| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware Problem, lässt sich nicht beheben!Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.01.2017, 14:48
| #16 |
 |  Adware Problem, lässt sich nicht beheben! Hey Bitteschön! Hm.. Wenn Avast, Avira und Co schlecht sind, welche sind dann gut? Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.18538
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 8531451904, free: 5688578048
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
01/29/2017 14:12:41
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\tapipvanish.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2014.11.18.05
rootkit: v2014.11.12.01
Scan Interrupted
Scan Interrupted
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe0009d07b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0009d07bb20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0009d07b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0009c7b3140, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe0009c7b2060, DeviceName: \Device\0000002c\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Scan was aborted.
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.18538
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED
CPU speed: 3.093000 GHz
Memory total: 8531451904, free: 5620670464
Downloaded database version: v2017.01.29.03
Downloaded database version: v2016.11.20.01
Downloaded database version: v2017.01.23.01
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
01/29/2017 14:13:23
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\System32\drivers\cmimcext.sys
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\storahci.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\tapipvanish.sys
\SystemRoot\system32\DRIVERS\tap0901.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\System32\drivers\USBD.SYS
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_storahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\system32\drivers\usbaudio.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\SystemRoot\System32\drivers\condrv.sys
\??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\mslldp.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2017.01.29.03
rootkit: v2016.11.20.01
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe0009d07b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0009d07bb20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0009d07b060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0009c7b3140, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xffffe0009c7b2060, DeviceName: \Device\0000002c\, DriverName: \Driver\storahci\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 3027231792
GPT Header CurrentLba = 1 BackupLba 1953525167
GPT Header FirstUsableLba 34 LastUsableLba 1953525134
GPT Header Guid 2e51a617-f3cf-47b2-9cbb-4598a611242
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 3027231792
Backup GPT header CurrentLba = 1953525167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1953525134
Backup GPT header Guid 2e51a617-f3cf-47b2-9cbb-4598a611242
Backup GPT header Contains 128 partition entries starting at LBA 1953525135
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID fb9a64c5-68f2-4653-9df4-dc5ef0684b71
FirstLBA 2048 Last LBA 616447
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID 6137b3b7-738f-4e29-89a9-ce7ea0af7a1f
FirstLBA 616448 Last LBA 819199
Attributes 0
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID a24058cb-db82-4af5-b49b-7f1f46ae18d6
FirstLBA 819200 Last LBA 1081343
Attributes 0
Partition Name Microsoft reserved partition
Partition 3 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 5949c779-d336-4fbe-87e-9327176dae79
FirstLBA 1081344 Last LBA 1953523711
Attributes 0
Partition Name Basic data partition
Disk Size: 1000204886016 bytes
Sector size: 512 bytes
Done!
Physical Sector Size: 0
Drive: 1, DevicePointer: 0xffffe0009ef16420, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe0009ef15040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe0009ef16420, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\disk\
DevicePointer: 0xffffe0009eef0060, DeviceName: \Device\00000041\, DriverName: \Driver\USBSTOR\
------------ End ----------
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\COMPOSITEBUS.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBAUDIO.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\CIRCoInst.dll" is compressed (flags = 1)
File "C:\Windows\System32\iscsilog.dll" is compressed (flags = 1)
File "C:\Windows\System32\streamci.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtp.dll" is compressed (flags = 1)
File "C:\Windows\System32\WpdMtpUS.dll" is compressed (flags = 1)
File "C:\Windows\System32\SysFxUI.dll" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
Infected: HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES| --> [Hijack.AutoConfigURL.PrxySvrRST]
Infected: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl --> [Hijack.AutoConfigURL.PrxySvrRST]
Scan finished
Creating System Restore point...
Cleaning up...
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action reg.exe...
Success!
Executing an action cmd.exe...
Success!
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action reg.exe
Queuing an action cmd.exe
Queuing an action cmd.exe
Queuing an action cmd.exe
Queuing an action cmd.exe
Queuing an action cmd.exe
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================
|
|
29.01.2017, 15:08
| #17 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Adware Problem, lässt sich nicht beheben! ANleitung bitte richtig lesen und das richtlige Log von MBAR posten!
__________________
__________________ |
|
29.01.2017, 15:50
| #18 |
| | Adware Problem, lässt sich nicht beheben!Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2017.01.29.03
rootkit: v2016.11.20.01
Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18538
mohsin :: DRDRAVEN [administrator]
29.01.2017 14:13:29
mbar-log-2017-01-29 (14-13-29).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 299709
Time elapsed: 15 minute(s), 7 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES| (Hijack.AutoConfigURL.PrxySvrRST) -> Data: 0hxxp://no-stops.net/wpad.dat?29f4399d6c59d43e1bf88a7f68b37e0d21837950 -> Delete on reboot. [24834e33d2d66dc9173973f32ed246ba]
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl (Hijack.AutoConfigURL.PrxySvrRST) -> Data: hxxp://no-stops.net/wpad.dat?29f4399d6c59d43e1bf88a7f68b37e0d21837950 -> Delete on reboot. [3473fc856c3ce452b00564f344bc768a]
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
29.01.2017, 19:02
| #19 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! Weitere MBAR-Logs?
