| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Firefox öffnet beim starten willkürliche seitenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.10.2016, 02:10
| #1 |
 |  Firefox öffnet beim starten willkürliche seiten Hallo zusammen Habe folgendes problem immer wenn ich mit Firefox ins Internet will, versucht der Browser irgendwelche seiten zu öffnen. Avast verhindert dies zwar aber irgendetwas stimmt da nicht, ausserdem wurde mein adv cash acount gehackt vielleicht hat dies ja einen zusammenhang? Cracks oder sonstiges habe ich nichts runtergeladen zumindest nicht wissentlich. Ich habe FRST mal laufen lassen. Danke für eure Hilfe. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 10-10-2016
durchgeführt von Dominik (Administrator) auf DORO89 (12-10-2016 03:00:00)
Gestartet von C:\Users\Dominik\Downloads
Geladene Profile: Dominik (Verfügbare Profile: Dominik)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\SCM\MSIService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(pdfforge GmbH) C:\Program Files\PDF Architect 4\creator-ws.exe
(© pdfforge GmbH.) C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Intel Corporation) C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
(Intel(R) Corporation) C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Windows\System32\igfxTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(MSI) C:\Program Files (x86)\SCM\SCM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Swisscom (Schweiz) AG) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Electronic Arts) D:\Origin\Origin.exe
(Electronic Arts) D:\Origin\OriginWebHelperService.exe
() D:\Origin\QtWebEngineProcess.exe
() D:\Origin\QtWebEngineProcess.exe
() D:\Origin\QtWebEngineProcess.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\swriter.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.exe
(Apache Software Foundation) C:\Program Files (x86)\OpenOffice 4\program\soffice.bin
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.4.9926.18471_x64__8wekyb3d8bbwe\glcnd.exe
(AppWork GmbH) C:\Users\Dominik\AppData\Local\JDownloader 2.0\JDownloader2.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Mail\wlmail.exe
(Microsoft Corporation) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1860120 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2893104 2013-08-23] (ELAN Microelectronics Corp.)
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7822136 2014-06-26] (Motorola Solutions, Inc.)
HKLM\...\Run: [Radio Manager] => C:\Program Files (x86)\SCM\Radio Manager.exe [403848 2013-05-14] (MSI)
HKLM\...\Run: [SCM] => C:\Program Files (x86)\SCM\SCM.exe [399776 2013-05-14] (MSI)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163520 2015-04-09] (IvoSoft)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-09-17] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-09-17] (CyberLink Corp.)
HKLM-x32\...\Run: [PowerDVD12Agent] => "C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9107616 2016-09-17] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [14371936 2015-11-26] (Swisscom (Schweiz) AG)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [318128 2016-06-02] (Samsung Electronics Co., Ltd.)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Run: [Steam] => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Run: [GoogleDriveSync] => "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\RunOnce: [Uninstall C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64] => C:\Windows\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64"
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_23_0_0_162_Plugin.exe [1224896 2016-09-15] (Adobe Systems Incorporated)
HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\MountPoints2: {54d98558-6a17-11e5-82a0-4851b74f8d45} - "H:\Autorun.exe"
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [175368 2016-02-09] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [153208 2016-02-09] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-10] (AVAST Software)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk [2014-11-04]
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{2D7BDE37-83EC-438A-9E1F-A610594DD358}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{1C08ED33-68E9-4E8C-8436-D17B67660B48}: [DhcpNameServer] 192.168.1.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3230179278-116593613-159145252-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3230179278-116593613-159145252-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-08-16] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-09-10] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-08-16] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2015-04-09] (IvoSoft)
BHO-x32: PDF Architect 4 Helper -> {38279E1A-7019-40C1-B579-E99DFB3312E8} -> C:\Program Files (x86)\PDF Architect 4\creator-ie-helper.dll [2016-01-15] (pdfforge GmbH)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-11-17] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-09-10] (AVAST Software)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-06-22] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-11-17] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2015-04-09] (IvoSoft)
Toolbar: HKLM-x32 - PDF Architect 4 Toolbar - {23FD9C33-A9E1-48A1-8404-E5925CF1C8E1} - C:\Program Files (x86)\PDF Architect 4\creator-ie-plugin.dll [2016-01-15] (pdfforge GmbH)
DPF: HKLM-x32 {1ABA5FAC-1417-422B-BA82-45C35E2C908B} hxxp://kitchenplanner.ikea.com/CH/Core/Player/2020PlayerAX_IKEA_Win32.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 72pja60x.default
FF ProfilePath: C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default [2016-10-12]
FF Extension: (20-20 3D Viewer - IKEA) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default\Extensions\2020Player_IKEA@2020Technologies.com [2016-02-27]
FF Extension: (Buxenger) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default\Extensions\jid1-oEGoDwecBAXObg@jetpack.xpi [2016-01-16]
FF Extension: (My Swisscom Assistant) - C:\Users\Dominik\AppData\Roaming\Mozilla\Firefox\Profiles\72pja60x.default\Extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B} [2015-05-31] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor => nicht gefunden
FF HKLM\...\Firefox\Extensions: [pdf_architect_4_conv@pdfarchitect.org] - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension
FF Extension: (PDF Architect 4 Creator) - C:\Program Files\PDF Architect 4\resources\pdfarchitect4firefoxextension [2016-02-18] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-10]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-10]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17
FF Extension: (Free Download Manager extension) - C:\ProgramData\Free Download Manager\Firefox\Extensions\2.0.17 [2015-11-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-15] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-15] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-09-03] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-11-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-11-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-05-29] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-02-09] (NVIDIA Corporation)
FF Plugin-x32: PDF Architect 4 -> C:\Program Files (x86)\PDF Architect 4\np-previewer.dll [2016-01-15] (pdfforge GmbH)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\1782655977.js [2016-09-01] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\1782655977.cfg [2016-09-01] <==== ACHTUNG
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-09-10] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3192560 2016-07-26] (Microsoft Corporation)
S2 CLKMSVC10_99E320F5; C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\kmsvc.exe [307464 2014-09-17] (CyberLink)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [99632 2013-08-23] (ELAN Microelectronics Corp.)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
R2 iBtSiva; C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [122984 2014-09-15] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [328296 2014-10-16] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-09-03] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-09-03] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [3046688 2016-07-29] (IObit)
S3 m2UpdateService_F8F8565687B043BDB2BA3B7982C22B5E; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [8331360 2015-11-26] (Swisscom (Schweiz) AG)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 Micro Star SCM; C:\Program Files (x86)\SCM\MSIService.exe [160768 2013-05-14] (Micro-Star International Co., Ltd.) [Datei ist nicht signiert]
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-18] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
S3 Origin Client Service; D:\Origin\OriginClientService.exe [2142728 2016-10-09] (Electronic Arts)
R2 Origin Web Helper Service; D:\Origin\OriginWebHelperService.exe [2209296 2016-10-09] (Electronic Arts)
S3 PDF Architect 4; C:\Program Files\PDF Architect 4\ws.exe [2417376 2016-01-15] (pdfforge GmbH)
S3 PDF Architect 4 CrashHandler; C:\Program Files\PDF Architect 4\crash-handler-ws.exe [1038048 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Creator; C:\Program Files\PDF Architect 4\creator-ws.exe [851168 2016-01-15] (pdfforge GmbH)
R2 PDF Architect 4 Manager; C:\ProgramData\pdfforge\PDF Architect 4 Manager\PDF Architect 4\Architect Manager.exe [959248 2015-10-05] (© pdfforge GmbH.)
