| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
18.01.2017, 14:12
| #16 |
 |  Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter # AdwCleaner v6.042 - Bericht erstellt am 18/01/2017 um 14:06:44
# Aktualisiert am 06/01/2017 von Malwarebytes
# Datenbank : 2017-01-17.2 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Alex - PEACHY
# Gestartet von : C:\Users\Alex\Desktop\AdwCleaner_6.042.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\WISECLEANER
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2289 Bytes] - [16/01/2017 22:32:42]
C:\AdwCleaner\AdwCleaner[C2].txt - [4044 Bytes] - [17/01/2017 09:44:46]
C:\AdwCleaner\AdwCleaner[C3].txt - [1926 Bytes] - [17/01/2017 09:49:42]
C:\AdwCleaner\AdwCleaner[C4].txt - [1895 Bytes] - [17/01/2017 09:54:43]
C:\AdwCleaner\AdwCleaner[C5].txt - [6391 Bytes] - [17/01/2017 10:38:42]
C:\AdwCleaner\AdwCleaner[C6].txt - [6770 Bytes] - [18/01/2017 13:37:33]
C:\AdwCleaner\AdwCleaner[C7].txt - [1413 Bytes] - [18/01/2017 14:06:44]
C:\AdwCleaner\AdwCleaner[S0].txt - [1325 Bytes] - [13/01/2017 18:25:18]
C:\AdwCleaner\AdwCleaner[S10].txt - [7333 Bytes] - [18/01/2017 13:30:28]
C:\AdwCleaner\AdwCleaner[S11].txt - [2562 Bytes] - [18/01/2017 14:06:23]
C:\AdwCleaner\AdwCleaner[S1].txt - [4246 Bytes] - [16/01/2017 22:04:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [38782 Bytes] - [16/01/2017 22:23:16]
C:\AdwCleaner\AdwCleaner[S3].txt - [2069 Bytes] - [16/01/2017 22:32:14]
C:\AdwCleaner\AdwCleaner[S4].txt - [4200 Bytes] - [17/01/2017 09:44:15]
C:\AdwCleaner\AdwCleaner[S5].txt - [2144 Bytes] - [17/01/2017 09:49:17]
C:\AdwCleaner\AdwCleaner[S6].txt - [1975 Bytes] - [17/01/2017 09:54:23]
C:\AdwCleaner\AdwCleaner[S7].txt - [2121 Bytes] - [17/01/2017 09:59:12]
C:\AdwCleaner\AdwCleaner[S8].txt - [2194 Bytes] - [17/01/2017 10:17:47]
C:\AdwCleaner\AdwCleaner[S9].txt - [6702 Bytes] - [17/01/2017 10:38:02]
########## EOF - C:\AdwCleaner\AdwCleaner[C7].txt - [2365 Bytes] ##########
Löscht sich irgendwie nicht. Ist immernoch vorhanden. |
|
18.01.2017, 14:13
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________
__________________ |
|
18.01.2017, 14:25
| #18 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Alex (Administrator) auf PEACHY (18-01-2017 14:24:10)
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp
() C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
() C:\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11610.1001.23.0_x64__8wekyb3d8bbwe\WinStore.App.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1075344 2014-12-08] (Highresolution Enterprises)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CmPCIaudio] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE [15039632 2015-11-30] (D-Link Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\RunOnce: [window.bat] => C:\Windows\window.bat [59 2017-01-05] ()
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [WMYQQI7Y71] => C:\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe [380416 2017-01-17] ()
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {75d42f49-1b0e-11e5-ac3c-50465d90560b} - "G:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e3802153-18aa-11e5-ab60-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e4d6db00-9115-11e4-9d8a-806e6f6e6963} - "E:\AutoRun.exe"
ShellExecuteHooks: Kein Name - {41B7E29A-DB94-11E6-A96D-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Clorertyckidering\Ditokphesele.dll -> Keine Datei
ShellExecuteHooks: Kein Name - {A4557840-DB94-11E6-A863-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Clehersy\Terdery.dll -> Keine Datei
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Keine Datei
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a94d664-f07c-4e02-a516-4e233f0db8d2}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2927967124-101175508-2003510897-1000 -> DefaultScope {9FFEE954-DB75-492A-B1CA-BA23C9B83007} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-01-17]
FireFox:
========
FF DefaultProfile: n4plk0l5.Alex
FF ProfilePath: C:\Users\Alex\AppData\Roaming\TomTom\HOME\Profiles\2bevz9ew.default [2016-08-16]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\NvwHxp1R.default [2017-01-17]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex [2017-01-18]
FF Extension: (Firefox Hotfix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10]
FF Extension: (Adblock Plus) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\searchplugins\3xw1ienb.xml [2017-01-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-17] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @my.com/Games -> C:\Users\Alex\AppData\Local\MyComGames\NPMyComDetector.dll [2016-10-19] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR HomePage: ChromeDefaultData2 -> hxxp://www.trotux.com/?z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp
CHR StartupUrls: ChromeDefaultData2 -> "hxxp://www.trotux.com/?z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp"
CHR DefaultSearchURL: ChromeDefaultData2 -> hxxp://www.trotux.com/search/?q={searchTerms}&z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData2 -> trotux
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
CHR Extension: (Adblock Plus) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-12-18]
CHR Extension: (SG Dynamo Dresden - Theme) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\cpojmcdpieabkibcmbamghepgiaegkjj [2016-12-18]
CHR Extension: (mydlink services plugin) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\ldibdoepbjbkkcbgndfljnphngpglhbb [2016-12-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-18]
CHR Extension: (Chrome Media Router) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [232208 2016-07-01] (EasyAntiCheat Ltd)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 joduzigo; C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp [429056 2017-01-18] () [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 Overwolfepson; C:\Program Files (x86)\epson\Overwolfepson.dll [223744 2017-01-17] () [Datei ist nicht signiert]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1317104 2017-01-04] (Overwolf LTD)
R2 pocyfene; C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp [247296 2017-01-18] () [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SteamVideoLAN; C:\Program Files (x86)\VideoLAN\SteamVideoLAN.dll [223744 2017-01-17] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)
S2 Chesutckazucult; C:\Program Files (x86)\Lirght\NifotcltipyPrv.dll [X]
S2 Grimaght; C:\Program Files (x86)\Toheshphfeied\LervetainUpd.dll [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cmuda3; C:\WINDOWS\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-06-22] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm))
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-18] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-31] (wisecleaner.com)
R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-18 14:23 - 2017-01-18 14:24 - 00021769 _____ C:\Users\Alex\Desktop\FRST.txt
2017-01-18 14:20 - 2017-01-18 14:20 - 00000000 ____D C:\Users\Alex\Desktop\Neuer Ordner
2017-01-18 13:43 - 2017-01-18 13:43 - 00000800 _____ C:\Users\Alex\Desktop\JRT.txt
2017-01-18 13:29 - 2017-01-18 13:29 - 01663040 _____ (Malwarebytes) C:\Users\Alex\Desktop\JRT.exe
2017-01-18 13:08 - 2017-01-18 13:12 - 00087970 _____ C:\TDSSKiller.3.1.0.12_18.01.2017_13.08.40_log.txt
2017-01-18 13:07 - 2017-01-18 13:08 - 00005480 _____ C:\TDSSKiller.3.1.0.12_18.01.2017_13.07.19_log.txt
2017-01-18 12:35 - 2017-01-18 12:32 - 00004848 _____ C:\Users\Alex\Desktop\mbar-log-2017-01-18 (12-02-10).txt
2017-01-18 12:03 - 2017-01-18 12:03 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alex\Desktop\tdsskiller.exe
2017-01-18 12:01 - 2017-01-18 13:07 - 00000000 ____D C:\Users\Alex\Desktop\mbar
2017-01-17 11:31 - 2017-01-18 12:35 - 00001117 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-01-17 11:20 - 2017-01-18 14:24 - 00000000 ____D C:\FRST
2017-01-17 11:18 - 2017-01-17 11:18 - 00006078 _____ C:\WINDOWS\System32\Tasks\Docertain Core
2017-01-17 11:18 - 2017-01-17 11:18 - 00000000 ____D C:\Program Files (x86)\Docertain Core
2017-01-17 11:17 - 2017-01-17 11:17 - 00000000 ____D C:\Program Files\V26YJC5Z3M
2017-01-17 11:14 - 2017-01-17 11:14 - 02419200 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2017-01-17 10:26 - 2017-01-17 10:26 - 00720033 _____ C:\WINDOWS\unins000.exe
2017-01-17 10:25 - 2017-01-17 11:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Clehersy
2017-01-17 10:25 - 2017-01-17 11:18 - 00000000 ____D C:\Users\Alex\AppData\Local\Terqakfatacult
2017-01-17 10:04 - 2017-01-17 10:04 - 00282624 ____H C:\WINDOWS\system32\BITF6B1.tmp
2017-01-17 10:04 - 2017-01-17 10:04 - 00282624 ____H C:\WINDOWS\system32\BIT93F.tmp
2017-01-16 22:50 - 2017-01-16 22:50 - 00019189 _____ C:\Users\Alex\Desktop\Mbam.txt
2017-01-16 22:14 - 2017-01-16 22:14 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-16 22:13 - 2017-01-18 14:08 - 00000228 _____ C:\WINDOWS\web.bat
2017-01-16 22:13 - 2017-01-17 10:26 - 00051253 _____ C:\WINDOWS\unins000.dat
2017-01-16 22:13 - 2017-01-16 17:06 - 00385510 _____ ( ) C:\WINDOWS\window.exe
2017-01-16 22:13 - 2017-01-05 11:10 - 00000059 _____ C:\WINDOWS\window.bat
2017-01-16 22:11 - 2017-01-16 22:14 - 00000000 ____D C:\Program Files\27HBITBKNS
2017-01-16 22:11 - 2017-01-16 22:11 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-01-16 22:09 - 2017-01-18 10:33 - 00000000 ____D C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982
2017-01-16 21:59 - 2017-01-13 18:18 - 03988944 _____ C:\Users\Alex\Desktop\AdwCleaner_6.042.exe
2017-01-16 21:50 - 2017-01-17 09:36 - 00000000 ____D C:\Program Files (x86)\Toheshphfeied
2017-01-16 21:50 - 2017-01-16 21:51 - 00000000 ____D C:\Users\Alex\AppData\Local\Reitssetsh
2017-01-14 10:33 - 2017-01-14 10:33 - 07774656 _____ (XVM team ) C:\Users\Alex\Downloads\xvm-6.5.2-CIS.exe
2017-01-13 19:55 - 2017-01-13 20:21 - 564799858 _____ C:\Users\Alex\Documents\xf-lastshift.avi
2017-01-13 18:36 - 2017-01-18 12:35 - 00000619 _____ C:\Users\Public\Desktop\F.E.A.R. EXTRACTION POINT.lnk
2017-01-13 18:33 - 2017-01-13 18:33 - 00000000 ____D C:\Users\Public\Documents\TimeGate Studios
2017-01-13 18:30 - 2017-01-13 18:30 - 00000000 ____D C:\Users\Public\Documents\Monolith Productions
2017-01-13 18:26 - 2017-01-13 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2017-01-13 18:19 - 2017-01-18 14:11 - 00000000 ____D C:\AdwCleaner
2017-01-13 18:18 - 2017-01-13 18:18 - 03988944 _____ C:\Users\Alex\Downloads\AdwCleaner_6.042.exe
2017-01-12 19:28 - 2017-01-12 19:28 - 02834619 _____ C:\WINDOWS\6c442299d769ae6b2f67ac21feb88ba9.exe
2017-01-11 16:00 - 2016-12-09 13:48 - 00000000 ____D C:\Users\Alex\Desktop\VA-Thunderdome_Die_Hard_II-4CD-2016-wAx
2017-01-11 15:51 - 2017-01-12 09:37 - 00000000 ____D C:\Users\Alex\Desktop\Mantus
2017-01-10 22:06 - 2017-01-10 22:06 - 00379020 _____ C:\Users\Alex\Downloads\1511_11_zer002___ecdl_1393.pdf
2017-01-10 20:34 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-10 20:34 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-10 20:34 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-10 20:34 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-10 20:34 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-10 20:34 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-10 20:34 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-10 20:34 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-10 20:34 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-10 20:34 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-10 20:34 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-10 20:34 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-10 20:34 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-10 20:34 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-10 20:34 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-10 20:34 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-10 20:34 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-10 20:34 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-10 20:34 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-10 20:34 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-10 20:34 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-10 20:34 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-10 20:34 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-10 20:34 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-10 20:34 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-10 20:34 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-10 20:34 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-10 20:34 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-10 20:34 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-10 20:34 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-10 20:34 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-10 20:34 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-10 20:34 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-10 20:34 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-10 20:34 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-10 20:34 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-10 20:34 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-10 20:34 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-10 20:34 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-10 20:34 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-10 20:34 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-10 20:34 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-10 20:34 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-10 20:34 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-10 20:34 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-10 20:34 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-10 20:34 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-10 20:34 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-10 20:34 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-10 20:34 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-10 20:34 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-10 20:34 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-10 20:34 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-10 20:34 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-10 20:34 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-10 20:34 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-10 20:34 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-10 20:34 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-10 20:34 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-10 20:34 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-10 20:34 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-10 20:34 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-10 20:34 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-10 20:34 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-10 20:34 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-10 20:34 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-10 20:34 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-10 20:34 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-10 20:34 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-10 20:34 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-10 20:34 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-10 20:34 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 20:34 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-10 20:34 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-10 20:34 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-10 20:34 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-10 20:34 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-10 20:34 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-10 20:34 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-10 20:34 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-10 20:34 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-10 20:34 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-10 20:34 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-10 20:34 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-10 20:34 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-10 20:34 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-10 20:34 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-10 20:34 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-10 20:34 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-10 20:34 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-10 20:34 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-10 20:34 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-10 20:34 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-10 20:34 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-10 20:34 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-10 20:34 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-10 20:34 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-10 20:34 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-10 20:34 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-10 20:33 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-10 20:33 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-10 20:33 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-10 20:33 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-10 20:33 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-10 20:33 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-10 20:33 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-10 20:33 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-10 20:33 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-10 20:33 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-10 20:33 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-10 20:33 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-10 20:33 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-10 20:33 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-10 20:33 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-10 20:33 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-10 20:33 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-10 20:33 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-10 20:33 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-10 20:33 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-10 20:33 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-10 20:33 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-10 20:33 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-10 20:33 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-10 20:33 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-10 20:33 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-10 20:33 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-10 20:33 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-10 20:33 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-10 20:33 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-10 20:33 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 20:33 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-10 20:33 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-10 20:33 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-10 20:33 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-10 20:33 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-10 20:33 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-10 20:33 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-10 20:33 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-10 20:33 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-10 20:33 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 20:33 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-10 20:33 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-10 20:33 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-10 20:33 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-10 20:33 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-10 20:33 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-10 20:33 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-10 20:33 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-10 20:33 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-10 20:33 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 20:33 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-10 20:33 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-10 20:33 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 10:06 - 2017-01-10 10:11 - 00000000 ____D C:\Users\Alex\Desktop\wot
2017-01-09 23:23 - 2017-01-10 09:54 - 00000096 _____ C:\Users\Alex\Desktop\Speedtest.txt
2017-01-09 10:37 - 2017-01-09 10:37 - 00087315 _____ C:\Users\Alex\Downloads\08.01.17jpg.pdf
2017-01-08 15:53 - 2017-01-08 15:52 - 00217317 _____ C:\Users\Alex\Desktop\08.01.17 .pdf
2017-01-08 15:47 - 2017-01-08 15:48 - 00000000 ____D C:\Users\Alex\AppData\Local\Foxit Reader
2017-01-04 12:21 - 2017-01-04 12:23 - 00000000 ____D C:\Users\Alex\AppData\Local\GZWO
2017-01-04 12:19 - 2017-01-04 12:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groschengrab Deluxe
2017-01-04 12:18 - 2017-01-04 12:27 - 00000000 ____D C:\Users\Alex\Desktop\Automaten
2017-01-04 12:18 - 2017-01-04 12:18 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groschengrab 3
2017-01-04 11:00 - 2017-01-04 18:17 - 00000000 ____D C:\Users\Alex\Desktop\Shpok
2017-01-03 15:52 - 2017-01-03 15:52 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\337B4421.sys
2017-01-03 15:50 - 2017-01-03 15:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Obsidium
2017-01-03 14:13 - 2017-01-03 14:13 - 02930608 _____ (Odem Mortis ) C:\Users\Alex\Downloads\OMC_ModPack_Installer (2).exe
2017-01-02 15:41 - 2017-01-18 12:35 - 00001950 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-29 16:06 - 2017-01-18 12:34 - 00001321 _____ C:\Users\Alex\Desktop\TheForest.exe - Verknüpfung.lnk
2016-12-27 22:03 - 2016-12-27 22:03 - 00000000 ____D C:\Users\Alex\AppData\Local\Chromium
2016-12-26 22:22 - 2016-12-26 22:22 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2016-12-26 22:22 - 2016-12-26 22:22 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2016-12-23 23:21 - 2016-12-23 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yu-Gi-Oh Legacy of the Duelist
