Users\Chris\Downloads\AdwCleaner_5.036.exe Berichts-ID: f1db373e-db9a-11e5-814c-448a5b2b9575 Vollständiger Name des fehlerhaften Pakets: Auf das fehlerhafte Paket bezogene Anwendungs-ID: Error: (02/25/2016 08:22:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (02/25/2016 08:22:18 AM) (Source: VSS) (EventID: 8194) (User: ) Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert . Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess. Vorgang: Generatordaten werden gesammelt Kontext: Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220} Generatorname: System Writer Generatorinstanz-ID: {a1500588-7b9a-4897-8ec8-a242ea1b2a39} Error: (02/25/2016 08:02:48 AM) (Source: ESENT) (EventID: 454) (User: ) Description: svchost (1540) SRUJet: Unerwarteter Fehler "-1216" bei der Datenbankwiederherstellung. Error: (02/25/2016 08:02:48 AM) (Source: ESENT) (EventID: 494) (User: ) Description: svchost (1540) SRUJet: Fehler -1216 bei der Datenbankwiederherstellung, da Verweise auf die Datenbank "C:\WINDOWS\system32\SRU\SRUDB.dat" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung. Error: (02/25/2016 08:02:18 AM) (Source: ESENT) (EventID: 530) (User: ) Description: svchost (2844) TILEREPOSITORYS-1-5-21-2784361696-2099732649-3132497725-1001: Fehler bei der Überprüfung der aus Datei "C:\Users\Chris\AppData\Local\TileDataLayer\Database\vedatamodel.edb" bei Offset 258048 (0x000000000003f000) (Datenbankseite 62 (0x3E)) für 4096 (0x00001000) Bytes gelesenen Datenbankseite durch eine Inkonsistenz des Zeitstempels für verlorene Leerungserkennung. Der Lesevorgang wird mit dem Fehler "-1119 (0xfffffba1)" beendet. Wenn dieser Zustand andauert, stellen Sie die Datenbank mithilfe einer früheren Sicherung wieder her. Dieses Problem wird wahrscheinlich durch fehlerhafte Hardware verursacht. Wenden Sie sich an den Hardwarehersteller, um Hilfe bei der Problemdiagnose zu erhalten. Systemfehler: ============= Error: (02/25/2016 09:52:04 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (02/25/2016 09:51:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_541bd" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 09:51:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _541bd" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 09:51:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_541bd" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 09:51:43 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_541bd" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (02/25/2016 09:51:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/25/2016 09:51:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/25/2016 09:51:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BrYNSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/25/2016 09:51:16 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (02/25/2016 09:51:16 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-02-11 07:46:12.646 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.624 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.601 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.564 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.553 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:12.541 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:11.942 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:46:11.866 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:42:22.981 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements. Date: 2016-02-11 07:42:22.962 Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume1\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Xeon(R) CPU E3-1240 v3 @ 3.40GHz Prozentuale Nutzung des RAM: 17% Installierter physikalischer RAM: 16324.79 MB Verfügbarer physikalischer RAM: 13443.28 MB Summe virtueller Speicher: 32708.79 MB Verfügbarer virtueller Speicher: 29566.39 MB ==================== Laufwerke ================================ Drive c: (Win7Prox64) (Fixed) (Total:223.13 GB) (Free:57.22 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Volume) (Fixed) (Total:931.51 GB) (Free:160.99 GB) NTFS Drive g: (Work) (Fixed) (Total:238.47 GB) (Free:16.47 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 96F600A9) Partition 1: (Active) - (Size=223.1 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 54ED8154) Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS) ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 341E10E5) Partition 1: (Not Active) - (Size=238.5 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
27.02.2016, 15:08 | #8 |
/// Malwareteam | Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Hi, besteht das Problem noch? |
27.02.2016, 15:28 | #9 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Ja, leider. Es werden ab und zu noch falsche Seiten im Browser geöffnet. |
27.02.2016, 16:14 | #10 |
/// Malwareteam | Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen In allen Browsern? |
27.02.2016, 18:16 | #11 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Mh, ich habe jetzt einmal ein paar Minuten Chome und Edge benutzt, dort ist nichts passiert. Bei Firefox (benutze ich hauptsächlich) ist das ganze aber nicht reproduzierbar, da es zufällig auftritt und vielleicht nur so alle 20-40 Klicks. Außerdem blockt glaube ich Firefox und Kaspersky auch noch ein paar unerwünscht Popups. Gruß Chris |