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [387584 2014-09-19] (Qualcomm Atheros) [Datei ist nicht signiert]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
S3 vmicvss; C:\Windows\System32\ICSvc.dll [524800 2014-10-29] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-18] (Intel® Corporation)
S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-09-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-09-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-09-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-09-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-09-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-09-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-09-29] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-09-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-09-10] (AVAST Software)
S3 AX88179; C:\Windows\system32\DRIVERS\ax88179_178a.sys [70104 2013-07-08] (ASIX Electronics Corp.)
R1 BfLwf; C:\Windows\system32\DRIVERS\bwcW8x64.sys [97968 2014-09-11] (Qualcomm Atheros, Inc.)
R3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [141624 2014-05-13] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1424184 2014-06-17] (Motorola Solutions, Inc.)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-10-03] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [222664 2014-09-15] (Intel Corporation)
R3 Ke2200; C:\Windows\system32\DRIVERS\e22w8x64.sys [130224 2014-03-27] (Qualcomm Atheros, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [126976 2014-09-03] (Intel Corporation)
R3 NETwNb64; C:\Windows\system32\DRIVERS\Netwbw02.sys [3479528 2014-08-21] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R1 nvkflt; C:\Windows\system32\DRIVERS\nvkflt.sys [307768 2016-02-09] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [2968280 2014-01-15] (Realtek Semiconductor Corporation )
R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [506584 2014-07-11] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 VBoxUSBMon; C:\Windows\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [76480 2014-11-17] (VMware, Inc.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
R1 XQHDrv; C:\Windows\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-12 03:00 - 2016-10-12 03:00 - 00027788 _____ C:\Users\Dominik\Downloads\FRST.txt
2016-10-12 02:59 - 2016-10-12 03:00 - 00000000 ____D C:\FRST
2016-10-12 02:58 - 2016-10-12 02:59 - 02407424 _____ (Farbar) C:\Users\Dominik\Downloads\FRST64.exe
2016-10-11 03:49 - 2016-10-12 03:00 - 00000000 ____D C:\Users\Dominik\Downloads\aische-pervers
2016-10-11 03:36 - 2016-10-12 02:54 - 00000000 ____D C:\Users\Dominik\Downloads\TamaraMilano
2016-10-01 03:08 - 2016-10-01 03:13 - 00000000 ____D C:\Users\Dominik\Documents\FIFA 17
2016-10-01 02:54 - 2016-10-01 03:01 - 00000682 _____ C:\Users\Public\Desktop\FIFA 17.lnk
2016-10-01 02:54 - 2016-10-01 02:54 - 00000000 ___HD C:\Program Files\Common Files\EAInstaller
2016-10-01 02:54 - 2016-10-01 02:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FIFA 17
2016-10-01 01:52 - 2016-10-01 01:52 - 01024032 _____ C:\Users\Dominik\Downloads\Luxury.exe
2016-09-30 02:41 - 2016-10-03 00:56 - 00000000 ____D C:\Users\Dominik\Desktop\katrina jade
2016-09-30 01:46 - 2016-10-02 16:56 - 00000000 ____D C:\Users\Dominik\Desktop\skyler mckay
2016-09-30 01:45 - 2016-10-02 16:56 - 00000000 ____D C:\Users\Dominik\Desktop\mea melone
2016-09-30 01:44 - 2016-10-02 16:56 - 00000000 ____D C:\Users\Dominik\Desktop\samantha bentley
2016-09-25 02:48 - 2016-09-25 02:48 - 00000000 ____D C:\Users\Dominik\.QtWebEngineProcess
2016-09-25 02:48 - 2016-09-25 02:48 - 00000000 ____D C:\Users\Dominik\.Origin
2016-09-24 03:25 - 2016-09-24 03:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-22 03:12 - 2016-09-22 03:12 - 00001785 _____ C:\ProgramData\Microsoft\Windows\Start Menu\GoWild Casino.lnk
2016-09-22 03:12 - 2016-09-22 03:12 - 00001779 _____ C:\Users\Public\Desktop\GoWild Casino.lnk
2016-09-22 03:12 - 2016-09-22 03:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GoWild Casino
2016-09-15 04:02 - 2016-10-11 04:07 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\FLV and Media Player
2016-09-15 03:41 - 2016-07-09 18:10 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\wpdbusenum.dll
2016-09-15 03:41 - 2016-07-09 00:35 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2016-09-15 03:41 - 2016-07-08 16:17 - 00377344 _____ (Microsoft Corporation) C:\Windows\system32\mprddm.dll
2016-09-15 03:41 - 2016-07-08 16:17 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprddm.dll
2016-09-15 03:41 - 2016-07-08 00:32 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2016-09-15 03:41 - 2016-07-08 00:18 - 00323072 _____ (Microsoft Corporation) C:\Windows\system32\iprtrmgr.dll
2016-09-15 03:41 - 2016-07-08 00:10 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\mprdim.dll
2016-09-15 03:41 - 2016-07-08 00:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\system32\rasppp.dll
2016-09-15 03:41 - 2016-07-07 23:04 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\rasman.dll
2016-09-15 03:41 - 2016-07-07 22:59 - 01080320 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2016-09-15 03:41 - 2016-07-07 22:44 - 00429568 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-09-15 03:41 - 2016-07-07 22:41 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2016-09-15 03:41 - 2016-07-07 22:34 - 00542720 _____ (Microsoft Corporation) C:\Windows\system32\rasmans.dll
2016-09-15 03:41 - 2016-07-07 22:29 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2016-09-15 03:41 - 2016-07-07 22:29 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\rasapi32.dll
2016-09-15 03:41 - 2016-07-07 22:23 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iprtrmgr.dll
2016-09-15 03:41 - 2016-07-07 22:18 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mprdim.dll
2016-09-15 03:41 - 2016-07-07 22:11 - 01661064 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-09-15 03:41 - 2016-07-07 22:11 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-09-15 03:41 - 2016-07-07 22:11 - 00185856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasppp.dll
2016-09-15 03:41 - 2016-07-07 21:35 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasman.dll
2016-09-15 03:41 - 2016-07-07 21:14 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasapi32.dll
2016-09-15 03:41 - 2016-07-04 07:09 - 00132096 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-09-15 03:41 - 2016-07-04 05:45 - 00360448 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2016-09-15 03:41 - 2016-07-04 05:37 - 02897920 _____ (Microsoft Corporation) C:\Windows\system32\esent.dll