2016-12-20 18:33 - 2016-12-20 18:34 - 11581544 _____ (SurfRight B.V.) C:\Users\Alex\Downloads\HitmanPro_x64 (1).exe
2016-12-20 09:15 - 2017-01-18 14:06 - 00136494 ____H C:\Users\Alex\AppData\Local\IconCache.db
2016-12-19 10:39 - 2016-12-19 10:41 - 00000212 _____ C:\Users\Alex\Desktop\Camera Oskar.url
2016-12-19 10:34 - 2016-12-19 10:34 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-12-19 10:20 - 2016-12-19 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link D-ViewCam
2016-12-19 10:17 - 2016-12-19 10:18 - 134507781 _____ C:\Users\Alex\Downloads\D-ViewCam_DCS-100_V4.0.5_Device_Pack_V2.0.18_20151223.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-18 14:08 - 2016-12-17 17:39 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-18 14:08 - 2016-09-22 09:08 - 00000000 ____D C:\Users\Alex
2017-01-18 14:07 - 2016-09-22 09:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-18 14:07 - 2016-09-22 09:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-18 14:06 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-18 13:38 - 2016-07-20 11:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-18 13:37 - 2016-12-18 14:41 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-18 13:37 - 2016-12-18 14:41 - 00001355 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-18 12:35 - 2016-12-17 17:39 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-18 12:35 - 2016-11-01 19:32 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager Deinstallationsprogramm.lnk
2017-01-18 12:35 - 2016-11-01 19:32 - 00002091 _____ C:\Users\Public\Desktop\tiptoi® Manager.lnk
2017-01-18 12:35 - 2016-11-01 19:32 - 00002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi.lnk
2017-01-18 12:35 - 2016-10-19 12:47 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-01-18 12:35 - 2016-10-02 09:10 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video-Editor.lnk
2017-01-18 12:35 - 2016-10-02 09:10 - 00001203 _____ C:\Users\Public\Desktop\VideoPad Video-Editor.lnk
2017-01-18 12:35 - 2016-09-22 09:20 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-01-18 12:35 - 2015-11-16 23:56 - 00002823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center.lnk
2017-01-18 12:35 - 2015-10-09 12:04 - 00001418 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-01-18 12:35 - 2015-08-26 19:18 - 00002517 _____ C:\Users\Public\Desktop\Krita.lnk
2017-01-18 12:35 - 2015-08-26 18:30 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2017-01-18 12:35 - 2015-08-26 18:30 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2017-01-18 12:35 - 2015-08-17 18:10 - 00002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-Bit.lnk
2017-01-18 12:35 - 2015-08-17 13:52 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2017-01-18 12:35 - 2015-08-17 13:50 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-01-18 12:35 - 2015-07-31 19:20 - 00002121 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2017-01-18 12:35 - 2015-04-27 19:25 - 00001338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2017-01-18 12:35 - 2014-12-31 20:10 - 00001118 _____ C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
2017-01-18 12:34 - 2016-12-08 11:18 - 00000922 _____ C:\Users\Alex\Desktop\Club der Roten Bänder (Staffel2).lnk
2017-01-18 12:34 - 2016-11-07 18:18 - 00000922 _____ C:\Users\Alex\Desktop\Club der Roten Bänder (Staffel1).lnk
2017-01-18 12:34 - 2016-11-04 08:33 - 00001241 _____ C:\Users\Alex\Desktop\Emercency 2017.lnk
2017-01-18 12:34 - 2016-04-03 19:46 - 00002036 _____ C:\Users\Alex\Desktop\Locks Pro.lnk
2017-01-18 12:34 - 2016-02-15 09:06 - 00002091 _____ C:\Users\Alex\Desktop\AbiWord 2.9.lnk
2017-01-18 12:34 - 2015-10-31 18:08 - 00001759 _____ C:\Users\Alex\Desktop\AVCFree - Verknüpfung.lnk
2017-01-18 12:34 - 2015-08-04 18:56 - 00002416 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 12:34 - 2015-08-04 18:54 - 00001047 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-01-18 12:34 - 2015-07-03 11:09 - 00000812 _____ C:\Users\Alex\Desktop\µTorrent.lnk
2017-01-18 12:34 - 2015-04-02 09:29 - 00000988 _____ C:\Users\Alex\Desktop\Bandicam.lnk
2017-01-18 12:34 - 2015-03-17 21:26 - 00002017 _____ C:\Users\Alex\Desktop\JDownloader 2.lnk
2017-01-18 12:34 - 2015-01-03 12:56 - 00000847 _____ C:\Users\Alex\Desktop\Downloads.lnk
2017-01-18 12:34 - 2014-12-31 20:50 - 00000735 _____ C:\Users\Alex\Desktop\Peachy-Bewerbungen - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 20:31 - 00000537 _____ C:\Users\Alex\Desktop\Oskar - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 20:29 - 00000725 _____ C:\Users\Alex\Desktop\gezeichnetes - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 20:29 - 00000537 _____ C:\Users\Alex\Desktop\Filme - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 19:26 - 00000355 _____ C:\Users\Alex\Desktop\Computer.lnk
2017-01-18 12:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\addins
2017-01-18 12:27 - 2016-09-22 09:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-18 12:15 - 2014-12-31 20:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2017-01-17 19:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-17 19:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-17 19:38 - 2015-08-04 18:52 - 00000000 ____D C:\Users\Alex\AppData\Local\Packages
2017-01-17 18:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-17 12:48 - 2016-12-17 17:39 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-17 11:39 - 2016-12-16 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-17 11:39 - 2016-09-07 21:17 - 00000000 ____D C:\ProgramData\Avira
2017-01-17 11:38 - 2014-12-31 20:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-17 11:37 - 2015-01-20 09:31 - 00000000 ____D C:\Program Files (x86)\epson
2017-01-17 11:31 - 2016-09-13 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-01-17 11:20 - 2015-03-11 20:49 - 00000000 ____D C:\Users\Alex\Desktop\Psycho
2017-01-17 11:18 - 2016-09-14 07:58 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-17 11:18 - 2015-08-26 18:30 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2017-01-17 11:18 - 2015-01-20 09:20 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-17 10:38 - 2016-12-17 16:01 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-01-17 10:29 - 2014-12-31 19:40 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-01-17 10:27 - 2016-05-07 16:11 - 00000000 ____D C:\Program Files (x86)\Activation
2017-01-17 10:27 - 2015-04-02 09:29 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-01-17 10:17 - 2015-01-02 15:17 - 00000000 ____D C:\Users\Alex\AppData\Local\JDownloader v2.0
2017-01-16 21:51 - 2016-09-22 09:44 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-16 21:51 - 2015-03-29 15:46 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-01-16 21:51 - 2015-01-03 13:03 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2017-01-13 19:10 - 2015-04-01 11:15 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-01-13 18:36 - 2014-12-31 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-13 14:24 - 2015-05-04 13:56 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-13 13:13 - 2013-06-24 14:17 - 00000000 ____D C:\Temp
2017-01-13 13:10 - 2015-01-01 11:08 - 00000000 ____D C:\Users\Alex\Desktop\Spiele
2017-01-13 11:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 11:23 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-13 10:46 - 2015-01-02 19:33 - 00000000 ____D C:\Users\Alex\Documents\My Games
2017-01-13 09:36 - 2016-12-09 19:19 - 00003270 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-13 09:36 - 2015-08-04 18:56 - 00000000 ___RD C:\Users\Alex\OneDrive
2017-01-12 08:22 - 2015-08-04 18:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 08:20 - 2016-09-22 09:00 - 00387224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-12 08:19 - 2015-01-31 11:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 10:14 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 10:10 - 2014-12-31 23:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 10:07 - 2014-12-31 23:28 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 10:42 - 2015-07-16 10:49 - 00000000 ____D C:\Users\Alex\Documents\CPY_SAVES
2017-01-08 15:47 - 2015-03-29 15:47 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Foxit Software
2017-01-08 12:16 - 2015-10-01 20:05 - 00000000 ____D C:\Users\Alex\AppData\Local\MyComGames
2017-01-07 19:32 - 2016-07-29 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GdZ WoT ModPack
2017-01-07 16:08 - 2015-09-03 18:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2017-01-04 23:01 - 2015-02-26 11:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-03 15:51 - 2016-12-17 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-03 14:13 - 2015-09-03 17:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2017-01-03 10:26 - 2016-08-28 19:28 - 00000000 ____D C:\Users\Alex\Desktop\DJ
2017-01-02 15:41 - 2016-12-17 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-29 17:25 - 2015-01-04 21:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2016-12-29 17:25 - 2014-12-31 19:24 - 00000000 ____D C:\Users\Alex\AppData\LocalLow
2016-12-24 13:28 - 2016-12-12 22:29 - 00000000 ____D C:\Users\Alex\Desktop\Club Der Roten Bänder - Soundtrack
2016-12-23 23:19 - 2016-12-17 17:39 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-21 10:54 - 2013-01-05 20:32 - 00389396 __RSH C:\bootmgr
2016-12-20 23:14 - 2016-09-22 09:46 - 00003636 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-12-20 23:14 - 2013-10-28 19:57 - 00000769 _____ C:\DelFix.txt
2016-12-20 23:06 - 2016-12-17 17:39 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-20 23:06 - 2016-12-17 17:39 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-19 23:23 - 2016-09-22 09:08 - 00524288 ___SH C:\Users\Alex\NTUSER.DAT{d86761b5-80a2-11e6-9938-9d8e4d7226d7}.TMContainer00000000000000000002.regtrans-ms
2016-12-19 10:21 - 2016-05-07 15:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\DlinkViewCam
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-15 17:22 - 2015-11-15 09:52 - 0012879 _____ () C:\Users\Alex\AppData\Roaming\alsoft.ini
2017-01-16 22:11 - 2017-01-16 22:11 - 0099678 _____ () C:\Users\Alex\AppData\Roaming\booking.ico
2016-06-02 09:48 - 2016-06-02 09:49 - 266040255 _____ () C:\Users\Alex\AppData\Local\ACCCx3_6_0_248.zip
2015-04-10 14:38 - 2015-04-10 14:38 - 0004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 17:01 - 2015-07-04 17:02 - 0003072 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-07-24 19:25 - 2015-07-24 19:25 - 0000092 _____ () C:\Users\Alex\AppData\Local\fusioncache.dat
2015-11-18 11:41 - 2015-11-18 11:41 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
2016-09-22 09:02 - 2016-09-22 09:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\Alex\AppData\Local\Temp\15D5.tmp.exe
C:\Users\Alex\AppData\Local\Temp\199A.tmp.exe
C:\Users\Alex\AppData\Local\Temp\1BCD.tmp.exe
C:\Users\Alex\AppData\Local\Temp\1F2.tmp.exe
C:\Users\Alex\AppData\Local\Temp\1JKJMUQYCT.exe
C:\Users\Alex\AppData\Local\Temp\22A3.tmp.exe
C:\Users\Alex\AppData\Local\Temp\370F.tmp.exe
C:\Users\Alex\AppData\Local\Temp\3BBA.tmp.exe
C:\Users\Alex\AppData\Local\Temp\4605.tmp.exe
C:\Users\Alex\AppData\Local\Temp\5E5.tmp.exe
C:\Users\Alex\AppData\Local\Temp\794F.tmp.exe
C:\Users\Alex\AppData\Local\Temp\9385.tmp.exe
C:\Users\Alex\AppData\Local\Temp\976.tmp.exe
C:\Users\Alex\AppData\Local\Temp\9C62.tmp.exe
C:\Users\Alex\AppData\Local\Temp\AABE.tmp.exe
C:\Users\Alex\AppData\Local\Temp\bc25f644-1cd6-41dc-8c16-b448ee0d0a82.exe
C:\Users\Alex\AppData\Local\Temp\cba97aef-3ae0-459e-bf83-7e384fdbc7ef.exe
C:\Users\Alex\AppData\Local\Temp\CmdLineExt.dll
C:\Users\Alex\AppData\Local\Temp\comver.dll
C:\Users\Alex\AppData\Local\Temp\DB14.tmp.exe
C:\Users\Alex\AppData\Local\Temp\DE9D.tmp.exe
C:\Users\Alex\AppData\Local\Temp\F209.tmp.exe
C:\Users\Alex\AppData\Local\Temp\F433.tmp.exe
C:\Users\Alex\AppData\Local\Temp\fsd3D0.exe
C:\Users\Alex\AppData\Local\Temp\fsd9DB.exe
C:\Users\Alex\AppData\Local\Temp\Lambda.exe
C:\Users\Alex\AppData\Local\Temp\of.2.exe
C:\Users\Alex\AppData\Local\Temp\of.4.exe
C:\Users\Alex\AppData\Local\Temp\proxy_vole7698991999784334030.dll
C:\Users\Alex\AppData\Local\Temp\tu17p84.exe
C:\Users\Alex\AppData\Local\Temp\Update.exe
C:\Users\Alex\AppData\Local\Temp\VideoBox.exe
C:\Users\Alex\AppData\Local\Temp\_is1770.exe
C:\Users\Alex\AppData\Local\Temp\_is816A.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-11 10:04
==================== Ende von FRST.txt ============================
|
|
18.01.2017, 14:26
| #19 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Alex (18-01-2017 14:24:42)
Gestartet von C:\Users\Alex\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-22 08:52:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2927967124-101175508-2003510897-500 - Administrator - Enabled) => C:\Users\Administrator
Alex (S-1-5-21-2927967124-101175508-2003510897-1000 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2927967124-101175508-2003510897-503 - Limited - Disabled)
Gast (S-1-5-21-2927967124-101175508-2003510897-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2927967124-101175508-2003510897-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
18 Wheels of Steel Extreme Trucker 2 (HKLM-x32\...\{A2B65355-E44A-4662-9533-AB5A4A3533ED}) (Version: 1.00.0000 - Valusoft)
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 17.0.2946.11963 - AKVIS)
Armored Warfare MyCom (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom) (Version: 1.108 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Berg und Tunnelbau (HKLM-x32\...\Mining and Tunneling) (Version: - )
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Crazy Machines 3 (HKLM\...\Y3JhenltYWNoaW5lczM_is1) (Version: 1 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dance eJay 7 (HKLM-x32\...\{A18BB607-BC5A-474E-88FD-C215B91A0F97}) (Version: 7 - Empire Interactive)
Demolish and Build Company 2017 (HKLM-x32\...\Demolish and Build Company 2017_is1) (Version: - )
Device Pack (HKLM-x32\...\{88D77012-0707-4c69-9D10-9FBDD937D3A2}) (Version: 2.0.18 - D-Link)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
DIG IT! - A Digger Simulator (HKLM\...\Steam App 311910) (Version: - Cape Copenhagen)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
D-Link D-ViewCam (HKLM-x32\...\{FA83A3D0-BA96-4565-B4F7-EC48163CB0CD}) (Version: 4.0.5 - D-Link)
Duke Nukem 3D Twentieth Anniversary World Tour (HKLM-x32\...\Duke Nukem 3D Twentieth Anniversary World Tour_is1) (Version: - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2016 (HKLM-x32\...\Emergency 2016_is1) (Version: - )
Emergency 2017 (HKLM-x32\...\Emergency 2017_is1) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Extraction Point (HKLM-x32\...\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GdZ WoT ModPack Version 0.9.15.1.5 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.15.1.5 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Groschengrab 3 (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Groschengrab 3) (Version: - )
Groschengrab Deluxe (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Groschengrab Deluxe) (Version: - )
Heart's Medicine: Time to Heal (HKLM\...\aGVhcnRzbWVkaWNpbmV0aW1ldG9oZWFs_is1) (Version: 1 - )
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Krita Desktop (x86) "2.9.6.3" (HKLM-x32\...\{ACF8935C-CA56-43D2-A923-DD95CBCE1BEB}) (Version: 2.9.6.3 - Krita Foundation)
Life is Strange (HKLM-x32\...\Life is Strange_is1) (Version: - )
Locks Pro (HKLM-x32\...\Locks Pro) (Version: - )
Logistics Company (HKLM\...\Steam App 328310) (Version: - Crenetic GmbH Studios)
Logitech Gaming Software 64 (HKLM-x32\...\InstallShield_{58BF5D14-CBCF-473C-B0E0-A7955A23224E}) (Version: - )
Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.6.140.0 - Microsoft Corporation)
Microtool version 1.1.0 (HKLM-x32\...\Microtool_is1) (Version: 1.1.0 - Microtool Technologies)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Model_Viewer (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\007d47cbc8a50530) (Version: 2.0.0.23 - WOT MODEL VIEWER)
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
null (HKLM-x32\...\MonsterMaker) (Version: - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.5.2.49 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.2.49 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.10.780 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.101.213.0 - Overwolf Ltd.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProTrain Perfect 2 - Dresden - Leipzig - (HKLM-x32\...\{509E436F-FEEA-49BC-BD16-8F5F67D715E1}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nord-Süd 2 - Update (HKLM-x32\...\{2DE73DB6-37F4-4580-97A0-505D478EF02A}) (Version: 1.31 - Blue Sky Interactive)
ProTrain Perfect 2 - Streckenupdate - (HKLM-x32\...\{9547B52A-58E0-4AB5-B159-506728C5404B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 4 - S-Bahn Berlin- Update 1.1 (HKLM-x32\...\{56706286-0B7A-46A3-9835-CF1ACB4BBFE2}) (Version: 1.0 - Blue Sky Interactive)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\RollerCoaster Tycoon 3 Platinum_is1) (Version: - )
RollerCoaster Tycoon World (HKLM\...\cm9sbGVyY29hc3RlcnR5Y29vbndvcmxk_is1) (Version: 1 - )
Samantha Swift and the Golden Touch (HKLM-x32\...\Samantha Swift and the Golden Touch) (Version: 1.1.0.0 - MumboJumbo)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Application Controller (HKLM-x32\...\{A6AE177E-D46B-4463-AA69-B9F818E0DC4A}_is1) (Version: 1.00 - Smart Application Controller)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Last Dream - Developer's Edition (HKLM-x32\...\The Last Dream - Developer's Edition_is1) (Version: - )
The Suffering Collection MULTi5 - ElAmigos Version 1.01 (HKLM-x32\...\{7F509198-C9F1-4241-A710-3FFC993AD861}_is1) (Version: 1.01 - Midway)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 3.0.0 - Tweaking.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UK Truck Simulator 1.11 (HKLM-x32\...\UK Truck Simulator) (Version: 1.11 - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 4.49 - NCH Software)
VirtualDJ 8 (HKLM-x32\...\{AC964E48-8E21-4622-9073-AD42BC6A57B1}) (Version: 8.2.3343.0 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Winning Putt: Golf Online (HKLM\...\Steam App 458960) (Version: - WEBZENONNET Co., Ltd.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wonderland Solitaire (HKLM-x32\...\Wonderland Solitaire) (Version: - )
World Series Of Poker (HKLM-x32\...\World_Series_Of_Poker_1.0) (Version: - )
X-Mouse Button Control 2.9.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.9.1 - Highresolution Enterprises)
XVM Version 6.5.2-CIS (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.5.2-CIS - XVM team)
Yu-Gi-Oh Legacy of the Duelist MULTi5 - ElAmigos Version 1.0 u1 (HKLM-x32\...\{C9FCEB59-AD96-4DB5-9D79-FC19339BF1C0}_is1) (Version: 1.0 u1 - Konami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03721160-D3EC-4395-9515-90AF4387D601} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-01-04] (Overwolf LTD)
Task: {08071F0B-7A8F-4307-AC19-CAC94B3D7CF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {088BCE7E-C0DF-4878-9566-F3DF074A0850} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-09-10] (Microsoft)
Task: {11072F2E-CF5D-4042-8117-BF302C3D1134} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {2D6D5D52-DEB4-4D7E-8582-BFA2594CE8A4} - System32\Tasks\{E38CF82E-0E32-471D-AF9A-11ACBB05F575} => pcalua.exe -a "D:\Spiele\Black & White\Setup.exe" -d "D:\Spiele\Black & White"
Task: {3E59135F-C845-4CA7-9306-09BA53D3BF10} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
Task: {3ECA284F-6060-4355-8201-2B3667D6A8D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {48A39499-C887-47AB-A03E-EC1284135582} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
Task: {60F975AC-39FD-4638-A749-F2AF50518B24} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {72809391-CA5B-4283-AF5B-22E82B9893C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {739D6E46-1EBE-45B0-B3A8-BE4B706B11C9} - System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2} => pcalua.exe -a "D:\Spielei\RollerCoaster Tycoon 3 Platinum\RCT3.EXE" -d "D:\Spielei\RollerCoaster Tycoon 3 Platinum"
Task: {7D66D896-7E61-483F-AC36-CBF7B2F70AF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {852E5EAC-BD28-47F6-922D-6CC306F6A428} - System32\Tasks\Docertain Core => C:\Program Files (x86)\Lirght\ukacult.exe
Task: {9459BA5A-FD31-4742-B874-E18D2F2CFA4F} - System32\Tasks\{9F699765-8CF8-476D-B4B0-17A827A46CA3} => C:\Program Files (x86)\Origin\Origin.exe [2015-03-24] (Electronic Arts)
Task: {981322A7-5CE4-419F-9EE9-A5B122E6477F} - System32\Tasks\CheckControllerUpdatesUA => C:\Program Files (x86)\Smart Application Controller\smappscontroller.exe [2016-07-13] (Smart Application Controller)
Task: {9D80B7B9-6365-4839-A770-224DE72C1F0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {A1F15BE6-717C-4421-B6F5-31A5D6F3E16A} - System32\Tasks\WiseCleaner\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-07-27] (WiseCleaner.com)
Task: {BCE3DD01-4356-448D-B9F2-B66F03DA84E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-17] (Adobe Systems Incorporated)
Task: {C90E9125-55FE-459E-B59C-A8CC3EDC83B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DF339562-E44E-4C7B-BFED-89CD5B300750} - System32\Tasks\{E32C968D-9A4A-468A-9739-5EC5DD81248A} => pcalua.exe -a "F:\Wolfenstein The Old Blood German Uncut Edition\WOLF.OB.GUE.exe" -d "F:\Wolfenstein The Old Blood German Uncut Edition"
Task: {E27BD397-DC88-4C92-9D33-9AEBB4FF1077} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {FD8DDAD2-0AB1-4C79-8872-2DE3B0CAA13A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:11 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-22 09:03 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-17 17:39 - 2017-01-17 12:48 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2015-12-31 19:57 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2017-01-18 10:33 - 2017-01-18 10:33 - 00429056 _____ () C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp
2017-01-18 10:33 - 2017-01-18 10:33 - 00247296 _____ () C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp
2016-12-14 12:11 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-22 09:53 - 2016-09-22 09:53 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 20:34 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 20:33 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 20:33 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-17 11:17 - 2017-01-17 11:17 - 00380416 _____ () C:\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe
2015-05-20 15:35 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-17 11:37 - 2017-01-17 11:37 - 00223744 ____H () C:\Program Files (x86)\epson\Overwolfepson.dll
2017-01-17 10:29 - 2017-01-17 10:29 - 00223744 ____H () C:\Program Files (x86)\VideoLAN\SteamVideoLAN.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-01-18 13:03 - 00008364 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com
34.195.153.94 469ba60d9681f961064c-3cca6631dac1b4997db921c060b712f6.r30.cf2.rackcdn.com
34.195.153.94 a.bf-ad.net
34.195.153.94 a.visualrevenue.com
34.195.153.94 a1.vdna-assets.com
34.195.153.94 a248.e.akamai.net
34.195.153.94 aax.amazon-adsystem.com
34.195.153.94 ad.crwdcntrl.net
34.195.153.94 ad.mail.ru
34.195.153.94 ade.clmbtech.com
34.195.153.94 ads.adfox.ru
34.195.153.94 ads.pubmatic.com
34.195.153.94 apis.google.com
34.195.153.94 asset.pagefair.net
34.195.153.94 assets.adobedtm.com
34.195.153.94 assets.flocktory.com
34.195.153.94 autocontext.begun.ru
34.195.153.94 b.grvcdn.com
34.195.153.94 b.ns1p.net
34.195.153.94 b.scorecardresearch.com
34.195.153.94 b.wal.co
Da befinden sich 128 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Control Panel\Desktop\\Wallpaper -> F:\Oskar\Neuer Ordner (21)\Neuer Ordner (8)\IMG-20160619-WA0004.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{43DC8776-57FD-40B5-91B0-CBD2C03C5632}] => D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{2D262BCC-E6F4-4697-87CB-E62DEBB048DC}] => D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [UDP Query User{339B0FA0-5B3B-4771-B2CC-A7B468AB37BF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{A09AC952-684E-4B97-9EFD-1E9962A6A6C6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{50273C90-0B32-483A-82AB-CE40A761D30A}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [TCP Query User{9022ED3A-732F-4D6B-B4A2-039E2232E84D}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [UDP Query User{389B68A3-BDB8-4CC7-B5F1-B9EAD578C78D}D:\spiele\dovetail games flight school\fsc.exe] => D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [TCP Query User{71654F9A-49E1-4DB8-90D1-E6FDEE57BB02}D:\spiele\dovetail games flight school\fsc.exe] => D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [{C5EDC8EF-6825-4B8C-BB28-47C641330927}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{15842196-AF0E-4252-8B98-1B0C1BD6F6C2}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{1A43CF24-88C0-4887-9A94-04DFD8A1B8FD}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{2203F989-B0FB-4A66-B5AC-7606BEEE091E}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{F3A2D79C-8F64-4056-9DA6-9D402E8BCB68}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [TCP Query User{6608EC4A-642D-47C4-AD82-C8174517D431}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [UDP Query User{EDFA809B-57F0-462A-B2AA-19CD31295828}D:\spiele\street fighter x tekken complete pack\sftk.exe] => D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [TCP Query User{1ABB671C-E149-4942-90E0-2FB13CF7EA4F}D:\spiele\street fighter x tekken complete pack\sftk.exe] => D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [UDP Query User{329E50C5-1D43-40B1-AE0C-DF02A1473FFA}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [TCP Query User{CE25C343-01B1-4AC8-B589-828CC9C63538}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [UDP Query User{2C652085-C216-4B0B-B1F6-DFD07D862D05}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [TCP Query User{0653881F-C4F1-483B-9EEF-03B6E478915E}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [{1C55D6CF-C802-4747-B16E-96E20EA42E76}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D5402871-D6DB-4AF8-A11B-211A8FC142C0}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E3475040-EF12-4BFA-90D4-5CCFFD4182C3}] => D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{822BDA0E-5DAC-4BA9-84DE-BEFCED48F171}] => D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{0FAB828E-4B69-4960-AB60-B6E47BD20F3C}] => D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{15350DE1-C269-45CC-9C37-ED444708E09B}] => D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [UDP Query User{3DDC05D5-A11D-4FFF-9EBE-07A822FE9984}D:\spiele\mxgp2\mxgp_2.exe] => D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [TCP Query User{4FC326C9-DD65-4C55-B7CF-F00DC2A25734}D:\spiele\mxgp2\mxgp_2.exe] => D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [UDP Query User{5455F566-360E-4D82-AF47-7E01DC44F3E8}D:\spiele\mxgp2\mxgp_2x64.exe] => D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [TCP Query User{6C958C17-0A38-493E-99CC-B87F1FDB242D}D:\spiele\mxgp2\mxgp_2x64.exe] => D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [UDP Query User{663B8EBA-8FDD-4379-A5DB-5EAE3D1D4F06}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{31F01DEC-1B23-430D-93A4-34E1165168BA}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [UDP Query User{39235AEA-0DD2-4CDA-B963-38FB32CEC0B1}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{BAD49B2D-5B7E-4239-97FF-CCCC34FCE690}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [{CBF73693-887B-4786-989A-E6B514955243}] => D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B1D7EA1F-B066-4CA0-8D50-E89501B0C6F0}] => D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{0B571320-7652-4382-A54C-630B0BBABE66}] => C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{785C73F8-5AFE-469E-9E2D-2F1B814DE3C8}] => C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{D0FB81DC-360F-4A36-8512-FD557837FBD0}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{C765AC84-C3C6-4381-B834-7A4D9C1A7519}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{65209785-178C-4995-A308-6B16828E82FC}] => C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{BD969C95-3B4F-47ED-9D72-B0B16C1B9221}] => C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{97934D29-83EA-4C92-A58B-9C1490FA8661}] => C:\Program Files\Andy\andy.exe
FirewallRules: [{94ED7558-F682-4093-9313-F8ACBF078BE0}] => C:\Program Files\Andy\andy.exe
FirewallRules: [{1BE673C4-9EBC-4746-8864-4EF8DE737B8F}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{9F3E3F30-F41B-4865-BE41-83FE9833B3F6}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{EEF9EBA0-1956-40F6-B77F-614DD4EA5722}] => C:\Users\Alex\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [UDP Query User{B181587D-6A97-4BAD-A8D4-A6AF6CBCC296}D:\spiele\sebastien loeb rally evo\slrx64.exe] => D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [TCP Query User{267A32AA-CDCA-4691-A944-9E604C81E46D}D:\spiele\sebastien loeb rally evo\slrx64.exe] => D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [{10DFF208-43B4-487F-B87C-EC2EDD159280}] => D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{9A3D99F3-D921-426B-B7DF-7324B11E5EAF}] => D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{2B35FD59-01B0-44F0-85EF-E4ED1F88E13B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{676D9C46-E14F-4026-ADDE-B2C63446D955}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B8F73D0-7764-46F2-8DA0-FDE0DE8DFE90}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D2EE8800-F670-445E-8AED-196AEE247BB1}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F73A41F2-F6B4-4D42-94B0-24FB215C452E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BEE464F7-4F1A-4DC3-A9DF-C6496F7DC8EA}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E0C7D29-7456-4E18-8D41-C374DB54F8EF}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3DC96D98-714F-4456-ABFD-E54CF194D6CE}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A82E90F-A1DD-4E49-867E-0D95254879E1}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DE4A103C-31F4-40A1-8F16-31CB15E8865C}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F520FDF6-D5AF-49EE-9672-80D2D78A1ECE}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8C15BD84-ED5D-442F-B454-6093E1A34678}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4D80A436-398C-4BA4-9626-484B2BD6890B}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3DE2D36C-CCC9-4E7F-A312-82C6FF4BAE64}] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{ABC853EF-AA7D-4B6B-9898-2DE7F7131D17}] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B77A2EB4-C11B-43C6-BFA5-0DF9C825F01D}D:\spiele\world_of_tanks\wotlauncher.exe] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{63B3C213-6114-4963-A3D3-EB3CD2016612}D:\spiele\world_of_tanks\wotlauncher.exe] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{0B7B8C30-490B-4165-91C9-0BA2ECF08FE9}] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B9803AD-565F-484F-A3AC-7608B4E027C0}] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E6B46A64-C7FB-4B76-BDA2-7F8CE5C19BE2}] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{253899B7-30F0-40FA-820D-42FC5EE64BDD}] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{948DAF27-C71D-4CC4-BE10-89DB3D4046BC}D:\spiele\world_of_tanks\worldoftanks.exe] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{351CF24C-5C76-480D-8504-68E0AD1843D7}D:\spiele\world_of_tanks\worldoftanks.exe] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{64626A8F-D518-4A3E-B800-B6E6E12D8A6C}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{055257B4-7DB5-421A-B9CE-FC9A2768CEC8}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{F028F5E8-B9B2-4FFD-8967-454EF0D5C8AD}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{86285CEE-479B-46FD-B323-93D13AFF6BB7}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{9941EBEE-8E38-4E5A-B75F-BF3E22A5007B}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{A37D346B-E470-486D-886A-AB7A70CEA756}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{98862868-268B-46F0-A7A1-F419B1F37ED4}E:\easysetupassistant\easysetupassistant.exe] => E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{68A87591-6E15-49C9-B6D5-00E0404EE469}E:\easysetupassistant\easysetupassistant.exe] => E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{2453E5A1-8AEF-432D-9F29-4435D9123DAF}E:\easysetupassistant\tssh2.exe] => E:\easysetupassistant\tssh2.exe
FirewallRules: [UDP Query User{59F51F14-EE3A-45A9-9C87-9485BF612573}E:\easysetupassistant\tssh2.exe] => E:\easysetupassistant\tssh2.exe
FirewallRules: [TCP Query User{D7B962F1-105F-488E-9678-984032B74CFF}C:\program files\teamspeak 3 client\ts3client_win64.exe] => C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{203E9AAD-FAA1-49B9-9BE9-F2C2271A368F}C:\program files\teamspeak 3 client\ts3client_win64.exe] => C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{185431DA-2C79-4C60-AF6B-330AB0971EA2}G:\program files\skype\phone\skype.exe] => G:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{B8EC54F5-26ED-48D9-8E73-FD26BA352BB4}G:\program files\skype\phone\skype.exe] => G:\program files\skype\phone\skype.exe
FirewallRules: [{02F25726-4663-4FE3-8A63-0C5D38B8BCC0}] => C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{1340BD49-D827-4B27-9631-8616DF311932}] => C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{9099444A-0C85-4585-8C6C-068D8CEC6F07}] => LPort=8743
FirewallRules: [{760585B8-010B-4357-B72E-865A7CD163FD}] => LPort=8643
FirewallRules: [{082067E4-A3C0-49FD-8B6B-0266FA74961D}] => LPort=7676
FirewallRules: [{F7EA7908-0B68-4FEE-BF89-0354FCA6ED3E}] => LPort=7679
FirewallRules: [{2FC93D60-6F84-4EA9-83AE-2B4E280A5976}] => LPort=24234
FirewallRules: [{F8F96B95-64A1-4654-85CC-8FC821A8783B}] => LPort=7900
FirewallRules: [{0FCC6412-FEE7-425E-A0AC-C7030A5F41AA}] => LPort=1900
FirewallRules: [TCP Query User{A067EE80-1DE1-4ACA-BE5B-0F03EF354D40}D:\spiele\city car driving\bin\win32\starter.exe] => D:\spiele\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{D9AFB99B-D386-4F38-AB05-1678C50C856F}D:\spiele\city car driving\bin\win32\starter.exe] => D:\spiele\city car driving\bin\win32\starter.exe
FirewallRules: [{14DA512B-EBC2-4EFC-ADA9-6BEA1993A9DC}] => D:\Spiele\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{B137B575-8816-4E12-8EC8-23B31C4BFF1B}] => D:\Spiele\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [TCP Query User{B60D2305-8D3C-483B-8418-B7A62AAF93A1}D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe] => D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe
FirewallRules: [UDP Query User{CC770425-9AEE-4008-9777-FBF1C49450F4}D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe] => D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe
FirewallRules: [{C2CEDF8B-D925-4FCC-B83F-5377334E449D}] => D:\Spiele\SteamLibrary\steamapps\common\Winning Putt\Launcher.exe
FirewallRules: [{38100979-56A6-432E-8049-CD88463721C4}] => D:\Spiele\SteamLibrary\steamapps\common\Winning Putt\Launcher.exe
FirewallRules: [{FE5F3110-E940-42ED-BD70-5A1E7B9BF34D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{314856E7-D351-4F20-BC93-7DCFC7A8D4A3}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{792B0CEA-B154-4EB9-84FF-0FE695248F89}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8EF4AC03-53E8-4F53-A029-044C0176C478}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{B350CF79-C21B-4C1F-8288-A57ED3259827}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{0D799DDA-6510-4869-924F-F8B9019798D4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D775F67E-DE17-4CA3-8C9B-F0012C362779}] => D:\Spiele\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [TCP Query User{0CE8B30F-FCC5-4AD1-9EA3-F15C3C0F11E3}D:\spiele\far cry primal\bin\fcprimal.exe] => D:\spiele\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{584912AB-33A8-4FD4-ABDA-1688D7CDE38B}D:\spiele\far cry primal\bin\fcprimal.exe] => D:\spiele\far cry primal\bin\fcprimal.exe
FirewallRules: [{BFD0CB53-AB77-4D16-816B-A018F3ED4324}] => D:\Spiele\Sierra\FEAR\FEAR.exe
FirewallRules: [{19373CBB-7A7B-4AA0-94F7-4E163FE07A84}] => D:\Spiele\Sierra\FEAR\FEAR.exe
FirewallRules: [{BE575155-A26A-420D-90AE-CA8003F3E08F}] => D:\Spiele\Sierra\FEAR\FEARMP.exe
FirewallRules: [{BD7D60FB-71BA-4EE7-BDCB-56A4FB5AF8BA}] => D:\Spiele\Sierra\FEAR\FEARMP.exe
FirewallRules: [{BC4CDA70-E3AF-4A35-AD09-51066719C667}] => D:\Spiele\Sierra\FEAR\FEARXP\FEARXP.exe
FirewallRules: [{395D5411-9713-4261-8A70-1FB57ED8E8FF}] => D:\Spiele\Sierra\FEAR\FEARXP\FEARXP.exe
==================== Wiederherstellungspunkte =========================
16-01-2017 15:08:48 Geplanter Prüfpunkt
17-01-2017 11:34:12 Revo Uninstaller's restore point - Avira Browser Safety
17-01-2017 11:37:43 Revo Uninstaller's restore point - Avira Connect
17-01-2017 11:40:28 Revo Uninstaller's restore point - DPower version 1.0
17-01-2017 11:41:19 Revo Uninstaller's restore point - OtherSearch
17-01-2017 11:42:00 Revo Uninstaller's restore point - Search module
17-01-2017 11:42:43 Revo Uninstaller's restore point - trotux - Uninstall
18-01-2017 13:40:45 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/18/2017 01:41:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/18/2017 12:30:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (01/18/2017 12:30:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 08:23:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PEACHY)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/17/2017 11:42:43 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:42:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:41:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:40:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:40:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (01/17/2017 11:39:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (01/18/2017 02:08:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/18/2017 02:07:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Grimaght" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (01/18/2017 02:07:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Chesutckazucult" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (01/18/2017 02:07:51 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (01/18/2017 02:07:51 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (01/18/2017 02:06:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Lite Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/18/2017 02:06:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/18/2017 02:06:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Malwarebytes Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/18/2017 02:06:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Roll Encryption" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/18/2017 02:06:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "CD-R Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2016-12-17 17:39:30.950
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 17:20:21.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.936
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.915
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.786
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 945 Processor
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8190.11 MB
Verfügbarer physikalischer RAM: 6098.69 MB
Summe virtueller Speicher: 16894.11 MB
Verfügbarer virtueller Speicher: 14833.51 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:146.04 GB) (Free:33.6 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:319.27 GB) (Free:62.17 GB) NTFS
Drive e: (FEARGOLD) (CDROM) (Total:6.35 GB) (Free:0 GB) UDF
Drive f: (HITACHI) (Fixed) (Total:931.28 GB) (Free:61.3 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A8DAA8DA)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0DEE6153)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
18.01.2017, 14:38
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
HKLM-x32\...\RunOnce: [window.bat] => C:\Windows\window.bat [59 2017-01-05] ()
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [WMYQQI7Y71] => C:\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe [380416 2017-01-17] ()
ShellExecuteHooks: Kein Name - {41B7E29A-DB94-11E6-A96D-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Clorertyckidering\Ditokphesele.dll -> Keine Datei
ShellExecuteHooks: Kein Name - {A4557840-DB94-11E6-A863-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Clehersy\Terdery.dll -> Keine Datei
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Keine Datei
CHR HomePage: ChromeDefaultData2 -> http://www.trotux.com/?z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp
CHR StartupUrls: ChromeDefaultData2 -> "http://www.trotux.com/?z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp"
CHR DefaultSearchURL: ChromeDefaultData2 -> http://www.trotux.com/search/?q={searchTerms}&z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData2 -> trotux
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
R2 joduzigo; C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp [429056 2017-01-18] () [Datei ist nicht signiert]
R2 pocyfene; C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp [247296 2017-01-18] () [Datei ist nicht signiert]
S2 Chesutckazucult; C:\Program Files (x86)\Lirght\NifotcltipyPrv.dll [X]
S2 Grimaght; C:\Program Files (x86)\Toheshphfeied\LervetainUpd.dll [X]
C:\Program Files\27HBITBKNS
C:\Program Files (x86)\Toheshphfeied
C:\Program Files (x86)\Lirght
C:\Windows\window.bat
C:\WINDOWS\window.exe
C:\Users\Alex\AppData\Local\Reitssetsh
C:\WINDOWS\6c442299d769ae6b2f67ac21feb88ba9.exe
C:\Program Files\V26YJC5Z3M
C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982
hosts:
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
18.01.2017, 14:46
| #21 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Alex (18-01-2017 14:41:57) Run:1
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
HKLM-x32\...\RunOnce: [window.bat] => C:\Windows\window.bat [59 2017-01-05] ()
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [WMYQQI7Y71] => C:\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe [380416 2017-01-17] ()
ShellExecuteHooks: Kein Name - {41B7E29A-DB94-11E6-A96D-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Clorertyckidering\Ditokphesele.dll -> Keine Datei
ShellExecuteHooks: Kein Name - {A4557840-DB94-11E6-A863-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Clehersy\Terdery.dll -> Keine Datei
ShellIconOverlayIdentifiers: [KzShlobj] -> {AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => -> Keine Datei
CHR HomePage: ChromeDefaultData2 -> http://www.trotux.com/?z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp
CHR StartupUrls: ChromeDefaultData2 -> "http://www.trotux.com/?z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=hp"
CHR DefaultSearchURL: ChromeDefaultData2 -> http://www.trotux.com/search/?q={searchTerms}&z=5e5df7a5337eb559fce7d05g2z0b6z0q6zab5oacaz&from=ftp&uid=WDCXWD5000AAKS-00UU3A0_WD-WCAYU600309203092&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData2 -> trotux
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
R2 joduzigo; C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp [429056 2017-01-18] () [Datei ist nicht signiert]
R2 pocyfene; C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp [247296 2017-01-18] () [Datei ist nicht signiert]
S2 Chesutckazucult; C:\Program Files (x86)\Lirght\NifotcltipyPrv.dll [X]
S2 Grimaght; C:\Program Files (x86)\Toheshphfeied\LervetainUpd.dll [X]
C:\Program Files\27HBITBKNS
C:\Program Files (x86)\Toheshphfeied
C:\Program Files (x86)\Lirght
C:\Windows\window.bat
C:\WINDOWS\window.exe
C:\Users\Alex\AppData\Local\Reitssetsh
C:\WINDOWS\6c442299d769ae6b2f67ac21feb88ba9.exe
C:\Program Files\V26YJC5Z3M
C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982
hosts:
emptytemp:
*****************
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 => erfolgreich verschoben
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\RunOnce\\window.bat => Wert erfolgreich entfernt
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Windows\CurrentVersion\Run\\WMYQQI7Y71 => Wert erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{41B7E29A-DB94-11E6-A96D-64006A5CFC23} => Wert erfolgreich entfernt
HKCR\CLSID\{41B7E29A-DB94-11E6-A96D-64006A5CFC23} => Schlüssel nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{A4557840-DB94-11E6-A863-64006A5CFC23} => Wert erfolgreich entfernt
HKCR\CLSID\{A4557840-DB94-11E6-A863-64006A5CFC23} => Schlüssel nicht gefunden.