27.02.2016, 20:56 | #12 |
/// Malwareteam | Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Hi, dann müssen wir den wohl zurücksetzen. Lade Dir bitte von hier Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Danach neu herunterladen und installieren, direkt nach der Installation das hier machen. |
28.02.2016, 13:21 | #13 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Habe ich gemacht, alle Punkte durchgegangen, hat aber leider nichts geholfen. Als ich unter dem Thread auf das Feld "Direkt antworten" klicken wollte, um zu schreiben, dass ich das gemacht habe, hat sich direkt wieder ein neuer Tab geöffnet. Ich gehe davon aus, dass das nicht zur normalen Werbung auf dem Board gehört? Top Russian girls |
28.02.2016, 13:25 | #14 |
/// Malwareteam | Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen Hi, Schritt # 1: FRST-Fix Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter AutoConfigURL: [S-1-5-21-2784361696-2099732649-3132497725-1001] => hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 ManualProxies: 0hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 RemoveProxy: EmptyTemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt # 2: FRST Und noch ein frisches FRST-Log bitte. Schritt # 3: Bitte Posten
|
28.02.2016, 13:54 | #15 |
| Browser öffnet falsche Seiten, Hitman kann Programme nicht löschenCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:24-02-2016 durchgeführt von Chris (2016-02-28 13:50:04) Run:1 Gestartet von C:\Users\Chris\Desktop Geladene Profile: Chris (Verfügbare Profile: Chris & DefaultAppPool) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** AutoConfigURL: [S-1-5-21-2784361696-2099732649-3132497725-1001] => hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 ManualProxies: 0hxxp://stop-block.org/wpad.dat?14be45c3cd67c5c8889f4abe802ea9796681465 RemoveProxy: EmptyTemp: ***************** HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => Wert erfolgreich entfernt HKLM\SYSTEM\CurrentControlSet\services\NlaSvc\Parameters\Internet\ManualProxies\\ => Wert erfolgreich entfernt ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt ========= Ende von RemoveProxy: ========= EmptyTemp: => 1.6 GB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 13:51:57 ==== Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:24-02-2016 durchgeführt von Chris (Administrator) auf CHRIS-PC (28-02-2016 13:54:06) Gestartet von C:\Users\Chris\Desktop Geladene Profile: Chris (Verfügbare Profile: Chris & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe () C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe (PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe () C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (AK) C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComServer.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.10586.0_none_95e4f9a171a1ad95\TiWorker.exe (Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avpui.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.5\GoogleCrashHandler64.exe (NVIDIA Corporation) C:\Users\Chris\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Mozilla Corporation) C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Program Files\Siber Systems\GoodSync\GoodSync.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (SlySoft, Inc.) C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe (PacketVideo) C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe (Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE () C:\Program Files (x86)\SlySoft\AnyDVD\ADvdDiscHlp64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE (GoPro) C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\wmi64.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7192792 2013-07-06] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-12-17] (Apple Inc.) HKLM\...\Run: [InstallerLauncher] => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-4848-A706-AA244FA25FEA}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{09FE2C2E-BB0D-48 (Der Dateneintrag hat 36 mehr Zeichen). HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-09-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.) HKLM-x32\...\Run: [CloneCDTray] => C:\Program Files (x86)\SlySoft\CloneCD\CloneCDTray.exe [57344 2009-01-29] (SlySoft, Inc.) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-04-28] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217632 2015-07-07] (Geek Software GmbH) HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25122080 2016-02-16] (Dropbox, Inc.) HKLM-x32\...\Run: [GoPro Studio Importer] => C:\Program Files (x86)\GoPro\Tools\Importer\GoPro Importer.exe [3218184 2015-10-02] (GoPro) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [GoodSync] => C:\Program Files\Siber Systems\GoodSync\GoodSync.exe [12974600 2015-11-24] () HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Google Update] => C:\Users\Chris\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe" HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\...\Run: [AnyDVD] => C:\Program Files (x86)\SlySoft\AnyDVD\AnyDVDtray.exe [9681832 2016-01-14] (SlySoft, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64\FileSyncShell64.