2016-09-15 03:41 - 2016-07-04 05:33 - 00657920 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2016-09-15 03:41 - 2016-07-04 05:04 - 02539008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\esent.dll
2016-09-15 03:41 - 2016-07-04 05:02 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2016-09-15 03:41 - 2016-07-04 04:19 - 03547136 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-09-15 03:41 - 2016-07-01 22:39 - 00197352 _____ (Microsoft Corporation) C:\Windows\system32\dssenh.dll
2016-09-15 03:41 - 2016-07-01 22:39 - 00157016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dssenh.dll
2016-09-15 03:41 - 2016-01-10 19:08 - 00252416 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2016-09-15 02:29 - 2016-09-23 18:15 - 00000000 ____D C:\Users\Dominik\Desktop\roger
2016-09-14 02:41 - 2016-09-01 05:08 - 20312064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-09-14 02:41 - 2016-09-01 04:46 - 00498688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-09-14 02:41 - 2016-09-01 04:24 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-09-14 02:41 - 2016-09-01 03:39 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-09-14 02:41 - 2016-09-01 03:30 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-09-14 02:41 - 2016-09-01 03:27 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-09-14 02:41 - 2016-09-01 03:24 - 04607488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-09-14 02:41 - 2016-09-01 02:45 - 25770496 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-09-14 02:41 - 2016-09-01 02:43 - 02445824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-09-14 02:41 - 2016-09-01 02:42 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-09-14 02:41 - 2016-09-01 02:38 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-09-14 02:41 - 2016-09-01 02:24 - 00576000 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-09-14 02:41 - 2016-09-01 02:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-09-14 02:41 - 2016-09-01 02:06 - 06047232 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-09-14 02:41 - 2016-09-01 01:38 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-09-14 02:41 - 2016-09-01 01:28 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-09-14 02:41 - 2016-09-01 01:15 - 15411712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-09-14 02:41 - 2016-09-01 01:10 - 02921472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-09-14 02:41 - 2016-09-01 00:58 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-09-14 02:41 - 2016-09-01 00:47 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-09-14 02:41 - 2016-08-26 07:51 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-09-14 02:41 - 2016-08-26 06:44 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-09-14 02:41 - 2016-08-26 06:41 - 02881536 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-09-14 02:41 - 2016-08-26 06:00 - 01049600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2016-09-14 02:41 - 2016-08-21 01:45 - 07076864 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-09-14 02:41 - 2016-08-21 01:22 - 00435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-09-14 02:41 - 2016-08-21 01:05 - 05273600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-09-14 02:41 - 2016-08-21 00:50 - 00360448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2016-09-14 02:41 - 2016-08-21 00:42 - 07795712 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-09-14 02:41 - 2016-08-21 00:27 - 05268480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-09-14 02:41 - 2016-08-14 21:34 - 01541248 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2016-09-14 02:41 - 2016-08-14 20:25 - 04171264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-09-14 02:41 - 2016-08-14 18:14 - 01376768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2016-09-14 02:41 - 2016-08-13 09:41 - 07445848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-09-14 02:41 - 2016-08-13 09:40 - 01737080 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-09-14 02:41 - 2016-08-13 09:40 - 01663184 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-09-14 02:41 - 2016-08-13 09:40 - 01523208 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-09-14 02:41 - 2016-08-13 09:40 - 01490120 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-09-14 02:41 - 2016-08-13 09:40 - 01358952 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-09-14 02:41 - 2016-08-13 02:04 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-09-14 02:41 - 2016-08-10 00:47 - 00803176 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-09-14 02:41 - 2016-08-10 00:47 - 00611576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-09-14 02:41 - 2016-08-04 16:17 - 00416768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-09-14 02:41 - 2016-08-03 20:06 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-09-14 02:41 - 2016-08-03 20:05 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-09-14 02:40 - 2016-09-08 23:51 - 00443224 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-09-14 02:40 - 2016-09-08 23:51 - 00332632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-09-14 02:40 - 2016-08-22 18:06 - 00179248 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-09-14 02:40 - 2016-08-22 18:06 - 00100184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-09-14 02:40 - 2016-08-21 03:03 - 00201728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-09-14 02:40 - 2016-08-21 03:01 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-09-14 02:40 - 2016-08-21 03:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-09-14 02:40 - 2016-08-21 02:17 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-09-14 02:40 - 2016-08-21 01:27 - 01445376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-09-14 02:40 - 2016-08-21 01:26 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-09-14 02:40 - 2016-08-21 00:55 - 00104960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2016-09-14 02:40 - 2016-08-11 18:26 - 01156608 _____ (Microsoft Corporation) C:\Windows\system32\wwanmm.dll
2016-09-14 02:40 - 2016-08-11 18:17 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\pnidui.dll
2016-09-14 02:40 - 2016-08-11 18:16 - 00455680 _____ (Microsoft Corporation) C:\Windows\system32\wwanconn.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-10-12 02:59 - 2015-09-29 02:36 - 00000000 ____D C:\Users\Dominik\AppData\Roaming\Origin
2016-10-12 02:27 - 2015-11-30 19:08 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-10-11 22:04 - 2015-05-29 12:55 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3230179278-116593613-159145252-1001