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\KzShlobj => Schlüssel erfolgreich entfernt
HKCR\CLSID\{AAA0C5B8-933F-4200-93AD-B143D7FFF9F2} => Schlüssel nicht gefunden.
Chrome HomePage => nicht gefunden.
Chrome StartupUrls => nicht gefunden.
Chrome DefaultSearchURL => nicht gefunden.
Chrome DefaultSearchKeyword => nicht gefunden.
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 => nicht gefunden
joduzigo => Dienst konnte nicht gestoppt werden.
HKLM\System\CurrentControlSet\Services\joduzigo => Schlüssel erfolgreich entfernt
joduzigo => Dienst erfolgreich entfernt
pocyfene => Dienst konnte nicht gestoppt werden.
HKLM\System\CurrentControlSet\Services\pocyfene => Schlüssel erfolgreich entfernt
pocyfene => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Chesutckazucult => Schlüssel erfolgreich entfernt
Chesutckazucult => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\Grimaght => Schlüssel erfolgreich entfernt
Grimaght => Dienst erfolgreich entfernt
C:\Program Files\27HBITBKNS => erfolgreich verschoben
C:\Program Files (x86)\Toheshphfeied => erfolgreich verschoben
"C:\Program Files (x86)\Lirght" => nicht gefunden.
C:\Windows\window.bat => erfolgreich verschoben
C:\WINDOWS\window.exe => erfolgreich verschoben
C:\Users\Alex\AppData\Local\Reitssetsh => erfolgreich verschoben
C:\WINDOWS\6c442299d769ae6b2f67ac21feb88ba9.exe => erfolgreich verschoben
C:\Program Files\V26YJC5Z3M => erfolgreich verschoben
C:\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982 => erfolgreich verschoben
C:\Windows\System32\Drivers\etc\hosts => erfolgreich verschoben
Hosts erfolgreich wiederhergestellt.
=========== EmptyTemp: ==========
BITS transfer queue => 871480 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 59454803 B
Java, Flash, Steam htmlcache => 43832039 B
Windows/system/drivers => 18739355 B
Edge => 84741897 B
Chrome => 0 B
Firefox => 185966335 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 15506 B
NetworkService => 0 B
Alex => 709579508 B
Administrator => 0 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 1 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 14:43:32 ====
|
|
18.01.2017, 14:48
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten neue FRST Logs bitte
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2017, 14:53
| #23 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-01-2017
durchgeführt von Alex (Administrator) auf PEACHY (18-01-2017 14:48:59)
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
() C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B\qnsgEEA4.tmp
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Highresolution Enterprises) C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [XMouseButtonControl] => C:\Program Files\Highresolution Enterprises\X-Mouse Button Control\XMouseButtonControl.exe [1075344 2014-12-08] (Highresolution Enterprises)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-03-22] (Adobe Systems Incorporated)
HKLM\...\Run: [CmPCIaudio] => C:\WINDOWS\syswow64\RunDll32.exe C:\WINDOWS\Syswow64\CMICNFG3.dll,CMICtrlWnd
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES/MALWAREBYTES/ANTI-MALWARE\mbamtray.exe [2776528 2016-12-14] (Malwarebytes)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: ["C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE"] => C:\Program Files (x86)\D-Link\D-ViewCam\MainConsole.EXE [15039632 2015-11-30] (D-Link Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Run: [EPSON SX125 Series] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIGGE.EXE [224768 2009-09-14] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {75d42f49-1b0e-11e5-ac3c-50465d90560b} - "G:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e3802153-18aa-11e5-ab60-50465d90560b} - "N:\setup.exe"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MountPoints2: {e4d6db00-9115-11e4-9d8a-806e6f6e6963} - "E:\AutoRun.exe"
ShellExecuteHooks: Kein Name - {881BAA28-DB96-11E6-9F63-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Nogation\Gigily.dll [149504 2017-01-18] ()
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2a94d664-f07c-4e02-a516-4e233f0db8d2}: [DhcpNameServer] 192.168.0.1
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2927967124-101175508-2003510897-1000 -> DefaultScope {9FFEE954-DB75-492A-B1CA-BA23C9B83007} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2014-08-12] (Adblock Plus)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-31] (Oracle Corporation)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2014-08-12] (Adblock Plus)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-01-17]
FireFox:
========
FF DefaultProfile: n4plk0l5.Alex
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\n4plk0l5.Alex\Profiles\NvwHxp1R.default [nicht gefunden]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\n4plk0l5.Alex\Profiles\n4plk0l5.Alex [nicht gefunden]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\TomTom\HOME\Profiles\2bevz9ew.default [2016-08-16]
FF Extension: (Kein Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [nicht gefunden]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\NvwHxp1R.default [2017-01-17]
FF ProfilePath: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex [2017-01-18]
FF Extension: (Firefox Hotfix) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-10]
FF Extension: (Adblock Plus) - C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-26]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\searchplugins\0soqny4n.xml [2017-01-18]
FF SearchPlugin: C:\Users\Alex\AppData\Roaming\Mozilla\Firefox\Profiles\n4plk0l5.Alex\searchplugins\3xw1ienb.xml [2017-01-17]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-17] ()
FF Plugin: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin: @unity3d.com/UnityPlayer64,version=1.0 -> C:\Program Files\Unity\WebPlayer64\loader-x64\npUnity3D64.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-17] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-04-17] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll [Keine Datei]
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-31] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-31] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-01-23] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @my.com/Games -> C:\Users\Alex\AppData\Local\MyComGames\NPMyComDetector.dll [2016-10-19] (MY.COM B.V.)
FF Plugin HKU\S-1-5-21-2927967124-101175508-2003510897-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Alex\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-12] (Unity Technologies ApS)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData2
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
CHR Extension: (Docs) - C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-18]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Chuzalywesige; C:\Program Files (x86)\Perdowardkesit\vofuchEng.dll [138752 2017-01-18] () [Datei ist nicht signiert]
R3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [232208 2016-07-01] (EasyAntiCheat Ltd)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-12-03] (Freemake) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1163200 2016-01-12] (NVIDIA Corporation)
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4317648 2016-11-29] (Malwarebytes)
R2 MozillaThunderbirdCDBurnerXP; C:\Program Files (x86)\CDBurnerXP\MozillaThunderbirdCDBurnerXP.dll [223744 2017-01-18] () [Datei ist nicht signiert]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-01-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6308288 2016-01-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [4812736 2016-01-12] (NVIDIA Corporation)
R2 Overwolfepson; C:\Program Files (x86)\epson\Overwolfepson.dll [223744 2017-01-17] () [Datei ist nicht signiert]
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1317104 2017-01-04] (Overwolf LTD)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 SteamVideoLAN; C:\Program Files (x86)\VideoLAN\SteamVideoLAN.dll [223744 2017-01-17] () [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580144 2015-05-12] (WiseCleaner.com)
R2 zigipyro; C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B\qnsgEEA4.tmp [158720 2015-12-26] () [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13368 2009-04-06] ()
R3 cmuda3; C:\WINDOWS\system32\drivers\cmudax3.sys [1155072 2009-12-01] (C-Media Inc)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-06-22] (Disc Soft Ltd)
R1 HWiNFO32; C:\WINDOWS\system32\drivers\HWiNFO64A.SYS [27552 2015-11-04] (REALiX(tm))
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [250816 2017-01-18] (Malwarebytes)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_9ff5ab165faead52\nvlddmkm.sys [13754936 2016-08-26] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [221824 2016-04-24] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2015-07-31] (wisecleaner.com)
R1 WiseUnlock; C:\WINDOWS\WiseUnlock64.sys [12240 2015-05-19] (WiseCleaner.com)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-18 14:41 - 2017-01-18 14:43 - 00005932 _____ C:\Users\Alex\Desktop\Fixlog.txt
2017-01-18 14:38 - 2017-01-18 14:44 - 00000000 ____D C:\Program Files (x86)\Perdowardkesit
2017-01-18 14:38 - 2017-01-18 14:38 - 00006100 _____ C:\WINDOWS\System32\Tasks\Droqagegrowosy Reports
2017-01-18 14:38 - 2017-01-18 14:38 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Nogation
2017-01-18 14:38 - 2017-01-18 14:38 - 00000000 ____D C:\Users\Alex\AppData\Local\Herpither
2017-01-18 14:38 - 2017-01-18 14:38 - 00000000 ____D C:\Program Files (x86)\Droqagegrowosy Reports
2017-01-18 14:37 - 2017-01-18 14:38 - 00000000 ____D C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B
2017-01-18 14:23 - 2017-01-18 14:50 - 00020130 _____ C:\Users\Alex\Desktop\FRST.txt
2017-01-18 14:20 - 2017-01-18 14:48 - 00000000 ____D C:\Users\Alex\Desktop\Neuer Ordner
2017-01-18 13:43 - 2017-01-18 13:43 - 00000800 _____ C:\Users\Alex\Desktop\JRT.txt
2017-01-18 13:29 - 2017-01-18 13:29 - 01663040 _____ (Malwarebytes) C:\Users\Alex\Desktop\JRT.exe
2017-01-18 13:08 - 2017-01-18 13:12 - 00087970 _____ C:\TDSSKiller.3.1.0.12_18.01.2017_13.08.40_log.txt
2017-01-18 13:07 - 2017-01-18 13:08 - 00005480 _____ C:\TDSSKiller.3.1.0.12_18.01.2017_13.07.19_log.txt
2017-01-18 12:35 - 2017-01-18 12:32 - 00004848 _____ C:\Users\Alex\Desktop\mbar-log-2017-01-18 (12-02-10).txt
2017-01-18 12:03 - 2017-01-18 12:03 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Alex\Desktop\tdsskiller.exe
2017-01-18 12:01 - 2017-01-18 13:07 - 00000000 ____D C:\Users\Alex\Desktop\mbar
2017-01-17 11:31 - 2017-01-18 12:35 - 00001117 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-01-17 11:20 - 2017-01-18 14:48 - 00000000 ____D C:\FRST
2017-01-17 11:18 - 2017-01-17 11:18 - 00006078 _____ C:\WINDOWS\System32\Tasks\Docertain Core
2017-01-17 11:18 - 2017-01-17 11:18 - 00000000 ____D C:\Program Files (x86)\Docertain Core
2017-01-17 11:14 - 2017-01-17 11:14 - 02419200 _____ (Farbar) C:\Users\Alex\Desktop\FRST64.exe
2017-01-17 10:26 - 2017-01-17 10:26 - 00720033 _____ C:\WINDOWS\unins000.exe
2017-01-17 10:25 - 2017-01-17 11:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Clehersy
2017-01-17 10:25 - 2017-01-17 11:18 - 00000000 ____D C:\Users\Alex\AppData\Local\Terqakfatacult
2017-01-17 10:04 - 2017-01-17 10:04 - 00282624 ____H C:\WINDOWS\system32\BITF6B1.tmp
2017-01-17 10:04 - 2017-01-17 10:04 - 00282624 ____H C:\WINDOWS\system32\BIT93F.tmp
2017-01-16 22:50 - 2017-01-16 22:50 - 00019189 _____ C:\Users\Alex\Desktop\Mbam.txt
2017-01-16 22:14 - 2017-01-16 22:14 - 00000000 ____D C:\Program Files (x86)\UCBrowser
2017-01-16 22:13 - 2017-01-18 14:08 - 00000228 _____ C:\WINDOWS\web.bat
2017-01-16 22:13 - 2017-01-17 10:26 - 00051253 _____ C:\WINDOWS\unins000.dat
2017-01-16 22:11 - 2017-01-16 22:11 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-01-16 21:59 - 2017-01-13 18:18 - 03988944 _____ C:\Users\Alex\Desktop\AdwCleaner_6.042.exe
2017-01-14 10:33 - 2017-01-14 10:33 - 07774656 _____ (XVM team ) C:\Users\Alex\Downloads\xvm-6.5.2-CIS.exe
2017-01-13 19:55 - 2017-01-13 20:21 - 564799858 _____ C:\Users\Alex\Documents\xf-lastshift.avi
2017-01-13 18:36 - 2017-01-18 12:35 - 00000619 _____ C:\Users\Public\Desktop\F.E.A.R. EXTRACTION POINT.lnk
2017-01-13 18:33 - 2017-01-13 18:33 - 00000000 ____D C:\Users\Public\Documents\TimeGate Studios
2017-01-13 18:30 - 2017-01-13 18:30 - 00000000 ____D C:\Users\Public\Documents\Monolith Productions
2017-01-13 18:26 - 2017-01-13 18:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2017-01-13 18:19 - 2017-01-18 14:11 - 00000000 ____D C:\AdwCleaner
2017-01-13 18:18 - 2017-01-13 18:18 - 03988944 _____ C:\Users\Alex\Downloads\AdwCleaner_6.042.exe
2017-01-11 16:00 - 2016-12-09 13:48 - 00000000 ____D C:\Users\Alex\Desktop\VA-Thunderdome_Die_Hard_II-4CD-2016-wAx
2017-01-11 15:51 - 2017-01-12 09:37 - 00000000 ____D C:\Users\Alex\Desktop\Mantus
2017-01-10 22:06 - 2017-01-10 22:06 - 00379020 _____ C:\Users\Alex\Downloads\1511_11_zer002___ecdl_1393.pdf
2017-01-10 20:34 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-01-10 20:34 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-01-10 20:34 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-01-10 20:34 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-01-10 20:34 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-01-10 20:34 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-01-10 20:34 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-01-10 20:34 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-01-10 20:34 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-01-10 20:34 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-01-10 20:34 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-01-10 20:34 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-01-10 20:34 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-01-10 20:34 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-01-10 20:34 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-01-10 20:34 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-01-10 20:34 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-01-10 20:34 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-01-10 20:34 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-01-10 20:34 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-01-10 20:34 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-01-10 20:34 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-01-10 20:34 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-01-10 20:34 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-01-10 20:34 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-01-10 20:34 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-01-10 20:34 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-01-10 20:34 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-01-10 20:34 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-01-10 20:34 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-01-10 20:34 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-01-10 20:34 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-01-10 20:34 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-01-10 20:34 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-01-10 20:34 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-01-10 20:34 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-01-10 20:34 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-01-10 20:34 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-01-10 20:34 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-01-10 20:34 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-01-10 20:34 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-01-10 20:34 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-01-10 20:34 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-01-10 20:34 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-01-10 20:34 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-01-10 20:34 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-01-10 20:34 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-01-10 20:34 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-01-10 20:34 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-01-10 20:34 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-01-10 20:34 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-01-10 20:34 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-01-10 20:34 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-01-10 20:34 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-01-10 20:34 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-01-10 20:34 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-01-10 20:34 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-01-10 20:34 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-01-10 20:34 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 02169184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 01400160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 01054048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00992096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-01-10 20:34 - 2016-12-14 06:33 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00779616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00752992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00571744 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00513376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-01-10 20:34 - 2016-12-14 06:33 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-01-10 20:34 - 2016-12-14 06:33 - 00190816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2017-01-10 20:34 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-01-10 20:34 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-01-10 20:34 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-01-10 20:34 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-01-10 20:34 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-01-10 20:34 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-01-10 20:34 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-01-10 20:34 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-01-10 20:34 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-01-10 20:34 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-01-10 20:34 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-01-10 20:34 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-01-10 20:34 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 20:34 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-01-10 20:34 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-01-10 20:34 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-01-10 20:34 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-01-10 20:34 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-01-10 20:34 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-01-10 20:34 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-01-10 20:34 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-01-10 20:34 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-01-10 20:34 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-01-10 20:34 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-01-10 20:34 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-01-10 20:34 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-01-10 20:34 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-01-10 20:34 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-01-10 20:34 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-01-10 20:34 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-01-10 20:34 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-01-10 20:34 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-01-10 20:34 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-01-10 20:34 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-01-10 20:34 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-01-10 20:34 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-01-10 20:34 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-01-10 20:34 - 2016-11-02 13:01 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-01-10 20:34 - 2016-11-02 11:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-01-10 20:34 - 2016-08-02 05:30 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-01-10 20:33 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-01-10 20:33 - 2016-12-21 08:45 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcmiplugin.dll
