|
Plagegeister aller Art und deren Bekämpfung: smartsurf.ruWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.05.2016, 00:33 | #1 |
| smartsurf.ru Hallo Gemeinde ich habe da ein echtes Problem beim Runterladen einer Software habe ich mir ein Virus/,Ttrojaner eingefangen. Ich habe Google Chrom neu installiert und wieder gelöscht .Jedes mal wenn ich Google Chrome oder andere Browser installiere, installiert sich auch unter die Suchmaschinen Verwaltung eine Seite mit den namen smartsurf.ru und setzt sich als Standart Suchmaschine ein .Löschen kann ich den nicht weil er mit Admin Rechte gesperrt ist .Wenn ich im Browser bei Google den Satz eingebe smartsurf.ru entfernen bekomme ich als Auswahl irgendwelche russischen seiten auch wenn ich versuche auf Chrome Policy zu gehen lenkt mich der Browser um auf die Seite smartsurf.ru .ich habe schon sämptliche Vieren und Malware Programme durchlaufen lassen ohne Erfolg .Kann mir einer helfen und eine leicht verständliche Anweisung geben wir ich diesen Virus /Trtojaner wieder los werde ? |
12.05.2016, 08:34 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | smartsurf.ruMein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Lesestoff Posten in CODE-Tags: So gehts... Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
12.05.2016, 13:39 | #3 |
| smartsurf.ru Erst einmal vielen Dank für deine Hilfe ich schreibe dir auf was ich schon alles versucht habe ,erst einmal habe ich sämptliche Vieren und Malware Programme in abgesicherten Modus durchlaufen lassen ohne Erfolg bis auf die Zemana Antimalware hat kein Programm den Trojaner erkannt es war aber nicht in der Lage diesen zu beseitigen .Beim 2 Durchlauf hat dieses Programm diesen nicht mehr erkannt dann habe ich versucht Windows Defender zu starten habe aber keinen Zugriff darauf es kam die Meldung "Diese App wurde über eine Gruppenrichtlinie deaktiviert" .Versuche diese Richtlinie rückgängig zu machen im Admin Modus waren erfolglos Neu Aufsetzen möchte ich windows nicht unbedingt da ich sehr viele daten und Programme auf meinen Laptop draufhabe ich versuche jetzt deine Anweisungen der rehe nach ab zu arbeiten
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von Günter3 (Administrator) auf GÜNTER2 (12-05-2016 14:05:45) Gestartet von C:\Users\Günter3\Downloads Geladene Profile: Günter3 (Verfügbare Profile: Günter3) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (AMD) C:\Windows\System32\atieclxx.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Farbar) C:\Users\Günter3\Downloads\FRST64 (1).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-01-21] (Microsoft Corporation) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited) HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8980016 2015-11-05] (Zemana Ltd.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe, HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications) HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [907136 2010-01-16] (Microsoft Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [C] => cmd /c(@attrib -H -R -S C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@copy/b/y C:\Windows\system32\GroupPolicy\Machine\R C:\Windows\system32\GroupPolicy\Machine\Registry.pol >nul)&(@att (Der Dateneintrag hat 99 mehr Zeichen). HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-22] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-12-13] (Spotify Ltd) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation) HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [95712 2015-11-05] (Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86936 2015-11-05] (Zemana Ltd.) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-02-15] ShortcutTarget: MEGAsync.lnk -> C:\Users\Günter3\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) GroupPolicy-x32: Beschränkung - Chrome <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) AutoConfigURL: [S-1-5-21-3745538668-36452931-2607822575-1001] => hxxp://unstops.org/wpad.dat?cbff81d8d046b74ea1b0ec681426aadf9919544 Tcpip\Parameters: [DhcpNameServer] 80.69.100.212 80.69.100.205 Tcpip\..\Interfaces\{4FDF83D5-1E4F-4E3A-90C5-201E5ED9ADAE}: [DhcpNameServer] 80.69.100.212 80.69.100.205 Tcpip\..\Interfaces\{62C46C03-87F2-4AD8-9A56-5935754C5EB3}: [DhcpNameServer] 80.69.100.212 80.69.100.205 ManualProxies: 0hxxp://unstops.org/wpad.dat?cbff81d8d046b74ea1b0ec681426aadf9919544 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: [S-1-5-21-3745538668-36452931-2607822575-1001] ACHTUNG => Standard URLSearchHook fehlt SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3745538668-36452931-2607822575-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3745538668-36452931-2607822575-1001 -> {5A2CA85A-7E53-4485-9073-64CD2F8A3D1E} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO: Kein Name -> {D152BC46-8B67-4C3E-88F9-21F2C5D59EC5} -> Keine Datei BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2014-02-07] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2014-02-07] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF user.js: detected! => C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default\user.js [2016-05-09] FF Extension: Adblock Plus - C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-12] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-02-06] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi FF Extension: Recordify Title Discover - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08] Chrome: ======= CHR Profile: C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3 CHR Extension: (Google Docs) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-12] CHR Extension: (Google Drive) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-12] CHR Extension: (YouTube) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-12] CHR Extension: (Adblock Plus) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-05-12] CHR Extension: (Google Docs Offline) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-12] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-12] CHR Extension: (Google Mail) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-12] CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-03-12] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2740344 2015-11-26] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3842504 2015-09-16] (G Data Software AG) R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [Datei ist nicht signiert] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.) R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2015-09-15] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG) R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate) R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 abelssoft_recordify; C:\Windows\system32\drivers\recordify.sys [56584 2016-01-08] (Abelssoft) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125888 2010-09-14] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125888 2010-09-14] (SlySoft, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2016-05-11] (G Data Software AG) S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [28672 2016-05-11] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [231936 2016-05-11] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2016-05-11] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [69120 2016-05-11] (G DATA Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2016-05-11] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [126464 2016-05-11] (G Data Software AG) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [202656 2016-05-11] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [202656 2016-05-11] (Zemana Ltd.) S1 bsdpf64; \??\C:\Windows\system32\Drivers\bsdpf64.sys [X] U3 DfSdkS; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-12 14:05 - 2016-05-12 14:06 - 00025090 _____ C:\Users\Günter3\Downloads\FRST.txt 2016-05-12 14:03 - 2016-05-12 14:05 - 00000000 ____D C:\FRST 2016-05-12 14:02 - 2016-05-12 14:02 - 02381312 _____ (Farbar) C:\Users\Günter3\Downloads\FRST64 (1).exe 2016-05-12 13:15 - 2016-05-12 13:15 - 02381312 _____ (Farbar) C:\Users\Günter3\Downloads\FRST64.exe 2016-05-12 12:28 - 2016-05-12 12:28 - 00872464 _____ (Microsoft Corporation) C:\Users\Günter3\Downloads\mssstool64.exe 2016-05-12 11:33 - 2016-05-12 11:33 - 00165029 _____ C:\Users\Günter3\Documents\BIOS Setup öffnen in Windows 8.1 - so geht's - PC Magazin.pdf 2016-05-12 11:29 - 2016-05-12 11:29 - 00000425 _____ C:\Windows\BRWMARK.INI 2016-05-12 11:29 - 2016-05-12 11:29 - 00000027 _____ C:\Windows\BRPP2KA.INI 2016-05-12 00:43 - 2016-05-12 00:43 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-12 00:43 - 2016-05-12 00:43 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-12 00:08 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll 2016-05-12 00:08 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll 2016-05-12 00:08 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2016-05-12 00:08 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2016-05-12 00:06 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-05-12 00:06 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-12 00:06 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-12 00:06 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-12 00:06 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-12 00:06 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-12 00:06 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-12 00:06 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-12 00:06 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-12 00:06 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-12 00:06 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-12 00:04 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-12 00:04 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-12 00:02 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-12 00:02 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-12 00:02 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-12 00:02 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-12 00:02 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-12 00:02 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-05-12 00:02 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-12 00:02 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-12 00:02 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-12 00:02 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-12 00:02 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-12 00:02 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-12 00:02 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-12 00:02 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-12 00:01 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-12 00:01 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-12 00:01 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-12 00:01 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-12 00:01 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-12 00:01 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-05-12 00:01 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-12 00:01 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-12 00:01 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-12 00:01 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-12 00:01 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-12 00:01 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-12 00:01 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-12 00:01 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-12 00:01 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-12 00:01 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-12 00:01 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 23:47 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-11 23:47 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 23:47 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-11 23:13 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-05-11 23:13 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-05-11 21:14 - 2016-05-11 21:14 - 00000000 ____D C:\Users\Günter3\AppData\Local\G DATA 2016-05-11 21:07 - 2016-05-11 21:07 - 00028672 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys 2016-05-11 21:07 - 2016-05-11 21:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf 2016-05-11 21:07 - 2016-05-11 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE 2016-05-11 11:44 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-11 11:44 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-11 11:44 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-11 11:44 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 11:44 - 2016-03-14 18:50 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2016-05-11 11:44 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-05-11 11:44 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2016-05-11 11:44 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2016-05-11 11:44 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-05-11 11:44 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2016-05-11 11:44 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-05-11 11:44 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-05-11 11:44 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-05-11 11:44 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-05-11 11:44 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-05-11 11:43 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2016-05-11 11:43 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-11 11:43 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-11 00:51 - 2016-05-12 14:06 - 00082823 _____ C:\Windows\ZAM.krnl.trace 2016-05-11 00:51 - 2016-05-12 12:49 - 00000119 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-05-11 00:51 - 2016-05-11 00:51 - 00202656 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2016-05-11 00:51 - 2016-05-11 00:51 - 00202656 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2016-05-11 00:51 - 2016-05-11 00:51 - 00001132 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2016-05-11 00:51 - 2016-05-11 00:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2016-05-11 00:51 - 2016-05-11 00:51 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-05-11 00:41 - 2016-05-11 00:50 - 00000000 ____D C:\Users\Günter3\AppData\Local\Zemana 2016-05-11 00:41 - 2016-05-11 00:41 - 00001124 _____ C:\Users\Public\Desktop\AntiLogger Free.lnk 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Users\Günter3\AppData\Local\AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2016-05-11 00:41 - 2015-11-05 15:00 - 00143904 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys 2016-05-10 19:28 - 2016-05-10 19:28 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00C212A8 2016-05-10 19:28 - 2016-05-10 19:28 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000008336945398 2016-05-10 18:44 - 2016-05-10 18:45 - 00002094 _____ C:\Users\Günter3\Desktop\Entfernen des Avira PC Cleaners.lnk 2016-05-10 18:44 - 2016-05-10 18:45 - 00002038 _____ C:\Users\Günter3\Desktop\Avira PC Cleaner.lnk 2016-05-10 16:31 - 2016-05-10 16:31 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow01314918 2016-05-10 16:31 - 2016-05-10 16:31 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000E27BCE4B78 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0114B6D0 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow011222C8 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000003DFFF04C48 2016-05-10 14:16 - 2016-05-10 14:16 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0094CE78 2016-05-10 14:16 - 2016-05-10 14:16 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000DEF7845058 2016-05-10 01:08 - 2016-05-10 01:08 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow015CB108 2016-05-10 01:08 - 2016-05-10 01:08 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000FCE7395538 2016-05-10 01:01 - 2016-05-10 23:59 - 01087518 _____ C:\Windows\ntbtlog.txt 2016-05-10 00:56 - 2016-05-10 00:56 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00D5C3D8 2016-05-10 00:56 - 2016-05-10 00:56 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000008A08E25128 2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00AB34C0 2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000005970C557A8 2016-05-10 00:24 - 2016-05-10 00:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00A9BA38 2016-05-10 00:24 - 2016-05-10 00:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00000080621C4DE8 2016-05-10 00:16 - 2016-05-10 00:16 - 00000000 _____ C:\Users\Günter3\AppData\Local\{0C56E180-DBC6-4976-BC48-460BE291955E} 2016-05-10 00:14 - 2016-05-10 00:22 - 00000000 _____ C:\Users\Günter3\AppData\Local\{D5D6D2F8-72B3-4049-8353-48252311E053} 2016-05-10 00:12 - 2016-05-10 00:12 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0041CC70 2016-05-10 00:12 - 2016-05-10 00:12 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000EE33C65468 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0072F880 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00703318 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000DDF94557A8 2016-05-09 23:24 - 2016-05-09 23:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow007D14A0 2016-05-09 23:24 - 2016-05-09 23:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000003237755058 2016-05-09 22:27 - 2016-05-09 22:27 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00914140 2016-05-09 22:27 - 2016-05-09 22:27 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000B7E1EE57A8 2016-05-09 16:21 - 2016-05-09 16:21 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00D822F0 2016-05-09 16:21 - 2016-05-09 16:21 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000007BC99E5608 2016-05-09 16:15 - 2016-05-09 16:15 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00FD4960 2016-05-09 16:15 - 2016-05-09 16:15 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00FBB530 2016-05-09 15:58 - 2016-05-09 15:58 - 00000000 ____D C:\Windows\system32\jys 2016-05-09 15:54 - 2016-05-11 20:42 - 00000000 ____D C:\Program Files\Wapgywceamcimk 2016-05-09 15:54 - 2016-05-11 01:26 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\Paiuz 2016-05-09 15:54 - 2016-05-09 23:51 - 00000000 ____D C:\Program Files\WapgywceamcimkUn 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow\Company 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\Users\Günter3\AppData\Local\Tempfolder 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\uninst 2016-05-09 14:34 - 2016-05-09 14:34 - 00001284 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Windows\system32\DAX2 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Program Files\Realtek 2016-05-09 14:23 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-05-09 14:23 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-05-09 14:23 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2016-05-09 14:23 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2016-05-09 14:23 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-05-09 14:23 - 2015-06-11 19:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2016-05-09 14:23 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-05-09 14:23 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-05-09 14:23 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-05-09 14:23 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2016-05-09 14:23 - 2015-04-24 05:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2016-05-09 14:23 - 2015-04-13 16:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2016-05-09 14:23 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2016-05-09 14:23 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-05-09 14:23 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2016-05-09 