2016-10-11 14:25 - 2014-11-04 11:46 - 00003722 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2016-10-11 14:25 - 2014-11-04 11:46 - 00003476 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2016-10-11 03:58 - 2013-08-22 15:36 - 00000000 ____D C:\Windows\Inf
2016-10-11 03:31 - 2015-11-03 04:50 - 00000000 ____D C:\Users\Dominik\AppData\Local\JDownloader 2.0
2016-10-10 18:48 - 2015-05-29 17:49 - 00000000 ____D C:\Users\Dominik\Desktop\bewerbungen
2016-10-10 02:17 - 2016-09-08 23:36 - 00000000 ____D C:\ProgramData\ProductData
2016-10-09 03:25 - 2015-09-29 02:35 - 00000000 ____D C:\ProgramData\Origin
2016-10-09 03:23 - 2015-09-29 02:36 - 00000000 ____D C:\Users\Dominik\AppData\Local\Origin
2016-10-07 04:16 - 2016-07-30 02:15 - 00000000 ____D C:\Users\Dominik\AppData\Local\Nox
2016-10-07 04:15 - 2016-08-02 02:13 - 00000000 ____D C:\Users\Dominik\.BigNox
2016-10-07 04:15 - 2016-07-30 02:18 - 00000000 ____D C:\Users\Dominik\.android
2016-10-07 04:15 - 2016-07-30 02:17 - 00000000 ____D C:\Users\Dominik\vmlogs
2016-10-04 03:23 - 2015-05-29 12:54 - 00000000 ____D C:\Users\Dominik\OneDrive
2016-10-03 11:27 - 2015-05-29 13:54 - 00000000 ____D C:\Users\Dominik\AppData\Local\ClassicShell
2016-10-02 16:56 - 2015-05-29 18:21 - 04314624 ___SH C:\Users\Dominik\Desktop\Thumbs.db
2016-09-29 17:52 - 2015-05-30 21:59 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2016-09-29 03:49 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2016-09-27 02:35 - 2016-02-26 03:45 - 00000000 ____D C:\Users\Dominik\AppData\Local\CrashDumps
2016-09-26 02:45 - 2015-05-29 18:09 - 00000000 ____D C:\Users\Dominik\Desktop\schatz
2016-09-25 02:48 - 2015-05-29 12:49 - 00000000 ____D C:\Users\Dominik
2016-09-22 02:30 - 2015-10-02 03:45 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-09-21 02:48 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2016-09-21 01:57 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-09-21 01:56 - 2015-05-29 18:26 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-09-21 01:45 - 2016-07-17 02:35 - 00003908 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1468715754
2016-09-21 01:45 - 2016-07-17 02:35 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-09-21 01:44 - 2014-04-28 13:38 - 00769304 _____ C:\Windows\system32\perfh007.dat
2016-09-21 01:44 - 2014-04-28 13:38 - 00161112 _____ C:\Windows\system32\perfc007.dat
2016-09-21 01:44 - 2014-04-28 11:22 - 00805116 _____ C:\Windows\system32\perfh00C.dat
2016-09-21 01:44 - 2014-04-28 11:22 - 00160592 _____ C:\Windows\system32\perfc00C.dat
2016-09-21 01:44 - 2014-03-18 17:26 - 02754516 _____ C:\Windows\system32\PerfStringBackup.INI
2016-09-21 01:39 - 2016-04-08 17:44 - 00000000 ____D C:\ProgramData\VMware
2016-09-21 01:39 - 2014-11-04 12:34 - 00000000 ____D C:\ProgramData\NVIDIA
2016-09-21 01:39 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-09-21 01:38 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2016-09-17 02:37 - 2015-05-30 21:59 - 00969184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2016-09-17 02:29 - 2013-08-22 16:44 - 00504152 _____ C:\Windows\system32\FNTCACHE.DAT
2016-09-17 02:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\setup
2016-09-17 02:28 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\setup
2016-09-17 02:26 - 2015-06-12 14:49 - 00000000 ____D C:\Windows\system32\MRT
2016-09-17 02:26 - 2014-04-24 18:12 - 144199024 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-09-15 16:59 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-09-15 16:59 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2016-09-15 02:27 - 2015-11-30 19:08 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-09-15 02:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-09-15 02:27 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\Macromed
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-11-04 12:48 - 2014-11-04 12:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Dominik\AppData\Local\Temp\f515-05bc-e893-b0f8.exe
C:\Users\Dominik\AppData\Local\Temp\i4jdel0.exe
C:\Users\Dominik\AppData\Local\Temp\jre-8u91-windows-au.exe
C:\Users\Dominik\AppData\Local\Temp\libeay32.dll
C:\Users\Dominik\AppData\Local\Temp\msvcr120.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole4716009882848964662.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole7105457842074615532.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole7164420760081934651.dll
C:\Users\Dominik\AppData\Local\Temp\proxy_vole7854560224802975653.dll
C:\Users\Dominik\AppData\Local\Temp\setup.exe
C:\Users\Dominik\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-10-11 03:58
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 10-10-2016
durchgeführt von Dominik (12-10-2016 03:00:34)
Gestartet von C:\Users\Dominik\Downloads
Windows 8.1 (Update) (X64) (2015-05-29 10:50:23)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3230179278-116593613-159145252-500 - Administrator - Disabled)
Dominik (S-1-5-21-3230179278-116593613-159145252-1001 - Administrator - Enabled) => C:\Users\Dominik
Gast (S-1-5-21-3230179278-116593613-159145252-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3230179278-116593613-159145252-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 15.05 beta x64 (HKLM\...\7-Zip) (Version: - )
888poker (HKLM-x32\...\888poker) (Version: - )
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Casino Classic (HKLM-x32\...\casinoclassic) (Version: 16.10.3.2234 - )
Classic Shell (HKLM\...\{7C129CF8-199F-4269-AAEE-60B5D8D716E2}) (Version: 4.2.1 - IvoSoft)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3019 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.3019 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Deluxe Ski Jump 4 (HKLM-x32\...\Deluxe Ski Jump 4_is1) (Version: 1.6.1 - Mediamond Tmi)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
ETDWare PS/2-X64 11.13.4.4_WHQL (HKLM\...\Elantech) (Version: 11.13.4.4 - ELAN Microelectronic Corp.)
FIFA 16 (HKLM-x32\...\{28FA2805-7992-4A28-844B-040C57204718}) (Version: 1.42.13482.16 - Electronic Arts)
FIFA 17 (HKLM-x32\...\{8C0DD062-B659-409C-9AB7-8EBD1D64D2EB}) (Version: 1.0.45.33307 - Electronic Arts)
FileFinder (HKLM-x32\...\FileFinder) (Version: 1.0.1 - Webitar Production Inc.)
Football Manager 2016 (HKLM-x32\...\Steam App 378120) (Version: - SEGA)
Football Manager 2016 Editor (HKLM-x32\...\Steam App 378200) (Version: - )
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Download Manager 3.9.6 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
GKFX MetaTrader 4 (HKLM-x32\...\GKFX MetaTrader 4) (Version: 6.00 - MetaQuotes Software Corp.)