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Chris\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileSyncShell.dll [2016-02-08] (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.33.dll [2016-02-16] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TwonkyServer.lnk [2014-12-01] ShortcutTarget: TwonkyServer.lnk -> C:\Program Files (x86)\Twonky\TwonkyServer\twonkytray.exe (PacketVideo) Startup: C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-02-26] ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{288d840f-bed8-48df-8c41-5268d704db33}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/ HKU\S-1-5-21-2784361696-2099732649-3132497725-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> DefaultScope {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-2784361696-2099732649-3132497725-1001 -> {D6DCFD13-12D1-4449-B822-6F032720BC82} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-23] (Microsoft Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-02-23] (Microsoft Corporation) BHO: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-23] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssv.dll [2016-02-09] (Oracle Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2014-05-19] (Logitech, Inc.) BHO-x32: Kaspersky Protection plugin -> {C66D064F-82FE-4E1A-B06A-B2490BA48B18} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-09] (Oracle Corporation) Toolbar: HKLM - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection toolbar - {3507FA00-ADA2-4A02-99B9-51AD26CA9120} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\IEExt\ie_plugin.dll [2016-02-24] (AO Kaspersky Lab) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Chris\AppData\Roaming\Mozilla\Firefox\Profiles\b9p95ct9.default-1456661662965 FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-30] (VideoLAN) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-09] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files (x86)\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-09] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2014-02-13] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3503.0728 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2012-07-28] (Microsoft Corporation) FF Plugin-x32: @networksurveillance.com/camclictrl -> C:\Program Files (x86)\NetworkSurveillanceNP\npCamCliCtrl.dll [2012-04-10] () FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Chris\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-11-19] (Citrix Online) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Chris\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-08] (Google Inc.) FF Plugin HKU\S-1-5-21-2784361696-2099732649-3132497725-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chris\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-24] (Unity Technologies ApS) FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2015-07-08] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\FFExt\light_plugin_firefox [2016-02-24] StartMenuInternet: FIREFOX.EXE - C:\Users\Chris\AppData\Local\Mozilla Firefox\firefox.exe Chrome: ======= CHR HKLM\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [eahebamiopdhefndnmappcihfajigkka] - hxxps://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka CHR HKLM-x32\...\Chrome\Extension: [ocbnpbkmjpgbdcgiflkgkpnkinifpgpj] - C:\Users\Chris\ChromeExtensions\ocbnpbkmjpgbdcgiflkgkpnkinifpgpj\amazon-icon-2.crx [2015-02-19] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AAV UpdateService; C:\Program Files (x86)\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe [128296 2008-10-24] () R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 AVP16.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\avp.exe [194000 2016-02-24] (Kaspersky Lab ZAO) R2 BRA_Scheduler; C:\Program Files (x86)\Brother\BRAdmin Professional 3\bratimer.exe [99328 2013-05-31] () [Datei ist nicht signiert] R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert] R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation) S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.) S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2015-12-10] (Dropbox, Inc.) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-11-17] (Digital Wave Ltd.) R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation) S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-02-14] () R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [887352 2016-01-28] (Bitdefender) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6940944 2016-02-16] (TeamViewer GmbH) R2 TwonkyProxy; C:\Program Files (x86)\Twonky\TwonkyServer\twonkyproxy.exe [881480 2013-04-19] () R2 TwonkyServer; C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe [586568 2013-04-19] (PacketVideo) R2 VirtualComService; C:\Program Files (x86)\AK-NORD\AK-VirtualCom\VirtualComService.exe [16384 2015-06-27] (AK) [Datei ist nicht signiert] S3 vssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\x64\vssbridge64.exe [144640 2015-07-09] (AO Kaspersky Lab) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-12-28] (SlySoft, Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO) S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] () S3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) S3 ElbyCDFL; C:\Windows\SysWOW64\Drivers\ElbyCDFL.sys [40648 2007-02-16] (SlySoft, Inc.) R3 evserial7; C:\Windows\System32\drivers\evserial7.sys [71432 2011-10-31] (ELTIMA Software) R3 Ke2200; C:\Windows\System32\drivers\e22w7x64.sys [165824 2013-05-07] (Qualcomm Atheros, Inc.) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-06-22] (Kaspersky Lab ZAO) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [70512 2015-06-27] (Kaspersky Lab ZAO) R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [68280 2015-06-06] (Kaspersky Lab ZAO) S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab) R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [181640 2016-02-24] (AO Kaspersky Lab) R1 klhk; C:\Windows\system32\DRIVERS\klhk.sys [227512 2016-02-24] (AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [934272 2016-02-24] (AO Kaspersky Lab) R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [39608 2015-06-11] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [41656 2015-06-06] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [41352 2016-02-24] (AO Kaspersky Lab) R1 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2016-02-24] (Kaspersky Lab ZAO) R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [102584 2015-06-16] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [187056 2015-06-23] (Kaspersky Lab ZAO) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-08-08] (Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47976 2015-07-03] (NVIDIA Corporation) R2 Sentinel64; C:\Windows\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.) S3 SIVDriver; C:\Windows\system32\Drivers\SIVX64.sys [143096 2013-09-14] (Ray Hinchliffe) R3 VSBC7; C:\Windows\System32\drivers\evsbc7.sys [36616 2011-10-31] (ELTIMA Software) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-28 13:53 - 2016-02-28 13:53 - 00000000 ___HD C:\OneDriveTemp 2016-02-28 13:50 - 2016-02-28 13:51 - 00001751 _____ C:\Users\Chris\Desktop\Fixlog.txt 2016-02-28 13:16 - 2016-02-28 13:16 - 00987728 _____ (Google Inc.) C:\Users\Chris\Downloads\ChromeSetup.exe 2016-02-28 13:13 - 2016-02-28 13:14 - 00000000 ____D C:\Users\Chris\Desktop\Alte Firefox-Daten 2016-02-28 13:12 - 2016-02-28 13:12 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-02-28 13:12 - 2016-02-28 13:12 - 00001337 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-02-28 13:12 - 2016-02-28 13:12 - 00000000 ____D C:\Users\Chris\AppData\Local\Mozilla Firefox 2016-02-28 13:11 - 2016-02-28 13:11 - 00242312 _____ C:\Users\Chris\Downloads\Firefox Setup Stub 44.0.2.exe 2016-02-28 13:07 - 2016-02-28 13:07 - 00001406 _____ C:\Users\Chris\Desktop\Revo Uninstaller.lnk 2016-02-28 13:07 - 2016-02-28 13:07 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller 2016-02-28 13:07 - 2016-02-28 13:07 - 00000000 ____D C:\Program Files (x86)\VS Revo Group 2016-02-28 13:06 - 2016-02-28 13:06 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Chris\Downloads\revosetup95.exe 2016-02-27 15:56 - 2016-02-27 15:56 - 12499225 _____ C:\Users\Chris\Downloads\7821v1.0(G52-78211X3)(Z87-G45 GAMING)EURO.pdf 2016-02-27 15:56 - 2016-02-27 15:56 - 00000189 _____ C:\siw_debug.txt 2016-02-27 15:34 - 2016-02-27 15:34 - 11446294 _____ C:\Users\Chris\Downloads\M7821v1.0_EURO.zip 2016-02-27 11:27 - 2016-02-27 11:27 - 00042696 _____ C:\Users\Chris\Downloads\Ihre Retourenmarke Herr Noack.pdf 2016-02-26 18:36 - 2016-02-26 18:36 - 00000000 ____D C:\Users\Chris\Documents\OneNote-Notizbücher 2016-02-25 21:46 - 2016-02-25 21:47 - 00000000 ____D C:\Users\Chris\Desktop\Hilde 2016-02-25 21:43 - 2016-02-25 21:43 - 00580298 _____ C:\Users\Chris\Downloads\gästehaus_Westerburg.pdf 2016-02-25 21:42 - 2016-02-25 21:42 - 00562682 _____ C:\Users\Chris\Downloads\Guest_house_Westerburg_2_.pdf 2016-02-25 21:38 - 2016-02-25 21:38 - 00775803 _____ C:\Users\Chris\Downloads\Organigramm.pdf 2016-02-25 09:53 - 2016-02-28 13:54 - 00031089 _____ C:\Users\Chris\Desktop\FRST.txt 2016-02-25 09:53 - 2016-02-25 09:54 - 00076346 _____ C:\Users\Chris\Desktop\Addition.txt 2016-02-25 09:33 - 2016-02-25 09:51 - 00000000 ____D C:\AdwCleaner 2016-02-25 09:33 - 2016-02-25 09:33 - 01511936 _____ C:\Users\Chris\Desktop\AdwCleaner_5.036.exe 2016-02-25 09:23 - 2016-02-28 13:54 - 00000000 ____D C:\FRST 2016-02-25 09:23 - 2016-02-25 09:24 - 00078828 _____ C:\Users\Chris\Downloads\FRST.txt 2016-02-25 09:23 - 2016-02-25 09:24 - 00078224 _____ C:\Users\Chris\Downloads\Addition.txt 2016-02-25 09:21 - 2016-02-25 09:23 - 02371072 _____ (Farbar) C:\Users\Chris\Desktop\FRST64.exe 2016-02-25 09:19 - 2016-02-25 09:19 - 1148901522 _____ C:\WINDOWS\MEMORY.DMP 2016-02-25 09:19 - 2016-02-25 09:19 - 00256044 _____ C:\WINDOWS\Minidump\022516-7250-01.dmp 2016-02-25 09:19 - 2016-02-25 09:19 - 00000000 ____D C:\WINDOWS\Minidump 2016-02-25 09:10 - 2016-02-25 09:19 - 00000000 ____D C:\Users\Chris\AppData\Local\FSDART 2016-02-25 09:10 - 2016-02-25 09:12 - 02314488 _____ C:\Users\Chris\Downloads\avira_pc_cleaner_de.exe 2016-02-25 09:10 - 2016-02-25 09:10 - 00000000 ____D C:\Users\Chris\AppData\Local\F-Secure 2016-02-25 09:10 - 2016-02-25 09:10 - 00000000 ____D C:\ProgramData\F-Secure 2016-02-25 09:09 - 2016-02-25 09:10 - 00524248 _____ (F-Secure Corporation) C:\Users\Chris\Downloads\F-SecureOnlineScanner.exe 2016-02-25 08:23 - 2016-02-25 08:59 - 00001592 _____ C:\WINDOWS\system32\.crusader 2016-02-25 08:16 - 2016-02-25 08:23 - 00000000 ____D C:\ProgramData\HitmanPro 2016-02-25 08:16 - 2016-02-25 08:16 - 11443792 _____ (SurfRight B.V.) C:\Users\Chris\Desktop\hitmanpro_x64.exe 2016-02-25 08:13 - 2016-02-25 08:13 - 00001618 _____ C:\Users\Chris\Desktop\Mozilla Firefox.lnk 2016-02-24 18:56 - 2016-02-28 13:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2016-02-24 18:56 - 2016-02-24 19:01 - 00934272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys 2016-02-24 18:56 - 2016-02-24 19:01 - 00181640 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys 2016-02-24 18:56 - 2016-02-24 18:57 - 00227512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys 2016-02-24 18:56 - 2016-02-24 18:56 - 00002588 _____ C:\Users\Chris\Desktop\Sicherer Zahlungsverkehr.lnk 2016-02-24 18:56 - 2016-02-24 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2016-02-24 18:56 - 2016-02-24 18:56 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab 2016-02-24 18:56 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll 2016-02-24 18:53 - 2016-02-24 18:55 - 173986008 _____ (Kaspersky Lab) C:\Users\Chris\Downloads\kis16.0.0.614de-de.exe 2016-02-24 18:51 - 2016-02-24 18:51 - 00235717 _____ C:\ProgramData\1456336221.bdinstall.bin 2016-02-24 17:40 - 2016-02-24 17:40 - 00000000 ____D C:\Users\Chris\AppData\Roaming\LibreOffice 2016-02-24 17:39 - 2016-02-24 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.1 2016-02-24 17:39 - 2016-02-24 17:39 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5 2016-02-24 17:37 - 2016-02-24 17:38 - 221544448 _____ C:\Users\Chris\Downloads\LibreOffice_5.1.0_Win_x86.msi 2016-02-23 18:33 - 2016-02-23 18:34 - 09121063 _____ C:\Users\Chris\Downloads\Partizipation.pdf 2016-02-23 18:33 - 2016-02-23 18:33 - 01823265 _____ C:\Users\Chris\Downloads\Handbuch_Demokratie_14_11.pdf 2016-02-23 18:33 - 2016-02-23 18:33 - 00226841 _____ C:\Users\Chris\Downloads\2006_finale_demokratie_lernen.pdf 2016-02-23 18:31 - 2016-02-23 18:31 - 00168240 _____ C:\Users\Chris\Downloads\ia.pdf 2016-02-23 11:57 - 2016-02-23 11:57 - 02130774 _____ C:\Users\Chris\Downloads\antivirus-test-2016-tabelle.pdf 2016-02-22 19:46 - 2016-02-22 19:46 - 00083159 _____ C:\Users\Chris\Downloads\2011-11-04_PM_Weiss_ehrt-Jubilare.pdf 2016-02-19 19:57 - 2016-02-19 19:57 - 00000000 ____D C:\Users\Chris\Desktop\Tieraufnahmen 2016-02-19 19:44 - 2016-02-19 19:44 - 01309440 _____ C:\Users\Chris\Downloads\BedienungsanleitungJumpian.pdf 2016-02-19 19:39 - 2016-02-19 19:39 - 00000000 ____D C:\Users\Chris\Documents\Mikogo 2016-02-19 19:39 - 2016-02-19 19:39 - 00000000 ____D C:\Users\Chris\AppData\Local\Mikogo 2016-02-19 14:01 - 2016-02-19 14:19 - 00009355 _____ C:\Users\Chris\Desktop\Schülerliste.xlsx 2016-02-19 13:49 - 2016-02-19 13:49 - 00000000 ____D C:\Users\Chris\AppData\Local\Synnotech_AG 2016-02-19 13:49 - 2016-02-19 13:49 - 00000000 ____D C:\Users\Chris\AppData\Local\Synnotech AG 2016-02-19 13:48 - 2016-02-19 13:48 - 00002142 _____ C:\Users\Public\Desktop\Jumpian.lnk 2016-02-19 13:48 - 2016-02-19 13:48 - 00000035 _____ C:\ProgramData\Jumpian.global 2016-02-19 13:48 - 2016-02-19 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jumpian 2016-02-19 13:38 - 2016-02-19 13:38 - 00000000 ____D C:\Users\Chris\AppData\Roaming\SumatraPDF 2016-02-19 13:33 - 2016-02-19 13:33 - 00000098 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc 2016-02-19 13:32 - 2016-02-19 13:48 - 00000000 ____D C:\Program Files (x86)\Synnotech AG 2016-02-19 13:23 - 2016-02-19 13:23 - 88427288 _____ (Synnotech AG) C:\Users\Chris\Downloads\Jumpian_FullSetup.exe 2016-02-19 12:36 - 2016-02-19 12:36 - 11986608 _____ (AWIN-Software ) C:\Users\Chris\Downloads\Setup_NBox_Test.Exe 2016-02-19 11:42 - 2016-02-19 11:42 - 00347816 _____ (Microsoft Corporation) C:\Users\Chris\Downloads\MicrosoftFixit.HomeGroup.Run(1).exe 2016-02-19 10:19 - 2016-02-19 10:19 - 00213883 _____ C:\Users\Chris\Downloads\Richtlinie_VII.pdf 2016-02-19 10:18 - 2016-02-19 10:18 - 00075165 _____ C:\Users\Chris\Downloads\Richtlinie I.pdf 2016-02-19 10:15 - 2016-02-19 10:15 - 00091517 _____ C:\Users\Chris\Downloads\Richtlinie_II NEU ab 0712(1).pdf 2016-02-19 10:13 - 2016-02-19 10:13 - 00091517 _____ C:\Users\Chris\Downloads\Richtlinie_II NEU ab 0712.pdf 2016-02-19 09:58 - 2016-02-19 09:58 - 00014293 _____ C:\Users\Chris\Downloads\Auschreibung_Schulleitungen.pdf 2016-02-18 18:19 - 2016-02-18 18:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-02-16 06:50 - 2016-02-16 07:31 - 00000000 ____D C:\Users\Chris\Desktop\Tiny 2016-02-16 06:45 - 2016-02-16 06:45 - 00002007 _____ C:\Users\Public\Desktop\Prezi Desktop.lnk 2016-02-15 20:27 - 2016-02-15 20:27 - 00012298 _____ C:\Users\Chris\Downloads\0901c413ae7dccfa.pdf 2016-02-15 20:25 - 2016-02-15 20:25 - 00012389 _____ C:\Users\Chris\Downloads\0901c413b050b57c.pdf 2016-02-15 20:25 - 2016-02-15 20:25 - 00012209 _____ C:\Users\Chris\Downloads\0901c413b26b93f5.pdf 2016-02-14 20:53 - 2016-02-14 20:53 - 00012307 _____ C:\Users\Chris\Downloads\0901c413b1cf0115(1).pdf 2016-02-14 18:54 - 2016-02-14 18:54 - 00058215 _____ C:\Users\Chris\Downloads\embudu.availabilty-2015.pdf 2016-02-14 18:40 - 2016-02-14 18:40 - 00527683 _____ C:\Users\Chris\Downloads\tui_com-mangrove_bay_resort.pdf 2016-02-12 09:45 - 2016-02-12 09:45 - 03501420 _____ C:\Users\Chris\Downloads\1997 - Heft 1 (38).pdf 2016-02-12 09:44 - 2016-02-12 09:44 - 09459863 _____ C:\Users\Chris\Downloads\Exemplare_Izuhara_neu.pdf 2016-02-12 09:44 - 2016-02-12 09:44 - 06370816 _____ C:\Users\Chris\Downloads\sportm_Diagnostik_LV2_groß.pdf 2016-02-12 09:27 - 2016-02-12 09:27 - 00076888 _____ C:\Users\Chris\Downloads\Wiener Koordinationsparcour.pdf 2016-02-12 09:24 - 2016-02-12 09:24 - 01672046 _____ C:\Users\Chris\Downloads\Video_Bewegungsformen zur Musik.wmv 2016-02-12 09:24 - 2016-02-12 09:24 - 00016727 _____ C:\Users\Chris\Downloads\Beschreibung_Bewegungsformen zur Musik.pdf 2016-02-12 09:22 - 2016-02-12 09:22 - 03165790 _____ C:\Users\Chris\Downloads\LA_Koordinationspacours_Maenner.wmv 2016-02-12 09:16 - 2016-02-12 09:16 - 00129853 _____ C:\Users\Chris\Downloads\motorik_modul.pdf 2016-02-12 09:15 - 2016-02-12 09:15 - 00117260 _____ C:\Users\Chris\Downloads\muenchener_fitness_test.pdf 2016-02-10 18:19 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-10 18:19 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-10 18:19 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-10 18:19 - 2016-01-27 07:15 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-02-10 18:19 - 2016-01-27 07:01 - 07476064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-02-10 18:19 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-10 18:19 - 2016-01-27 07:01 - 01819720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-02-10 18:19 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-10 18:19 - 2016-01-27 06:57 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-02-10 18:19 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-10 18:19 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-10 18:19 - 2016-01-27 06:56 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-02-10 18:19 - 2016-01-27 06:55 - 05242496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-02-10 18:19 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-10 18:19 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-10 18:19 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-10 18:19 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-10 18:19 - 2016-01-27 06:45 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-02-10 18:19 - 2016-01-27 06:45 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-02-10 18:19 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-10 18:19 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-10 18:19 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-10 18:19 - 2016-01-27 06:37 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-02-10 18:19 - 2016-01-27 06:37 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-02-10 18:19 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-10 18:19 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-10 18:19 - 2016-01-27 06:13 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-02-10 18:19 - 2016-01-27 06:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-02-10 18:19 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-10 18:19 - 2016-01-27 06:10 - 22394368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-02-10 18:19 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-10 18:19 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-10 18:19 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-10 18:19 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 19339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 18678272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-02-10 18:19 - 2016-01-27 06:05 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-02-10 18:19 - 2016-01-27 06:04 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-02-10 18:19 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-10 18:19 - 2016-01-27 06:03 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-02-10 18:19 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-10 18:19 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-10 18:19 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-10 18:19 - 2016-01-27 05:58 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-02-10 18:19 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-10 18:19 - 2016-01-27 05:55 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-02-10 18:19 - 2016-01-27 05:55 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-02-10 18:19 - 2016-01-27 05:54 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-02-10 18:19 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 02230784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 01504768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-02-10 18:19 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-10 18:19 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-10 18:19 - 2016-01-27 05:48 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-02-10 18:19 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-10 18:19 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-10 18:19 - 2016-01-27 05:41 - 03592704 