14:23 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-05-09 14:23 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-05-09 14:23 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2016-05-09 14:23 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-05-09 14:23 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-05-09 14:23 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-05-09 14:23 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-05-09 14:23 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-05-09 14:23 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-05-09 14:23 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-05-09 14:23 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-05-09 14:23 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-05-09 14:23 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-05-09 14:22 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-05-09 14:22 - 2015-06-10 13:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2016-05-09 14:22 - 2015-06-10 13:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2016-05-09 14:22 - 2015-06-09 11:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2016-05-09 14:22 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2016-05-09 14:22 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-05-09 14:22 - 2015-05-11 18:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2016-05-09 14:22 - 2015-04-27 16:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2016-05-09 14:22 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2016-05-09 14:22 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2016-05-09 14:22 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-05-09 14:22 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2016-05-09 14:22 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2016-05-09 14:22 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2016-05-09 14:22 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-05-09 14:22 - 2014-05-22 16:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2016-05-09 14:22 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-05-09 14:22 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2016-05-09 14:22 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-05-09 14:22 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-05-09 14:22 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-05-09 14:22 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-05-09 14:22 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-05-09 14:22 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2016-05-09 14:22 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2016-05-09 14:22 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-05-09 14:22 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-05-09 14:22 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-05-09 14:22 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-05-09 14:14 - 2016-05-09 14:14 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\Günter3\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe 2016-05-09 02:16 - 2016-05-09 02:18 - 00000077 _____ C:\wepkeys.txt 2016-05-09 02:03 - 2016-05-09 22:17 - 00000000 ____D C:\Neuer Ordner 2016-05-08 23:47 - 2016-05-10 14:26 - 00000000 ____D C:\Users\Günter3\AppData\Local\ElevatedDiagnostics 2016-05-06 01:13 - 2016-05-06 01:35 - 150971040 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e06.mp4 2016-05-06 00:54 - 2016-05-06 01:13 - 156022324 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e05.mp4 2016-05-06 00:30 - 2016-05-06 00:53 - 143473333 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e04.mp4 2016-05-06 00:10 - 2016-05-06 00:30 - 156755017 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e02.mp4 2016-05-05 23:51 - 2016-05-05 23:51 - 00014889 _____ C:\Users\Günter3\Documents\socken.odt 2016-05-05 23:50 - 2016-05-06 00:10 - 150315668 _____ C:\Users\Günter3\Downloads\Akte.X.S10E03.Mulder.und.Scully.gegen.das.Wer.Monster.German.Dubbed.HDTV.x264-ITG.mp4 2016-05-05 23:22 - 2016-05-05 23:50 - 158000779 _____ C:\Users\Günter3\Downloads\Akte.X.S10E01.Der.Kampf.German.Dubbed.HDTV.x264-ITG.mp4 2016-05-05 22:45 - 2016-05-05 23:33 - 236598901 _____ C:\Users\Günter3\Downloads\Fear.The.Walking.Dead.S02E03.Ouroboros.GERMAN.DUBBED.HDTVRip.x264-TVP.mp4 2016-05-05 22:45 - 2016-05-05 23:22 - 174410795 _____ C:\Users\Günter3\Downloads\Fear.The.Walking.Dead.S02E04.Blood.in.the.Streets.GERMAN.DUBBED.HDTVRip.x264-TVP.mp4 2016-05-05 22:45 - 2016-05-05 22:45 - 00435369 _____ C:\Users\Günter3\Downloads\Death Race 3 - Inferno unrated 2012 BluRay-Rip german AC3 XviD_360p.mp4.part 2016-05-05 22:44 - 2016-05-05 22:45 - 01233961 _____ C:\Users\Günter3\Downloads\Death Race 3 - Inferno unrated 2012 BluRay-Rip german.flv.part 2016-05-05 22:44 - 2016-05-05 22:45 - 01232748 _____ C:\Users\Günter3\Downloads\Death Race_ Inferno-kinox.to(45221)-bySGexx.mp4.part 2016-04-26 14:00 - 2016-04-26 14:18 - 00000000 ____D C:\Users\Günter3\Documents\Karin 2016-04-24 02:32 - 2016-04-25 01:25 - 00013360 _____ C:\Users\Günter3\Documents\EGV.odt 2016-04-22 14:21 - 2016-04-22 14:21 - 00270134 _____ C:\Users\Günter3\Documents\Dreehmomentschlüssel anleitung.pdf 2016-04-12 20:32 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-04-12 20:32 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-04-12 20:32 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-04-12 20:32 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-12 20:32 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-12 20:32 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-04-12 20:32 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-12 20:32 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-12 20:32 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-12 20:32 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-04-12 20:32 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2016-04-12 20:32 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2016-04-12 20:32 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-04-12 20:32 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-04-12 20:32 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-04-12 20:32 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll 2016-04-12 20:32 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-04-12 20:32 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-04-12 20:32 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll 2016-04-12 20:32 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-04-12 20:32 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-04-12 20:32 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-04-12 20:32 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2016-04-12 20:32 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-04-12 20:31 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-04-12 20:31 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-04-12 20:31 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-04-12 20:31 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-04-12 20:31 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2016-04-12 20:30 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-04-12 20:30 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2016-04-12 20:30 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys 2016-04-12 20:29 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-12 20:29 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-12 20:29 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-04-12 20:29 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-12 20:29 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-04-12 20:29 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-04-12 20:29 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2016-04-12 20:29 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-04-12 20:29 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-04-12 20:29 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-04-12 20:29 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-04-12 20:29 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-04-12 20:29 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-04-12 20:29 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2016-04-12 20:29 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2016-04-12 20:29 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2016-04-12 20:29 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-04-12 20:29 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-04-12 20:29 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-04-12 20:29 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-04-12 20:29 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-04-12 20:29 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-04-12 20:29 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-04-12 20:29 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-04-12 20:29 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2016-04-12 20:29 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2016-04-12 20:29 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2016-04-12 20:29 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-04-12 20:29 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2016-04-12 20:29 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-04-12 20:29 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-04-12 20:29 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2016-04-12 20:29 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-04-12 20:29 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2016-04-12 20:29 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2016-04-12 20:29 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2016-04-12 20:29 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2016-04-12 20:29 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-04-12 20:28 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-04-12 20:28 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-12 20:28 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-12 20:28 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-04-12 20:28 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-12 20:28 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-04-12 20:28 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-04-12 20:28 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2016-04-12 20:28 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2016-04-12 20:28 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2016-04-12 20:28 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2016-04-12 20:28 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2016-04-12 20:28 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2016-04-12 20:28 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-04-12 20:28 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll 2016-04-12 20:28 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll 2016-04-12 20:28 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2016-04-12 20:28 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2016-04-12 20:28 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2016-04-12 20:28 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-12 14:05 - 2014-05-10 03:01 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b.job 2016-05-12 14:00 - 2014-02-07 00:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-12 14:00 - 2014-02-06 23:40 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-12 13:14 - 2013-12-13 11:37 - 00953298 _____ C:\Windows\system32\perfh007.dat 2016-05-12 13:14 - 2013-12-13 11:37 - 00214362 _____ C:\Windows\system32\perfc007.dat 2016-05-12 13:14 - 2013-09-06 06:58 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-12 13:11 - 2014-05-10 03:00 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766.job 2016-05-12 13:11 - 2014-02-06 23:40 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-12 13:11 - 2014-02-06 22:32 - 00000000 ____D C:\Users\Günter3 2016-05-12 13:10 - 2014-02-23 19:02 - 00000000 ___RD C:\Users\Günter3\SkyDrive 2016-05-12 13:08 - 2013-12-13 02:52 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2016-05-12 12:49 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-12 12:47 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2016-05-12 12:38 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-05-12 11:57 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-05-12 11:33 - 2014-02-06 19:42 - 00132504 _____ C:\Users\Günter3\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-12 11:09 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-05-12 10:05 - 2014-02-06 23:25 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7BDC6975-0F34-4339-9FF4-616F2B001734} 2016-05-12 03:41 - 2014-02-06 22:39 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3745538668-36452931-2607822575-1001 2016-05-12 02:23 - 2014-02-06 19:47 - 00000000 ____D C:\AdwCleaner 2016-05-12 00:42 - 2014-02-06 23:40 - 00000000 ____D C:\Program Files (x86)\Google 2016-05-12 00:36 - 2014-02-06 23:40 - 00000000 ____D C:\Users\Günter3\AppData\Local\Google 2016-05-12 00:14 - 2016-02-10 15:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-12 00:14 - 2014-12-23 16:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-05-11 23:38 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-11 22:57 - 2013-08-22 16:44 - 00513520 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-11 21:15 - 2014-05-08 14:13 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2016-05-11 21:15 - 2014-05-08 14:13 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2016-05-11 21:12 - 2014-05-08 13:56 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2016-05-11 21:07 - 2014-05-08 13:56 - 00001970 _____ C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk 2016-05-11 21:07 - 2014-05-08 13:49 - 00000000 ____D C:\ProgramData\G Data 2016-05-11 21:06 - 2014-05-08 13:56 - 00231936 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00126464 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00069120 _____ (G DATA Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys 2016-05-11 21:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2016-05-11 20:28 - 2014-02-07 00:24 - 00000000 ____D C:\Windows\system32\MRT 2016-05-11 11:44 - 2014-02-07 00:23 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-11 01:26 - 2016-02-15 20:56 - 00000306 __RSH C:\ProgramData\ntuser.pol 2016-05-10 23:00 - 2014-05-10 03:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b 2016-05-10 23:00 - 2014-05-10 03:00 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766 2016-05-10 22:54 - 2016-02-03 23:45 - 00000858 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-05-10 22:54 - 2016-02-03 23:45 - 00000810 _____ C:\Users\Günter3\Desktop\Start Tor Browser.lnk 2016-05-10 22:54 - 2015-01-28 17:49 - 00000000 ____D C:\Users\Günter3\Desktop\Tor Browser 2016-05-10 22:54 - 2014-02-06 22:33 - 00001023 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-05-10 22:31 - 2014-02-07 17:44 - 00000000 ____D C:\Users\Günter3\AppData\Local\CrashDumps 2016-05-10 22:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2016-05-09 22:16 - 2016-02-12 19:01 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5 2016-05-09 14:24 - 2013-12-13 03:14 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-05-09 14:22 - 2013-12-13 03:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-05-09 00:29 - 2015-04-04 23:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-05-09 00:29 - 2015-04-04 23:25 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-08 23:39 - 2014-06-23 18:52 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-05-07 23:51 - 2016-03-28 13:10 - 00004608 _____ C:\Users\Günter3\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-05-07 23:47 - 2014-02-07 18:20 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\vlc 2016-05-07 23:33 - 2014-12-12 00:57 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-07 23:32 - 2014-02-06 23:10 - 00000000 ____D C:\Users\Günter3\AppData\Local\JDownloader v2.0 2016-05-06 01:24 - 2014-02-07 18:20 - 00001054 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-05-06 00:05 - 2014-02-06 20:16 - 00000960 _____ C:\Users\Günter3\AppData\Roaming\wklnhst.dat 2016-05-06 00:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-05-03 03:15 - 2014-12-12 18:42 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-03 03:15 - 2014-12-12 18:42 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-27 14:53 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-27 14:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2016-04-21 22:08 - 2014-02-06 21:04 - 00001207 _____ C:\Users\Günter3\Downloads\VideoCacheView.cfg 2016-04-21 15:05 - 2014-04-07 19:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-14 11:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2016-04-14 11:32 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2016-04-12 20:05 - 2016-01-13 13:00 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-08 13:56 - 2014-05-08 13:56 - 0000000 _____ () C:\Users\Günter3\AppData\Roaming\gdfw.log 2014-05-08 13:56 - 2014-05-08 13:56 - 0000779 _____ () C:\Users\Günter3\AppData\Roaming\gdscan.log 2014-02-06 20:42 - 2014-02-06 20:42 - 0099384 _____ () C:\Users\Günter3\AppData\Roaming\inst.exe 2016-05-10 18:31 - 2016-05-10 18:31 - 0000053 _____ () C:\Users\Günter3\AppData\Roaming\LogFile.txt 2014-02-06 20:42 - 2014-02-06 20:42 - 0007859 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.cat 2014-02-06 20:42 - 2014-02-06 20:42 - 0001167 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.inf 2014-02-06 20:42 - 2014-02-06 20:42 - 0000055 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.log 2014-02-06 20:42 - 2014-02-06 20:42 - 0082816 _____ (VSO Software) C:\Users\Günter3\AppData\Roaming\pcouffin.sys 2015-04-22 18:45 - 2016-05-05 23:55 - 0000308 _____ () C:\Users\Günter3\AppData\Roaming\Rim.Desktop.Exception.log 2015-04-22 18:42 - 2015-04-22 18:42 - 0001111 _____ () C:\Users\Günter3\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2015-04-22 18:45 - 2016-05-05 23:55 - 0000308 _____ () C:\Users\Günter3\AppData\Roaming\Rim.DesktopHelper.Exception.log 2014-02-06 20:16 - 2016-05-06 00:05 - 0000960 _____ () C:\Users\Günter3\AppData\Roaming\wklnhst.dat 2016-03-28 13:10 - 2016-05-07 23:51 - 0004608 _____ () C:\Users\Günter3\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 17:40 - 2015-08-18 20:00 - 0018432 _____ () C:\Users\Günter3\AppData\Local\file__0.localstorage 2016-05-10 00:16 - 2016-05-10 00:16 - 0000000 _____ () C:\Users\Günter3\AppData\Local\{0C56E180-DBC6-4976-BC48-460BE291955E} 2016-05-10 00:14 - 2016-05-10 00:22 - 0000000 _____ () C:\Users\Günter3\AppData\Local\{D5D6D2F8-72B3-4049-8353-48252311E053} 2013-12-13 03:14 - 2013-12-13 03:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Einige Dateien in TEMP: ==================== C:\Users\Günter3\AppData\Local\Temp\7c5KPHQxFn.exe C:\Users\Günter3\AppData\Local\Temp\btGm5oGtiG.exe C:\Users\Günter3\AppData\Local\Temp\wSQNEwheOu.exe |
12.05.2016, 16:23 | #4 |
/// TB-Ausbilder /// Anleitungs-Guru | smartsurf.ru Addition.txt fehlt noch...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
12.05.2016, 17:05 | #5 |
| smartsurf.ru ne ist mit dabei!! vielleicht sollte ich noch dazusagen das ich auf einige Programme keinen Zugriff mehr habe weil einige Programme durch eine Gruppenritchlinie deaktiviert sind die ich aber nicht autorisiert haben ich habe auch kein Zugriff auf das Gruppenrichtlinien Panel Alle programme die den trojaner schaden könnten sind deaktiviert was wäre denn wenn ich alles auf Werkseinstellung zurücksetzen würde ?? |
12.05.2016, 18:14 | #6 |
/// TB-Ausbilder /// Anleitungs-Guru | smartsurf.ru Die Addition.txt ist nicht vollständig gepostet.