GoWild Casino (HKLM-x32\...\gowild) (Version: 16.11.1.4250 - )
Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.28.1006 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3977 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{6F280399-F8BD-4F2E-BCA4-207BEBCDE33A}) (Version: 16.6.0.0128 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{7224B7CE-196C-4E2A-A1AE-1D7BF259FD36}) (Version: 3.4.1942 - Intel Corporation)
Intel(R) Wireless Bluetooth(R)(patch version 17.1.1434.2) (HKLM\...\{302600C1-6BDF-4FD1-1407-148929CC1385}) (Version: 17.1.1407.0480 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
IrfanView 64 (remove only) (HKLM\...\IrfanView) (Version: 4.40 - Irfan Skiljan)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KB9X Radio Switch Driver (HKLM\...\5AADE1068CF70DD983F763B20CF2CAAB72883915) (Version: 1.1.0.0 - ENE TECHNOLOGY INC.)
K-Lite Mega Codec Pack 11.3.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.3.0 - )
Landwirtschafts Simulator 15 (HKLM-x32\...\FarmingSimulator2015DE_is1) (Version: 1.2.0.0 - GIANTS Software)
LuxuryCasino (HKLM-x32\...\luxuryvipermit) (Version: 16.10.3.2234 - )
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Manager (x32 Version: 4.0.1.25166 - 2015 pdfforge GmbH. All rights reserved) Hidden
MansionPoker (HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\MansionPoker) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4859.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\OneDriveSetup.exe) (Version: 17.3.6517.0809 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 49.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.1 (x86 de)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.3.2514 - Swisscom (Schweiz) AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.8 - Notepad++ Team)
Nox APP Player (HKLM-x32\...\Nox) (Version: 3.7.1.0 - Duodian Technology Co. Ltd.)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4859.1002 - Microsoft Corporation) Hidden
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.1.1.35466 - Electronic Arts, Inc.)
PCM Fast Editor (HKU\S-1-5-21-3230179278-116593613-159145252-1001\...\b4e96ac10814a05a) (Version: 2.1.0.0 - PCM Fast Editor)
PCM.daily Expansion Pack 0.8 0.8 (HKLM-x32\...\PCM.daily Expansion Pack 0.8 0.8) (Version: 0.8 - PCM.daily)
PDF Architect 4 (HKLM-x32\...\PDF Architect 4) (Version: 4.0.34.26215 - pdfforge GmbH)
PDF Architect 4 Create Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 Edit Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDF Architect 4 View Module (Version: 4.0.12.26604 - pdfforge GmbH) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.2 - pdfforge)
Players Palace (HKLM-x32\...\thecasino) (Version: 16.10.3.2234 - )
Pro Cycling Manager 2014 (HKLM-x32\...\Steam App 255260) (Version: - Cyanide Studio)
Pro Cycling Manager 2016 (HKLM\...\Steam App 408760) (Version: - Cyanide Studio)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.47.1374 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.47.1374 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Performance Suite (HKLM-x32\...\{D675B346-8CDB-4C8E-804E-17FC9F62CEA5}) (Version: 1.1.47.1374 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.47.1374 - Qualcomm Atheros) Hidden
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.21258 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7095 - Realtek Semiconductor Corp.)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.4.16061.19 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
SCM (HKLM\...\{EDF24C5B-2E36-4089-B96A-329B15A74649}) (Version: 11.013.05146 - )
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16084.4 - Samsung Electronics Co., Ltd.) Hidden
SolothurnTax 2014 14.3.26 (HKLM-x32\...\NP_SO_2014) (Version: 14.3.26 - Ringler Informatik AG)
SolothurnTax 2015 15.3.24 (HKLM-x32\...\NP_SO_2015) (Version: 15.3.24 - Ringler Informatik AG)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Tour de France 2015 - Der offizielle Radsport-Manager Version 1 (HKLM-x32\...\Pro Cycling Manager 2015_is1) (Version: 1.2.0.0 - Cyanide)
Villento Casino (HKLM-x32\...\Villento) (Version: 16.10.3.2234 - )
VMware Player (HKLM-x32\...\VMware_Player) (Version: 7.0.0 - VMware, Inc)
VMware Player (Version: 7.0.0 - VMware, Inc.) Hidden
Windows Driver Package - BigNox Corporation (VBoxUSB) USB (09/16/2015 4.3.12) (HKLM\...\76B144D15273552931249392EDB13C0BBD52C84E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation VBoxUSBMon System (09/16/2015 4.3.12) (HKLM\...\39F54A37125643D2E1E90FA7D81F36ACC9441510) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Driver Package - BigNox Corporation XQHDrv System (09/16/2015 4.3.12) (HKLM\...\0147813640F7AF69F569581EE672B6BE1E71798E) (Version: 09/16/2015 4.3.12 - BigNox Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version: - DOSBox Team)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3230179278-116593613-159145252-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-3230179278-116593613-159145252-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3230179278-116593613-159145252-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {1674C342-3F12-4867-BE6D-E45CF4EFB5EC} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3230179278-116593613-159145252-1001 => C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-08-23] (Microsoft Corporation)
Task: {2379336B-B8F9-4AB4-9474-9816226DF4B6} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-23] (Microsoft Corporation)
Task: {4C3F3720-1565-4281-AAB9-7E0381767D5C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-07-26] (Microsoft Corporation)
Task: {57038B8A-3AF3-45C4-90ED-1E5784DF85EA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-09-17] (Microsoft Corporation)
Task: {6C841B8C-0B5A-4CDD-837A-41D5FFC5E366} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-09-10] (AVAST Software)
Task: {6DDE38D8-A4BE-4B53-A2D2-1A9E81371E07} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {72025A00-5DEB-4756-A948-09B9C0F872DF} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12] (Intel Corporation)
Task: {7D5D522C-188C-48C6-B8F3-B4C11DB40578} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {875F0D1B-57E6-42CC-8587-CC2AD1165852} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-09-17] (CyberLink Corp.)
Task: {A2A34B47-940E-467A-9ADA-E4D85E0E0D62} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
Task: {C8B9B427-2145-4536-9D47-3FB8A3E36738} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-15] (Adobe Systems Incorporated)
Task: {E4546429-DD6B-4CD0-991B-B93955CB06BD} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2013-09-09] (Dolby Laboratories Inc.)