2017-01-10 20:33 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-01-10 20:33 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-01-10 20:33 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-01-10 20:33 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-01-10 20:33 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-01-10 20:33 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-01-10 20:33 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-01-10 20:33 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-01-10 20:33 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-01-10 20:33 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-01-10 20:33 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-01-10 20:33 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-01-10 20:33 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-01-10 20:33 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-01-10 20:33 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-01-10 20:33 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-01-10 20:33 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-01-10 20:33 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-01-10 20:33 - 2016-12-21 06:03 - 00136544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqmigplugin.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-01-10 20:33 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-01-10 20:33 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-01-10 20:33 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-01-10 20:33 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-01-10 20:33 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-01-10 20:33 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-01-10 20:33 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-01-10 20:33 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-01-10 20:33 - 2016-12-14 06:26 - 01469792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-01-10 20:33 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-01-10 20:33 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-01-10 20:33 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-01-10 20:33 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-01-10 20:33 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-01-10 20:33 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-01-10 20:33 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-01-10 20:33 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-01-10 20:33 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-01-10 20:33 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-01-10 20:33 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-01-10 20:33 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-01-10 20:33 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-01-10 20:33 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-01-10 20:33 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-01-10 20:33 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-01-10 20:33 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-01-10 20:33 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-01-10 20:33 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-01-10 20:33 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-01-10 20:33 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-01-10 20:33 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-01-10 20:33 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-01-10 20:33 - 2016-11-02 12:00 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-01-10 20:33 - 2016-11-02 11:22 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-01-10 20:33 - 2016-11-02 11:21 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-01-10 10:06 - 2017-01-10 10:11 - 00000000 ____D C:\Users\Alex\Desktop\wot
2017-01-09 23:23 - 2017-01-10 09:54 - 00000096 _____ C:\Users\Alex\Desktop\Speedtest.txt
2017-01-09 10:37 - 2017-01-09 10:37 - 00087315 _____ C:\Users\Alex\Downloads\08.01.17jpg.pdf
2017-01-08 15:53 - 2017-01-08 15:52 - 00217317 _____ C:\Users\Alex\Desktop\08.01.17 .pdf
2017-01-08 15:47 - 2017-01-08 15:48 - 00000000 ____D C:\Users\Alex\AppData\Local\Foxit Reader
2017-01-04 12:21 - 2017-01-04 12:23 - 00000000 ____D C:\Users\Alex\AppData\Local\GZWO
2017-01-04 12:19 - 2017-01-04 12:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groschengrab Deluxe
2017-01-04 12:18 - 2017-01-04 12:27 - 00000000 ____D C:\Users\Alex\Desktop\Automaten
2017-01-04 12:18 - 2017-01-04 12:18 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Groschengrab 3
2017-01-04 11:00 - 2017-01-04 18:17 - 00000000 ____D C:\Users\Alex\Desktop\Shpok
2017-01-03 15:52 - 2017-01-03 15:52 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\337B4421.sys
2017-01-03 15:50 - 2017-01-03 15:50 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Obsidium
2017-01-03 14:13 - 2017-01-03 14:13 - 02930608 _____ (Odem Mortis ) C:\Users\Alex\Downloads\OMC_ModPack_Installer (2).exe
2017-01-02 15:41 - 2017-01-18 12:35 - 00001950 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2016-12-29 16:06 - 2017-01-18 12:34 - 00001321 _____ C:\Users\Alex\Desktop\TheForest.exe - Verknüpfung.lnk
2016-12-27 22:03 - 2016-12-27 22:03 - 00000000 ____D C:\Users\Alex\AppData\Local\Chromium
2016-12-26 22:22 - 2016-12-26 22:22 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GameSpy Arcade
2016-12-26 22:22 - 2016-12-26 22:22 - 00000000 ____D C:\Program Files (x86)\GameSpy Arcade
2016-12-23 23:21 - 2016-12-23 23:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Yu-Gi-Oh Legacy of the Duelist
2016-12-20 18:33 - 2016-12-20 18:34 - 11581544 _____ (SurfRight B.V.) C:\Users\Alex\Downloads\HitmanPro_x64 (1).exe
2016-12-19 10:39 - 2016-12-19 10:41 - 00000212 _____ C:\Users\Alex\Desktop\Camera Oskar.url
2016-12-19 10:34 - 2016-12-19 10:34 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-12-19 10:20 - 2016-12-19 10:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\D-Link D-ViewCam
2016-12-19 10:17 - 2016-12-19 10:18 - 134507781 _____ C:\Users\Alex\Downloads\D-ViewCam_DCS-100_V4.0.5_Device_Pack_V2.0.18_20151223.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-18 14:44 - 2016-12-17 17:39 - 00250816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-01-18 14:44 - 2016-09-22 09:46 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-01-18 14:44 - 2016-09-22 09:03 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-18 14:44 - 2015-08-26 18:30 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP
2017-01-18 14:43 - 2016-09-22 09:08 - 00000000 ____D C:\Users\Alex
2017-01-18 14:43 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-01-18 14:38 - 2016-05-07 15:53 - 00000000 ____D C:\Program Files (x86)\D-Link
2017-01-18 14:38 - 2016-04-03 19:46 - 00000000 ____D C:\Program Files (x86)\LocksPro
2017-01-18 14:38 - 2016-01-03 14:18 - 00000000 ____D C:\Program Files (x86)\VMware
2017-01-18 13:38 - 2016-07-20 11:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-18 13:37 - 2016-12-18 14:41 - 00001367 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-18 13:37 - 2016-12-18 14:41 - 00001355 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-18 12:35 - 2016-12-17 17:39 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-01-18 12:35 - 2016-11-01 19:32 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi® Manager Deinstallationsprogramm.lnk
2017-01-18 12:35 - 2016-11-01 19:32 - 00002091 _____ C:\Users\Public\Desktop\tiptoi® Manager.lnk
2017-01-18 12:35 - 2016-11-01 19:32 - 00002049 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tiptoi.lnk
2017-01-18 12:35 - 2016-10-19 12:47 - 00001014 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client.lnk
2017-01-18 12:35 - 2016-10-02 09:10 - 00001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video-Editor.lnk
2017-01-18 12:35 - 2016-10-02 09:10 - 00001203 _____ C:\Users\Public\Desktop\VideoPad Video-Editor.lnk
2017-01-18 12:35 - 2016-09-22 09:20 - 00001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-01-18 12:35 - 2015-11-16 23:56 - 00002823 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center.lnk
2017-01-18 12:35 - 2015-10-09 12:04 - 00001418 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-01-18 12:35 - 2015-08-26 19:18 - 00002517 _____ C:\Users\Public\Desktop\Krita.lnk
2017-01-18 12:35 - 2015-08-26 18:30 - 00001218 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk
2017-01-18 12:35 - 2015-08-26 18:30 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2017-01-18 12:35 - 2015-08-17 18:10 - 00002148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop Lightroom 5.7 64-Bit.lnk
2017-01-18 12:35 - 2015-08-17 13:52 - 00001073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk
2017-01-18 12:35 - 2015-08-17 13:50 - 00001615 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2017-01-18 12:35 - 2015-07-31 19:20 - 00002121 _____ C:\Users\Public\Desktop\Wise Care 365.lnk
2017-01-18 12:35 - 2015-04-27 19:25 - 00001338 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live ID.lnk
2017-01-18 12:35 - 2014-12-31 20:10 - 00001118 _____ C:\Users\Public\Desktop\OpenOffice.org 3.3.lnk
2017-01-18 12:34 - 2016-12-08 11:18 - 00000922 _____ C:\Users\Alex\Desktop\Club der Roten Bänder (Staffel2).lnk
2017-01-18 12:34 - 2016-11-07 18:18 - 00000922 _____ C:\Users\Alex\Desktop\Club der Roten Bänder (Staffel1).lnk
2017-01-18 12:34 - 2016-11-04 08:33 - 00001241 _____ C:\Users\Alex\Desktop\Emercency 2017.lnk
2017-01-18 12:34 - 2016-04-03 19:46 - 00002036 _____ C:\Users\Alex\Desktop\Locks Pro.lnk
2017-01-18 12:34 - 2016-02-15 09:06 - 00002091 _____ C:\Users\Alex\Desktop\AbiWord 2.9.lnk
2017-01-18 12:34 - 2015-10-31 18:08 - 00001759 _____ C:\Users\Alex\Desktop\AVCFree - Verknüpfung.lnk
2017-01-18 12:34 - 2015-08-04 18:56 - 00002416 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-18 12:34 - 2015-08-04 18:54 - 00001047 _____ C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2017-01-18 12:34 - 2015-07-03 11:09 - 00000812 _____ C:\Users\Alex\Desktop\µTorrent.lnk
2017-01-18 12:34 - 2015-04-02 09:29 - 00000988 _____ C:\Users\Alex\Desktop\Bandicam.lnk
2017-01-18 12:34 - 2015-03-17 21:26 - 00002017 _____ C:\Users\Alex\Desktop\JDownloader 2.lnk
2017-01-18 12:34 - 2015-01-03 12:56 - 00000847 _____ C:\Users\Alex\Desktop\Downloads.lnk
2017-01-18 12:34 - 2014-12-31 20:50 - 00000735 _____ C:\Users\Alex\Desktop\Peachy-Bewerbungen - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 20:31 - 00000537 _____ C:\Users\Alex\Desktop\Oskar - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 20:29 - 00000725 _____ C:\Users\Alex\Desktop\gezeichnetes - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 20:29 - 00000537 _____ C:\Users\Alex\Desktop\Filme - Verknüpfung.lnk
2017-01-18 12:34 - 2014-12-31 19:26 - 00000355 _____ C:\Users\Alex\Desktop\Computer.lnk
2017-01-18 12:33 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\addins
2017-01-18 12:27 - 2016-09-22 09:00 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-01-18 12:15 - 2014-12-31 20:46 - 00000000 ____D C:\Users\Alex\AppData\Roaming\vlc
2017-01-17 19:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-01-17 19:38 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-01-17 19:38 - 2015-08-04 18:52 - 00000000 ____D C:\Users\Alex\AppData\Local\Packages
2017-01-17 18:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-01-17 12:48 - 2016-12-17 17:39 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-01-17 11:39 - 2016-12-16 10:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-01-17 11:39 - 2016-09-07 21:17 - 00000000 ____D C:\ProgramData\Avira
2017-01-17 11:38 - 2014-12-31 20:29 - 00000000 ____D C:\ProgramData\Package Cache
2017-01-17 11:37 - 2015-01-20 09:31 - 00000000 ____D C:\Program Files (x86)\epson
2017-01-17 11:31 - 2016-09-13 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-01-17 11:20 - 2015-03-11 20:49 - 00000000 ____D C:\Users\Alex\Desktop\Psycho
2017-01-17 11:18 - 2016-09-14 07:58 - 00000000 ____D C:\Program Files (x86)\ESET
2017-01-17 11:18 - 2015-01-20 09:20 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2017-01-17 10:38 - 2016-12-17 16:01 - 00000000 ____D C:\WINDOWS\system32\SSL
2017-01-17 10:29 - 2014-12-31 19:40 - 00000000 ____D C:\Program Files (x86)\VideoLAN
2017-01-17 10:27 - 2016-05-07 16:11 - 00000000 ____D C:\Program Files (x86)\Activation
2017-01-17 10:27 - 2015-04-02 09:29 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2017-01-17 10:17 - 2015-01-02 15:17 - 00000000 ____D C:\Users\Alex\AppData\Local\JDownloader v2.0
2017-01-16 21:51 - 2016-09-22 09:44 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-01-16 21:51 - 2015-03-29 15:46 - 00000000 ____D C:\Program Files (x86)\Foxit Software
2017-01-16 21:51 - 2015-01-03 13:03 - 00000000 ____D C:\Program Files (x86)\Anvsoft
2017-01-13 19:10 - 2015-04-01 11:15 - 00000000 ____D C:\Program Files (x86)\Overwolf
2017-01-13 18:36 - 2014-12-31 19:52 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-01-13 14:24 - 2015-05-04 13:56 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-13 13:13 - 2013-06-24 14:17 - 00000000 ____D C:\Temp
2017-01-13 13:10 - 2015-01-01 11:08 - 00000000 ____D C:\Users\Alex\Desktop\Spiele
2017-01-13 11:43 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-01-13 11:23 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-01-13 10:46 - 2015-01-02 19:33 - 00000000 ____D C:\Users\Alex\Documents\My Games
2017-01-13 09:36 - 2016-12-09 19:19 - 00003270 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-01-13 09:36 - 2015-08-04 18:56 - 00000000 ___RD C:\Users\Alex\OneDrive
2017-01-12 08:22 - 2015-08-04 18:52 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-01-12 08:20 - 2016-09-22 09:00 - 00387224 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-01-12 08:19 - 2015-01-31 11:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-01-11 22:56 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-01-11 10:14 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-01-11 10:10 - 2014-12-31 23:28 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-11 10:07 - 2014-12-31 23:28 - 135657872 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-10 10:42 - 2015-07-16 10:49 - 00000000 ____D C:\Users\Alex\Documents\CPY_SAVES
2017-01-08 15:47 - 2015-03-29 15:47 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Foxit Software
2017-01-08 12:16 - 2015-10-01 20:05 - 00000000 ____D C:\Users\Alex\AppData\Local\MyComGames
2017-01-07 19:32 - 2016-07-29 09:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GdZ WoT ModPack
2017-01-07 16:08 - 2015-09-03 18:56 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack
2017-01-04 23:01 - 2015-02-26 11:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-01-03 15:51 - 2016-12-17 17:38 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-03 14:13 - 2015-09-03 17:58 - 00000000 ____D C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\OMC ModPack Client
2017-01-03 10:26 - 2016-08-28 19:28 - 00000000 ____D C:\Users\Alex\Desktop\DJ
2017-01-02 15:41 - 2016-12-17 17:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2016-12-29 17:25 - 2015-01-04 21:19 - 00000000 ____D C:\Users\Alex\AppData\Roaming\uTorrent
2016-12-29 17:25 - 2014-12-31 19:24 - 00000000 ____D C:\Users\Alex\AppData\LocalLow
2016-12-24 13:28 - 2016-12-12 22:29 - 00000000 ____D C:\Users\Alex\Desktop\Club Der Roten Bänder - Soundtrack
2016-12-23 23:19 - 2016-12-17 17:39 - 00091584 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2016-12-23 00:13 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-12-23 00:13 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-12-21 10:54 - 2013-01-05 20:32 - 00389396 __RSH C:\bootmgr
2016-12-20 23:14 - 2016-09-22 09:46 - 00003636 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2016-12-20 23:14 - 2013-10-28 19:57 - 00000769 _____ C:\DelFix.txt
2016-12-20 23:06 - 2016-12-17 17:39 - 00102856 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2016-12-20 23:06 - 2016-12-17 17:39 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-12-19 23:23 - 2016-09-22 09:08 - 00524288 ___SH C:\Users\Alex\NTUSER.DAT{d86761b5-80a2-11e6-9938-9d8e4d7226d7}.TMContainer00000000000000000002.regtrans-ms
2016-12-19 10:21 - 2016-05-07 15:55 - 00000000 ____D C:\Users\Alex\AppData\Roaming\DlinkViewCam
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-15 17:22 - 2015-11-15 09:52 - 0012879 _____ () C:\Users\Alex\AppData\Roaming\alsoft.ini
2017-01-16 22:11 - 2017-01-16 22:11 - 0099678 _____ () C:\Users\Alex\AppData\Roaming\booking.ico
2016-06-02 09:48 - 2016-06-02 09:49 - 266040255 _____ () C:\Users\Alex\AppData\Local\ACCCx3_6_0_248.zip
2015-04-10 14:38 - 2015-04-10 14:38 - 0004608 _____ () C:\Users\Alex\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-04 17:01 - 2015-07-04 17:02 - 0003072 _____ () C:\Users\Alex\AppData\Local\file__0.localstorage
2015-07-24 19:25 - 2015-07-24 19:25 - 0000092 _____ () C:\Users\Alex\AppData\Local\fusioncache.dat
2015-11-18 11:41 - 2015-11-18 11:41 - 0000017 _____ () C:\Users\Alex\AppData\Local\resmon.resmoncfg
2016-09-22 09:02 - 2016-09-22 09:02 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-11 10:04
==================== Ende von FRST.txt ============================
|
|
18.01.2017, 14:54
| #24 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Alex (18-01-2017 14:51:04)
Gestartet von C:\Users\Alex\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-22 08:52:12)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2927967124-101175508-2003510897-500 - Administrator - Enabled) => C:\Users\Administrator
Alex (S-1-5-21-2927967124-101175508-2003510897-1000 - Administrator - Enabled) => C:\Users\Alex
DefaultAccount (S-1-5-21-2927967124-101175508-2003510897-503 - Limited - Disabled)
Gast (S-1-5-21-2927967124-101175508-2003510897-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2927967124-101175508-2003510897-1005 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\uTorrent) (Version: 3.4.9.43085 - BitTorrent Inc.)
18 Wheels of Steel Extreme Trucker 2 (HKLM-x32\...\{A2B65355-E44A-4662-9533-AB5A4A3533ED}) (Version: 1.00.0000 - Valusoft)
AbiWord 2.9.4 (HKLM-x32\...\AbiWord2) (Version: 2.9.4 - AbiSource Developers)
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{123A22CB-6D84-4135-A71F-886C9119E996}) (Version: 99.9 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.190 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{0E3C52E0-B4F1-4D1E-B172-E390813BD9FE}) (Version: 12.1.8.158 - Adobe Systems, Inc)
Aerosoft's - Aerosoft Launcher (HKLM-x32\...\{EE11CFFC-898C-4875-8A63-8B732A9AD43B}) (Version: 1.2.0.3 - Aerosoft)
AIMP (HKLM-x32\...\AIMP) (Version: v4.02.1725, 11.06.2016 - AIMP DevTeam)
AKVIS Sketch (HKLM\...\{AC0BAA05-28E6-4911-B3F3-0AE2EB0F54A1}) (Version: 17.0.2946.11963 - AKVIS)
Armored Warfare MyCom (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom) (Version: 1.108 - My.com B.V.)
Armored Warfare MyCom Beta (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Armored Warfare MyCom Beta) (Version: 1.59 - My.com B.V.)
ATI Catalyst Install Manager (HKLM\...\{62140B07-129A-2BD0-81D2-2A1A7408ADC8}) (Version: 3.0.762.0 - ATI Technologies, Inc.)
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.8.9046 - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 2.1.3.757 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Berg und Tunnelbau (HKLM-x32\...\Mining and Tunneling) (Version: - )
Body Text Feathering (HKLM-x32\...\PopupProduct) (Version: 1.0.0.0 - Body Text Feathering) <==== ACHTUNG
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6321 - CDBurnerXP)
C-Media PCI Audio Device (HKLM\...\C-Media PCI Audio Driver) (Version: - )
Crazy Machines 3 (HKLM\...\Y3JhenltYWNoaW5lczM_is1) (Version: 1 - )
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
Dance eJay 7 (HKLM-x32\...\{A18BB607-BC5A-474E-88FD-C215B91A0F97}) (Version: 7 - Empire Interactive)
Demolish and Build Company 2017 (HKLM-x32\...\Demolish and Build Company 2017_is1) (Version: - )
Device Pack (HKLM-x32\...\{88D77012-0707-4c69-9D10-9FBDD937D3A2}) (Version: 2.0.18 - D-Link)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
DIG IT! - A Digger Simulator (HKLM\...\Steam App 311910) (Version: - Cape Copenhagen)
DiRT 3 Complete Edition (HKLM\...\Steam App 321040) (Version: - Codemasters Racing Studio)
D-Link D-ViewCam (HKLM-x32\...\{FA83A3D0-BA96-4565-B4F7-EC48163CB0CD}) (Version: 4.0.5 - D-Link)
Duke Nukem 3D Twentieth Anniversary World Tour (HKLM-x32\...\Duke Nukem 3D Twentieth Anniversary World Tour_is1) (Version: - )
EA SPORTS™ FIFA 15 (HKLM-x32\...\{3D4ADA2B-F028-4307-ADF4-6F9AA44725DA}) (Version: 1.8.0.0 - Electronic Arts)
Emergency 2016 (HKLM-x32\...\Emergency 2016_is1) (Version: - )
Emergency 2017 (HKLM-x32\...\Emergency 2017_is1) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
EPSON SX125 Series Printer Uninstall (HKLM\...\EPSON SX125 Series) (Version: - SEIKO EPSON Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
FEAR (HKLM-x32\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Extraction Point (HKLM-x32\...\{909BBDB7-BABE-434C-9124-863A9F8D1CF8}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FileZilla Client 3.13.0 (HKLM-x32\...\FileZilla Client) (Version: 3.13.0 - Tim Kosse)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.3.4.311 - Foxit Software Inc.)
GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version: - )
GdZ WoT ModPack Version 0.9.15.1.5 (HKLM-x32\...\{GdZ WoT ModPack}_is1) (Version: 0.9.15.1.5 - Gemeinschaft deutscher Zocker)
GdZ WoT ModPack Version 1.0 (HKLM-x32\...\{GdZ WoT ModPack Updater}_is1) (Version: 1.0 - Gemeinschaft deutscher Zocker)
German Truck Simulator 1.00 (HKLM-x32\...\German Truck Simulator) (Version: 1.00 - )
Ghostbusters (TM): The Video Game (HKLM-x32\...\InstallShield_{3A1B1652-D70A-4D19-981E-BB15D0DBF253}) (Version: 1.00.0000 - Atari)
Ghostbusters (TM): The Video Game (x32 Version: 1.00.0000 - Atari) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 55.0.2883.87 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Grand Theft Auto: Episodes From Liberty City (HKLM-x32\...\{61B8B2F9-D8DA-4B24-89A9-DB09F38A4899}) (Version: 1.1.0.0 - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (x32 Version: 1.0.0003.135 - Rockstar Games Inc.) Hidden
Groschengrab 3 (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Groschengrab 3) (Version: - )
Groschengrab Deluxe (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\Groschengrab Deluxe) (Version: - )
Heart's Medicine: Time to Heal (HKLM\...\aGVhcnRzbWVkaWNpbmV0aW1ldG9oZWFs_is1) (Version: 1 - )
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Krita Desktop (x86) "2.9.6.3" (HKLM-x32\...\{ACF8935C-CA56-43D2-A923-DD95CBCE1BEB}) (Version: 2.9.6.3 - Krita Foundation)
Life is Strange (HKLM-x32\...\Life is Strange_is1) (Version: - )
Locks Pro (HKLM-x32\...\Locks Pro) (Version: - )
Logistics Company (HKLM\...\Steam App 328310) (Version: - Crenetic GmbH Studios)
Logitech Gaming Software 64 (HKLM-x32\...\InstallShield_{58BF5D14-CBCF-473C-B0E0-A7955A23224E}) (Version: - )
Malwarebytes Anti-Malware versione 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Malwarebytes Version 3.0.5.1299 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.5.1299 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.6.140.0 - Microsoft Corporation)
Microtool version 1.1.0 (HKLM-x32\...\Microtool_is1) (Version: 1.1.0 - Microtool Technologies)
Mixxx 2.0.0 (64-bit) (HKLM-x32\...\Mixxx (2.0.0)) (Version: 2.0.0 - The Mixxx Development Team)
Model_Viewer (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\007d47cbc8a50530) (Version: 2.0.0.23 - WOT MODEL VIEWER)
Mozilla Firefox 48.0.2 (x64 de) (HKLM\...\Mozilla Firefox 48.0.2 (x64 de)) (Version: 48.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 48.0.2.6079 - Mozilla)
Mozilla Thunderbird 45.6.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.6.0 (x86 de)) (Version: 45.6.0 - Mozilla)
My.com Game Center (HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\MyComGames) (Version: 3.147 - My.com B.V.)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: 2.6.0.137 - Native Instruments)
null (HKLM-x32\...\MonsterMaker) (Version: - )
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.9.1.22 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.75 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
OMC ModPack Client Version 1.5.2.49 (HKLM-x32\...\{E2F3187C-2B94-486F-8914-E69211487FB6}_is1) (Version: 1.5.2.49 - Odem Mortis)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.5.10.780 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.101.213.0 - Overwolf Ltd.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version: - )
Project64 1.6 (HKLM-x32\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
ProTrain Perfect 2 - Dresden - Leipzig - (HKLM-x32\...\{509E436F-FEEA-49BC-BD16-8F5F67D715E1}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 - Nord-Süd 2 - Update (HKLM-x32\...\{2DE73DB6-37F4-4580-97A0-505D478EF02A}) (Version: 1.31 - Blue Sky Interactive)
ProTrain Perfect 2 - Streckenupdate - (HKLM-x32\...\{9547B52A-58E0-4AB5-B159-506728C5404B}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect Addon 4 - S-Bahn Berlin- Update 1.1 (HKLM-x32\...\{56706286-0B7A-46A3-9835-CF1ACB4BBFE2}) (Version: 1.0 - Blue Sky Interactive)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.2 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.2 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.0.5 - Rockstar Games)
RollerCoaster Tycoon 3 Platinum (HKLM-x32\...\RollerCoaster Tycoon 3 Platinum_is1) (Version: - )
RollerCoaster Tycoon World (HKLM\...\cm9sbGVyY29hc3RlcnR5Y29vbndvcmxk_is1) (Version: 1 - )
Samantha Swift and the Golden Touch (HKLM-x32\...\Samantha Swift and the Golden Touch) (Version: 1.1.0.0 - MumboJumbo)
SHIELD Streaming (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Smart Application Controller (HKLM-x32\...\{A6AE177E-D46B-4463-AA69-B9F818E0DC4A}_is1) (Version: 1.00 - Smart Application Controller)
Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
The Last Dream - Developer's Edition (HKLM-x32\...\The Last Dream - Developer's Edition_is1) (Version: - )
The Suffering Collection MULTi5 - ElAmigos Version 1.01 (HKLM-x32\...\{7F509198-C9F1-4241-A710-3FFC993AD861}_is1) (Version: 1.01 - Midway)
tiptoi® Manager 3.1.6 (HKLM-x32\...\9978-5763-2995-5228) (Version: 3.1.6 - Ravensburger AG)
Tweaking.com - Windows Repair (All in One) (HKLM-x32\...\Tweaking.com - Windows Repair (All in One)) (Version: 3.0.0 - Tweaking.com)
UE4 Prerequisites (x64) (HKLM-x32\...\{b46d36bc-2438-471e-abe8-1fbbd51754ee}) (Version: 1.0.10.0 - Epic Games, Inc.)
UE4 Prerequisites (x64) (Version: 1.0.10.0 - Epic Games, Inc.) Hidden
UK Truck Simulator 1.11 (HKLM-x32\...\UK Truck Simulator) (Version: 1.11 - )
Unity Web Player (x64) (All users) (HKLM\...\UnityWebPlayer) (Version: 4.6.6f2 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VideoPad Video-Editor (HKLM-x32\...\VideoPad) (Version: 4.49 - NCH Software)
VirtualDJ 8 (HKLM-x32\...\{AC964E48-8E21-4622-9073-AD42BC6A57B1}) (Version: 8.2.3343.0 - Atomix Productions)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
waterMark V2 (HKLM-x32\...\waterMark V2) (Version: - )
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Winning Putt: Golf Online (HKLM\...\Steam App 458960) (Version: - WEBZENONNET Co., Ltd.)
WinRAR 5.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wonderland Solitaire (HKLM-x32\...\Wonderland Solitaire) (Version: - )
World Series Of Poker (HKLM-x32\...\World_Series_Of_Poker_1.0) (Version: - )
X-Mouse Button Control 2.9.1 (HKLM-x32\...\X-Mouse Button Control) (Version: 2.9.1 - Highresolution Enterprises)
XVM Version 6.5.2-CIS (HKLM-x32\...\{2865cd27-6b8b-4413-8272-cd968f316050}_is1) (Version: 6.5.2-CIS - XVM team)
youndoo - Uninstall (HKLM-x32\...\{15F6F794-81F1-439C-A6CF-7E3A0F3A6B84}) (Version: - ) <==== ACHTUNG
Yu-Gi-Oh Legacy of the Duelist MULTi5 - ElAmigos Version 1.0 u1 (HKLM-x32\...\{C9FCEB59-AD96-4DB5-9D79-FC19339BF1C0}_is1) (Version: 1.0 u1 - Konami)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03721160-D3EC-4395-9515-90AF4387D601} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2017-01-04] (Overwolf LTD)
Task: {08071F0B-7A8F-4307-AC19-CAC94B3D7CF0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {088BCE7E-C0DF-4878-9566-F3DF074A0850} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2015-09-10] (Microsoft)
Task: {11072F2E-CF5D-4042-8117-BF302C3D1134} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-09-22] (Oracle Corporation)
Task: {2D6D5D52-DEB4-4D7E-8582-BFA2594CE8A4} - System32\Tasks\{E38CF82E-0E32-471D-AF9A-11ACBB05F575} => pcalua.exe -a "D:\Spiele\Black & White\Setup.exe" -d "D:\Spiele\Black & White"
Task: {3E59135F-C845-4CA7-9306-09BA53D3BF10} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe
Task: {3ECA284F-6060-4355-8201-2B3667D6A8D0} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2015-09-10] (Microsoft Corporation)
Task: {48A39499-C887-47AB-A03E-EC1284135582} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
Task: {60F975AC-39FD-4638-A749-F2AF50518B24} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {6F5ECFB4-DEE8-436D-A0E7-ACFC1498453F} - System32\Tasks\Droqagegrowosy Reports => C:\Program Files (x86)\Perdowardkesit\arantion.exe [2017-01-18] (Glarysoft Ltd)
Task: {72809391-CA5B-4283-AF5B-22E82B9893C2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {739D6E46-1EBE-45B0-B3A8-BE4B706B11C9} - System32\Tasks\{F823577C-328F-42E1-82E8-273F76E8E0F2} => pcalua.exe -a "D:\Spielei\RollerCoaster Tycoon 3 Platinum\RCT3.EXE" -d "D:\Spielei\RollerCoaster Tycoon 3 Platinum"
Task: {7D66D896-7E61-483F-AC36-CBF7B2F70AF8} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-01-11] (Microsoft Corporation)
Task: {852E5EAC-BD28-47F6-922D-6CC306F6A428} - System32\Tasks\Docertain Core => C:\Program Files (x86)\Lirght\ukacult.exe
Task: {9459BA5A-FD31-4742-B874-E18D2F2CFA4F} - System32\Tasks\{9F699765-8CF8-476D-B4B0-17A827A46CA3} => C:\Program Files (x86)\Origin\Origin.exe [2015-03-24] (Electronic Arts)
Task: {981322A7-5CE4-419F-9EE9-A5B122E6477F} - System32\Tasks\CheckControllerUpdatesUA => C:\Program Files (x86)\Smart Application Controller\smappscontroller.exe [2016-07-13] (Smart Application Controller)
Task: {9D80B7B9-6365-4839-A770-224DE72C1F0A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-12-18] (Google Inc.)
Task: {A1F15BE6-717C-4421-B6F5-31A5D6F3E16A} - System32\Tasks\WiseCleaner\WFDSkipUAC => C:\Program Files (x86)\Wise\Wise Force Deleter\WiseDeleter.exe [2015-07-27] (WiseCleaner.com)
Task: {BCE3DD01-4356-448D-B9F2-B66F03DA84E8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-17] (Adobe Systems Incorporated)
Task: {C90E9125-55FE-459E-B59C-A8CC3EDC83B2} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {DF339562-E44E-4C7B-BFED-89CD5B300750} - System32\Tasks\{E32C968D-9A4A-468A-9739-5EC5DD81248A} => pcalua.exe -a "F:\Wolfenstein The Old Blood German Uncut Edition\WOLF.OB.GUE.exe" -d "F:\Wolfenstein The Old Blood German Uncut Edition"
Task: {E27BD397-DC88-4C92-9D33-9AEBB4FF1077} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Alex\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {FD8DDAD2-0AB1-4C79-8872-2DE3B0CAA13A} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2015-09-10] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki
Shortcut: C:\Users\Alex\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-12-14 12:11 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-22 09:03 - 2016-08-01 13:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-12-17 17:39 - 2017-01-17 12:48 - 02259232 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2015-12-31 19:57 - 2016-01-12 05:43 - 00291264 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2015-12-26 09:59 - 2015-12-26 09:59 - 00158720 _____ () C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B\qnsgEEA4.tmp
2016-12-14 12:11 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-22 09:53 - 2016-09-22 09:53 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-01-10 20:34 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-01-10 20:33 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-01-10 20:33 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-01-10 20:33 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-01-18 14:38 - 2017-01-18 14:38 - 00138752 _____ () c:\program files (x86)\perdowardkesit\vofucheng.dll
2017-01-18 14:38 - 2017-01-18 14:38 - 00604160 _____ () C:\Program Files (x86)\Perdowardkesit\Proxy32.dll
2017-01-18 14:44 - 2017-01-18 14:44 - 00223744 ____H () C:\Program Files (x86)\CDBurnerXP\MozillaThunderbirdCDBurnerXP.dll
2015-05-20 15:35 - 2016-01-12 05:43 - 00018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-17 11:37 - 2017-01-17 11:37 - 00223744 ____H () C:\Program Files (x86)\epson\Overwolfepson.dll
2017-01-17 10:29 - 2017-01-17 10:29 - 00223744 ____H () C:\Program Files (x86)\VideoLAN\SteamVideoLAN.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2017-01-18 14:42 - 00000027 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\Control Panel\Desktop\\Wallpaper -> F:\Oskar\Neuer Ordner (21)\Neuer Ordner (8)\IMG-20160619-WA0004.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: Avira.OE.ServiceHost => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: IDriverT => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Stereo Service => 2
HKLM\...\StartupApproved\Run32: => "Avira Systray"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "EPSON SX125 Series"
HKU\S-1-5-21-2927967124-101175508-2003510897-1000\...\StartupApproved\Run: => "TomTomHOME.exe"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [MSMQ-In-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => LPort=808
FirewallRules: [{43DC8776-57FD-40B5-91B0-CBD2C03C5632}] => D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [{2D262BCC-E6F4-4697-87CB-E62DEBB048DC}] => D:\Spiele\FIFA 15\fifasetup\fifaconfig.exe
FirewallRules: [UDP Query User{339B0FA0-5B3B-4771-B2CC-A7B468AB37BF}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{A09AC952-684E-4B97-9EFD-1E9962A6A6C6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{50273C90-0B32-483A-82AB-CE40A761D30A}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [TCP Query User{9022ED3A-732F-4D6B-B4A2-039E2232E84D}D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe] => D:\spiele\ghostbusters\ghostbusters\binaries\win64\ghostbusters.exe
FirewallRules: [UDP Query User{389B68A3-BDB8-4CC7-B5F1-B9EAD578C78D}D:\spiele\dovetail games flight school\fsc.exe] => D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [TCP Query User{71654F9A-49E1-4DB8-90D1-E6FDEE57BB02}D:\spiele\dovetail games flight school\fsc.exe] => D:\spiele\dovetail games flight school\fsc.exe
FirewallRules: [{C5EDC8EF-6825-4B8C-BB28-47C641330927}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{15842196-AF0E-4252-8B98-1B0C1BD6F6C2}] => C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{1A43CF24-88C0-4887-9A94-04DFD8A1B8FD}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [TCP Query User{2203F989-B0FB-4A66-B5AC-7606BEEE091E}D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe] => D:\downloads\fo4\igg-dead.by.daylight.v1.0\deadbydaylight\binaries\win64\deadbydaylight-win64-shipping.exe
FirewallRules: [UDP Query User{F3A2D79C-8F64-4056-9DA6-9D402E8BCB68}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [TCP Query User{6608EC4A-642D-47C4-AD82-C8174517D431}D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe] => D:\spiele\medal of honor allied assault war chest\moh_spearhead.exe
FirewallRules: [UDP Query User{EDFA809B-57F0-462A-B2AA-19CD31295828}D:\spiele\street fighter x tekken complete pack\sftk.exe] => D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [TCP Query User{1ABB671C-E149-4942-90E0-2FB13CF7EA4F}D:\spiele\street fighter x tekken complete pack\sftk.exe] => D:\spiele\street fighter x tekken complete pack\sftk.exe
FirewallRules: [UDP Query User{329E50C5-1D43-40B1-AE0C-DF02A1473FFA}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [TCP Query User{CE25C343-01B1-4AC8-B589-828CC9C63538}D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe] => D:\spiele\medal of honor allied assault war chest\moh_breakthrough.exe
FirewallRules: [UDP Query User{2C652085-C216-4B0B-B1F6-DFD07D862D05}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [TCP Query User{0653881F-C4F1-483B-9EEF-03B6E478915E}D:\spiele\medal of honor allied assault war chest\mohaa.exe] => D:\spiele\medal of honor allied assault war chest\mohaa.exe
FirewallRules: [{1C55D6CF-C802-4747-B16E-96E20EA42E76}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{D5402871-D6DB-4AF8-A11B-211A8FC142C0}] => C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{E3475040-EF12-4BFA-90D4-5CCFFD4182C3}] => D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{822BDA0E-5DAC-4BA9-84DE-BEFCED48F171}] => D:\Spiele\SteamLibrary\steamapps\common\Logistics Company\logisim.exe
FirewallRules: [{0FAB828E-4B69-4960-AB60-B6E47BD20F3C}] => D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [{15350DE1-C269-45CC-9C37-ED444708E09B}] => D:\Spiele\SteamLibrary\steamapps\common\DIG IT! - A Digger Simulator\DigIt.exe
FirewallRules: [UDP Query User{3DDC05D5-A11D-4FFF-9EBE-07A822FE9984}D:\spiele\mxgp2\mxgp_2.exe] => D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [TCP Query User{4FC326C9-DD65-4C55-B7CF-F00DC2A25734}D:\spiele\mxgp2\mxgp_2.exe] => D:\spiele\mxgp2\mxgp_2.exe
FirewallRules: [UDP Query User{5455F566-360E-4D82-AF47-7E01DC44F3E8}D:\spiele\mxgp2\mxgp_2x64.exe] => D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [TCP Query User{6C958C17-0A38-493E-99CC-B87F1FDB242D}D:\spiele\mxgp2\mxgp_2x64.exe] => D:\spiele\mxgp2\mxgp_2x64.exe
FirewallRules: [UDP Query User{663B8EBA-8FDD-4379-A5DB-5EAE3D1D4F06}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [TCP Query User{31F01DEC-1B23-430D-93A4-34E1165168BA}D:\spiele\anno 1404 gold edition\tools\anno4web.exe] => D:\spiele\anno 1404 gold edition\tools\anno4web.exe
FirewallRules: [UDP Query User{39235AEA-0DD2-4CDA-B963-38FB32CEC0B1}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [TCP Query User{BAD49B2D-5B7E-4239-97FF-CCCC34FCE690}D:\spiele\ubisoft\far cry 4\bin\farcry4.exe] => D:\spiele\ubisoft\far cry 4\bin\farcry4.exe
FirewallRules: [{CBF73693-887B-4786-989A-E6B514955243}] => D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{B1D7EA1F-B066-4CA0-8D50-E89501B0C6F0}] => D:\Spiele\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{0B571320-7652-4382-A54C-630B0BBABE66}] => C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{785C73F8-5AFE-469E-9E2D-2F1B814DE3C8}] => C:\Program Files\Andy\HandyAndy.exe