__________________ --> smartsurf.ru |
12.05.2016, 20:19 | #7 |
| smartsurf.ru doch müsste eigentlich alles drauf sein?? ============= Ende von Addition.txt ========================= lese ich im Fenster?? allerdings kann ich dir den Text noch mal schicken wenn ich wüste wo er abgespeichert ist ich habe Dir auch eine Videobotschaft geschickt über Skype |
12.05.2016, 20:24 | #8 |
/// TB-Ausbilder /// Anleitungs-Guru | smartsurf.ru Der Anfang fehlt. Bitte vollständig posten und zwar so wie beschrieben. Jedes Log in eine Code-Box.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
12.05.2016, 22:02 | #9 |
| smartsurf.ru so gehts Geändert von Rocky31 (12.05.2016 um 22:17 Uhr) |
12.05.2016, 23:12 | #10 |
| smartsurf.ru auch weg Geändert von Rocky31 (12.05.2016 um 23:39 Uhr) |
12.05.2016, 23:28 | #11 |
| smartsurf.ru noch mal Geändert von Rocky31 (12.05.2016 um 23:38 Uhr) |
12.05.2016, 23:32 | #12 |
| smartsurf.ru und weg Geändert von Rocky31 (12.05.2016 um 23:43 Uhr) |
12.05.2016, 23:51 | #13 |
| smartsurf.ru irgendwas läuft hier falsch Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von Günter3 (Administrator) auf GÜNTER2 (12-05-2016 22:43:17) Gestartet von C:\Users\Günter3\Videos\spiele Geladene Profile: Günter3 (Verfügbare Profile: Günter3) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Günter3\Videos\spiele\FRST64 (2).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-01-21] (Microsoft Corporation) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited) HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8980016 2015-11-05] (Zemana Ltd.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe, HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications) HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [907136 2010-01-16] (Microsoft Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-22] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-12-13] (Spotify Ltd) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation) HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [95712 2015-11-05] (Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86936 2015-11-05] (Zemana Ltd.) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-02-15] ShortcutTarget: MEGAsync.lnk -> C:\Users\Günter3\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 80.69.100.212 80.69.100.205 Tcpip\..\Interfaces\{4FDF83D5-1E4F-4E3A-90C5-201E5ED9ADAE}: [DhcpNameServer] 80.69.100.212 80.69.100.205 Tcpip\..\Interfaces\{62C46C03-87F2-4AD8-9A56-5935754C5EB3}: [DhcpNameServer] 80.69.100.212 80.69.100.205 ManualProxies: Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: [S-1-5-21-3745538668-36452931-2607822575-1001] ACHTUNG => Standard URLSearchHook fehlt SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3745538668-36452931-2607822575-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3745538668-36452931-2607822575-1001 -> {5A2CA85A-7E53-4485-9073-64CD2F8A3D1E} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2014-02-07] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2014-02-07] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-12] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-02-06] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi FF Extension: Recordify Title Discover - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08] Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:09-05-2016 durchgeführt von Günter3 (Administrator) auf GÜNTER2 (12-05-2016 22:43:17) Gestartet von C:\Users\Günter3\Videos\spiele Geladene Profile: Günter3 (Verfügbare Profile: Günter3) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\HelperService.exe (pdfforge GmbH) C:\Program Files (x86)\PDF Architect\ConversionService.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe (G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe (G Data Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAEvent.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QAMsg.exe (Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Quick Access\QuickAccess.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Spotify Ltd) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe (Zemana Ltd.) C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe (Research In Motion Limited) C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Farbar) C:\Users\Günter3\Videos\spiele\FRST64 (2).exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2890056 2013-09-06] (ELAN Microelectronics Corp.) HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-01-21] (Microsoft Corporation) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-09-25] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GDFirewallTray] => C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe [1864312 2015-06-16] (G DATA Software AG) HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation) HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [267792 2013-01-17] (Research In Motion Limited) HKLM-x32\...\Run: [ZALFree] => C:\Program Files (x86)\Zemana AntiLogger Free\AntiLogger Free.exe [8980016 2015-11-05] (Zemana Ltd.) HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe, HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-09-07] (Atheros Communications) HKU\S-1-5-19\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-20\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Speech Recognition] => C:\Windows\Speech\Common\sapisvr.exe [44032 2014-10-29] (Microsoft Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [907136 2010-01-16] (Microsoft Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7404312 2015-01-20] (Piriform Ltd) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-10-22] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-12-13] (Spotify Ltd) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [217088 2014-10-29] (Microsoft Corporation) HKU\S-1-5-18\...\Winlogon: [Shell] C:\Windows\explorer.exe [2757616 2016-02-09] (Microsoft Corporation) <==== ACHTUNG AppInit_DLLs: C:\PROGRA~2\KEYCRY~1\KEYCRY~4.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt64(1).dll [95712 2015-11-05] (Zemana Ltd.) AppInit_DLLs-x32: C:\PROGRA~2\KEYCRY~1\KEYCRY~3.DLL => C:\Program Files (x86)\KeyCryptSDK\KeyCrypt32(1).dll [86936 2015-11-05] (Zemana Ltd.) ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX32.dll [2014-05-01] () Startup: C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-02-15] ShortcutTarget: MEGAsync.lnk -> C:\Users\Günter3\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 80.69.100.212 80.69.100.205 Tcpip\..\Interfaces\{4FDF83D5-1E4F-4E3A-90C5-201E5ED9ADAE}: [DhcpNameServer] 80.69.100.212 80.69.100.205 Tcpip\..\Interfaces\{62C46C03-87F2-4AD8-9A56-5935754C5EB3}: [DhcpNameServer] 80.69.100.212 80.69.100.205 ManualProxies: Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank URLSearchHook: [S-1-5-21-3745538668-36452931-2607822575-1001] ACHTUNG => Standard URLSearchHook fehlt SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3745538668-36452931-2607822575-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-3745538668-36452931-2607822575-1001 -> {5A2CA85A-7E53-4485-9073-64CD2F8A3D1E} URL = BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-25] (Oracle Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-25] (Oracle Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-04-29] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2014-02-07] () FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2014-02-07] () FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-25] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-25] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation) FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [2012-12-13] () FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-10] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-03] (Adobe Systems Inc.) FF Extension: Adblock Plus - C:\Users\Günter3\AppData\Roaming\Mozilla\Firefox\Profiles\4c7z137b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-03-12] FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-02-06] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{8C679308-89F3-402C-9323-8D9B3B6D57B2}] - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi FF Extension: Recordify Title Discover - C:\Program Files (x86)\Recordify\Extensions\recordify_title_discover-0.1.14-fx-windows.xpi [2016-01-08] Geändert von Rocky31 (12.05.2016 um 23:49 Uhr) |
12.05.2016, 23:53 | #14 |
| smartsurf.ru Chrome: ======= CHR Profile: C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3 CHR Profile: C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7 CHR Extension: (Google Docs) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-12] CHR Extension: (Google Drive) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-12] CHR Extension: (YouTube) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-12] CHR Extension: (Google Tabellen) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-12] CHR Extension: (Google Docs Offline) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-12] CHR Extension: (Skype) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-12] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-12] CHR Extension: (Google Mail) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-12] CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-03-12] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2740344 2015-11-26] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3842504 2015-09-16] (G Data Software AG) R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [Datei ist nicht signiert] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.) R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2015-09-15] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG) R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate) R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 abelssoft_recordify; C:\Windows\system32\drivers\recordify.sys [56584 2016-01-08] (Abelssoft) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125888 2010-09-14] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125888 2010-09-14] (SlySoft, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2016-05-11] (G Data Software AG) S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [28672 2016-05-11] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [231936 2016-05-11] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2016-05-11] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [69120 2016-05-11] (G DATA Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2016-05-11] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [126464 2016-05-11] (G Data Software AG) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [202656 2016-05-12] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [202656 2016-05-12] (Zemana Ltd.) U3 DfSdkS; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-12 20:04 - 2016-05-12 22:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-12 20:03 - 2016-05-12 20:03 - 00001086 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-12 20:03 - 2016-05-12 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-12 20:03 - 2016-05-12 20:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-12 20:03 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-05-12 20:03 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-05-12 20:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-05-12 19:32 - 2016-05-12 19:32 - 00003974 _____ C:\Windows\System32\Tasks\Chrome Cleanup Tool logs upload retry 2016-05-12 17:41 - 2016-05-12 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2016-05-12 17:06 - 2016-05-12 17:06 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\ATI 2016-05-12 17:06 - 2016-05-12 17:06 - 00000000 ____D C:\Users\Günter3\AppData\Local\ATI 2016-05-12 17:06 - 2016-05-12 17:06 - 00000000 ____D C:\ProgramData\ATI 2016-05-12 16:36 - 2016-05-12 16:36 - 05023744 _____ C:\Users\Günter3\Downloads\gpmc (1).msi 2016-05-12 15:55 - 2016-05-12 15:55 - 05023744 _____ C:\Users\Günter3\Downloads\gpmc.msi 2016-05-12 14:08 - 2016-05-12 14:09 - 00035349 _____ C:\Users\Günter3\Downloads\Addition.txt 2016-05-12 14:05 - 2016-05-12 14:09 - 00076965 _____ C:\Users\Günter3\Downloads\FRST.txt 2016-05-12 14:03 - 2016-05-12 22:43 - 00000000 ____D C:\FRST 2016-05-12 14:02 - 2016-05-12 14:02 - 02381312 _____ (Farbar) C:\Users\Günter3\Downloads\FRST64 (1).exe 2016-05-12 13:15 - 2016-05-12 13:15 - 02381312 _____ (Farbar) C:\Users\Günter3\Downloads\FRST64.exe 2016-05-12 12:28 - 2016-05-12 12:28 - 00872464 _____ (Microsoft Corporation) C:\Users\Günter3\Downloads\mssstool64.exe 2016-05-12 11:33 - 2016-05-12 11:33 - 00165029 _____ C:\Users\Günter3\Documents\BIOS Setup öffnen in Windows 8.1 - so geht's - PC Magazin.pdf 2016-05-12 11:29 - 2016-05-12 11:29 - 00000425 _____ C:\Windows\BRWMARK.INI 2016-05-12 11:29 - 2016-05-12 11:29 - 00000027 _____ C:\Windows\BRPP2KA.INI 2016-05-12 00:43 - 2016-05-12 00:43 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-12 00:43 - 2016-05-12 00:43 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-12 00:08 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll 2016-05-12 00:08 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll 2016-05-12 00:08 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2016-05-12 00:08 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2016-05-12 00:06 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-05-12 00:06 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-12 00:06 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-12 00:06 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-12 00:06 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-12 00:06 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-12 00:06 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-12 00:06 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-12 00:06 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-12 00:06 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-12 00:06 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-12 00:04 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-12 00:04 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-12 00:02 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-12 00:02 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-12 00:02 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-12 00:02 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-12 00:02 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-12 00:02 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-05-12 00:02 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-12 00:02 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-12 00:02 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-12 00:02 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-12 00:02 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-12 00:02 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-12 00:02 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-12 00:02 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-12 00:01 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-12 00:01 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-12 00:01 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-12 00:01 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-12 00:01 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-12 00:01 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-05-12 00:01 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-12 00:01 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-12 00:01 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-12 00:01 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-12 00:01 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-12 00:01 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-12 00:01 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-12 00:01 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-12 00:01 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-12 00:01 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-12 00:01 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 23:47 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-11 23:47 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 23:47 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-11 23:13 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-05-11 23:13 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-05-11 21:14 - 2016-05-11 21:14 - 00000000 ____D C:\Users\Günter3\AppData\Local\G DATA 2016-05-11 21:07 - 2016-05-11 21:07 - 00028672 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys 2016-05-11 21:07 - 2016-05-11 21:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf 2016-05-11 21:07 - 2016-05-11 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE 2016-05-11 11:44 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-11 11:44 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-11 11:44 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-11 11:44 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 11:44 - 2016-03-14 18:50 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2016-05-11 11:44 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-05-11 11:44 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2016-05-11 11:44 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2016-05-11 11:44 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-05-11 11:44 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2016-05-11 11:44 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-05-11 11:44 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-05-11 11:44 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-05-11 11:44 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-05-11 11:44 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-05-11 11:43 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2016-05-11 11:43 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-11 11:43 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-11 00:51 - 2016-05-12 22:43 - 00109250 _____ C:\Windows\ZAM.krnl.trace 2016-05-11 00:51 - 2016-05-12 22:36 - 00000551 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-05-11 00:51 - 2016-05-12 17:41 - 00001132 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2016-05-11 00:51 - 2016-05-12 17:41 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-05-11 00:51 - 2016-05-12 15:28 - 00202656 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2016-05-11 00:51 - 2016-05-12 15:28 - 00202656 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2016-05-11 00:41 - 2016-05-11 00:50 - 00000000 ____D C:\Users\Günter3\AppData\Local\Zemana 2016-05-11 00:41 - 2016-05-11 00:41 - 00001124 _____ C:\Users\Public\Desktop\AntiLogger Free.lnk 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Users\Günter3\AppData\Local\AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2016-05-11 00:41 - 2015-11-05 15:00 - 00143904 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys 2016-05-10 19:28 - 2016-05-10 19:28 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00C212A8 2016-05-10 19:28 - 2016-05-10 19:28 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000008336945398 2016-05-10 18:44 - 2016-05-10 18:45 - 00002094 _____ C:\Users\Günter3\Desktop\Entfernen des Avira PC Cleaners.lnk 2016-05-10 18:44 - 2016-05-10 18:45 - 00002038 _____ C:\Users\Günter3\Desktop\Avira PC Cleaner.lnk 2016-05-10 16:31 - 2016-05-10 16:31 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow01314918 2016-05-10 16:31 - 2016-05-10 16:31 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000E27BCE4B78 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0114B6D0 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow011222C8 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000003DFFF04C48 2016-05-10 14:16 - 2016-05-10 14:16 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0094CE78 2016-05-10 14:16 - 2016-05-10 14:16 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000DEF7845058 2016-05-10 01:08 - 2016-05-10 01:08 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow015CB108 2016-05-10 01:08 - 2016-05-10 01:08 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000FCE7395538 2016-05-10 00:56 - 2016-05-10 00:56 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00D5C3D8 2016-05-10 00:56 - 2016-05-10 00:56 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000008A08E25128 2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00AB34C0 2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000005970C557A8 2016-05-10 00:24 - 2016-05-10 00:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00A9BA38 2016-05-10 00:24 - 2016-05-10 00:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00000080621C4DE8 