Task: {E82825C1-72BE-47BF-802A-D2CFB5003487} - System32\Tasks\SafeZone scheduled Autoupdate 1468715754 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {FCA0A20D-001D-4862-BC3A-4D1F462D2B3A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-07-26] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Dominik\Desktop\LIFESTORE.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\Users\Dominik\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\Users\Public\Desktop\Avast SafeZone Browser.lnk -> C:\Program Files\AVAST Software\SZBrowser\launcher.exe (Avast Software) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
ShortcutWithArgument: C:\Users\Public\Desktop\Mozilla Firefox.lnk -> C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) -> "hxxp://tech-connect.biz/?ssid=1472691801&a=1079160&src=sh&uuid=cb70932e-ba59-4f76-90c3-19f7d3892151,1472691771472"
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-02-17 18:37 - 2016-01-12 06:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-05-29 18:26 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-11-04 12:34 - 2016-02-09 07:41 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-08-23 02:31 - 2016-08-23 02:31 - 01864384 _____ () C:\Users\Dominik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2014-11-04 10:54 - 2014-10-16 17:14 - 00456808 _____ () C:\Windows\system32\igfxTray.exe
2013-09-09 15:13 - 2013-09-09 15:13 - 00050904 _____ () C:\Program Files\Dolby Digital Plus\Dolby.DDP.Controls_Desktop.dll
2014-09-19 17:48 - 2014-09-19 17:48 - 00330240 _____ () C:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2016-10-09 03:25 - 2016-10-09 03:24 - 00015872 _____ () D:\Origin\QtWebEngineProcess.exe
2016-10-11 03:31 - 2016-10-11 03:31 - 00566439 _____ () C:\Users\Dominik\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\libgcc_s_sjlj-1.dll
2016-10-11 03:31 - 2016-10-11 03:31 - 04078962 _____ () C:\Users\Dominik\AppData\Local\JDownloader 2.0\tmp\7zip\SevenZipJBinding-FKPz9\lib7-Zip-JBinding.dll
2016-09-08 23:36 - 2016-06-14 16:35 - 00625440 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2014-11-20 18:44 - 2014-11-20 18:44 - 01299136 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-09-03 13:03 - 2014-09-03 13:03 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-09-10 17:50 - 2016-09-10 17:50 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-09-10 17:50 - 2016-09-10 17:50 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2016-10-11 19:44 - 2016-10-11 19:44 - 03118936 _____ () C:\Program Files\AVAST Software\Avast\defs\16101102\algo.dll
2015-10-03 03:26 - 2016-01-12 06:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-09-21 01:55 - 2016-09-21 01:55 - 00325824 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-11-05 17:49 - 2014-07-04 06:35 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2014-07-04 14:35 - 2014-07-04 14:35 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2016-07-15 02:20 - 2016-07-15 02:20 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-10-09 03:25 - 2016-10-09 03:24 - 02493440 _____ () D:\Origin\libGLESv2.dll
2016-10-09 03:25 - 2016-10-09 03:24 - 00012288 _____ () D:\Origin\libEGL.DLL
2016-06-14 03:06 - 2016-06-14 03:06 - 00266240 _____ () D:\Origin\imageformats\qmng.dll
2015-10-21 16:50 - 2015-10-21 16:50 - 00988160 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxml2.dll
2015-10-21 16:49 - 2015-10-21 16:49 - 00170496 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxslt.dll
2015-10-21 16:49 - 2015-10-21 16:49 - 00136192 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec-mscrypto.dll
2015-10-21 16:49 - 2015-10-21 16:49 - 00303616 _____ () C:\Program Files (x86)\OpenOffice 4\program\libxmlsec.dll
2015-07-05 03:25 - 2014-03-31 21:35 - 00282304 _____ () C:\Program Files (x86)\Windows Live\Writer\de\WindowsLive.Writer.Localization.resources.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3230179278-116593613-159145252-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\OEM\wallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{6129196D-1EF3-4C3A-A6F5-990358F7408F}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{5E2E9CC6-4069-4829-8BEB-C9F07010D114}] => (Allow) LPort=2869
FirewallRules: [{F64ED3B4-9E6B-4C6B-A84F-C64FB79F82C8}] => (Allow) LPort=1900
FirewallRules: [{76AC518B-9934-4E01-83C0-2D0549EB9B6B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{1A6D3200-FF27-4344-964D-DB7C1B9926E8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0F415CA8-1C63-4A12-BD28-A752C5F00BDC}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{579E3D2A-963F-441C-A1B0-51C4E6494DF1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C2A5D085-394B-4065-A892-97B12B5F08D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F7CAAA20-1C0F-4BD8-AE2C-F6421E16ED27}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EF8A1DD1-9043-4386-B8D3-7D2E77D7AC71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{EA6EEC17-B000-42F4-BFF2-2522E58CC5BE}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{818B572E-3A3F-48C2-9C44-816CBF16D2FA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{05C3FF83-0080-4F93-A8DC-666C2AB17657}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{7263FA7E-4CB8-4899-B5BC-9DB9BFEDDF5F}] => (Allow) C:\Users\Dominik\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{15A3EA79-26F2-498A-8E14-4AC77AA19020}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2014\PCM.exe
FirewallRules: [{DA032AA0-D460-412C-AFF4-688DA34B3C87}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pro Cycling Manager 2014\PCM.exe
FirewallRules: [{A6AF126D-4B60-4451-95C3-A0A501F7C9F7}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{0D45DD02-0E1F-4368-AA7C-A39A26836501}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{6825E4DD-FCE7-4B01-A05B-DA19B2D6B3DC}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{8AE32BE0-8112-4283-877E-9A67524DBFD9}] => (Allow) C:\Program Files (x86)\Cyanide\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{7F530585-E96A-43D8-BBC6-C4511B25A3B3}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{3C2BD917-E4B1-4CC9-AB5E-CF7D20274F9E}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\PCM.exe
FirewallRules: [{0F1203FD-FC89-444D-8BE8-B55D4D445128}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{8C770172-E366-468B-A0F0-FC9D7EE662B2}] => (Allow) D:\Tour de France 2015 - Der offizielle Radsport-Manager\Autorun\Exe\Autorun.exe
FirewallRules: [{6898D078-77AA-4B67-AE69-5DEFC874A6BE}] => (Allow) D:\steam games\steamapps\common\Football Manager 2015\fm.exe
FirewallRules: [{CECF5191-BD22-4537-A1B7-7C1DE9F88D82}] => (Allow) D:\steam games\steamapps\common\Football Manager 2015\fm.exe