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-02-10 18:19 - 2016-01-27 05:39 - 02275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-02-10 18:19 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-10 18:19 - 2016-01-27 05:38 - 01734656 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-02-10 18:19 - 2016-01-27 05:37 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-02-10 18:19 - 2016-01-27 05:36 - 02757120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-02-10 18:19 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-10 18:19 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll 2016-02-09 21:47 - 2016-02-09 21:47 - 00156356 _____ C:\Users\Chris\Downloads\Naehrmedienuebersicht.pdf 2016-02-09 10:05 - 2016-02-09 10:05 - 02104773 _____ C:\Users\Chris\Downloads\TAPUCATE-ImportExport-Handbuch.pdf 2016-02-09 08:33 - 2016-02-09 08:33 - 00227517 _____ C:\Users\Chris\Downloads\Flyer_Conchotomie.pdf 2016-02-09 07:46 - 2016-02-09 07:46 - 00017057 _____ C:\Users\Chris\Downloads\NDM Halle 2016_neuer Zpl.pdf 2016-02-09 06:42 - 2016-02-09 06:42 - 00513670 _____ C:\Users\Chris\Downloads\Info_AdrliImportThunderb.pdf 2016-02-08 16:32 - 2016-02-08 16:32 - 00000000 ____D C:\ProgramData\proDAD 2016-02-08 11:05 - 2016-02-08 11:05 - 00075462 _____ C:\Users\Chris\Downloads\Kontoauszug_48949100__Nr.0012016_vom_29.01.2016_20160208110535.pdf 2016-02-08 11:05 - 2016-02-08 11:05 - 00063730 _____ C:\Users\Chris\Downloads\Mitteilung_48949100_vom_29.01.2016_20160208110527.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-02-28 13:54 - 2014-03-11 08:06 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA.job 2016-02-28 13:53 - 2015-12-10 21:49 - 00000000 ___RD C:\Users\Chris\OneDrive 2016-02-28 13:53 - 2015-12-07 20:03 - 00000000 ____D C:\Program Files (x86)\Steam 2016-02-28 13:53 - 2014-12-01 18:50 - 00000000 ____D C:\ProgramData\TwonkyServer 2016-02-28 13:53 - 2014-02-14 11:00 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Dropbox 2016-02-28 13:53 - 2014-02-13 18:08 - 00000000 ____D C:\Users\Chris\AppData\Roaming\GoodSync 2016-02-28 13:52 - 2015-12-10 22:33 - 00001226 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job 2016-02-28 13:52 - 2015-12-10 21:51 - 00000000 ____D C:\Program Files\Bitdefender Agent 2016-02-28 13:52 - 2015-12-10 21:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-02-28 13:52 - 2015-12-10 21:40 - 00000000 ____D C:\ProgramData\NVIDIA 2016-02-28 13:52 - 2015-10-30 07:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI 2016-02-28 13:52 - 2014-05-11 18:32 - 00000000 ____D C:\ProgramData\TEMP 2016-02-28 13:52 - 2014-02-13 18:13 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-02-28 13:52 - 2014-02-13 17:59 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-02-28 13:38 - 2015-12-10 22:33 - 00001230 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job 2016-02-28 13:26 - 2014-02-13 17:59 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-02-28 13:15 - 2014-02-13 17:59 - 00000000 ____D C:\Users\Chris\AppData\Local\Google 2016-02-28 13:10 - 2014-02-14 10:48 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-02-28 13:08 - 2015-12-10 21:59 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{A13CF640-DD3C-4431-86D8-A0C3483E4A19} 2016-02-27 16:45 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-02-27 11:41 - 2014-02-13 18:13 - 00000000 ____D C:\Users\Chris\AppData\Roaming\vlc 2016-02-27 11:38 - 2014-03-04 13:03 - 00000000 ____D C:\Users\Chris\AppData\Roaming\DVDVideoSoft 2016-02-27 11:27 - 2014-02-13 18:19 - 00000336 _____ C:\WINDOWS\BRCALIB.INI 2016-02-27 09:54 - 2014-03-11 08:06 - 00001086 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core.job 2016-02-26 16:09 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-02-25 09:58 - 2015-12-10 21:40 - 02089590 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-02-25 09:58 - 2015-10-30 19:35 - 00889114 _____ C:\WINDOWS\system32\perfh007.dat 2016-02-25 09:58 - 2015-10-30 19:35 - 00197696 _____ C:\WINDOWS\system32\perfc007.dat 2016-02-25 09:58 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-02-25 09:45 - 2015-12-10 21:41 - 00000000 ____D C:\Users\Chris 2016-02-25 09:30 - 2014-02-14 18:44 - 00001127 _____ C:\Users\Chris\Desktop\MediaCoder x64.lnk 2016-02-25 09:08 - 2014-02-13 18:20 - 00000000 ____D C:\Users\Chris\AppData\Roaming\QuickScan 2016-02-25 08:10 - 2015-11-19 07:44 - 00000000 ____D C:\Users\Chris\AppData\Local\Citrix 2016-02-25 07:43 - 2014-05-15 06:41 - 00000000 ____D C:\Users\Chris\AppData\Roaming\dvdcss 2016-02-24 20:17 - 2015-12-05 11:20 - 00000000 ____D C:\Users\Chris\Documents\MassFaces 2016-02-24 19:01 - 2015-06-26 23:58 - 00087944 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\Drivers\klwfp.sys 2016-02-24 19:01 - 2015-06-08 19:43 - 00041352 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klpd.sys 2016-02-24 18:56 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-02-24 18:56 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-02-24 18:56 - 2015-04-11 10:42 - 00000000 ____D C:\Users\Administrator 2016-02-24 18:56 - 2009-07-14 04:20 - 00000000 ____D C:\Users\Default.migrated 2016-02-24 18:52 - 2015-12-10 21:59 - 00000000 ____D C:\Program Files\Bitdefender 2016-02-24 18:52 - 2015-12-10 21:39 - 