2016-05-10 00:16 - 2016-05-10 00:16 - 00000000 _____ C:\Users\Günter3\AppData\Local\{0C56E180-DBC6-4976-BC48-460BE291955E} 2016-05-10 00:14 - 2016-05-10 00:22 - 00000000 _____ C:\Users\Günter3\AppData\Local\{D5D6D2F8-72B3-4049-8353-48252311E053} 2016-05-10 00:12 - 2016-05-10 00:12 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0041CC70 2016-05-10 00:12 - 2016-05-10 00:12 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000EE33C65468 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0072F880 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00703318 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000DDF94557A8 2016-05-09 23:24 - 2016-05-09 23:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow007D14A0 2016-05-09 23:24 - 2016-05-09 23:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000003237755058 2016-05-09 22:27 - 2016-05-09 22:27 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00914140 2016-05-09 22:27 - 2016-05-09 22:27 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000B7E1EE57A8 2016-05-09 16:21 - 2016-05-09 16:21 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00D822F0 2016-05-09 16:21 - 2016-05-09 16:21 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000007BC99E5608 2016-05-09 16:15 - 2016-05-09 16:15 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00FD4960 2016-05-09 16:15 - 2016-05-09 16:15 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00FBB530 2016-05-09 15:58 - 2016-05-09 15:58 - 00000000 ____D C:\Windows\system32\jys 2016-05-09 15:54 - 2016-05-12 20:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow\Company 2016-05-09 15:54 - 2016-05-11 01:26 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\Paiuz 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\Users\Günter3\AppData\Local\Tempfolder 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\uninst 2016-05-09 14:34 - 2016-05-09 14:34 - 00001284 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Windows\system32\DAX2 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Program Files\Realtek 2016-05-09 14:23 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-05-09 14:23 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-05-09 14:23 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2016-05-09 14:23 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2016-05-09 14:23 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-05-09 14:23 - 2015-06-11 19:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2016-05-09 14:23 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-05-09 14:23 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-05-09 14:23 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-05-09 14:23 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2016-05-09 14:23 - 2015-04-24 05:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2016-05-09 14:23 - 2015-04-13 16:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2016-05-09 14:23 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2016-05-09 14:23 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-05-09 14:23 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2016-05-09 14:23 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-05-09 14:23 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-05-09 14:23 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2016-05-09 14:23 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-05-09 14:23 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-05-09 14:23 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-05-09 14:23 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-05-09 14:23 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-05-09 14:23 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-05-09 14:23 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-05-09 14:23 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-05-09 14:23 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-05-09 14:23 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-05-09 14:22 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-05-09 14:22 - 2015-06-10 13:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2016-05-09 14:22 - 2015-06-10 13:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2016-05-09 14:22 - 2015-06-09 11:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2016-05-09 14:22 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2016-05-09 14:22 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-05-09 14:22 - 2015-05-11 18:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2016-05-09 14:22 - 2015-04-27 16:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2016-05-09 14:22 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2016-05-09 14:22 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2016-05-09 14:22 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-05-09 14:22 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2016-05-09 14:22 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2016-05-09 14:22 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2016-05-09 14:22 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-05-09 14:22 - 2014-05-22 16:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2016-05-09 14:22 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-05-09 14:22 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2016-05-09 14:22 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-05-09 14:22 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-05-09 14:22 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-05-09 14:22 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-05-09 14:22 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-05-09 14:22 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2016-05-09 14:22 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2016-05-09 14:22 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-05-09 14:22 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-05-09 14:22 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-05-09 14:22 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-05-09 14:14 - 2016-05-09 14:14 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\Günter3\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe 2016-05-09 02:16 - 2016-05-09 02:18 - 00000077 _____ C:\wepkeys.txt 2016-05-09 02:03 - 2016-05-09 22:17 - 00000000 ____D C:\Neuer Ordner 2016-05-08 23:47 - 2016-05-10 14:26 - 00000000 ____D C:\Users\Günter3\AppData\Local\ElevatedDiagnostics 2016-05-06 01:13 - 2016-05-06 01:35 - 150971040 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e06.mp4 2016-05-06 00:54 - 2016-05-06 01:13 - 156022324 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e05.mp4 2016-05-06 00:30 - 2016-05-06 00:53 - 143473333 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e04.mp4 2016-05-06 00:10 - 2016-05-06 00:30 - 156755017 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e02.mp4 2016-05-05 23:51 - 2016-05-05 23:51 - 00014889 _____ C:\Users\Günter3\Documents\socken.odt 2016-05-05 23:50 - 2016-05-06 00:10 - 150315668 _____ C:\Users\Günter3\Downloads\Akte.X.S10E03.Mulder.und.Scully.gegen.das.Wer.Monster.German.Dubbed.HDTV.x264-ITG.mp4 2016-05-05 23:22 - 2016-05-05 23:50 - 158000779 _____ C:\Users\Günter3\Downloads\Akte.X.S10E01.Der.Kampf.German.Dubbed.HDTV.x264-ITG.mp4 2016-05-05 22:45 - 2016-05-05 23:33 - 236598901 _____ C:\Users\Günter3\Downloads\Fear.The.Walking.Dead.S02E03.Ouroboros.GERMAN.DUBBED.HDTVRip.x264-TVP.mp4 2016-05-05 22:45 - 2016-05-05 23:22 - 174410795 _____ C:\Users\Günter3\Downloads\Fear.The.Walking.Dead.S02E04.Blood.in.the.Streets.GERMAN.DUBBED.HDTVRip.x264-TVP.mp4 2016-05-05 22:45 - 2016-05-05 22:45 - 00435369 _____ C:\Users\Günter3\Downloads\Death Race 3 - Inferno unrated 2012 BluRay-Rip german AC3 XviD_360p.mp4.part 2016-05-05 22:44 - 2016-05-05 22:45 - 01233961 _____ C:\Users\Günter3\Downloads\Death Race 3 - Inferno unrated 2012 BluRay-Rip german.flv.part 2016-05-05 22:44 - 2016-05-05 22:45 - 01232748 _____ C:\Users\Günter3\Downloads\Death Race_ Inferno-kinox.to(45221)-bySGexx.mp4.part 2016-04-26 14:00 - 2016-04-26 14:18 - 00000000 ____D C:\Users\Günter3\Documents\Karin 2016-04-24 02:32 - 2016-04-25 01:25 - 00013360 _____ C:\Users\Günter3\Documents\EGV.odt 2016-04-22 14:21 - 2016-04-22 14:21 - 00270134 _____ C:\Users\Günter3\Documents\Dreehmomentschlüssel anleitung.pdf 2016-04-12 20:32 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-04-12 20:32 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-04-12 20:32 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-04-12 20:32 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-12 20:32 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-12 20:32 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-04-12 20:32 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-12 20:32 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-12 20:32 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-12 20:32 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-04-12 20:32 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2016-04-12 20:32 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2016-04-12 20:32 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-04-12 20:32 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-04-12 20:32 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-04-12 20:32 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll 2016-04-12 20:32 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-04-12 20:32 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-04-12 20:32 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll 2016-04-12 20:32 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-04-12 20:32 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-04-12 20:32 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-04-12 20:32 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2016-04-12 20:32 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-04-12 20:31 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-04-12 20:31 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-04-12 20:31 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-04-12 20:31 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-04-12 20:31 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2016-04-12 20:30 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-04-12 20:30 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2016-04-12 20:30 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys 2016-04-12 20:29 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-12 20:29 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-12 20:29 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-04-12 20:29 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-12 20:29 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-04-12 20:29 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-04-12 20:29 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2016-04-12 20:29 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-04-12 20:29 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-04-12 20:29 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-04-12 20:29 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-04-12 20:29 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-04-12 20:29 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-04-12 20:29 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2016-04-12 20:29 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2016-04-12 20:29 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2016-04-12 20:29 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-04-12 20:29 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-04-12 20:29 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-04-12 20:29 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-04-12 20:29 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-04-12 20:29 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-04-12 20:29 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-04-12 20:29 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-04-12 20:29 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2016-04-12 20:29 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2016-04-12 20:29 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2016-04-12 20:29 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-04-12 20:29 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2016-04-12 20:29 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-04-12 20:29 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-04-12 20:29 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2016-04-12 20:29 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-04-12 20:29 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2016-04-12 20:29 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2016-04-12 20:29 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2016-04-12 20:29 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2016-04-12 20:29 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-04-12 20:28 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-04-12 20:28 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-12 20:28 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-12 20:28 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-04-12 20:28 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-12 20:28 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-04-12 20:28 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-04-12 20:28 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2016-04-12 20:28 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2016-04-12 20:28 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2016-04-12 20:28 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2016-04-12 20:28 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2016-04-12 20:28 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2016-04-12 20:28 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-04-12 20:28 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll 2016-04-12 20:28 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll 2016-04-12 20:28 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2016-04-12 20:28 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2016-04-12 20:28 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2016-04-12 20:28 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe Code:
ATTFilter Chrome: ======= CHR Profile: C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 3 CHR Profile: C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7 CHR Extension: (Google Docs) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-12] CHR Extension: (Google Drive) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-12] CHR Extension: (YouTube) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-12] CHR Extension: (Google Tabellen) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-12] CHR Extension: (Google Docs Offline) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-12] CHR Extension: (Skype) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-05-12] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-12] CHR Extension: (Google Mail) - C:\Users\Günter3\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-12] CHR HKLM-x32\...\Chrome\Extension: [kkgbclpocodjecojibeaaglcgndegljl] - C:\Program Files (x86)\Recordify\Extensions\recordify_chrome_0.3.18.crx [2016-03-12] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-04-29] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [312448 2013-09-07] (Windows (R) Win 7 DDK provider) [Datei ist nicht signiert] R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2740344 2015-11-26] (G Data Software AG) R2 AVKService; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [966776 2015-06-16] (G Data Software AG) R2 AVKWCtl; C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [3842504 2015-09-16] (G Data Software AG) R3 Blackberry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [577536 2013-01-18] (Research In Motion Limited) [Datei ist nicht signiert] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation) R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-12-06] (Acer Incorporated) R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [663592 2013-07-05] (Acer Incorporated) R2 ETDService; C:\Program Files\Elantech\ETDService.exe [101192 2013-09-06] (ELAN Microelectronics Corp.) R3 GDFwSvc; C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [3203392 2015-09-15] (G Data Software AG) R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [789624 2015-06-16] (G Data Software AG) R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [457768 2013-08-03] (Acer Incorporate) R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R3 QASvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\QASvc.exe [457768 2013-08-02] (Acer Incorporate) R3 RMSvc; C:\Program Files\Packard Bell\Packard Bell Quick Access\RMSvc.exe [448040 2013-08-02] (Acer Incorporate) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [177800 2015-10-22] (Sandboxie Holdings, LLC) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13317960 2016-04-27] (Zemana Ltd.) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 abelssoft_recordify; C:\Windows\system32\drivers\recordify.sys [56584 2016-01-08] (Abelssoft) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [125888 2010-09-14] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [125888 2010-09-14] (SlySoft, Inc.) R3 athr; C:\Windows\system32\DRIVERS\athwbx.sys [3859968 2013-08-15] (Qualcomm Atheros Communications, Inc.) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [138240 2013-06-22] (Advanced Micro Devices) S3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation) S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-09-07] (Qualcomm Atheros) S3 DCamUSBVM; C:\Windows\System32\Drivers\usbVM31b.sys [142336 2005-09-19] (Vimicro Corporation) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R0 GDBehave; C:\Windows\System32\drivers\GDBehave.sys [158720 2016-05-11] (G Data Software AG) S0 GDElam; C:\Windows\System32\DRIVERS\GDElam.sys [117904 2015-01-08] (G Data Software AG) R3 GDKBB; C:\Windows\system32\drivers\GDKBB64.sys [28672 2016-05-11] (G Data Software AG) R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [231936 2016-05-11] (G Data Software AG) R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [91648 2016-05-11] (G Data Software AG) R1 gdwfpcd; C:\Windows\System32\drivers\gdwfpcd64.sys [69120 2016-05-11] (G DATA Software AG) R1 GRD; C:\Windows\system32\drivers\GRD.sys [106272 2016-05-11] (G Data Software) R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [126464 2016-05-11] (G Data Software AG) R3 keycrypt; C:\Windows\System32\DRIVERS\KeyCrypt64.sys [143904 2015-11-05] (Zemana Ltd.) R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated) R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated) S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [78336 2013-01-03] (Research In Motion Limited) R3 RimVSerPort; C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [192648 2015-10-22] (Sandboxie Holdings, LLC) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [202656 2016-05-12] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [202656 2016-05-12] (Zemana Ltd.) U3 DfSdkS; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-12 20:04 - 2016-05-12 22:35 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-05-12 20:03 - 2016-05-12 20:03 - 00001086 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-05-12 20:03 - 2016-05-12 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-05-12 20:03 - 2016-05-12 20:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-05-12 20:03 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2016-05-12 20:03 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2016-05-12 20:03 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2016-05-12 19:32 - 2016-05-12 19:32 - 00003974 _____ C:\Windows\System32\Tasks\Chrome Cleanup Tool logs upload retry 2016-05-12 17:41 - 2016-05-12 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2016-05-12 17:06 - 2016-05-12 17:06 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\ATI 2016-05-12 17:06 - 2016-05-12 17:06 - 00000000 ____D C:\Users\Günter3\AppData\Local\ATI 2016-05-12 17:06 - 2016-05-12 17:06 - 00000000 ____D C:\ProgramData\ATI 2016-05-12 16:36 - 2016-05-12 16:36 - 05023744 _____ C:\Users\Günter3\Downloads\gpmc (1).msi 2016-05-12 15:55 - 2016-05-12 15:55 - 05023744 _____ C:\Users\Günter3\Downloads\gpmc.msi 2016-05-12 14:08 - 2016-05-12 14:09 - 00035349 _____ C:\Users\Günter3\Downloads\Addition.txt 2016-05-12 14:05 - 2016-05-12 14:09 - 00076965 _____ C:\Users\Günter3\Downloads\FRST.txt 2016-05-12 14:03 - 2016-05-12 22:43 - 00000000 ____D C:\FRST 2016-05-12 14:02 - 2016-05-12 14:02 - 02381312 _____ (Farbar) C:\Users\Günter3\Downloads\FRST64 (1).exe 2016-05-12 13:15 - 2016-05-12 13:15 - 02381312 _____ (Farbar) C:\Users\Günter3\Downloads\FRST64.exe 2016-05-12 12:28 - 2016-05-12 12:28 - 00872464 _____ (Microsoft Corporation) C:\Users\Günter3\Downloads\mssstool64.exe 2016-05-12 11:33 - 2016-05-12 11:33 - 00165029 _____ C:\Users\Günter3\Documents\BIOS Setup öffnen in Windows 8.1 - so geht's - PC Magazin.pdf 2016-05-12 11:29 - 2016-05-12 11:29 - 00000425 _____ C:\Windows\BRWMARK.INI 2016-05-12 11:29 - 2016-05-12 11:29 - 00000027 _____ C:\Windows\BRPP2KA.INI 2016-05-12 00:43 - 2016-05-12 00:43 - 00002251 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-05-12 00:43 - 2016-05-12 00:43 - 00002239 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-05-12 00:08 - 2016-03-10 19:03 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dsparse.dll 2016-05-12 00:08 - 2016-03-10 18:48 - 00024064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dsparse.dll 2016-05-12 00:08 - 2016-03-05 19:44 - 00148480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shacct.dll 2016-05-12 00:08 - 2016-03-05 19:04 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\shacct.dll 2016-05-12 00:06 - 2016-04-06 23:13 - 00561960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2016-05-12 00:06 - 2016-04-06 23:13 - 00137976 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2016-05-12 00:06 - 2016-04-06 20:20 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2016-05-12 00:06 - 2016-04-06 20:19 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2016-05-12 00:06 - 2016-04-06 20:19 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2016-05-12 00:06 - 2016-04-06 19:49 - 00120384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2016-05-12 00:06 - 2016-04-06 19:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2016-05-12 00:06 - 2016-04-06 18:57 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2016-05-12 00:06 - 2016-04-06 18:52 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2016-05-12 00:06 - 2016-04-06 18:20 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2016-05-12 00:06 - 2016-04-06 17:48 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2016-05-12 00:04 - 2016-04-10 09:48 - 00738096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2016-05-12 00:04 - 2016-04-10 09:48 - 00613624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2016-05-12 00:02 - 2016-04-22 22:06 - 20349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2016-05-12 00:02 - 2016-04-22 21:35 - 00497152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2016-05-12 00:02 - 2016-04-22 21:29 - 02285568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2016-05-12 00:02 - 2016-04-22 21:23 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2016-05-12 00:02 - 2016-04-22 20:58 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2016-05-12 00:02 - 2016-04-22 20:58 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2016-05-12 00:02 - 2016-04-22 20:54 - 13811200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2016-05-12 00:02 - 2016-04-22 20:53 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2016-05-12 00:02 - 2016-04-22 20:52 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2016-05-12 00:02 - 2016-04-22 20:52 - 00330752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2016-05-12 00:02 - 2016-04-22 20:51 - 02056192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2016-05-12 00:02 - 2016-04-22 20:27 - 02121216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2016-05-12 00:02 - 2016-04-22 20:24 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2016-05-12 00:02 - 2016-04-22 20:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2016-05-12 00:01 - 2016-04-22 22:54 - 25816576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2016-05-12 00:01 - 2016-04-22 22:15 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2016-05-12 00:01 - 2016-04-22 22:14 - 02893312 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2016-05-12 00:01 - 2016-04-22 22:08 - 06052864 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2016-05-12 00:01 - 2016-04-22 22:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2016-05-12 00:01 - 2016-04-22 21:24 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2016-05-12 00:01 - 2016-04-22 21:19 - 15414784 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2016-05-12 00:01 - 2016-04-22 21:17 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2016-05-12 00:01 - 2016-04-22 21:14 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2016-05-12 00:01 - 2016-04-22 21:14 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2016-05-12 00:01 - 2016-04-22 21:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2016-05-12 00:01 - 2016-04-22 21:12 - 02131968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2016-05-12 00:01 - 2016-04-22 20:52 - 02596864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2016-05-12 00:01 - 2016-04-22 20:40 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2016-05-12 00:01 - 2016-04-22 20:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2016-05-12 00:01 - 2016-03-31 08:50 - 01307328 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2016-05-12 00:01 - 2016-03-31 05:40 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 23:47 - 2016-04-10 06:21 - 01763376 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2016-05-11 23:47 - 2016-04-10 06:21 - 01489088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 23:47 - 2016-03-29 03:42 - 07446368 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2016-05-11 23:13 - 2016-04-09 23:58 - 00534016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.dll 2016-05-11 23:13 - 2016-04-09 23:50 - 00375296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.dll 2016-05-11 21:14 - 2016-05-11 21:14 - 00000000 ____D C:\Users\Günter3\AppData\Local\G DATA 2016-05-11 21:07 - 2016-05-11 21:07 - 00028672 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDKBB64.sys 2016-05-11 21:07 - 2016-05-11 21:07 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_GDKBB64_01007.Wdf 2016-05-11 21:07 - 2016-05-11 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data InternetSecurity CBE 2016-05-11 11:44 - 2016-04-10 06:14 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll 2016-05-11 11:44 - 2016-04-10 00:07 - 01097728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll 2016-05-11 11:44 - 2016-03-16 03:58 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2016-05-11 11:44 - 2016-03-16 03:58 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 11:44 - 2016-03-14 18:50 - 00316760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys 2016-05-11 11:44 - 2016-03-12 02:49 - 02466136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2016-05-11 11:44 - 2016-03-12 02:47 - 00160160 _____ (Microsoft Corporation) C:\Windows\system32\IPHLPAPI.DLL 2016-05-11 11:44 - 2016-03-12 02:47 - 00121912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IPHLPAPI.DLL 2016-05-11 11:44 - 2016-03-10 18:55 - 00510976 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll 2016-05-11 11:44 - 2016-03-10 18:52 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll 2016-05-11 11:44 - 2016-03-10 18:42 - 00413696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll 2016-05-11 11:44 - 2016-02-27 20:28 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll 2016-05-11 11:44 - 2016-02-27 19:57 - 03273728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll 2016-05-11 11:44 - 2016-02-27 19:19 - 03820544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll 2016-05-11 11:44 - 2016-02-27 18:32 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll 2016-05-11 11:43 - 2016-04-11 08:21 - 00074584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys 2016-05-11 11:43 - 2016-04-10 07:37 - 01549144 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2016-05-11 11:43 - 2016-04-10 01:29 - 04169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2016-05-11 00:51 - 2016-05-12 22:43 - 00109250 _____ C:\Windows\ZAM.krnl.trace 2016-05-11 00:51 - 2016-05-12 22:36 - 00000551 _____ C:\Windows\ZAM_Guard.krnl.trace 2016-05-11 00:51 - 2016-05-12 17:41 - 00001132 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2016-05-11 00:51 - 2016-05-12 17:41 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2016-05-11 00:51 - 2016-05-12 15:28 - 00202656 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2016-05-11 00:51 - 2016-05-12 15:28 - 00202656 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2016-05-11 00:41 - 2016-05-11 00:50 - 00000000 ____D C:\Users\Günter3\AppData\Local\Zemana 2016-05-11 00:41 - 2016-05-11 00:41 - 00001124 _____ C:\Users\Public\Desktop\AntiLogger Free.lnk 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Users\Günter3\AppData\Local\AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Program Files (x86)\Zemana AntiLogger Free 2016-05-11 00:41 - 2016-05-11 00:41 - 00000000 ____D C:\Program Files (x86)\KeyCryptSDK 2016-05-11 00:41 - 2015-11-05 15:00 - 00143904 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\KeyCrypt64.sys 2016-05-10 19:28 - 2016-05-10 19:28 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00C212A8 2016-05-10 19:28 - 2016-05-10 19:28 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000008336945398 2016-05-10 18:44 - 2016-05-10 18:45 - 00002094 _____ C:\Users\Günter3\Desktop\Entfernen des Avira PC Cleaners.lnk 2016-05-10 18:44 - 2016-05-10 18:45 - 00002038 _____ C:\Users\Günter3\Desktop\Avira PC Cleaner.lnk 2016-05-10 16:31 - 2016-05-10 16:31 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow01314918 2016-05-10 16:31 - 2016-05-10 16:31 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000E27BCE4B78 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0114B6D0 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow011222C8 2016-05-10 15:13 - 2016-05-10 15:13 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000003DFFF04C48 2016-05-10 14:16 - 2016-05-10 14:16 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0094CE78 2016-05-10 14:16 - 2016-05-10 14:16 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000DEF7845058 2016-05-10 01:08 - 2016-05-10 01:08 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow015CB108 2016-05-10 01:08 - 2016-05-10 01:08 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000FCE7395538 2016-05-10 00:56 - 2016-05-10 00:56 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00D5C3D8 2016-05-10 00:56 - 2016-05-10 00:56 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000008A08E25128 2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00AB34C0 2016-05-10 00:43 - 2016-05-10 00:43 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000005970C557A8 2016-05-10 00:24 - 2016-05-10 00:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00A9BA38 2016-05-10 00:24 - 2016-05-10 00:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00000080621C4DE8 2016-05-10 00:16 - 2016-05-10 00:16 - 00000000 _____ C:\Users\Günter3\AppData\Local\{0C56E180-DBC6-4976-BC48-460BE291955E} 2016-05-10 00:14 - 2016-05-10 00:22 - 00000000 _____ C:\Users\Günter3\AppData\Local\{D5D6D2F8-72B3-4049-8353-48252311E053} 2016-05-10 00:12 - 2016-05-10 00:12 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0041CC70 2016-05-10 00:12 - 2016-05-10 00:12 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000EE33C65468 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0072F880 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00703318 2016-05-09 23:33 - 2016-05-09 23:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000DDF94557A8 2016-05-09 23:24 - 2016-05-09 23:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow007D14A0 2016-05-09 23:24 - 2016-05-09 23:24 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000003237755058 2016-05-09 22:27 - 2016-05-09 22:27 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00914140 2016-05-09 22:27 - 2016-05-09 22:27 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow000000B7E1EE57A8 2016-05-09 16:21 - 2016-05-09 16:21 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00D822F0 2016-05-09 16:21 - 2016-05-09 16:21 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow0000007BC99E5608 2016-05-09 16:15 - 2016-05-09 16:15 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00FD4960 2016-05-09 16:15 - 2016-05-09 16:15 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow00FBB530 2016-05-09 15:58 - 2016-05-09 15:58 - 00000000 ____D C:\Windows\system32\jys 2016-05-09 15:54 - 2016-05-12 20:33 - 00000000 ____D C:\Users\Günter3\AppData\LocalLow\Company 2016-05-09 15:54 - 2016-05-11 01:26 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\Paiuz 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\Users\Günter3\AppData\Local\Tempfolder 2016-05-09 15:54 - 2016-05-09 15:54 - 00000000 ____D C:\uninst 2016-05-09 14:34 - 2016-05-09 14:34 - 00001284 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio-Manager.lnk 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Windows\SysWOW64\RTCOM 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Windows\system32\DAX2 2016-05-09 14:24 - 2016-05-09 14:24 - 00000000 ____D C:\Program Files\Realtek 2016-05-09 14:23 - 2015-06-18 18:45 - 04496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2016-05-09 14:23 - 2015-06-18 17:59 - 02862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2016-05-09 14:23 - 2015-06-17 19:47 - 02930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2016-05-09 14:23 - 2015-06-17 19:47 - 02585816 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll 2016-05-09 14:23 - 2015-06-17 14:45 - 03234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2016-05-09 14:23 - 2015-06-11 19:40 - 03157796 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat 2016-05-09 14:23 - 2015-05-26 11:59 - 00166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2016-05-09 14:23 - 2015-05-18 14:47 - 02702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2016-05-09 14:23 - 2015-05-15 19:27 - 02918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2016-05-09 14:23 - 2015-05-15 16:32 - 01316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00858256 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00684176 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll 2016-05-09 14:23 - 2015-04-24 05:42 - 00435856 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll 2016-05-09 14:23 - 2015-04-24 05:41 - 00555664 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.DLL 2016-05-09 14:23 - 2015-04-13 16:25 - 03262184 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 01413776 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00454288 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00369296 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll 2016-05-09 14:23 - 2015-02-04 00:38 - 00329360 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll 2016-05-09 14:23 - 2015-01-23 18:16 - 00213432 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaemaxapo64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 01104040 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00943784 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00734376 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll 2016-05-09 14:23 - 2014-12-11 08:10 - 00250536 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll 2016-05-09 14:23 - 2014-11-11 13:44 - 00631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2016-05-09 14:23 - 2014-08-14 19:16 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat 2016-05-09 14:23 - 2014-06-17 19:17 - 00856992 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll 2016-05-09 14:23 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2016-05-09 14:23 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll 2016-05-09 14:23 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll 2016-05-09 14:23 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll 2016-05-09 14:23 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll 2016-05-09 14:23 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll 2016-05-09 14:23 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll 2016-05-09 14:23 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2016-05-09 14:23 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll 2016-05-09 14:23 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll 2016-05-09 14:23 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll 2016-05-09 14:23 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2016-05-09 14:23 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2016-05-09 14:23 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2016-05-09 14:23 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2016-05-09 14:22 - 2015-06-15 17:39 - 01748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2016-05-09 14:22 - 2015-06-10 13:20 - 03129672 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll 2016-05-09 14:22 - 2015-06-10 13:20 - 00728392 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll 2016-05-09 14:22 - 2015-06-09 11:17 - 05708736 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll 2016-05-09 14:22 - 2015-06-02 19:25 - 01576976 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 02461016 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 02393432 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 00944984 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll 2016-05-09 14:22 - 2015-05-27 18:51 - 00349528 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll 2016-05-09 14:22 - 2015-05-25 15:18 - 03195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2016-05-09 14:22 - 2015-05-11 18:53 - 12996528 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01374640 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01192368 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 01145264 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll 2016-05-09 14:22 - 2015-05-11 13:08 - 00980400 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll 2016-05-09 14:22 - 2015-04-27 16:09 - 00328816 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll 2016-05-09 14:22 - 2015-02-05 17:48 - 12834736 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll 2016-05-09 14:22 - 2015-02-05 17:48 - 02789808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll 2016-05-09 14:22 - 2015-01-19 18:10 - 72113152 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat 2016-05-09 14:22 - 2014-11-04 13:42 - 06242576 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 01933584 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 00336144 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll 2016-05-09 14:22 - 2014-11-04 13:42 - 00284944 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll 2016-05-09 14:22 - 2014-10-24 10:12 - 05234952 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll 2016-05-09 14:22 - 2014-10-24 10:12 - 00995120 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 07087448 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll 2016-05-09 14:22 - 2014-09-24 11:31 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll 2016-05-09 14:22 - 2014-06-09 10:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2016-05-09 14:22 - 2014-05-22 16:24 - 00096568 _____ C:\Windows\system32\audioLibVc.dll 2016-05-09 14:22 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2016-05-09 14:22 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll 2016-05-09 14:22 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll 2016-05-09 14:22 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll 2016-05-09 14:22 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll 2016-05-09 14:22 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll 2016-05-09 14:22 - 2013-07-23 15:39 - 14048512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll 2016-05-09 14:22 - 2013-07-23 15:39 - 00922880 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2016-05-09 14:22 - 2013-06-21 11:01 - 00109848 _____ C:\Windows\system32\AcpiServiceVnA64.dll 2016-05-09 14:22 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll 2016-05-09 14:22 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll 2016-05-09 14:22 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll 2016-05-09 14:22 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2016-05-09 14:22 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll 2016-05-09 14:22 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll 2016-05-09 14:22 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2016-05-09 14:14 - 2016-05-09 