FirewallRules: [{073ADE52-439E-49BB-9FE7-8C8D25158A2D}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{8ABAF206-4C56-4C35-BB3A-AA74374EC4BF}] => (Allow) D:\Landwirtschafts Simulator 2015\FarmingSimulator2015.exe
FirewallRules: [{B07FE49E-263D-4888-BB5C-26B86D237CD2}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{DBD20CCD-676F-47AA-BB0D-746E27ED7E72}] => (Allow) D:\Landwirtschafts Simulator 2015\x86\FarmingSimulator2015Game.exe
FirewallRules: [{2F9AD1D4-D41F-46FD-B554-C7C0AF756D4F}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{0047BF04-290C-42C2-8512-0FB3136FBE19}] => (Allow) D:\Landwirtschafts Simulator 2015\x64\FarmingSimulator2015Game.exe
FirewallRules: [{BE6D88A0-3D97-4A0F-B6A1-E67257B134C9}] => (Allow) D:\steam\steamapps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{9690496D-6071-46E9-B833-EB4F24DFA801}] => (Allow) D:\steam\steamapps\common\Football Manager 2015 Editor\editor.exe
FirewallRules: [{54D95A7F-B7E3-471C-9F80-5E40F7BA141E}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [{1A7C7D43-CC05-47BB-AFA4-6BC6511FFBFE}] => (Allow) D:\Steam\Steam.exe
FirewallRules: [TCP Query User{CF5F338C-8C4D-473F-9954-1BBDEF332612}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{ABA45532-202F-429A-81DC-A4BBE4375DC8}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [{9028C0C0-C67B-4C20-88ED-304D9D51511C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{7A7176F5-251A-4993-989D-03F323CBFE16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{25BE1763-CB17-49C1-AC60-1E75A8297C73}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{1AA7E327-1D23-421D-9461-BBBD63875290}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9869F343-B7F7-4A59-A6F5-0B6101A6027E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4EE68AA9-7137-4F56-B237-DEF86862DD6E}] => (Allow) D:\anno1404\Anno4.exe
FirewallRules: [{C22DDE76-6C58-42D1-8F61-582A1939B788}] => (Allow) D:\anno1404\Anno4.exe
FirewallRules: [{6212B5AD-5096-4018-A543-04F2E5D6A6ED}] => (Allow) D:\anno1404\Addon.exe
FirewallRules: [{DA64D3D0-7942-49D5-BCF0-FCB0004DF3E4}] => (Allow) D:\anno1404\Addon.exe
FirewallRules: [{91B6E497-A819-40C5-B6E8-9FE89F7CE03A}] => (Allow) D:\anno1404\tools\Anno4Web.exe
FirewallRules: [{BBF9541C-4B5B-4355-A801-92D70E17E742}] => (Allow) D:\anno1404\tools\Anno4Web.exe
FirewallRules: [{68DE69EC-2604-482F-B1DC-6070E64F2B13}] => (Allow) D:\anno1404\tools\AddonWeb.exe
FirewallRules: [{661113D1-4FF4-48B3-A86B-C20EDBA8C840}] => (Allow) D:\anno1404\tools\AddonWeb.exe
FirewallRules: [{6C81DC2F-5960-4BC7-A6EB-FF59795AAF1E}] => (Allow) D:\anno1404\tools\Benchmark.exe
FirewallRules: [{D2B32FFD-EFF2-4B60-B118-2BB6E17D27BF}] => (Allow) D:\anno1404\tools\Benchmark.exe
FirewallRules: [{1819EEF3-2066-4FAF-8A89-FBEC8B111F13}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7039D05E-2081-44EC-8729-8EA7DFBB9CCA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [TCP Query User{B565136D-2A11-4752-950D-CA50A0326645}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{915AFB8E-09AE-478E-A516-917B01979845}C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_51\bin\javaw.exe
FirewallRules: [TCP Query User{0099DE38-7611-4566-9117-2BE308CF9176}D:\anno1404\tools\addonweb.exe] => (Block) D:\anno1404\tools\addonweb.exe
FirewallRules: [UDP Query User{8806DA4C-C293-45E5-B31B-4A59CB7232FD}D:\anno1404\tools\addonweb.exe] => (Block) D:\anno1404\tools\addonweb.exe
FirewallRules: [{90ECFD23-7843-488D-8914-B5F5F6FE02A3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69722674-5599-4CBF-BBA3-882008F7C57D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0925AB1F-616A-490A-A058-93070E7E1010}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{E0A46343-6B9C-40F7-94F1-AB4EF7E5258F}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{AECEA4A1-BA96-4D4E-B517-0CD8B8F3EE7B}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{FBD320A7-AE22-442E-8BE6-D5974F6E7C3F}] => (Allow) D:\Steam\bin\steamwebhelper.exe
FirewallRules: [{953974A0-4887-488D-9E76-3DFDFB3D687A}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016\fm.exe
FirewallRules: [{7BBE9FEA-5F25-40E1-AF3F-1053BE244B21}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016\fm.exe
FirewallRules: [{2C46F44F-7153-4C64-9B55-EB968CE08ED0}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{05ADC04F-B288-45A9-8DEE-3C264E77EAC0}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{C4A5EE32-4AC7-43B6-8C4D-6140475F9F1D}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{1D4FC3D4-DB1A-4B3E-89F1-3F59EAF1C110}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{9D58B02D-8C3E-4A9F-938E-B61ABBAFAF0A}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{DD1261E4-ED66-43D2-B387-B01BA2ADF990}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{B61B5797-886E-4F09-9328-5EDB332855E8}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{A56F368E-55CC-4AB9-8CF4-8D093C181053}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{2F16BA81-BEA4-432F-8E41-A119106E75EC}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{E141C7C8-0ADE-49E7-9444-A5B8C0036704}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{A47E37C8-5CA7-4E1E-A4EF-31C615D83584}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016 Editor\editor.exe
FirewallRules: [{C40FB467-6698-48C5-8B82-54509184090F}] => (Allow) D:\Steam\steamapps\common\Football Manager 2016 Editor\editor.exe
FirewallRules: [TCP Query User{49C32632-AFFF-4981-9D0A-FA1254B8335C}C:\program files (x86)\pacificpoker\bin\poker.exe] => (Block) C:\program files (x86)\pacificpoker\bin\poker.exe
FirewallRules: [UDP Query User{86ACC110-F6F7-4774-8E5E-A563BCEC4611}C:\program files (x86)\pacificpoker\bin\poker.exe] => (Block) C:\program files (x86)\pacificpoker\bin\poker.exe
FirewallRules: [{324357FF-87B5-4EFD-B8F5-CA2CCEA0A9A2}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [{42EB4848-813B-43EB-AB6D-E00283CABEE6}] => (Allow) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
FirewallRules: [TCP Query User{6B8FE1F2-A56F-439C-919C-46015F2C0644}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [UDP Query User{56D12715-FB5B-4CB6-A210-C145EFAEED82}D:\origin games\fifa 16\fifa16.exe] => (Allow) D:\origin games\fifa 16\fifa16.exe
FirewallRules: [{55F95DFD-0E2A-48DF-A6C2-08F6C4E2F4E4}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{36875F8A-87E5-4779-9600-F6998F395587}] => (Allow) D:\origin games\FIFA 16\fifasetup\fifaconfig.exe
FirewallRules: [{5E62D630-C0C2-4058-A606-DA8733A70848}] => (Allow) D:\Steam\steamapps\common\Pro Cycling Manager 2016\PCM.exe
FirewallRules: [{C8D430C8-B689-464E-B44B-65BEC777281A}] => (Allow) D:\Steam\steamapps\common\Pro Cycling Manager 2016\PCM.exe
FirewallRules: [{7F21408A-388E-4F39-B90D-C60C0F5DEE05}] => (Allow) C:\Users\Dominik\AppData\Roaming\Nox\bin\Nox.exe