00526824 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-02-24 18:51 - 2014-02-13 18:20 - 00000000 ____D C:\ProgramData\Bitdefender 2016-02-24 18:50 - 2014-02-13 18:28 - 00762291 _____ C:\bdlog.txt 2016-02-24 06:28 - 2014-02-14 18:30 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-02-23 18:46 - 2015-12-10 21:47 - 00000000 ____D C:\Users\Chris\AppData\Local\Packages 2016-02-23 18:38 - 2014-02-16 17:08 - 00007641 _____ C:\Users\Chris\AppData\Local\Resmon.ResmonCfg 2016-02-23 18:34 - 2015-12-17 18:18 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-23 06:57 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-23 06:56 - 2014-02-13 18:22 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-02-22 12:13 - 2016-01-18 20:16 - 00001105 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-02-19 13:38 - 2015-05-22 08:58 - 00000000 ____D C:\Users\Chris\AppData\Roaming\Apple Computer 2016-02-19 13:38 - 2015-05-22 08:58 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple Computer 2016-02-19 11:49 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-02-19 11:35 - 2014-02-23 20:25 - 00000000 ____D C:\Users\Chris\AppData\Local\ElevatedDiagnostics 2016-02-18 18:20 - 2015-12-10 22:33 - 00000000 ____D C:\Program Files (x86)\Dropbox 2016-02-17 19:28 - 2016-01-12 16:47 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-02-17 18:30 - 2015-11-02 06:30 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-02-16 06:45 - 2014-07-09 22:33 - 00002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prezi Desktop.lnk 2016-02-16 06:45 - 2014-07-09 22:33 - 00000000 ____D C:\Program Files (x86)\Prezi 2016-02-15 18:49 - 2015-07-23 18:28 - 00000000 ____D C:\Users\Chris\AppData\Local\Windows Live 2016-02-14 20:08 - 2015-09-29 17:36 - 00001444 _____ C:\Users\Public\Desktop\Free YouTube Download.lnk 2016-02-14 20:08 - 2014-03-04 13:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-02-14 20:08 - 2014-03-04 13:03 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-02-14 09:03 - 2015-06-15 21:11 - 00004608 _____ C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-12 09:12 - 2015-08-29 06:42 - 00000013 _____ C:\Users\Chris\Desktop\HEYcontrol.ini 2016-02-11 07:48 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-02-11 06:54 - 2015-12-10 21:47 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-02-10 22:24 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal 2016-02-10 20:34 - 2013-08-22 09:06 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 20:31 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-10 20:31 - 2013-04-22 15:17 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-09 21:37 - 2014-02-24 17:46 - 00000000 ____D C:\ProgramData\Oracle 2016-02-09 21:36 - 2015-11-05 08:53 - 00000000 ____D C:\Users\Chris\.oracle_jre_usage 2016-02-09 21:36 - 2014-10-21 20:12 - 00000000 ____D C:\Program Files (x86)\Java 2016-02-09 21:36 - 2014-04-22 07:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit 2016-02-09 21:36 - 2014-04-17 10:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2016-02-09 21:35 - 2014-10-21 20:12 - 00097888 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll 2016-02-08 10:21 - 2014-02-13 17:59 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA 2016-02-08 10:21 - 2014-02-13 17:59 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore 2016-02-08 09:49 - 2014-03-11 08:06 - 00004256 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001UA 2016-02-08 09:49 - 2014-03-11 08:06 - 00003880 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2784361696-2099732649-3132497725-1001Core 2016-02-08 09:42 - 2015-12-10 21:49 - 00002437 _____ C:\Users\Chris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-06-15 21:11 - 2016-02-14 09:03 - 0004608 _____ () C:\Users\Chris\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-04-22 08:56 - 2015-04-22 08:56 - 0000835 _____ () C:\Users\Chris\AppData\Local\recently-used.xbel 2014-02-16 17:08 - 2016-02-23 18:38 - 0007641 _____ () C:\Users\Chris\AppData\Local\Resmon.ResmonCfg 2014-03-03 12:53 - 2014-03-03 12:53 - 0000011 _____ () C:\ProgramData\.tv7 2014-02-14 18:12 - 2016-01-24 08:12 - 0000040 ___SH () C:\ProgramData\.zreglib 2016-02-24 18:51 - 2016-02-24 18:51 - 0235717 _____ () C:\ProgramData\1456336221.bdinstall.bin 2014-04-29 07:42 - 2014-04-29 07:43 - 0009868 _____ () C:\ProgramData\DVRClient.log 2014-04-29 07:43 - 2014-04-29 08:02 - 0160512 _____ () C:\ProgramData\DVRServerMediaDevices.log 2014-04-29 07:43 - 2014-04-29 07:44 - 0001088 _____ () C:\ProgramData\DVRServerNetworkCameras.log 2014-04-29 07:41 - 2014-04-29 07:41 - 0000832 _____ () C:\ProgramData\DVRServerTools.log 2016-02-19 13:48 - 2016-02-19 13:48 - 0000035 _____ () C:\ProgramData\Jumpian.global 2016-02-19 13:33 - 2016-02-19 13:33 - 0000098 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-22 12:11 ==================== Ende von FRST.txt ============================ |
Themen zu Browser öffnet falsche Seiten, Hitman kann Programme nicht löschen |
browser, datei, dateien, dringend, einstellungen, falsche, falsche seiten, gen, infizierte, interne, internet, kaspersky, laufen, leitet, löschen, nicht löschen, programm, programme, schei, schutz, seite, seiten, virenschutz, öffnen, öffnet |