14:14 - 131494359 _____ (Realtek Semiconductor Corp.) C:\Users\Günter3\Downloads\0006-64bit_Win7_Win8_Win81_Win10_R279.exe 2016-05-09 02:16 - 2016-05-09 02:18 - 00000077 _____ C:\wepkeys.txt 2016-05-09 02:03 - 2016-05-09 22:17 - 00000000 ____D C:\Neuer Ordner 2016-05-08 23:47 - 2016-05-10 14:26 - 00000000 ____D C:\Users\Günter3\AppData\Local\ElevatedDiagnostics 2016-05-06 01:13 - 2016-05-06 01:35 - 150971040 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e06.mp4 2016-05-06 00:54 - 2016-05-06 01:13 - 156022324 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e05.mp4 2016-05-06 00:30 - 2016-05-06 00:53 - 143473333 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e04.mp4 2016-05-06 00:10 - 2016-05-06 00:30 - 156755017 _____ C:\Users\Günter3\Downloads\itg-aktex-s10e02.mp4 2016-05-05 23:51 - 2016-05-05 23:51 - 00014889 _____ C:\Users\Günter3\Documents\socken.odt 2016-05-05 23:50 - 2016-05-06 00:10 - 150315668 _____ C:\Users\Günter3\Downloads\Akte.X.S10E03.Mulder.und.Scully.gegen.das.Wer.Monster.German.Dubbed.HDTV.x264-ITG.mp4 2016-05-05 23:22 - 2016-05-05 23:50 - 158000779 _____ C:\Users\Günter3\Downloads\Akte.X.S10E01.Der.Kampf.German.Dubbed.HDTV.x264-ITG.mp4 2016-05-05 22:45 - 2016-05-05 23:33 - 236598901 _____ C:\Users\Günter3\Downloads\Fear.The.Walking.Dead.S02E03.Ouroboros.GERMAN.DUBBED.HDTVRip.x264-TVP.mp4 2016-05-05 22:45 - 2016-05-05 23:22 - 174410795 _____ C:\Users\Günter3\Downloads\Fear.The.Walking.Dead.S02E04.Blood.in.the.Streets.GERMAN.DUBBED.HDTVRip.x264-TVP.mp4 2016-05-05 22:45 - 2016-05-05 22:45 - 00435369 _____ C:\Users\Günter3\Downloads\Death Race 3 - Inferno unrated 2012 BluRay-Rip german AC3 XviD_360p.mp4.part 2016-05-05 22:44 - 2016-05-05 22:45 - 01233961 _____ C:\Users\Günter3\Downloads\Death Race 3 - Inferno unrated 2012 BluRay-Rip german.flv.part 2016-05-05 22:44 - 2016-05-05 22:45 - 01232748 _____ C:\Users\Günter3\Downloads\Death Race_ Inferno-kinox.to(45221)-bySGexx.mp4.part 2016-04-26 14:00 - 2016-04-26 14:18 - 00000000 ____D C:\Users\Günter3\Documents\Karin 2016-04-24 02:32 - 2016-04-25 01:25 - 00013360 _____ C:\Users\Günter3\Documents\EGV.odt 2016-04-22 14:21 - 2016-04-22 14:21 - 00270134 _____ C:\Users\Günter3\Documents\Dreehmomentschlüssel anleitung.pdf 2016-04-12 20:32 - 2016-04-04 08:35 - 00046768 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2016-04-12 20:32 - 2016-04-02 15:26 - 01386496 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2016-04-12 20:32 - 2016-04-02 15:26 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00698368 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2016-04-12 20:32 - 2016-03-28 15:21 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2016-04-12 20:32 - 2016-03-11 16:48 - 00833024 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll 2016-04-12 20:32 - 2016-03-10 19:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\samlib.dll 2016-04-12 20:32 - 2016-03-10 18:48 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\samlib.dll 2016-04-12 20:32 - 2016-03-03 18:47 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2016-04-12 20:32 - 2016-03-03 18:33 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2016-04-12 20:32 - 2016-03-03 03:39 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll 2016-04-12 20:32 - 2016-03-03 03:39 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll 2016-04-12 20:32 - 2016-02-05 16:46 - 01455104 _____ (Microsoft Corporation) C:\Windows\system32\VSSVC.exe 2016-04-12 20:32 - 2016-02-03 17:14 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\IPMIDrv.sys 2016-04-12 20:32 - 2016-02-02 20:16 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rasl2tp.sys 2016-04-12 20:32 - 2016-02-02 19:51 - 00162304 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll 2016-04-12 20:32 - 2016-02-02 19:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll 2016-04-12 20:32 - 2016-02-02 19:01 - 00031744 _____ (Microsoft Corporation) C:\Windows\system32\WsmAgent.dll 2016-04-12 20:32 - 2016-02-02 18:51 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll 2016-04-12 20:32 - 2016-02-02 18:48 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll 2016-04-12 20:32 - 2016-02-02 18:46 - 00026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAgent.dll 2016-04-12 20:32 - 2016-02-02 18:41 - 02170880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll 2016-04-12 20:32 - 2016-02-02 18:39 - 00236032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll 2016-04-12 20:32 - 2016-01-27 17:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll 2016-04-12 20:32 - 2016-01-21 21:35 - 00952928 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll 2016-04-12 20:32 - 2016-01-21 20:42 - 00786152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll 2016-04-12 20:31 - 2016-03-31 01:56 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2016-04-12 20:31 - 2016-03-31 01:56 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2016-04-12 20:31 - 2016-03-31 01:55 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2016-04-12 20:31 - 2016-03-31 01:30 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2016-04-12 20:31 - 2016-03-31 01:30 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2016-04-12 20:30 - 2016-02-03 17:11 - 01673728 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll 2016-04-12 20:30 - 2016-02-02 19:15 - 00787456 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll 2016-04-12 20:30 - 2016-01-26 21:15 - 00072024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpci.sys 2016-04-12 20:29 - 2016-03-10 21:17 - 01133752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2016-04-12 20:29 - 2016-03-10 19:48 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2016-04-12 20:29 - 2016-03-10 19:43 - 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll 2016-04-12 20:29 - 2016-03-10 18:55 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll 2016-04-12 20:29 - 2016-03-10 18:42 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 22365472 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2016-04-12 20:29 - 2016-02-09 03:31 - 02757616 _____ (Microsoft Corporation) C:\Windows\explorer.exe 2016-04-12 20:29 - 2016-02-09 03:31 - 02412576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe 2016-04-12 20:29 - 2016-02-09 03:31 - 00273264 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlows.exe 2016-04-12 20:29 - 2016-02-08 22:55 - 02712576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2016-04-12 20:29 - 2016-02-08 22:15 - 02551808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll 2016-04-12 20:29 - 2016-02-08 22:02 - 01197056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll 2016-04-12 20:29 - 2016-02-08 21:48 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll 2016-04-12 20:29 - 2016-02-08 21:43 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe 2016-04-12 20:29 - 2016-02-08 21:40 - 00539648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll 2016-04-12 20:29 - 2016-02-08 21:39 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll 2016-04-12 20:29 - 2016-02-08 21:37 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingMonitor.dll 2016-04-12 20:29 - 2016-02-08 21:35 - 00954880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll 2016-04-12 20:29 - 2016-02-08 21:34 - 00667648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll 2016-04-12 20:29 - 2016-02-08 21:33 - 00520192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll 2016-04-12 20:29 - 2016-02-08 20:50 - 03120640 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2016-04-12 20:29 - 2016-02-08 19:55 - 02592256 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll 2016-04-12 20:29 - 2016-02-08 19:33 - 01278464 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll 2016-04-12 20:29 - 2016-02-08 19:12 - 14466560 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll 2016-04-12 20:29 - 2016-02-08 19:02 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe 2016-04-12 20:29 - 2016-02-08 19:00 - 00599552 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll 2016-04-12 20:29 - 2016-02-08 18:58 - 00336384 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll 2016-04-12 20:29 - 2016-02-08 18:55 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\SettingMonitor.dll 2016-04-12 20:29 - 2016-02-08 18:53 - 02171904 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsAdminFlowUI.dll 2016-04-12 20:29 - 2016-02-08 18:53 - 01348096 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll 2016-04-12 20:29 - 2016-02-08 18:50 - 01220096 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll 2016-04-12 20:29 - 2016-02-08 18:50 - 00841728 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll 2016-04-12 20:29 - 2016-02-08 18:48 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll 2016-04-12 20:29 - 2016-02-08 18:47 - 02819584 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll 2016-04-12 20:29 - 2016-02-08 18:44 - 00955392 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll 2016-04-12 20:29 - 2016-01-22 07:22 - 02487296 _____ (Microsoft Corporation) C:\Windows\system32\storagewmi.dll 2016-04-12 20:29 - 2016-01-22 07:11 - 01482240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\storagewmi.dll 2016-04-12 20:29 - 2016-01-21 00:40 - 00099672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys 2016-04-12 20:29 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll 2016-04-12 20:29 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll 2016-04-12 20:28 - 2016-03-03 18:13 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll 2016-04-12 20:28 - 2016-02-11 22:17 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2016-04-12 20:28 - 2016-02-11 22:17 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2016-04-12 20:28 - 2016-02-11 22:17 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2016-04-12 20:28 - 2016-02-11 22:17 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2016-04-12 20:28 - 2016-02-11 22:17 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2016-04-12 20:28 - 2016-02-11 22:16 - 01501488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2016-04-12 20:28 - 2016-02-09 20:07 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll 2016-04-12 20:28 - 2016-02-07 01:05 - 00551256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys 2016-04-12 20:28 - 2016-02-05 21:07 - 00378712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2016-04-12 20:28 - 2016-02-05 17:11 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL 2016-04-12 20:28 - 2016-02-05 17:11 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL 2016-04-12 20:28 - 2016-02-05 17:07 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL 2016-04-12 20:28 - 2016-02-05 17:02 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL 2016-04-12 20:28 - 2016-02-04 20:07 - 00222720 _____ (Microsoft Corporation) C:\Windows\system32\dhcpsapi.dll 2016-04-12 20:28 - 2016-02-04 19:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpsapi.dll 2016-04-12 20:28 - 2016-02-04 18:23 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll 2016-04-12 20:28 - 2016-02-04 18:22 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll 2016-04-12 20:28 - 2016-02-02 19:18 - 01574912 _____ (Microsoft Corporation) C:\Windows\system32\wbengine.exe 2016-04-12 20:28 - 2016-01-31 19:17 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\WindowsAnytimeUpgradeui.exe |
13.05.2016, 00:01 | #15 |
| smartsurf.ru ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-12 22:25 - 2013-12-13 11:37 - 01048074 _____ C:\Windows\system32\perfh007.dat 2016-05-12 22:25 - 2013-12-13 11:37 - 00242778 _____ C:\Windows\system32\perfc007.dat 2016-05-12 22:25 - 2013-09-06 06:58 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-12 22:19 - 2014-05-10 03:00 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766.job 2016-05-12 22:19 - 2014-02-23 19:02 - 00000000 ___RD C:\Users\Günter3\SkyDrive 2016-05-12 22:19 - 2014-02-06 23:40 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-12 22:19 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-12 22:18 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-05-12 22:05 - 2014-05-10 03:01 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b.job 2016-05-12 22:00 - 2014-02-07 00:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-12 22:00 - 2014-02-06 23:40 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-12 21:45 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-05-12 21:05 - 2014-02-06 22:39 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3745538668-36452931-2607822575-1001 2016-05-12 20:40 - 2014-02-06 22:32 - 00000000 ____D C:\Users\Günter3 2016-05-12 20:35 - 2016-02-15 20:56 - 00000306 __RSH C:\ProgramData\ntuser.pol 2016-05-12 20:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Vss 2016-05-12 17:30 - 2014-02-07 17:44 - 00000000 ____D C:\Users\Günter3\AppData\Local\CrashDumps 2016-05-12 16:58 - 2014-02-06 19:47 - 00000000 ____D C:\AdwCleaner 2016-05-12 16:36 - 2014-02-06 23:25 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7BDC6975-0F34-4339-9FF4-616F2B001734} 2016-05-12 16:21 - 2015-01-21 23:40 - 00001540 _____ C:\Windows\Sandboxie.ini 2016-05-12 14:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-05-12 14:14 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2016-05-12 13:08 - 2013-12-13 02:52 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2016-05-12 11:33 - 2014-02-06 19:42 - 00132504 _____ C:\Users\Günter3\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-12 00:42 - 2014-02-06 23:40 - 00000000 ____D C:\Program Files (x86)\Google 2016-05-12 00:36 - 2014-02-06 23:40 - 00000000 ____D C:\Users\Günter3\AppData\Local\Google 2016-05-12 00:14 - 2016-02-10 15:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-12 00:14 - 2014-12-23 16:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-05-11 23:38 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-11 22:57 - 2013-08-22 16:44 - 00513520 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-11 21:15 - 2014-05-08 14:13 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2016-05-11 21:15 - 2014-05-08 14:13 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2016-05-11 21:12 - 2014-05-08 13:56 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2016-05-11 21:07 - 2014-05-08 13:56 - 00001970 _____ C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk 2016-05-11 21:07 - 2014-05-08 13:49 - 00000000 ____D C:\ProgramData\G Data 2016-05-11 21:06 - 2014-05-08 13:56 - 00231936 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00126464 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00069120 _____ (G DATA Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys 2016-05-11 21:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2016-05-11 20:28 - 2014-02-07 00:24 - 00000000 ____D C:\Windows\system32\MRT 2016-05-11 11:44 - 2014-02-07 00:23 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-10 23:00 - 2014-05-10 03:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b 2016-05-10 23:00 - 2014-05-10 03:00 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766 2016-05-10 22:54 - 2016-02-03 23:45 - 00000858 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-05-10 22:54 - 2016-02-03 23:45 - 00000810 _____ C:\Users\Günter3\Desktop\Start Tor Browser.lnk 2016-05-10 22:54 - 2015-01-28 17:49 - 00000000 ____D C:\Users\Günter3\Desktop\Tor Browser 2016-05-10 22:54 - 2014-02-06 22:33 - 00001023 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-05-10 22:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2016-05-09 22:16 - 2016-02-12 19:01 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5 2016-05-09 14:24 - 2013-12-13 03:14 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-05-09 14:22 - 2013-12-13 03:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-05-09 00:29 - 2015-04-04 23:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-05-09 00:29 - 2015-04-04 23:25 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-08 23:39 - 2014-06-23 18:52 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-05-07 23:51 - 2016-03-28 13:10 - 00004608 _____ C:\Users\Günter3\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-05-07 23:47 - 2014-02-07 18:20 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\vlc 2016-05-07 23:33 - 2014-12-12 00:57 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-07 23:32 - 2014-02-06 23:10 - 00000000 ____D C:\Users\Günter3\AppData\Local\JDownloader v2.0 2016-05-06 01:24 - 2014-02-07 18:20 - 00001054 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-05-06 00:05 - 2014-02-06 20:16 - 00000960 _____ C:\Users\Günter3\AppData\Roaming\wklnhst.dat 2016-05-06 00:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-05-03 03:15 - 2014-12-12 18:42 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-03 03:15 - 2014-12-12 18:42 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-27 14:53 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-27 14:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2016-04-21 22:08 - 2014-02-06 21:04 - 00001207 _____ C:\Users\Günter3\Downloads\VideoCacheView.cfg 2016-04-21 15:05 - 2014-04-07 19:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-14 11:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2016-04-14 11:32 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2016-04-12 20:05 - 2016-01-13 13:00 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-08 13:56 - 2014-05-08 13:56 - 0000000 _____ () C:\Users\Günter3\AppData\Roaming\gdfw.log 2014-05-08 13:56 - 2014-05-08 13:56 - 0000779 _____ () C:\Users\Günter3\AppData\Roaming\gdscan.log 2014-02-06 20:42 - 2014-02-06 20:42 - 0099384 _____ () C:\Users\Günter3\AppData\Roaming\inst.exe 2016-05-10 18:31 - 2016-05-10 18:31 - 0000053 _____ () C:\Users\Günter3\AppData\Roaming\LogFile.txt 2014-02-06 20:42 - 2014-02-06 20:42 - 0007859 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.cat 2014-02-06 20:42 - 2014-02-06 20:42 - 0001167 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.inf 2014-02-06 20:42 - 2014-02-06 20:42 - 0000055 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.log 2014-02-06 20:42 - 2014-02-06 20:42 - 0082816 _____ (VSO Software) C:\Users\Günter3\AppData\Roaming\pcouffin.sys 2015-04-22 18:45 - 2016-05-05 23:55 - 0000308 _____ () C:\Users\Günter3\AppData\Roaming\Rim.Desktop.Exception.log 2015-04-22 18:42 - 2015-04-22 18:42 - 0001111 _____ () C:\Users\Günter3\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2015-04-22 18:45 - 2016-05-05 23:55 - 0000308 _____ () C:\Users\Günter3\AppData\Roaming\Rim.DesktopHelper.Exception.log 2014-02-06 20:16 - 2016-05-06 00:05 - 0000960 _____ () C:\Users\Günter3\AppData\Roaming\wklnhst.dat 2016-03-28 13:10 - 2016-05-07 23:51 - 0004608 _____ () C:\Users\Günter3\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 17:40 - 2015-08-18 20:00 - 0018432 _____ () C:\Users\Günter3\AppData\Local\file__0.localstorage 2016-05-10 00:16 - 2016-05-10 00:16 - 0000000 _____ () C:\Users\Günter3\AppData\Local\{0C56E180-DBC6-4976-BC48-460BE291955E} 2016-05-10 00:14 - 2016-05-10 00:22 - 0000000 _____ () C:\Users\Günter3\AppData\Local\{D5D6D2F8-72B3-4049-8353-48252311E053} 2013-12-13 03:14 - 2013-12-13 03:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-18 19:14 ==================== Ende von FRST.txt ============================ Code:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-05-12 22:25 - 2013-12-13 11:37 - 01048074 _____ C:\Windows\system32\perfh007.dat 2016-05-12 22:25 - 2013-12-13 11:37 - 00242778 _____ C:\Windows\system32\perfc007.dat 2016-05-12 22:25 - 2013-09-06 06:58 - 00005430 _____ C:\Windows\system32\PerfStringBackup.INI 2016-05-12 22:19 - 2014-05-10 03:00 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766.job 2016-05-12 22:19 - 2014-02-23 19:02 - 00000000 ___RD C:\Users\Günter3\SkyDrive 2016-05-12 22:19 - 2014-02-06 23:40 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-05-12 22:19 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-05-12 22:18 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-05-12 22:05 - 2014-05-10 03:01 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b.job 2016-05-12 22:00 - 2014-02-07 00:01 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-05-12 22:00 - 2014-02-06 23:40 - 00001128 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-05-12 21:45 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf 2016-05-12 21:05 - 2014-02-06 22:39 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3745538668-36452931-2607822575-1001 2016-05-12 20:40 - 2014-02-06 22:32 - 00000000 ____D C:\Users\Günter3 2016-05-12 20:35 - 2016-02-15 20:56 - 00000306 __RSH C:\ProgramData\ntuser.pol 2016-05-12 20:35 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\Vss 2016-05-12 17:30 - 2014-02-07 17:44 - 00000000 ____D C:\Users\Günter3\AppData\Local\CrashDumps 2016-05-12 16:58 - 2014-02-06 19:47 - 00000000 ____D C:\AdwCleaner 2016-05-12 16:36 - 2014-02-06 23:25 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7BDC6975-0F34-4339-9FF4-616F2B001734} 2016-05-12 16:21 - 2015-01-21 23:40 - 00001540 _____ C:\Windows\Sandboxie.ini 2016-05-12 14:22 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM 2016-05-12 14:14 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp 2016-05-12 13:08 - 2013-12-13 02:52 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2016-05-12 11:33 - 2014-02-06 19:42 - 00132504 _____ C:\Users\Günter3\AppData\Local\GDIPFONTCACHEV1.DAT 2016-05-12 00:42 - 2014-02-06 23:40 - 00000000 ____D C:\Program Files (x86)\Google 2016-05-12 00:36 - 2014-02-06 23:40 - 00000000 ____D C:\Users\Günter3\AppData\Local\Google 2016-05-12 00:14 - 2016-02-10 15:52 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2016-05-12 00:14 - 2014-12-23 16:53 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2016-05-11 23:38 - 2013-08-22 21:11 - 00000000 ____D C:\Program Files\Windows Journal 2016-05-11 22:57 - 2013-08-22 16:44 - 00513520 _____ C:\Windows\system32\FNTCACHE.DAT 2016-05-11 21:15 - 2014-05-08 14:13 - 00106272 _____ (G Data Software) C:\Windows\system32\Drivers\GRD.sys 2016-05-11 21:15 - 2014-05-08 14:13 - 00018160 _____ (G Data Software) C:\Windows\system32\Drivers\GdPhyMem.sys 2016-05-11 21:12 - 2014-05-08 13:56 - 00091648 _____ (G Data Software AG) C:\Windows\system32\Drivers\PktIcpt.sys 2016-05-11 21:07 - 2014-05-08 13:56 - 00001970 _____ C:\Users\Public\Desktop\G Data InternetSecurity CBE.lnk 2016-05-11 21:07 - 2014-05-08 13:49 - 00000000 ____D C:\ProgramData\G Data 2016-05-11 21:06 - 2014-05-08 13:56 - 00231936 _____ (G Data Software AG) C:\Windows\system32\Drivers\MiniIcpt.