FirewallRules: [{860B25F5-1584-432B-A72A-EF2E6670733F}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RTNoxVMHandle.exe
FirewallRules: [{BF6BF7F0-D032-4C73-96C9-3459231459C9}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{46C6A5E5-9449-463D-AFE9-889A4AB212A4}] => (Allow) C:\Program Files (x86)\FileFinder\FileFinder.exe
FirewallRules: [{E02916B5-4F1E-4276-9554-B8AEDFFA8A5E}] => (Allow) D:\origin games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [{4431FB9A-905D-48E9-A652-920F04BF79BD}] => (Allow) D:\origin games\FIFA 17\FIFASetup\fifaconfig.exe
FirewallRules: [TCP Query User{5ABFCFDF-258E-45E4-B8E6-907983E093C5}D:\origin games\fifa 17\fifa17.exe] => (Allow) D:\origin games\fifa 17\fifa17.exe
FirewallRules: [UDP Query User{6528EAA1-73E3-422F-B10B-91C4136EACD0}D:\origin games\fifa 17\fifa17.exe] => (Allow) D:\origin games\fifa 17\fifa17.exe
==================== Wiederherstellungspunkte =========================
01-10-2016 02:54:32 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
01-10-2016 03:01:49 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
11-10-2016 06:20:37 Geplanter Prüfpunkt
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/11/2016 08:10:07 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/11/2016 05:56:51 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "\\?\Volume{7ee5d1ad-67ff-40eb-ba0c-8a32686e6ef7}\" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)
Error: (10/11/2016 02:58:12 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/10/2016 04:14:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.13.6191, Zeitstempel: 0x56b979b0
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.13.6191, Zeitstempel: 0x56b97580
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000009f440
ID des fehlerhaften Prozesses: 0x1399c
Startzeit der fehlerhaften Anwendung: 0x01d221c46d619103
Pfad der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\NVSVC64.DLL
Berichtskennung: 40b20a12-8e8f-11e6-82db-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/10/2016 02:26:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/09/2016 02:41:08 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/09/2016 02:31:29 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (10/08/2016 05:12:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.13.6191, Zeitstempel: 0x56b979b0
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.13.6191, Zeitstempel: 0x56b97580
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000009f440
ID des fehlerhaften Prozesses: 0x13458
Startzeit der fehlerhaften Anwendung: 0x01d220f9e565dcaa
Pfad der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\NVSVC64.DLL
Berichtskennung: 0b20feca-8d05-11e6-82db-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (10/08/2016 02:31:21 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
Error: (10/07/2016 05:55:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: nvvsvc.exe, Version: 8.17.13.6191, Zeitstempel: 0x56b979b0
Name des fehlerhaften Moduls: NVSVC64.DLL, Version: 8.17.13.6191, Zeitstempel: 0x56b97580
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000009f440
ID des fehlerhaften Prozesses: 0xce94
Startzeit der fehlerhaften Anwendung: 0x01d2203266b6972a
Pfad der fehlerhaften Anwendung: C:\Windows\system32\nvvsvc.exe
Pfad des fehlerhaften Moduls: C:\Windows\system32\NVSVC64.DLL
Berichtskennung: e643faf7-8c41-11e6-82db-4851b74f8d45
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (10/11/2016 02:25:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Update Manager" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/22/2016 07:03:56 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Der lokale Bluetooth-Adapter ist aus einem unbekannten Grund fehlgeschlagen und wird nicht verwendet. Der Treiber wurde entladen.
Error: (09/22/2016 06:29:49 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/21/2016 01:39:32 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/21/2016 01:39:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 20.09.2016 um 23:37:11 unerwartet heruntergefahren.
Error: (09/18/2016 03:00:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Avast Antivirus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/17/2016 02:29:35 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee SiteAdvisor Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (09/16/2016 07:19:18 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{5DC4F9AD-3A2B-4DF4-AC39-3FF5A19FCF4C}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/16/2016 07:19:09 PM) (Source: DCOM) (EventID: 10010) (User: DORO89)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (09/16/2016 07:19:08 PM) (Source: DCOM) (EventID: 10010) (User: DORO89)
Description: Der Server "{D63B10C5-BB46-4990-A94F-E40B9D520160}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2016-10-09 03:25:26.094
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-07 04:15:35.793
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-10-03 02:55:52.567
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-29 17:41:37.158
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-25 02:48:17.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-22 03:24:44.561
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-11 02:53:17.565
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-11 02:48:15.580
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-11 02:40:29.721
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
Date: 2016-09-05 02:09:27.608
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\dsound.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4710MQ CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 15%
Installierter physikalischer RAM: 32682.88 MB
Verfügbarer physikalischer RAM: 27462.11 MB
Summe virtueller Speicher: 37546.88 MB
Verfügbarer virtueller Speicher: 30749.84 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:236.76 GB) (Free:4.98 GB) NTFS
Drive d: (Data) (Fixed) (Total:871 GB) (Free:628.84 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60.51 GB) (Free:44.18 GB) NTFS
Drive f: (FIFA 17 Disc 5) (CDROM) (Total:6.32 GB) (Free:0 GB) CDFS
Drive h: (Anno 1404 GE) (CDROM) (Total:3.39 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: FEFAD821)
Partition 1: (Not Active) - (Size=871 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
| Themen zu Firefox öffnet beim starten willkürliche seiten |
| antivirus, askbar, browser, cpu, desktop, firefox, flash player, free download, iexplore.exe, internet, mozilla, office 365, performance, problem, proxy, prozesse, realtek, registry, rundll, scan, siteadvisor, software, starten, svchost.exe, system, udp, usb, windows, windowsapps |
Baum-Darstellung