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
29.01.2017, 19:46
| #20 |
| | Adware Problem, lässt sich nicht beheben! Yo, vom zweiten Durchlauf.Aber 0 Befunde |
|
29.01.2017, 19:51
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ --> Adware Problem, lässt sich nicht beheben! |
|
29.01.2017, 19:51
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.01.2017, 17:08
| #23 |
| | Adware Problem, lässt sich nicht beheben!Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 Pro x64
Ran by mohsin (Administrator) on 31.01.2017 at 13:46:02,28
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 1
Successfully deleted: C:\Users\mohsin\AppData\Local\crashrpt (Folder)
Registry: 2
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.01.2017 at 13:47:49,97
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v6.043 - Bericht erstellt am 31/01/2017 um 13:45:03
# Aktualisiert am 27/01/2017 von Malwarebytes
# Datenbank : 2017-01-30.3 [Server]
# Betriebssystem : Windows 8.1 Pro (X64)
# Benutzername : mohsin - DRDRAVEN
# Gestartet von : C:\Users\mohsin\Downloads\adwcleaner_6.043.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
Keine schädlichen Dienste gefunden.
***** [ Ordner ] *****
Keine schädlichen Ordner gefunden.
***** [ Dateien ] *****
Keine schädlichen Dateien gefunden.
***** [ DLL ] *****
Keine infizierten DLLs gefunden.
***** [ WMI ] *****
Keine schädlichen Schlüssel gefunden.
***** [ Verknüpfungen ] *****
Keine infizierten Verknüpfungen gefunden.
***** [ Aufgabenplanung ] *****
Keine schädlichen Aufgaben gefunden.
***** [ Registrierungsdatenbank ] *****
Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.
***** [ Internetbrowser ] *****
Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [2108 Bytes] - [19/12/2016 14:52:54]
C:\AdwCleaner\AdwCleaner[S0].txt - [2168 Bytes] - [19/12/2016 14:49:50]
C:\AdwCleaner\AdwCleaner[S1].txt - [1489 Bytes] - [03/01/2017 14:01:56]
C:\AdwCleaner\AdwCleaner[S2].txt - [1562 Bytes] - [15/01/2017 14:11:17]
C:\AdwCleaner\AdwCleaner[S3].txt - [1483 Bytes] - [31/01/2017 13:45:03]
########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt - [1556 Bytes] ##########
|
|
31.01.2017, 23:38
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2017, 00:40
| #25 |
| | Adware Problem, lässt sich nicht beheben!Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von mohsin (Administrator) auf DRDRAVEN (01-02-2017 00:05:44)
Gestartet von C:\Users\mohsin\Downloads\FRST-OlderVersion
Geladene Profile: mohsin (Verfügbare Profile: mohsin)
Platform: Windows 8.1 Pro (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClient.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClientUx.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClientUxHelper.exe
() C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClientUxHelper.exe
() C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.161\deploy\League of Legends.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1806136 2015-09-06] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1925136 2016-07-15] ()
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2016-12-10] (AVAST Software)
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [957976 2016-04-26] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-12-10] (AVAST Software)
Startup: C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2016-12-03]
ShortcutTarget: Slack.lnk -> C:\Users\mohsin\AppData\Local\slack\Update.exe ()
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 141.28.230.16 141.28.230.8
Tcpip\..\Interfaces\{400C1F4D-EB29-47C1-BD10-38368EF6D76A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{636C4FFD-E430-4298-B185-C60A1FB06F84}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{768B14A1-6B35-4922-8118-2BFB02967E6C}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{E444B94A-4746-44B0-8703-AAA7883AF869}: [DhcpNameServer] 141.28.230.16 141.28.230.8
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001 -> {68BD3833-CD31-4D09-81DE-B29B526B80D8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2016-12-10] (AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2016-12-10] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=391707608
FireFox:
========
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-12-10]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-12-10]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://youtube.de/","hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (ProxFlow) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-01-24]
CHR Extension: (Google Präsentationen) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-07]
CHR Extension: (Google Docs) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-07]
CHR Extension: (Google Drive) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google-Suche) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Tabellen) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-07]
CHR Extension: (Google Docs Offline) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (ScriptSafe) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-01-27]
CHR Extension: (Click&Clean App) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-01-09]