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00158720 _____ (G Data Software AG) C:\Windows\system32\Drivers\GDBehave.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00126464 _____ (G Data Software AG) C:\Windows\system32\Drivers\HookCentre.sys 2016-05-11 21:06 - 2014-05-08 13:56 - 00069120 _____ (G DATA Software AG) C:\Windows\system32\Drivers\gdwfpcd64.sys 2016-05-11 21:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP 2016-05-11 20:28 - 2014-02-07 00:24 - 00000000 ____D C:\Windows\system32\MRT 2016-05-11 11:44 - 2014-02-07 00:23 - 139319312 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2016-05-10 23:00 - 2014-05-10 03:01 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b 2016-05-10 23:00 - 2014-05-10 03:00 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766 2016-05-10 22:54 - 2016-02-03 23:45 - 00000858 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk 2016-05-10 22:54 - 2016-02-03 23:45 - 00000810 _____ C:\Users\Günter3\Desktop\Start Tor Browser.lnk 2016-05-10 22:54 - 2015-01-28 17:49 - 00000000 ____D C:\Users\Günter3\Desktop\Tor Browser 2016-05-10 22:54 - 2014-02-06 22:33 - 00001023 _____ C:\Users\Günter3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2016-05-10 22:31 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\NDF 2016-05-09 22:16 - 2016-02-12 19:01 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.5 2016-05-09 14:24 - 2013-12-13 03:14 - 00000000 ___HD C:\Program Files (x86)\Temp 2016-05-09 14:22 - 2013-12-13 03:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2016-05-09 00:29 - 2015-04-04 23:25 - 00000000 ___SD C:\Windows\SysWOW64\GWX 2016-05-09 00:29 - 2015-04-04 23:25 - 00000000 ___SD C:\Windows\system32\GWX 2016-05-08 23:39 - 2014-06-23 18:52 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-05-07 23:51 - 2016-03-28 13:10 - 00004608 _____ C:\Users\Günter3\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-05-07 23:47 - 2014-02-07 18:20 - 00000000 ____D C:\Users\Günter3\AppData\Roaming\vlc 2016-05-07 23:33 - 2014-12-12 00:57 - 00000000 ____D C:\Windows\system32\appraiser 2016-05-07 23:32 - 2014-02-06 23:10 - 00000000 ____D C:\Users\Günter3\AppData\Local\JDownloader v2.0 2016-05-06 01:24 - 2014-02-07 18:20 - 00001054 _____ C:\Users\Public\Desktop\VLC media player.lnk 2016-05-06 00:05 - 2014-02-06 20:16 - 00000960 _____ C:\Users\Günter3\AppData\Roaming\wklnhst.dat 2016-05-06 00:05 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\FxsTmp 2016-05-03 03:15 - 2014-12-12 18:42 - 00829944 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-05-03 03:15 - 2014-12-12 18:42 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-04-27 14:53 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps 2016-04-27 14:53 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness 2016-04-21 22:08 - 2014-02-06 21:04 - 00001207 _____ C:\Users\Günter3\Downloads\VideoCacheView.cfg 2016-04-21 15:05 - 2014-04-07 19:27 - 00453288 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-04-14 11:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache 2016-04-14 11:32 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData 2016-04-12 20:05 - 2016-01-13 13:00 - 00177488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-08 13:56 - 2014-05-08 13:56 - 0000000 _____ () C:\Users\Günter3\AppData\Roaming\gdfw.log 2014-05-08 13:56 - 2014-05-08 13:56 - 0000779 _____ () C:\Users\Günter3\AppData\Roaming\gdscan.log 2014-02-06 20:42 - 2014-02-06 20:42 - 0099384 _____ () C:\Users\Günter3\AppData\Roaming\inst.exe 2016-05-10 18:31 - 2016-05-10 18:31 - 0000053 _____ () C:\Users\Günter3\AppData\Roaming\LogFile.txt 2014-02-06 20:42 - 2014-02-06 20:42 - 0007859 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.cat 2014-02-06 20:42 - 2014-02-06 20:42 - 0001167 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.inf 2014-02-06 20:42 - 2014-02-06 20:42 - 0000055 _____ () C:\Users\Günter3\AppData\Roaming\pcouffin.log 2014-02-06 20:42 - 2014-02-06 20:42 - 0082816 _____ (VSO Software) C:\Users\Günter3\AppData\Roaming\pcouffin.sys 2015-04-22 18:45 - 2016-05-05 23:55 - 0000308 _____ () C:\Users\Günter3\AppData\Roaming\Rim.Desktop.Exception.log 2015-04-22 18:42 - 2015-04-22 18:42 - 0001111 _____ () C:\Users\Günter3\AppData\Roaming\Rim.Desktop.HttpServerSetup.log 2015-04-22 18:45 - 2016-05-05 23:55 - 0000308 _____ () C:\Users\Günter3\AppData\Roaming\Rim.DesktopHelper.Exception.log 2014-02-06 20:16 - 2016-05-06 00:05 - 0000960 _____ () C:\Users\Günter3\AppData\Roaming\wklnhst.dat 2016-03-28 13:10 - 2016-05-07 23:51 - 0004608 _____ () C:\Users\Günter3\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-09-11 17:40 - 2015-08-18 20:00 - 0018432 _____ () C:\Users\Günter3\AppData\Local\file__0.localstorage 2016-05-10 00:16 - 2016-05-10 00:16 - 0000000 _____ () C:\Users\Günter3\AppData\Local\{0C56E180-DBC6-4976-BC48-460BE291955E} 2016-05-10 00:14 - 2016-05-10 00:22 - 0000000 _____ () C:\Users\Günter3\AppData\Local\{D5D6D2F8-72B3-4049-8353-48252311E053} 2013-12-13 03:14 - 2013-12-13 03:14 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-04-18 19:14 ==================== Ende von FRST.txt ============================ durchgeführt von Günter3 (2016-05-12 22:45:28) Gestartet von C:\Users\Günter3\Videos\spiele Windows 8.1 (X64) (2014-02-06 20:32:26) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3745538668-36452931-2607822575-500 - Administrator - Disabled) Gast (S-1-5-21-3745538668-36452931-2607822575-501 - Limited - Disabled) Günter3 (S-1-5-21-3745538668-36452931-2607822575-1001 - Administrator - Enabled) => C:\Users\Günter3 HomeGroupUser$ (S-1-5-21-3745538668-36452931-2607822575-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2002 - Acer Incorporated) Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2001 - Acer) Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated) Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2004.1 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2004 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2002 - Acer Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated) ADWCleaner (HKLM-x32\...\ADWCleaner) (Version: - ) AMD Catalyst Install Manager (HKLM\...\{113AEB14-AF33-098B-55A1-6D64D9D5323F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AntiLogger Free version 1.8.2.320 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.320 - Zemana Ltd.) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.0.0 - SlySoft) Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 2015 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.60 - Ashampoo GmbH & Co. KG) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin) BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.) FS-Trainer 2013 (HKLM-x32\...\{C07928CF-4053-4901-9ACC-37931D15043D}) (Version: 1.0.0.0 - Franzis) Führerschein Trainer 2014 (HKLM-x32\...\{707F7ABB-9598-455D-8128-0BE02AFC4B72}) (Version: 1.00.0000 - Franzis Verlag GmbH) G Data InternetSecurity CBE (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.10 - G DATA Software AG) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Packard Bell) ImTOO HD Video Converter (HKLM-x32\...\ImTOO HD Video Converter) (Version: 7.7.3.20131014 - ImTOO) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG) OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer) OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Packard Bell) Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Packard Bell) Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Packard Bell) Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Packard Bell) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.5 - Abelssoft) RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.) Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom) Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SMAC 2.7 (HKLM-x32\...\SMAC 2.7) (Version: - ) Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.12 - VSO Software) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Xilisoft Video Converter Ultimate 6 (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 6.0.3.0416 - Xilisoft) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.20.613 - Zemana Ltd.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B30A95-0AF2-4C06-B294-DF9AD36B990F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {21F0CE92-95DB-4DB8-AAD7-7714C292C7E3} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-12-06] (Acer Incorporated) Task: {3CDA38F4-8E52-4270-ACE4-CD6B7F4E5B43} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate) Task: {54C6C596-C4EF-4602-98D1-815DBB53C45E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07] (Adobe Systems Incorporated) Task: {57B4409A-751F-44D1-B02C-3D6253690E01} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated) Task: {59000808-AAE0-49FE-A066-B3DCA05E2499} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {76EB724F-C700-460E-B60F-8E4C229BBCB0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {8E1B20DD-2817-4801-8F7F-A2BCCDDD3F5F} - System32\Tasks\Chrome Cleanup Tool logs upload retry => E:\chrome_cleanup_tool.exe [2016-05-11] (Google) Task: {9EDAC82A-5F77-4E95-929E-1BF137550873} - System32\Tasks\{B84F6478-3D1A-400C-BE5B-D8F7A9AEADC8} => pcalua.exe -a "C:\Users\Günter3\Videos\resident evil 4\game.exe" -d "C:\Users\Günter3\Videos\resident evil 4" Task: {9F59E214-7C9A-4CBA-ABCC-FF1ED56F56EC} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {A261F22C-70BE-4A4C-950D-D193567A5285} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {B6436929-CFD3-409E-8557-1F670194F64C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {C6753CFF-0099-43ED-9924-59524EFFA618} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {CDA81C0B-F1A5-4EC6-A2C9-4FDAD0C05276} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate) Task: {DA4783A4-96BF-40BA-9004-2B6B0519E4AC} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] () Task: {E527DC98-AB18-44D4-82D3-A1E212EB9DF1} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation) Task: {F0F89B33-12CE-426A-B1BA-AB06DD37166A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {F531E7A9-F64F-4F4B-8CFE-5EBD14873609} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2013-12-13 03:38 - 2013-07-30 19:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll 2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-05-11 00:51 - 2016-05-11 00:51 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2015-09-22 04:44 - 2015-09-22 04:44 - 00387192 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-05-12 00:42 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll 2016-05-12 00:42 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2016-05-10 01:33 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Günter3\Pictures\Z_nation_title.png DNS Servers: 80.69.100.212 - 80.69.100.205 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D883C0FB-DC69-4ED1-A71C-DA5A80D92988}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{B41DF417-23DA-4706-8908-3DC8B0895382}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{DE316BCE-A246-40AF-B4C5-B0CDC870E4D4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{E5D2A0E7-1A55-44D3-9802-98AE244B8E43}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{D46424B9-1ED6-4AAE-888E-0D0429675899}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{5ECC1DFA-F106-4354-B2FC-9AAEA025C6EF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{307140A9-1079-40A7-98C6-C957BEFA223A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{EF326BCA-8125-4D9C-AAE0-A8BCF59AB7B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{35C5ACAB-B712-426A-AA11-EC31F0B76CE4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{7A3ED3EA-63AA-4298-94CC-AFB09E8764A6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{E20952AA-CC7E-41BF-AB03-C3173CC0E4E0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{50EAF327-F0DA-46A9-94FD-4FC7E516FCC3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{375BC5F0-42DE-4D24-9BB7-A86AC19E0459}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{358CE56D-6846-41B7-B925-91917FEF0F42}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{3C8E4637-0BF7-4232-9A46-2580B1E4E4CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{9333FFC6-5984-4BEB-AD09-05741C9464AD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{7C9CB08F-A5B1-4697-8A95-3E39501A4854}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{51F1A666-FEA1-42C2-821D-E14BC9DBB83D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{CD113D4F-289C-4E67-8BB9-8334ADFDB024}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{D737E030-1AD2-485E-843E-EFFBD3E89780}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{FD4E1850-64FC-4755-9F80-02E6E47EBD36}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{AD3B2FF1-CE6F-4951-8724-C0E59413EB20}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{539F3C69-779B-4FF7-BEE5-63326C8574FF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{F95D6B24-4481-4EF8-8618-1821789460AA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{BFA8D793-1C1F-466E-8297-B4DDCA3417E5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{DB7FEFF9-A6DD-4D3B-AB9F-9F1387467A52}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{25DB752C-C7F4-467F-9D84-B46D0E83D5EE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{543104FE-F792-4DDB-9636-29AC8D10DF91}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{24FF2975-4674-4F18-B19A-8C725A5D1EE9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{28B571BF-B2E4-4855-B444-3F9872BB6A93}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{57129CBD-4FB8-4A31-A3CC-2647249BB7AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{C5DED157-2D57-4A3E-BF93-195A29EC4784}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{E6ED1DDF-5713-46EB-BE14-3B7B8CC3088D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{629A2A66-A6B0-4E89-8477-67443B1FD581}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{6662AAD5-E95F-477A-995C-1A3C7EFD855A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{ACD9752A-D2CD-4750-8520-D34955FBDCCC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{E7EFA909-7A74-479F-8119-B5BE0FE228D3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{C00DA7DD-87A9-44F7-B593-A61E861F6A24}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F4598ACA-A5D7-43D8-85E4-DF45A241C40E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{CC2BAC55-2C4D-4BD0-A1F3-A9F3F4D31354}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{F62A1280-B601-43FB-B7A5-BA911FCB3C9F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{0FD20C12-A36B-458A-91D4-C0420D72464A}] => (Allow) D:\FSetup.exe FirewallRules: [{7A0C7385-3232-45DD-A0F4-3B33AA3E6934}] => (Allow) D:\FSetup.exe FirewallRules: [{1A29DD5B-29E8-424A-B283-F24B081AA2E1}] => (Allow) D:\fsetup.exe FirewallRules: [{14CFCB8C-8A0C-452D-9F31-880E458B5CB7}] => (Allow) D:\fsetup.exe FirewallRules: [{87ED811C-7571-41CC-AED9-4930910B5099}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{9E4C8541-A43E-49C0-99D5-31C266D6A34D}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{A885A0F0-23E5-48E8-B7AC-D549C033C5CA}] => (Allow) LPort=4481 FirewallRules: [{F7BD80CF-6961-4410-81BA-C869FD12C57B}] => (Allow) LPort=4481 FirewallRules: [{F3D94293-FA67-4432-9B7A-B7300F7A1EAB}] => (Allow) LPort=4482 FirewallRules: [{2DBA7E7B-7F64-4AE0-B828-12B5A64EF88C}] => (Allow) LPort=4482 FirewallRules: [{071BB59B-D934-4F4B-AE16-0B510F8B5F27}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE FirewallRules: [{DE521F78-DC80-4F06-A1C7-4971C95B9619}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE FirewallRules: [{F879F67A-EF37-4B17-BB98-B6A6144068C2}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE FirewallRules: [{0FD5AB06-5AC3-490B-856D-56D08344B292}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE FirewallRules: [{4CAFCBC1-CFA9-49A0-A27B-89FDC33E06F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D925EDE9-61EE-4796-8081-44A2CA765B43}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{108CCDAE-ED99-4C72-AD0A-D04E36933EC2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B83530CF-363B-4EAB-952E-0DB34CE73A30}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DCC2488F-6F1A-4B2B-985E-317A2D4EF6FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe FirewallRules: [{E80C2EDB-1D8C-4853-AFE6-6E490A55769D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe FirewallRules: [{461CA7C2-DD3B-4AEC-822B-98B4D37CBCF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 09-05-2016 14:16:51 Entfernt Realtek High Definition Audio Driver 09-05-2016 23:19:24 Wiederherstellungsvorgang ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/12/2016 10:25:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/12/2016 10:25:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 10:25:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 08:44:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/12/2016 08:44:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 08:44:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 05:41:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/12/2016 05:41:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 05:41:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 05:29:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Explorer.EXE, Version 6.3.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c8c Startzeit: 01d1ac61a9fa6c56 Endzeit: 0 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: 417bbef5-1856-11e6-8312-00101804bdd1 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (05/12/2016 08:36:54 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} Error: (05/12/2016 08:36:54 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (05/12/2016 08:36:53 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/12/2016 08:36:52 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/12/2016 08:34:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (05/12/2016 08:34:04 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/12/2016 08:34:04 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/12/2016 04:10:28 PM) (Source: DCOM) (EventID: 10005) (User: GÜNTER2) Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC} Error: (05/12/2016 04:10:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (05/12/2016 04:10:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 CodeIntegrity: =================================== Date: 2016-05-12 15:49:58.751 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-12 15:48:47.936 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: AMD E2-3800 APU with Radeon(TM) HD Graphics Prozentuale Nutzung des RAM: 25% Installierter physikalischer RAM: 7625.26 MB Verfügbarer physikalischer RAM: 5689.61 MB Summe virtueller Speicher: 8585.26 MB Verfügbarer virtueller Speicher: 5258.8 MB ==================== Laufwerke ================================ Drive c: (Packard Bell) (Fixed) (Total:913.7 GB) (Free:638.14 GB) NTFS Drive d: (WDO_Media64) (CDROM) (Total:0.29 GB) (Free:0 GB) UDF Drive e: () (Removable) (Total:3.74 GB) (Free:3.4 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2C77FB18) Partition: GPT. ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: 00C93A57) Partition 1: (Active) - (Size=3.7 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:09-05-2016 durchgeführt von Günter3 (2016-05-12 22:45:28) Gestartet von C:\Users\Günter3\Videos\spiele Windows 8.1 (X64) (2014-02-06 20:32:26) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3745538668-36452931-2607822575-500 - Administrator - Disabled) Gast (S-1-5-21-3745538668-36452931-2607822575-501 - Limited - Disabled) Günter3 (S-1-5-21-3745538668-36452931-2607822575-1001 - Administrator - Enabled) => C:\Users\Günter3 HomeGroupUser$ (S-1-5-21-3745538668-36452931-2607822575-1003 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: G Data InternetSecurity CBE (Enabled - Up to date) {545C8713-0744-B079-87F8-349A6D5C8CF0} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: G Data InternetSecurity CBE (Enabled - Up to date) {EF3D66F7-217E-BFF7-BD48-0FE816DBC64D} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G*DATA Personal Firewall (Enabled) {6C670636-4D2B-B121-ACA7-9DAF938FCB8B} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Acer Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.03.2002 - Acer Incorporated) Acer Docs Office AddIn (HKLM-x32\...\{DCBF3379-246B-47E1-8173-639B63940838}) (Version: 2.04.2001 - Acer) Acer Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.04.2006.0 - Acer Incorporated) Acer Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.04.2004.1 - Acer Incorporated) Acer Portal (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.04.2004 - Acer Incorporated) Acer Remote Files (HKLM\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 1.02.2002 - Acer Incorporated) Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20039 - Adobe Systems Incorporated) Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated) ADWCleaner (HKLM-x32\...\ADWCleaner) (Version: - ) AMD Catalyst Install Manager (HKLM\...\{113AEB14-AF33-098B-55A1-6D64D9D5323F}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.) AntiLogger Free version 1.8.2.320 (HKLM-x32\...\{A80DB23D-0618-405B-89D9-28F99814E287}_is1) (Version: 1.8.2.320 - Zemana Ltd.) AnyDVD (HKLM-x32\...\AnyDVD) (Version: 6.7.0.0 - SlySoft) Ashampoo Burning Studio 2013 v.11.0.6 (HKLM-x32\...\{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1) (Version: 11.0.6 - Ashampoo GmbH & Co. KG) Ashampoo WinOptimizer 2015 (HKLM-x32\...\{4209F371-3276-A8F7-B851-845A83732AB4}_is1) (Version: 11.00.60 - Ashampoo GmbH & Co. KG) AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin) AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin) BlackBerry Desktop Software 7.1 (HKLM-x32\...\BlackBerry_Desktop) (Version: 7.1.0.41 - Research in Motion Ltd.) BlackBerry Desktop Software 7.1 (x32 Version: 7.1.0.41 - Research in Motion Ltd.) Hidden CCleaner (HKLM\...\CCleaner) (Version: 5.02 - Piriform) Cheat Engine 6.5 (HKLM-x32\...\Cheat Engine 6.5_is1) (Version: - Cheat Engine) CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.3126.57 - CyberLink Corp.) DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink) ETDWare PS/2-X64 11.6.27.201_WHQL (HKLM\...\Elantech) (Version: 11.6.27.201 - ELAN Microelectronic Corp.) FS-Trainer 2013 (HKLM-x32\...\{C07928CF-4053-4901-9ACC-37931D15043D}) (Version: 1.0.0.0 - Franzis) Führerschein Trainer 2014 (HKLM-x32\...\{707F7ABB-9598-455D-8128-0BE02AFC4B72}) (Version: 1.00.0000 - Franzis Verlag GmbH) G Data InternetSecurity CBE (HKLM-x32\...\{AC68D2FF-1674-4C16-A536-A69FC11BBD82}) (Version: 25.1.0.10 - G DATA Software AG) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 50.0.2661.102 - Google Inc.) Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.8100 - Packard Bell) ImTOO HD Video Converter (HKLM-x32\...\ImTOO HD Video Converter) (Version: 7.7.3.20131014 - ImTOO) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH) Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.8100 - Packard Bell) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited) Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation) Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation) Microsoft Office Language Pack 2010 - German/Deutsch (HKLM\...\Office14.OMUI.de-de) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{551AC8F2-FEA2-4B45-ACF7-C98681233CC9}) (Version: 12.5.01200 - Nero AG) OEM Application Profile (HKLM-x32\...\{276FD4A2-030F-8A24-7DFE-9B1384131BCD}) (Version: 1.00.0000 - Ihr Firmenname) Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.02.2009 - Acer) OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation) Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8101 - Packard Bell) Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.8100 - Packard Bell) Packard Bell Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.00.3000 - Packard Bell) Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.8100 - Packard Bell) PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH) PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.2 - pdfforge) PMB (HKLM-x32\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.3.00.06040 - Sony Corporation) Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.305 - Qualcomm Atheros Communications) Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.07 - Qualcomm Atheros) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.) Recordify 2016 (HKLM-x32\...\{E25B0FAA-66E5-4D2E-9B48-3B85B31543BF}_is1) (Version: 1.5 - Abelssoft) RESIDENT EVIL 5 (HKLM-x32\...\{AC08BBA0-96B9-431A-A7D0-D8598E493775}) (Version: 1.0.0.129 - CAPCOM CO., LTD.) Resident Evil 6 / Biohazard 6 (HKLM-x32\...\Steam App 221040) (Version: - Capcom) Sandboxie 5.06 (64-bit) (HKLM\...\Sandboxie) (Version: 5.06 - Sandboxie Holdings, LLC) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation) Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.) SMAC 2.7 (HKLM-x32\...\SMAC 2.7) (Version: - ) Spotify (HKLM-x32\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Visual Studio 2005 Tools for Office Second Edition Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version: - Microsoft Corporation) Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies) Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.) Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN) VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.1.0.12 - VSO Software) WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH) Xilisoft Video Converter Ultimate 6 (HKLM-x32\...\Xilisoft Video Converter Ultimate) (Version: 6.0.3.0416 - Xilisoft) Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.20.613 - Zemana Ltd.) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B30A95-0AF2-4C06-B294-DF9AD36B990F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-05-11] (Microsoft Corporation) Task: {21F0CE92-95DB-4DB8-AAD7-7714C292C7E3} - System32\Tasks\AcerCloud => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [2013-12-06] (Acer Incorporated) Task: {3CDA38F4-8E52-4270-ACE4-CD6B7F4E5B43} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2013-08-03] (Acer Incorporate) Task: {54C6C596-C4EF-4602-98D1-815DBB53C45E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-07] (Adobe Systems Incorporated) Task: {57B4409A-751F-44D1-B02C-3D6253690E01} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2013-07-05] (Acer Incorporated) Task: {59000808-AAE0-49FE-A066-B3DCA05E2499} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {76EB724F-C700-460E-B60F-8E4C229BBCB0} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated) Task: {8E1B20DD-2817-4801-8F7F-A2BCCDDD3F5F} - System32\Tasks\Chrome Cleanup Tool logs upload retry => E:\chrome_cleanup_tool.exe [2016-05-11] (Google) Task: {9EDAC82A-5F77-4E95-929E-1BF137550873} - System32\Tasks\{B84F6478-3D1A-400C-BE5B-D8F7A9AEADC8} => pcalua.exe -a "C:\Users\Günter3\Videos\resident evil 4\game.exe" -d "C:\Users\Günter3\Videos\resident evil 4" Task: {9F59E214-7C9A-4CBA-ABCC-FF1ED56F56EC} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {A261F22C-70BE-4A4C-950D-D193567A5285} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] () Task: {B6436929-CFD3-409E-8557-1F670194F64C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-01-20] (Piriform Ltd) Task: {C6753CFF-0099-43ED-9924-59524EFFA618} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {CDA81C0B-F1A5-4EC6-A2C9-4FDAD0C05276} - System32\Tasks\Quick Access => C:\Program Files\Packard Bell\Packard Bell Quick Access\QALauncher.exe [2013-08-02] (Acer Incorporate) Task: {DA4783A4-96BF-40BA-9004-2B6B0519E4AC} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-07-08] () Task: {E527DC98-AB18-44D4-82D3-A1E212EB9DF1} - System32\Tasks\Microsoft\Windows\Setup\gwx\rundetector => C:\Windows\system32\GWX\GWXDetector.exe [2016-04-26] (Microsoft Corporation) Task: {F0F89B33-12CE-426A-B1BA-AB06DD37166A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.) Task: {F531E7A9-F64F-4F4B-8CFE-5EBD14873609} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2013-07-10] (Acer Incorporated) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6beb4d2e9766.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf6beb5093543b.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2013-12-13 03:38 - 2013-07-30 19:11 - 00110152 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll 2014-05-01 16:13 - 2014-05-01 16:13 - 00470016 _____ () C:\Users\Günter3\AppData\Local\MEGAsync\ShellExtX64.dll 2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2016-05-11 00:51 - 2016-05-11 00:51 - 00118640 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll 2015-09-22 04:44 - 2015-09-22 04:44 - 00387192 ____N () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll 2013-09-07 02:48 - 2013-09-07 02:48 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll 2013-09-07 02:45 - 2013-09-07 02:45 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll 2013-09-07 02:52 - 2013-09-07 02:52 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe 2015-01-21 04:06 - 2015-01-21 04:06 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2016-05-12 00:42 - 2016-05-11 13:48 - 01738904 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libglesv2.dll 2016-05-12 00:42 - 2016-05-11 13:48 - 00086168 _____ () C:\Program Files (x86)\Google\Chrome\Application\50.0.2661.102\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2013-08-22 15:25 - 2016-05-10 01:33 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Günter3\Pictures\Z_nation_title.png DNS Servers: 80.69.100.212 - 80.69.100.205 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\StartupApproved\StartupFolder: => "MEGAsync.lnk" HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-3745538668-36452931-2607822575-1001\...\StartupApproved\Run: => "Steam" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{D883C0FB-DC69-4ED1-A71C-DA5A80D92988}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{B41DF417-23DA-4706-8908-3DC8B0895382}] => (Allow) C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\BackItUp.exe FirewallRules: [{DE316BCE-A246-40AF-B4C5-B0CDC870E4D4}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{E5D2A0E7-1A55-44D3-9802-98AE244B8E43}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe FirewallRules: [{D46424B9-1ED6-4AAE-888E-0D0429675899}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{5ECC1DFA-F106-4354-B2FC-9AAEA025C6EF}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe FirewallRules: [{307140A9-1079-40A7-98C6-C957BEFA223A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe FirewallRules: [{EF326BCA-8125-4D9C-AAE0-A8BCF59AB7B7}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe FirewallRules: [{35C5ACAB-B712-426A-AA11-EC31F0B76CE4}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe FirewallRules: [{7A3ED3EA-63AA-4298-94CC-AFB09E8764A6}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{E20952AA-CC7E-41BF-AB03-C3173CC0E4E0}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{50EAF327-F0DA-46A9-94FD-4FC7E516FCC3}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{375BC5F0-42DE-4D24-9BB7-A86AC19E0459}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{358CE56D-6846-41B7-B925-91917FEF0F42}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{3C8E4637-0BF7-4232-9A46-2580B1E4E4CC}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{9333FFC6-5984-4BEB-AD09-05741C9464AD}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{7C9CB08F-A5B1-4697-8A95-3E39501A4854}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{51F1A666-FEA1-42C2-821D-E14BC9DBB83D}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{CD113D4F-289C-4E67-8BB9-8334ADFDB024}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{D737E030-1AD2-485E-843E-EFFBD3E89780}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{FD4E1850-64FC-4755-9F80-02E6E47EBD36}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{AD3B2FF1-CE6F-4951-8724-C0E59413EB20}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{539F3C69-779B-4FF7-BEE5-63326C8574FF}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{F95D6B24-4481-4EF8-8618-1821789460AA}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{BFA8D793-1C1F-466E-8297-B4DDCA3417E5}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{DB7FEFF9-A6DD-4D3B-AB9F-9F1387467A52}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{25DB752C-C7F4-467F-9D84-B46D0E83D5EE}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{543104FE-F792-4DDB-9636-29AC8D10DF91}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{24FF2975-4674-4F18-B19A-8C725A5D1EE9}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe FirewallRules: [{28B571BF-B2E4-4855-B444-3F9872BB6A93}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{57129CBD-4FB8-4A31-A3CC-2647249BB7AF}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\virtualdrive.exe FirewallRules: [{C5DED157-2D57-4A3E-BF93-195A29EC4784}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{E6ED1DDF-5713-46EB-BE14-3B7B8CC3088D}] => (Allow) C:\Program Files (x86)\Acer\Acer Portal\ccd.exe FirewallRules: [{629A2A66-A6B0-4E89-8477-67443B1FD581}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{6662AAD5-E95F-477A-995C-1A3C7EFD855A}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\DMCDaemon.exe FirewallRules: [{ACD9752A-D2CD-4750-8520-D34955FBDCCC}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{E7EFA909-7A74-479F-8119-B5BE0FE228D3}] => (Allow) C:\Program Files (x86)\Acer\Acer Photo\WindowsUpnp.exe FirewallRules: [{C00DA7DD-87A9-44F7-B593-A61E861F6A24}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{F4598ACA-A5D7-43D8-85E4-DF45A241C40E}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\DMCDaemon.exe FirewallRules: [{CC2BAC55-2C4D-4BD0-A1F3-A9F3F4D31354}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{F62A1280-B601-43FB-B7A5-BA911FCB3C9F}] => (Allow) C:\Program Files (x86)\Acer\Acer Media\WindowsUpnpMV.exe FirewallRules: [{0FD20C12-A36B-458A-91D4-C0420D72464A}] => (Allow) D:\FSetup.exe FirewallRules: [{7A0C7385-3232-45DD-A0F4-3B33AA3E6934}] => (Allow) D:\FSetup.exe FirewallRules: [{1A29DD5B-29E8-424A-B283-F24B081AA2E1}] => (Allow) D:\fsetup.exe FirewallRules: [{14CFCB8C-8A0C-452D-9F31-880E458B5CB7}] => (Allow) D:\fsetup.exe FirewallRules: [{87ED811C-7571-41CC-AED9-4930910B5099}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{9E4C8541-A43E-49C0-99D5-31C266D6A34D}] => (Allow) C:\Program Files (x86)\Research In Motion\BlackBerry Desktop\Rim.Desktop.exe FirewallRules: [{A885A0F0-23E5-48E8-B7AC-D549C033C5CA}] => (Allow) LPort=4481 FirewallRules: [{F7BD80CF-6961-4410-81BA-C869FD12C57B}] => (Allow) LPort=4481 FirewallRules: [{F3D94293-FA67-4432-9B7A-B7300F7A1EAB}] => (Allow) LPort=4482 FirewallRules: [{2DBA7E7B-7F64-4AE0-B828-12B5A64EF88C}] => (Allow) LPort=4482 FirewallRules: [{071BB59B-D934-4F4B-AE16-0B510F8B5F27}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE FirewallRules: [{DE521F78-DC80-4F06-A1C7-4971C95B9619}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX9.EXE FirewallRules: [{F879F67A-EF37-4B17-BB98-B6A6144068C2}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE FirewallRules: [{0FD5AB06-5AC3-490B-856D-56D08344B292}] => (Allow) C:\Program Files (x86)\CAPCOM\RESIDENT EVIL 5\RE5DX10.EXE FirewallRules: [{4CAFCBC1-CFA9-49A0-A27B-89FDC33E06F8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{D925EDE9-61EE-4796-8081-44A2CA765B43}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{108CCDAE-ED99-4C72-AD0A-D04E36933EC2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B83530CF-363B-4EAB-952E-0DB34CE73A30}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DCC2488F-6F1A-4B2B-985E-317A2D4EF6FE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe FirewallRules: [{E80C2EDB-1D8C-4853-AFE6-6E490A55769D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Resident Evil 6\BH6.exe FirewallRules: [{461CA7C2-DD3B-4AEC-822B-98B4D37CBCF5}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 09-05-2016 14:16:51 Entfernt Realtek High Definition Audio Driver 09-05-2016 23:19:24 Wiederherstellungsvorgang ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (05/12/2016 10:25:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/12/2016 10:25:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 10:25:00 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 08:44:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/12/2016 08:44:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 08:44:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 05:41:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT-AUTORITÄT) Description: Fehler beim Herunterladen der Zeichenfolgen der Leistungsindikatoren für Dienst "WmiApRpl" (WmiApRpl). Der Fehlercode ist das erste DWORD im Datenbereich. Error: (05/12/2016 05:41:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 05:41:43 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT-AUTORITÄT) Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich. Error: (05/12/2016 05:29:44 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm Explorer.EXE, Version 6.3.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c8c Startzeit: 01d1ac61a9fa6c56 Endzeit: 0 Anwendungspfad: C:\Windows\Explorer.EXE Berichts-ID: 417bbef5-1856-11e6-8312-00101804bdd1 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Systemfehler: ============= Error: (05/12/2016 08:36:54 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {D63B10C5-BB46-4990-A94F-E40B9D520160} Error: (05/12/2016 08:36:54 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39} Error: (05/12/2016 08:36:53 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {1B1F472E-3221-4826-97DB-2C2324D389AE} Error: (05/12/2016 08:36:52 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (05/12/2016 08:34:16 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Superfetch" wurde mit folgendem Fehler beendet: %%1062 Error: (05/12/2016 08:34:04 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/12/2016 08:34:04 PM) (Source: DCOM) (EventID: 10010) (User: GÜNTER2) Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9} Error: (05/12/2016 04:10:28 PM) (Source: DCOM) (EventID: 10005) (User: GÜNTER2) Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC} Error: (05/12/2016 04:10:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (05/12/2016 04:10:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 CodeIntegrity: =================================== Date: 2016-05-12 15:49:58.751 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-05-12 15:48:47.936 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: AMD E2-3800 APU with Radeon(TM) HD Graphics Prozentuale Nutzung des RAM: 25% Installierter physikalischer RAM: 7625.26 MB Verfügbarer physikalischer RAM: 5689.61 MB Summe virtueller Speicher: 8585.26 MB Verfügbarer virtueller Speicher: 5258.8 MB ==================== Laufwerke ================================ Drive c: (Packard Bell) (Fixed) (Total:913.7 GB) (Free:638.14 GB) NTFS Drive d: (WDO_Media64) (CDROM) (Total:0.29 GB) (Free:0 GB) UDF Drive e: () (Removable) (Total:3.74 GB) (Free:3.4 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 2C77FB18) Partition: GPT. ======================================================== Disk: 1 (Size: 3.8 GB) (Disk ID: 00C93A57) Partition 1: (Active) - (Size=3.7 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ |
Themen zu smartsurf.ru |
admin, anweisung, browser, entfernen, gelöscht, gesperrt, google, installiert, malware, namen, neu, problem, programme, rechte, runterladen, seite, seiten, setzt, software, standart, suchmaschine, suchmaschinen, trojaner, versuche, vieren |