FirewallRules: [{D0FB81DC-360F-4A36-8512-FD557837FBD0}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{C765AC84-C3C6-4381-B834-7A4D9C1A7519}] => C:\Program Files\Andy\SetupFiles\Uninstall.exe
FirewallRules: [{65209785-178C-4995-A308-6B16828E82FC}] => C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{BD969C95-3B4F-47ED-9D72-B0B16C1B9221}] => C:\Program Files\Andy\AndyConsole.exe
FirewallRules: [{97934D29-83EA-4C92-A58B-9C1490FA8661}] => C:\Program Files\Andy\andy.exe
FirewallRules: [{94ED7558-F682-4093-9313-F8ACBF078BE0}] => C:\Program Files\Andy\andy.exe
FirewallRules: [{1BE673C4-9EBC-4746-8864-4EF8DE737B8F}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{9F3E3F30-F41B-4865-BE41-83FE9833B3F6}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{EEF9EBA0-1956-40F6-B77F-614DD4EA5722}] => C:\Users\Alex\AppData\Local\Temp\Andy_46.2_x64\Setup.exe
FirewallRules: [UDP Query User{B181587D-6A97-4BAD-A8D4-A6AF6CBCC296}D:\spiele\sebastien loeb rally evo\slrx64.exe] => D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [TCP Query User{267A32AA-CDCA-4691-A944-9E604C81E46D}D:\spiele\sebastien loeb rally evo\slrx64.exe] => D:\spiele\sebastien loeb rally evo\slrx64.exe
FirewallRules: [{10DFF208-43B4-487F-B87C-EC2EDD159280}] => D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{9A3D99F3-D921-426B-B7DF-7324B11E5EAF}] => D:\Spiele\THQ\Frontlines-Fuel of War\Binaries\FFOW.exe
FirewallRules: [{2B35FD59-01B0-44F0-85EF-E4ED1F88E13B}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{676D9C46-E14F-4026-ADDE-B2C63446D955}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B8F73D0-7764-46F2-8DA0-FDE0DE8DFE90}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{D2EE8800-F670-445E-8AED-196AEE247BB1}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{F73A41F2-F6B4-4D42-94B0-24FB215C452E}] => C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BEE464F7-4F1A-4DC3-A9DF-C6496F7DC8EA}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{6E0C7D29-7456-4E18-8D41-C374DB54F8EF}] => C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3DC96D98-714F-4456-ABFD-E54CF194D6CE}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8A82E90F-A1DD-4E49-867E-0D95254879E1}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{DE4A103C-31F4-40A1-8F16-31CB15E8865C}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F520FDF6-D5AF-49EE-9672-80D2D78A1ECE}] => C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8C15BD84-ED5D-442F-B454-6093E1A34678}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4D80A436-398C-4BA4-9626-484B2BD6890B}] => C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3DE2D36C-CCC9-4E7F-A312-82C6FF4BAE64}] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{ABC853EF-AA7D-4B6B-9898-2DE7F7131D17}] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B77A2EB4-C11B-43C6-BFA5-0DF9C825F01D}D:\spiele\world_of_tanks\wotlauncher.exe] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{63B3C213-6114-4963-A3D3-EB3CD2016612}D:\spiele\world_of_tanks\wotlauncher.exe] => D:\spiele\world_of_tanks\wotlauncher.exe
FirewallRules: [{0B7B8C30-490B-4165-91C9-0BA2ECF08FE9}] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{7B9803AD-565F-484F-A3AC-7608B4E027C0}] => C:\Users\Alex\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E6B46A64-C7FB-4B76-BDA2-7F8CE5C19BE2}] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{253899B7-30F0-40FA-820D-42FC5EE64BDD}] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{948DAF27-C71D-4CC4-BE10-89DB3D4046BC}D:\spiele\world_of_tanks\worldoftanks.exe] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{351CF24C-5C76-480D-8504-68E0AD1843D7}D:\spiele\world_of_tanks\worldoftanks.exe] => D:\spiele\world_of_tanks\worldoftanks.exe
FirewallRules: [{64626A8F-D518-4A3E-B800-B6E6E12D8A6C}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{055257B4-7DB5-421A-B9CE-FC9A2768CEC8}] => C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{F028F5E8-B9B2-4FFD-8967-454EF0D5C8AD}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [UDP Query User{86285CEE-479B-46FD-B323-93D13AFF6BB7}C:\users\alex\appdata\local\mycomgames\mycomgames.exe] => C:\users\alex\appdata\local\mycomgames\mycomgames.exe
FirewallRules: [TCP Query User{9941EBEE-8E38-4E5A-B75F-BF3E22A5007B}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [UDP Query User{A37D346B-E470-486D-886A-AB7A70CEA756}D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe] => D:\spiele\armored warfare mycom beta\bin64\armoredwarfare.exe
FirewallRules: [TCP Query User{98862868-268B-46F0-A7A1-F419B1F37ED4}E:\easysetupassistant\easysetupassistant.exe] => E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{68A87591-6E15-49C9-B6D5-00E0404EE469}E:\easysetupassistant\easysetupassistant.exe] => E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{2453E5A1-8AEF-432D-9F29-4435D9123DAF}E:\easysetupassistant\tssh2.exe] => E:\easysetupassistant\tssh2.exe
FirewallRules: [UDP Query User{59F51F14-EE3A-45A9-9C87-9485BF612573}E:\easysetupassistant\tssh2.exe] => E:\easysetupassistant\tssh2.exe
FirewallRules: [TCP Query User{D7B962F1-105F-488E-9678-984032B74CFF}C:\program files\teamspeak 3 client\ts3client_win64.exe] => C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [UDP Query User{203E9AAD-FAA1-49B9-9BE9-F2C2271A368F}C:\program files\teamspeak 3 client\ts3client_win64.exe] => C:\program files\teamspeak 3 client\ts3client_win64.exe
FirewallRules: [TCP Query User{185431DA-2C79-4C60-AF6B-330AB0971EA2}G:\program files\skype\phone\skype.exe] => G:\program files\skype\phone\skype.exe
FirewallRules: [UDP Query User{B8EC54F5-26ED-48D9-8E73-FD26BA352BB4}G:\program files\skype\phone\skype.exe] => G:\program files\skype\phone\skype.exe
FirewallRules: [{02F25726-4663-4FE3-8A63-0C5D38B8BCC0}] => C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{1340BD49-D827-4B27-9631-8616DF311932}] => C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{9099444A-0C85-4585-8C6C-068D8CEC6F07}] => LPort=8743
FirewallRules: [{760585B8-010B-4357-B72E-865A7CD163FD}] => LPort=8643
FirewallRules: [{082067E4-A3C0-49FD-8B6B-0266FA74961D}] => LPort=7676
FirewallRules: [{F7EA7908-0B68-4FEE-BF89-0354FCA6ED3E}] => LPort=7679
FirewallRules: [{2FC93D60-6F84-4EA9-83AE-2B4E280A5976}] => LPort=24234
FirewallRules: [{F8F96B95-64A1-4654-85CC-8FC821A8783B}] => LPort=7900
FirewallRules: [{0FCC6412-FEE7-425E-A0AC-C7030A5F41AA}] => LPort=1900
FirewallRules: [TCP Query User{A067EE80-1DE1-4ACA-BE5B-0F03EF354D40}D:\spiele\city car driving\bin\win32\starter.exe] => D:\spiele\city car driving\bin\win32\starter.exe
FirewallRules: [UDP Query User{D9AFB99B-D386-4F38-AB05-1678C50C856F}D:\spiele\city car driving\bin\win32\starter.exe] => D:\spiele\city car driving\bin\win32\starter.exe
FirewallRules: [{14DA512B-EBC2-4EFC-ADA9-6BEA1993A9DC}] => D:\Spiele\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [{B137B575-8816-4E12-8EC8-23B31C4BFF1B}] => D:\Spiele\SteamLibrary\steamapps\common\DiRT 3 Complete Edition\dirt3_game.exe
FirewallRules: [TCP Query User{B60D2305-8D3C-483B-8418-B7A62AAF93A1}D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe] => D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe
FirewallRules: [UDP Query User{CC770425-9AEE-4008-9777-FBF1C49450F4}D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe] => D:\spiele\steamlibrary\steamapps\common\newz\thenewz.exe
FirewallRules: [{C2CEDF8B-D925-4FCC-B83F-5377334E449D}] => D:\Spiele\SteamLibrary\steamapps\common\Winning Putt\Launcher.exe
FirewallRules: [{38100979-56A6-432E-8049-CD88463721C4}] => D:\Spiele\SteamLibrary\steamapps\common\Winning Putt\Launcher.exe
FirewallRules: [{FE5F3110-E940-42ED-BD70-5A1E7B9BF34D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{314856E7-D351-4F20-BC93-7DCFC7A8D4A3}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{792B0CEA-B154-4EB9-84FF-0FE695248F89}] => C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{8EF4AC03-53E8-4F53-A029-044C0176C478}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{B350CF79-C21B-4C1F-8288-A57ED3259827}] => C:\Windows\System32\rundll32.exe
FirewallRules: [{0D799DDA-6510-4869-924F-F8B9019798D4}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D775F67E-DE17-4CA3-8C9B-F0012C362779}] => D:\Spiele\OMC ModPack Client\OMC ModPack Client.exe
FirewallRules: [TCP Query User{0CE8B30F-FCC5-4AD1-9EA3-F15C3C0F11E3}D:\spiele\far cry primal\bin\fcprimal.exe] => D:\spiele\far cry primal\bin\fcprimal.exe
FirewallRules: [UDP Query User{584912AB-33A8-4FD4-ABDA-1688D7CDE38B}D:\spiele\far cry primal\bin\fcprimal.exe] => D:\spiele\far cry primal\bin\fcprimal.exe
FirewallRules: [{BFD0CB53-AB77-4D16-816B-A018F3ED4324}] => D:\Spiele\Sierra\FEAR\FEAR.exe
FirewallRules: [{19373CBB-7A7B-4AA0-94F7-4E163FE07A84}] => D:\Spiele\Sierra\FEAR\FEAR.exe
FirewallRules: [{BE575155-A26A-420D-90AE-CA8003F3E08F}] => D:\Spiele\Sierra\FEAR\FEARMP.exe
FirewallRules: [{BD7D60FB-71BA-4EE7-BDCB-56A4FB5AF8BA}] => D:\Spiele\Sierra\FEAR\FEARMP.exe
FirewallRules: [{BC4CDA70-E3AF-4A35-AD09-51066719C667}] => D:\Spiele\Sierra\FEAR\FEARXP\FEARXP.exe
FirewallRules: [{395D5411-9713-4261-8A70-1FB57ED8E8FF}] => D:\Spiele\Sierra\FEAR\FEARXP\FEARXP.exe
==================== Wiederherstellungspunkte =========================
16-01-2017 15:08:48 Geplanter Prüfpunkt
17-01-2017 11:34:12 Revo Uninstaller's restore point - Avira Browser Safety
17-01-2017 11:37:43 Revo Uninstaller's restore point - Avira Connect
17-01-2017 11:40:28 Revo Uninstaller's restore point - DPower version 1.0
17-01-2017 11:41:19 Revo Uninstaller's restore point - OtherSearch
17-01-2017 11:42:00 Revo Uninstaller's restore point - Search module
17-01-2017 11:42:43 Revo Uninstaller's restore point - trotux - Uninstall
18-01-2017 13:40:45 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/18/2017 01:41:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/18/2017 12:30:50 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (01/18/2017 12:30:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 08:23:36 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PEACHY)
Description: Bei der Aktivierung der App „Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (01/17/2017 11:42:43 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:42:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:41:19 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:40:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/17/2017 11:40:04 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Aufrufen von Routine "QueryFullProcessImageNameW" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070006, Das Handle ist ungültig.
.
Vorgang:
Asynchroner Vorgang wird ausgeführt
Kontext:
Aktueller Status: DoSnapshotSet
Error: (01/17/2017 11:39:42 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (01/18/2017 02:44:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/18/2017 02:44:51 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "MozillaThunderbirdCDBurnerXP" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (01/18/2017 02:44:42 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.
Error: (01/18/2017 02:44:42 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Dieser Computer ist als Mitglied einer Arbeitsgruppe konfiguriert, nicht als
Mitglied einer Domäne. Der Anmeldedienst braucht bei dieser
Konfiguration nicht gestartet zu sein.
Error: (01/18/2017 02:42:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SteamVideoLAN" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/18/2017 02:42:00 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Overwolfepson" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/18/2017 02:38:46 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Der Dienst "Chuzalywesige" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (01/18/2017 02:08:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (01/18/2017 02:07:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Grimaght" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
Error: (01/18/2017 02:07:51 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Chesutckazucult" wurde mit folgendem Fehler beendet:
Das angegebene Modul wurde nicht gefunden.
CodeIntegrity:
===================================
Date: 2016-12-17 17:39:30.950
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume1\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2016-12-17 17:20:21.947
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.945
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.942
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.936
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 17:20:21.915
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.796
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.794
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.792
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-12-17 16:41:13.786
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Phenom(tm) II X4 945 Processor
Prozentuale Nutzung des RAM: 24%
Installierter physikalischer RAM: 8190.11 MB
Verfügbarer physikalischer RAM: 6217.93 MB
Summe virtueller Speicher: 16894.11 MB
Verfügbarer virtueller Speicher: 14932.78 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:146.04 GB) (Free:34.12 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:319.27 GB) (Free:62.17 GB) NTFS
Drive e: (FEARGOLD) (CDROM) (Total:6.35 GB) (Free:0 GB) UDF
Drive f: (HITACHI) (Fixed) (Total:931.28 GB) (Free:61.3 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A8DAA8DA)
Partition 1: (Active) - (Size=146 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=450 MB) - (Type=27)
Partition 3: (Not Active) - (Size=319.3 GB) - (Type=OF Extended)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0DEE6153)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
18.01.2017, 17:14
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2017, 17:42
| #26 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten Erledigt. Neues FRST? |
|
18.01.2017, 18:07
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
ShellExecuteHooks: Kein Name - {881BAA28-DB96-11E6-9F63-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Nogation\Gigily.dll [149504 2017-01-18] ()
R2 Chuzalywesige; C:\Program Files (x86)\Perdowardkesit\vofuchEng.dll [138752 2017-01-18] () [Datei ist nicht signiert]
R2 zigipyro; C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B\qnsgEEA4.tmp [158720 2015-12-26] () [Datei ist nicht signiert]
C:\Program Files (x86)\Perdowardkesit
C:\WINDOWS\System32\Tasks\Droqagegrowosy Reports
C:\Users\Alex\AppData\Roaming\Nogation
C:\Users\Alex\AppData\Local\Herpither
C:\Program Files (x86)\Droqagegrowosy Reports
C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B
C:\WINDOWS\System32\Tasks\Docertain Core
C:\Program Files (x86)\Docertain Core
C:\Users\Alex\AppData\Roaming\Clehersy
C:\Users\Alex\AppData\Local\Terqakfatacult
C:\WINDOWS\system32\BITF6B1.tmp
C:\WINDOWS\system32\BIT93F.tmp
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
18.01.2017, 18:41
| #28 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-01-2017
durchgeführt von Alex (18-01-2017 18:37:00) Run:2
Gestartet von C:\Users\Alex\Desktop
Geladene Profile: Alex (Verfügbare Profile: Alex & Administrator & DefaultAppPool)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CHR Profile: C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 [2017-01-18] <==== ACHTUNG
ShellExecuteHooks: Kein Name - {881BAA28-DB96-11E6-9F63-64006A5CFC23} - C:\Users\Alex\AppData\Roaming\Nogation\Gigily.dll [149504 2017-01-18] ()
R2 Chuzalywesige; C:\Program Files (x86)\Perdowardkesit\vofuchEng.dll [138752 2017-01-18] () [Datei ist nicht signiert]
R2 zigipyro; C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B\qnsgEEA4.tmp [158720 2015-12-26] () [Datei ist nicht signiert]
C:\Program Files (x86)\Perdowardkesit
C:\WINDOWS\System32\Tasks\Droqagegrowosy Reports
C:\Users\Alex\AppData\Roaming\Nogation
C:\Users\Alex\AppData\Local\Herpither
C:\Program Files (x86)\Droqagegrowosy Reports
C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B
C:\WINDOWS\System32\Tasks\Docertain Core
C:\Program Files (x86)\Docertain Core
C:\Users\Alex\AppData\Roaming\Clehersy
C:\Users\Alex\AppData\Local\Terqakfatacult
C:\WINDOWS\system32\BITF6B1.tmp
C:\WINDOWS\system32\BIT93F.tmp
emptytemp:
*****************
C:\Users\Alex\AppData\Local\Google\Chrome\User Data\ChromeDefaultData2 => erfolgreich verschoben
HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{881BAA28-DB96-11E6-9F63-64006A5CFC23} => Wert erfolgreich entfernt
HKCR\CLSID\{881BAA28-DB96-11E6-9F63-64006A5CFC23} => Schlüssel nicht gefunden.
HKLM\System\CurrentControlSet\Services\Chuzalywesige => Schlüssel erfolgreich entfernt
Chuzalywesige => Dienst erfolgreich entfernt
zigipyro => Dienst nicht gefunden.
"C:\Program Files (x86)\Perdowardkesit" => nicht gefunden.
C:\WINDOWS\System32\Tasks\Droqagegrowosy Reports => erfolgreich verschoben
C:\Users\Alex\AppData\Roaming\Nogation => erfolgreich verschoben
C:\Users\Alex\AppData\Local\Herpither => erfolgreich verschoben
C:\Program Files (x86)\Droqagegrowosy Reports => erfolgreich verschoben
"C:\Users\Alex\AppData\Local\5E46A0A0-1484750276-11BD-8E18-50465D90560B" => nicht gefunden.
C:\WINDOWS\System32\Tasks\Docertain Core => erfolgreich verschoben
C:\Program Files (x86)\Docertain Core => erfolgreich verschoben
C:\Users\Alex\AppData\Roaming\Clehersy => erfolgreich verschoben
C:\Users\Alex\AppData\Local\Terqakfatacult => erfolgreich verschoben
C:\WINDOWS\system32\BITF6B1.tmp => erfolgreich verschoben
C:\WINDOWS\system32\BIT93F.tmp => erfolgreich verschoben
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16472644 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 574789 B
Edge => 0 B
Chrome => 0 B
Firefox => 376326588 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1634 B
NetworkService => 0 B
Alex => 2587838 B
Administrator => 0 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 377.6 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:37:11 ====
|
|
18.01.2017, 20:01
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
19.01.2017, 13:23
| #30 |
| | Chrome Suchmaschiene ändert sich ständig und immer wieder neue WerbeseitenCode:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 19.01.17
Scan-Zeit: 07:48
Protokolldatei: mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.0
Komponentenversion: 1.0.39
Version des Aktualisierungspakets: 1.0.1053
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: PEACHY\Alex
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 518549
Abgelaufene Zeit: 6 Min., 35 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 9
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Docertain Core, In Quarantäne, [15], [309201],1.0.1053
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Droqagegrowosy Reports, In Quarantäne, [1624], [362382],1.0.1053
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6F5ECFB4-DEE8-436D-A0E7-ACFC1498453F}, In Quarantäne, [1624], [362377],1.0.1053
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{852E5EAC-BD28-47F6-922D-6CC306F6A428}, In Quarantäne, [15], [309198],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\mpc.am, In Quarantäne, [259], [352340],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\mpc.am, In Quarantäne, [259], [352334],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\EDPDOMSTORAGE\search.mpc.am, In Quarantäne, [259], [352330],1.0.1053
PUP.Optional.MorePowerfulCleaner, HKU\S-1-5-21-2927967124-101175508-2003510897-1000_Classes\LOCAL SETTINGS\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APPCONTAINER\STORAGE\MICROSOFT.MICROSOFTEDGE_8WEKYB3D8BBWE\CHILDREN\001\INTERNET EXPLORER\DOMSTORAGE\search.mpc.am, In Quarantäne, [259], [352337],1.0.1053
PUP.Optional.Youndoo, HKLM\SOFTWARE\WOW6432NODE\youndooSoftware, In Quarantäne, [767], [182849],1.0.1053
Registrierungswert: 2
Adware.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{6F5ECFB4-DEE8-436D-A0E7-ACFC1498453F}|PATH, In Quarantäne, [1624], [362377],1.0.1053
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{852E5EAC-BD28-47F6-922D-6CC306F6A428}|PATH, In Quarantäne, [15], [309198],1.0.1053
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 20
PUP.Optional.Booking, C:\USERS\ALEX\APPDATA\ROAMING\BOOKING.ICO, In Quarantäne, [504], [362374],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\SEARCHPLUGINS\3XW1IENB.XML, In Quarantäne, [420], [324483],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\SEARCHPLUGINS\3XW1IENB.XML, In Quarantäne, [420], [324483],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\IMAKGEMEY.DEFAULT\PREFS.JS, Ersetzt, [420], [324486],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\PREFS.JS, Ersetzt, [767], [324487],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\PROFILES\PLOQSHCHOMERY.DEFAULT\SEARCHPLUGINS\0SOQNY4N.XML, In Quarantäne, [767], [324489],1.0.1053
PUP.Optional.Trotux, C:\USERS\ALEX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4PLK0L5.ALEX\SEARCHPLUGINS\3XW1IENB.XML, In Quarantäne, [420], [302745],1.0.1053
PUP.Optional.Youndoo, C:\USERS\ALEX\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\N4PLK0L5.ALEX\SEARCHPLUGINS\0SOQNY4N.XML, In Quarantäne, [767], [302734],1.0.1053
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Update Init
Update Download
Update Finalize
Updated modules version: 31798
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=init
# utc_time=2017-01-19 06:56:47
# local_time=2017-01-19 07:56:47 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32114
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# end=updated
# utc_time=2017-01-19 06:59:35
# local_time=2017-01-19 07:59:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=31da5e8bf9d6a143bf9ee9fc32188fc2
# engine=32114
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-01-19 12:09:34
# local_time=2017-01-19 01:09:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2865440 16158390 0 0
# scanned=769074
# found=84
# cleaned=0
# scan_time=18598
sh=F81CD3415D58C85D232289336647C48FBE3ED11C ft=1 fh=704de8d2e8b5ef1b vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\agnrpdxcdwyjdxrpnozlmjjynqiwogaa.back"
sh=203F3E4320A3A2DC2E35E3B93CA65597EABAD34B ft=1 fh=e61d5b67a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\hahdnlwzyekrilmouvbqebnbndmpjxtl.back"
sh=623843773350AA5F780C19EC6022776FF20E37E0 ft=1 fh=90df97ff6331c41b vn="Variante von Win64/Riskware.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\hgysyxwqwzjvspkltsdlqkztczkgmgcn.back"
sh=12495AD71AA29F53763B246A9CE15DB130E54607 ft=1 fh=187409252f5a37a8 vn="Variante von Win32/Adware.Agent.NPN Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\jmtoltzssgadwsvwvndmhsklljgckxhf.back"
sh=76F2808D639E0413E3B370D7650F48B6099B5AA0 ft=1 fh=e2d09406a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lxoifbzzzivmyqdhmimumlsgxbnetcne.back"
sh=BD4DA616EBBB6A0C66D5724A7C6D372FC61CD6FE ft=1 fh=a8660c98f963db16 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\qcdbzvsyyahalebzsrhmgbdblvtdrsdg.back"
sh=76F2808D639E0413E3B370D7650F48B6099B5AA0 ft=1 fh=e2d09406a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\sqryewphavokolkbsocdufkvcbnmouux.back"
sh=F81CD3415D58C85D232289336647C48FBE3ED11C ft=1 fh=704de8d2e8b5ef1b vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\xawrassaumhdjxkkudxgtdbjnujlmnox.back"
sh=623843773350AA5F780C19EC6022776FF20E37E0 ft=1 fh=90df97ff6331c41b vn="Variante von Win64/Riskware.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\xgifpecfdqkqswrpmzwspneocdpixufp.back"
sh=B306200E2B5410E93746ED061E66248D040B282D ft=1 fh=d892a395755f03cd vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\arxwnfflewvdfnyejihjgnaazaphutmq\48.0.0.0\updater.exe"
sh=05E3C729E0AC8D36C2F901D4249AAB6241E7E410 ft=1 fh=845e2544c78acd4b vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\bwfkojedplepsxqgnzxgmbvszuxbnzny\8A9JEO.exe"
sh=AA4FF01764572625460CDE395F55AC4DA9EB3572 ft=1 fh=0078c89b90908f6e vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\bwfkojedplepsxqgnzxgmbvszuxbnzny\uninstaller.exe"
sh=442473C0C1CC48A5F953E37FAFAC750D78124199 ft=1 fh=c71c0011f27b99f8 vn="Variante von Win32/AdWare.EoRezo.AU Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\bwfkojedplepsxqgnzxgmbvszuxbnzny\wincom_ZG5.exe"
sh=764A021A60890EC6E7156C8AE5D9EC34A909A40C ft=1 fh=c71c001131ef779a vn="Variante von Win32/Adware.ConvertAd.AEX Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbctwmmpdugeydlsavzouqdnkulgyfmc\qnsg808.tmp"
sh=FA0E376F07A07228969860985E41A0B3C771840B ft=1 fh=632a91d9111d7d05 vn="Win32/Adware.ConvertAd.AHL Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\dbctwmmpdugeydlsavzouqdnkulgyfmc\Uninstall.exe"
sh=764A021A60890EC6E7156C8AE5D9EC34A909A40C ft=1 fh=c71c001131ef779a vn="Variante von Win32/Adware.ConvertAd.AEX Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gnuuecxmzyykopppsjduzwygrhajokmt\qnsu77AA.tmp"
sh=FA0E376F07A07228969860985E41A0B3C771840B ft=1 fh=632a91d9111d7d05 vn="Win32/Adware.ConvertAd.AHL Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\gnuuecxmzyykopppsjduzwygrhajokmt\Uninstall.exe"
sh=7E2EC011D411FEBC748D6E44D69BCBDD22676444 ft=1 fh=084c18c00f213496 vn="Variante von Win32/Adware.ConvertAd.AJP Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\hbdklnfpfaigjrinoctrugfedwvixcil\uninstall.exe"
sh=F07425B4E8C696F63ADE40F50DF97FEE41233CAA ft=1 fh=b447739edc938c93 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smci32.dll"
sh=6C8E997A4ED64F008D6621A031A52210AD4B83F7 ft=1 fh=ceaa452d36f52c19 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smci64.dll"
sh=4A2488D43B8862E07213DA7DCE19CBEED0B1ACDA ft=1 fh=6252101c3804915c vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smu.exe"
sh=C143C79D25F42BDD643BDE398D347782A0087E13 ft=1 fh=ddc00dc2c6ed8528 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\SMUninstall.exe"
sh=D22619BFCCB8677437EFD9C5012E1C35DB2AB11A ft=1 fh=b496d95a0445267e vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\kkkzuejslprtvdfdatelguicpcclsdge\GNUpdate\smw.sys"
sh=30EFF31CEDBC710B73CDAED4F6BC155982DAFC18 ft=1 fh=5a3913fd785a67d5 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smci32.dll"
sh=12011126EB03DD85DD0A9D61C88B3F4E7B1862F6 ft=1 fh=ceaa452d36dd42c1 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smci64.dll"
sh=9EBF991CF744909AC9617A38FBCBEC5F1F443547 ft=1 fh=6252101caa064134 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smu.exe"
sh=36E6F05126DA02681AE87F22B9197A52B8BFD700 ft=1 fh=b0b547251788e6a0 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\SMUninstall.exe"
sh=B8EB5D2F520395ABB2CC687C9D2AE8CC05E5EECB ft=1 fh=c2c7e9809c253321 vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\leglijxeoosxokbyxrspfnozqcwfejfj\GNUpdate\smw.sys"
sh=28C9AF78EE3847F775A4B8ECBD4B5FB7D911EEAA ft=1 fh=c71c001126cfa278 vn="Variante von Win32/Adware.Zdengo.E Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\updengine.exe"
sh=76F2808D639E0413E3B370D7650F48B6099B5AA0 ft=1 fh=e2d09406a3f81d84 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdengine.dll"
sh=98FFBB14C341CBBA43A6F9D47DB1D1B14895F969 ft=1 fh=81a9d127dd125eae vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdengine.exe"
sh=F81CD3415D58C85D232289336647C48FBE3ED11C ft=1 fh=704de8d2e8b5ef1b vn="Variante von Win64/Packed.Komodia.F verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdengine64.dll"
sh=F93A1DB013EA4BDC30E2A1920110DCDA7F3AA6C6 ft=1 fh=17a95bb268fa49a7 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdenginecert.dll"
sh=6C8FE05DBA0BBACD889B6EDB64D2E52DEAAD509A ft=1 fh=3b3c8e409f01d806 vn="Variante von Win32/RiskWare.Komodia.P Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdinstaller.exe"
sh=4B85671A0A372A935D4522CF9EE0E9AC2D8252DB ft=1 fh=226701b1eed5138e vn="Variante von Win32/RiskWare.Komodia.S Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdwfp.sys"
sh=623843773350AA5F780C19EC6022776FF20E37E0 ft=1 fh=90df97ff6331c41b vn="Variante von Win64/Riskware.Komodia.G Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\zdwfp64.sys"
sh=DC2A7FCA16E32BDB09B372377A1B242A6D2597D1 ft=1 fh=194c872ee1218536 vn="Variante von Win32/Packed.Komodia.E verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\ziengine.exe"
sh=2FED57C16BD2B44AEA8FE9167EF47DFBD77E8275 ft=1 fh=fa73adf04a43fdc0 vn="Variante von Win64/Packed.Komodia.D verdächtige Datei" ac=I fn="C:\AdwCleaner\quarantine\files\lorjadqimlndhuicpfauqgwucptndeqa\ziengine64.exe"
sh=F07425B4E8C696F63ADE40F50DF97FEE41233CAA ft=1 fh=b447739edc938c93 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smci32.dll"
sh=6C8E997A4ED64F008D6621A031A52210AD4B83F7 ft=1 fh=ceaa452d36f52c19 vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smci64.dll"
sh=4A2488D43B8862E07213DA7DCE19CBEED0B1ACDA ft=1 fh=6252101c3804915c vn="Variante von Win64/SBWatchman.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smu.exe"
sh=C143C79D25F42BDD643BDE398D347782A0087E13 ft=1 fh=ddc00dc2c6ed8528 vn="Variante von Win32/SBWatchman.K eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\SMUninstall.exe"
sh=D22619BFCCB8677437EFD9C5012E1C35DB2AB11A ft=1 fh=b496d95a0445267e vn="Variante von Win64/SpeedBit.D eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\pggoqxlbwagvibpcsmckibkbkwxxqimj\GNUpdate\smw.sys"
sh=B7B026B1CE9C4AB6193FA9FE429BC52BFE6735CE ft=1 fh=16556512ee29f987 vn="Variante von Win32/Adware.Eszjuxuan.E Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\sfvngwhypqdkqzgjkbemsiwxrikxsuvv\svchost.exe"
sh=B306200E2B5410E93746ED061E66248D040B282D ft=1 fh=d892a395755f03cd vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\szovylwnvidvcueaqkuldcgmzmjjkmwz\48.0.0.0\updater.exe"
sh=8C861BA6F67B5455E787744720E69BCBB26CE772 ft=1 fh=5a66b0f4caa7c850 vn="Variante von Win32/Speedchecker.B eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uultmmefxfqlegjtqwrkeeyvjgugavdv\PCSUSD.exe"
sh=CDD586DF54134E12C80C4D432F3DDBDFABD5E58F ft=1 fh=0e6624e2656c8b93 vn="Variante von Win32/Speedchecker.C eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uultmmefxfqlegjtqwrkeeyvjgugavdv\PCSUService.exe"
sh=9B1F08431B8B0B259516C077B3360B8ED9DFDA0D ft=1 fh=95fadfb541ab9fba vn="Variante von Win32/Speedchecker.E eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\uultmmefxfqlegjtqwrkeeyvjgugavdv\PCSUUCC.exe"
sh=80EB2F11A785212E07B021B69F349C45EF21A102 ft=1 fh=da540ca5ec3671e7 vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\vuheohaaqouhpvsvgtlkklhycylfrfqv\0879OZ.exe"
sh=C9AB37D07D289B7E2667D43CD081F93489D54CBE ft=1 fh=ce231fb71a269152 vn="Variante von MSIL/Adware.CsdiMonetize.E Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\vuheohaaqouhpvsvgtlkklhycylfrfqv\B81YMQDXYL.exe"
sh=C3D898183C6441FC2D95F70D4B9FCE4145F6FBAD ft=1 fh=00916eb39bedfbba vn="Variante von MSIL/Injector.QTZ Trojaner" ac=I fn="C:\AdwCleaner\quarantine\files\vuheohaaqouhpvsvgtlkklhycylfrfqv\uninstaller.exe"
sh=9D6F57B84399B5BBBDBF7E82E28F786644D50BF2 ft=1 fh=241dfd9748361e05 vn="Variante von Win32/SpeedBit.AS eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\waiunnhtdjnazkecekmtiqyygxviixoo\GNUpdate\smci32.dll"
sh=754AE20F48D2621ECA30FF494813463E589D7ED0 ft=0 fh=0000000000000000 vn="Variante von Win32/Speedchecker.A eventuell unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\xxtgmzenklhximnzkdhpijaqdxyduyrt\application.xap"
sh=764A021A60890EC6E7156C8AE5D9EC34A909A40C ft=1 fh=c71c001131ef779a vn="Variante von Win32/Adware.ConvertAd.AEX Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\yhigjdthrhplyazpbostucnguumvbpif\qnsxE425.tmp"
sh=FA0E376F07A07228969860985E41A0B3C771840B ft=1 fh=632a91d9111d7d05 vn="Win32/Adware.ConvertAd.AHL Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\yhigjdthrhplyazpbostucnguumvbpif\Uninstall.exe"
sh=C9AB37D07D289B7E2667D43CD081F93489D54CBE ft=1 fh=ce231fb71a269152 vn="Variante von MSIL/Adware.CsdiMonetize.E Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\27HBITBKNS\DPJKEVKUO.exe"
sh=C9AB37D07D289B7E2667D43CD081F93489D54CBE ft=1 fh=ce231fb71a269152 vn="Variante von MSIL/Adware.CsdiMonetize.E Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files\V26YJC5Z3M\FU0ZRF7KW.exe"
sh=C8AC87A166CCC117D416FF561D894E27B489BDFA ft=1 fh=936a7a2cd7fbd029 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\ASPackage.exe"
sh=B90CA46D41C734DDFF2F91B9A1533C743A73A640 ft=1 fh=4aab14b3f1f9d23b vn="Variante von Win32/Adware.ConvertAd.AJI Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\kns7B86.tmp"
sh=57FAC918811D94BC22A9E92DF4E08B9FFE999490 ft=1 fh=1d84a27474ee6cd7 vn="Variante von Win32/Adware.ConvertAd.AJW Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\pro827B.tmp"
sh=41476EDCD80C118767310827E004219378B513C7 ft=1 fh=9ac28d7bf91eb5b1 vn="Win32/Adware.Agent.NRR Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\ca3b285b-1954-4228-8ec2-a63a6c291eb81484600982\Uninstall.exe"
sh=8624204EC66C789071D322FADE3C2AE50A351943 ft=1 fh=5508d4898880be9a vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Toheshphfeied\ankVrf.dll"
sh=E3DED65A7361CE35C87F6047A56936058BA6E809 ft=1 fh=7f068463138f6510 vn="Variante von Win32/Adware.ELEX.CX Anwendung" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Toheshphfeied\CrashReport.dll"
sh=E3602BF71E537C74E21373B5341A6112161000ED ft=1 fh=af4d8a987d155a57 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\BIT93F.tmp.xBAD"
sh=E3602BF71E537C74E21373B5341A6112161000ED ft=1 fh=af4d8a987d155a57 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\FRST\Quarantine\C\Windows\System32\BITF6B1.tmp.xBAD"
sh=0750A5F94ED01472BF93E967AA3741A6A211D1BB ft=1 fh=ee192f248eaf3af7 vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\Program Files (x86)\CDBurnerXP\MozillaThunderbirdCDBurnerXP.dll"
sh=BE11679F2FF9521AF65A53467856CD6B1E8BBBF5 ft=1 fh=64a3ccb09a073845 vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\Program Files (x86)\epson\Overwolfepson.dll"
sh=BE11679F2FF9521AF65A53467856CD6B1E8BBBF5 ft=1 fh=64a3ccb09a073845 vn="Variante von Win32/Adware.SoSoEasy.B Anwendung" ac=I fn="C:\Program Files (x86)\VideoLAN\SteamVideoLAN.dll"
sh=C8AC87A166CCC117D416FF561D894E27B489BDFA ft=1 fh=936a7a2cd7fbd029 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\ASIns[1].exe"
sh=E5FC976B7C9D05517AFB830FB363D0655328E714 ft=1 fh=4c5b176335541c34 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\brastub6abb_trmbl_inst[1].exe"
sh=616FAD6D9761FC49B9ECB4B60AAB899F9EAC5A22 ft=1 fh=47ed0115368f79b9 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\brastub6ab_ftptn_inst[1].exe"
sh=7BF3DDDAB0180AF831534ED2EF434ADB899B55B9 ft=1 fh=9776102d408049fe vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\BrowserAirInst[1].exe"
sh=F63A852265F1191A29CEF1B1CC76FE4A88EB5EC4 ft=1 fh=c891b7f5960de1f0 vn="Variante von Win32/Adware.ConvertAd.AJW Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\dbwAhq[1].exe"
sh=9F650F399F426203134E0ED53BF37F438E8230BD ft=1 fh=2ea14636b02cec86 vn="Variante von MSIL/Adware.Imali.E Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\FinalInstaller_dotnet4[1].exe"
sh=736BBCE17AE2325B70E9CF256350D2B4626D1A79 ft=1 fh=a60b3d97b7a5fae6 vn="Variante von Win32/Adware.ELEX.EF Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\fss_zt[1].exe"
sh=C9674AF81DEFF97C2160158D5AACB136EEDE141E ft=1 fh=bc41d3b7005eef91 vn="Variante von MSIL/Adware.Imali.C Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\7D7EQ4OY\SilentInstaller_dotnet4[1].exe"
sh=7BF3DDDAB0180AF831534ED2EF434ADB899B55B9 ft=1 fh=9776102d408049fe vn="Variante von Win32/SpeedBit.AX eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\BrowserAir48Inst[2].exe"
sh=EA2CF0086C5DCA9746389E8F88B2ADB35AD51822 ft=1 fh=72257161793ef513 vn="Variante von Win32/Packed.NSISmod.AG verdächtige Datei" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\FixIt[1].exe"
sh=44642EF99565982D6AEBE7FA4D6C208BDC3DB08E ft=1 fh=e602273ad3e0e2d4 vn="Variante von Win32/Adware.ConvertAd.AJI Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\fueoP[1].exe"
sh=634A3A3ADFB0CFB08DDAE30CFAF8DCC9C4183682 ft=1 fh=cd0cb3fb12144371 vn="Variante von Win32/Adware.ConvertAd.AJQ.gen Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\CAIAJ8IO\yrPWp7n[1].exe"
sh=4FBC3896FFC3039E7E6D8C653392E911C5ACB338 ft=1 fh=39f78b08c8f9d663 vn="Variante von Win32/SpeedBit.BH eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\UAXTQDE5\brastub6abb_trmbl_inst[1].exe"
sh=BE6D399053D989FB88497429BFDFB75D4273233D ft=1 fh=ab84becea3f36a61 vn="Variante von Win32/Packed.NSISmod.AE verdächtige Datei" ac=I fn="C:\Users\Alex\AppData\Local\Microsoft\Windows\INetCache\IE\UAXTQDE5\WBE_crypted_bundle_11.12.1.240.release[1].exe"
sh=6928922663BA69593D1F6B86D03E2F2725BE8CC3 ft=1 fh=fe9a2522552b76c0 vn="Variante von Win32/Toolbar.Conduit.AU eventuell unerwünschte Anwendung" ac=I fn="F:\Downloads\11CT2776682_BrotherSoft_Extreme.exe"
sh=EDE0C0AB0A1D853FB47223B95B3C50B8758A9A55 ft=1 fh=6978c99c3b124e09 vn="Variante von Win32/KingSoft.D eventuell unerwünschte Anwendung" ac=I fn="F:\20.09\Downloads\writer_free.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Java 8 Update 111 Java version 32-bit out of Date! Adobe Flash Player 23.0.0.162 Mozilla Thunderbird (45.6.0) Google Chrome (55.0.2883.87) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
| Themen zu Chrome Suchmaschiene ändert sich ständig und immer wieder neue Werbeseiten |
| chrome, eingefangen, einstellungen, gefangen, gen, google, hilfe, immer wieder, liebe, maleware, neue, nicht, problem, sache, sachen, search, trotux, wahrscheinlich, werbeseite, werbeseiten, ändert |
dann auf 
und dann auf 
. 
Linear-Darstellung