CHR Extension: (Google Mail) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-27]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2016-12-10] (AVAST Software)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-26] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-26] (BlueStack Systems, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-21] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-26] (SolidWorks) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-12-10] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-12-10] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-12-10] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-12-10] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-12-10] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [969184 2016-12-10] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513632 2016-12-10] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-12-10] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [293352 2016-12-10] (AVAST Software)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154168 2016-04-26] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R3 tapipvanish; C:\Windows\system32\DRIVERS\tapipvanish.sys [34520 2016-09-22] (The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 19:10 - 2017-01-31 19:10 - 04032905 _____ C:\Users\mohsin\Downloads\EloSpikes.rar
2017-01-31 19:10 - 2017-01-31 19:10 - 00000000 ____D C:\Users\mohsin\Downloads\EloSpikes
2017-01-31 17:33 - 2017-01-31 17:33 - 00000000 ____D C:\Users\mohsin\Downloads\BoL+Studio
2017-01-31 17:32 - 2017-01-31 17:32 - 31802960 _____ C:\Users\mohsin\Downloads\BoL+Studio.rar
2017-01-31 17:21 - 2017-01-31 17:21 - 06178953 _____ C:\Users\mohsin\Downloads\Bot of Legends (1).rar
2017-01-31 17:20 - 2017-01-31 17:23 - 00000000 ____D C:\Users\mohsin\Downloads\Bot of Legends
2017-01-31 17:20 - 2017-01-31 17:20 - 06178953 _____ C:\Users\mohsin\Downloads\Bot of Legends.rar
2017-01-31 14:29 - 2017-01-31 14:29 - 00662212 _____ C:\Users\mohsin\Downloads\ÜbungsklausurEinführungindieWirtschaftsinformatik (2).pdf
2017-01-31 14:04 - 2017-01-31 14:04 - 00662212 _____ C:\Users\mohsin\Downloads\ÜbungsklausurEinführungindieWirtschaftsinformatik (1).pdf
2017-01-31 13:47 - 2017-01-31 13:47 - 00000896 _____ C:\Users\mohsin\Desktop\JRT.txt
2017-01-31 13:43 - 2017-01-31 13:43 - 04015056 _____ C:\Users\mohsin\Downloads\adwcleaner_6.043.exe
2017-01-31 13:41 - 2017-01-31 13:41 - 00662212 _____ C:\Users\mohsin\Downloads\ÜbungsklausurEinführungindieWirtschaftsinformatik.pdf
2017-01-31 13:40 - 2017-01-31 13:40 - 06220202 _____ C:\Users\mohsin\Downloads\Mathe-Treffer-PDFs.pdf
2017-01-31 13:40 - 2017-01-31 13:40 - 00583026 _____ C:\Users\mohsin\Downloads\Uebungsklausur.pdf
2017-01-31 13:37 - 2017-01-31 13:37 - 00000022 _____ C:\Windows\S.dirmngr
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_2 (1).pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Uebungstest_02 (4).pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Uebungstest_02 (3).pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Uebungstest_01 (5).pdf
2017-01-30 15:28 - 2017-01-30 15:28 - 00169517 _____ C:\Users\mohsin\Downloads\Renten.pdf
2017-01-30 14:50 - 2017-01-30 14:50 - 00421190 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_2.pdf
2017-01-30 14:47 - 2017-01-30 14:47 - 00480104 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_1 (1).pdf
2017-01-30 14:47 - 2017-01-30 14:47 - 00016380 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_1.pdf
2017-01-30 14:43 - 2017-01-30 14:43 - 00340576 _____ C:\Users\mohsin\Downloads\Zinsen.pdf
2017-01-29 14:12 - 2017-01-29 15:07 - 00000000 ____D C:\Users\mohsin\Desktop\mbar
2017-01-29 14:12 - 2017-01-29 15:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-29 14:12 - 2017-01-29 14:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-29 14:12 - 2017-01-29 14:49 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-29 14:12 - 2017-01-29 14:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\mohsin\Downloads\mbar-1.09.3.1001.exe
2017-01-29 14:12 - 2017-01-29 14:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-28 21:42 - 2017-01-28 21:42 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-01-28 21:42 - 2017-01-28 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-01-28 21:40 - 2017-01-28 21:40 - 31876824 _____ (Riot Games) C:\Users\mohsin\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-01-28 02:56 - 2017-01-28 02:57 - 2726419131 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E08 - Hearts Still Beating.mkv
2017-01-28 02:55 - 2017-01-28 02:56 - 2223923664 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E06 - Swear.mkv
2017-01-28 02:55 - 2017-01-28 02:56 - 2021339121 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E07 - Sing Me a Song.mkv
2017-01-28 02:54 - 2017-01-28 02:55 - 2011485912 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E04 - Service.mkv
2017-01-28 02:54 - 2017-01-28 02:55 - 1406380204 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E05 - Go Getters.mkv
2017-01-28 02:53 - 2017-01-28 02:53 - 06975096 _____ (Tim Kosse) C:\Users\mohsin\Downloads\FileZilla_3.24.0_win64-setup.exe
2017-01-27 18:12 - 2017-01-27 18:12 - 00000000 ____D C:\Users\mohsin\Downloads\HTML_Beispiele
2017-01-27 18:07 - 2017-01-27 21:24 - 00053196 _____ C:\Users\mohsin\Downloads\FRST.txt
2017-01-27 18:07 - 2017-01-27 21:24 - 00045971 _____ C:\Users\mohsin\Downloads\Addition.txt
2017-01-27 17:55 - 2017-01-27 17:55 - 01098313 _____ C:\Users\mohsin\Downloads\HTML_Gesamt (2).pdf
2017-01-27 17:20 - 2017-01-27 17:20 - 00694954 _____ C:\Users\mohsin\Downloads\HTML_Beispiele.zip
2017-01-27 17:18 - 2017-01-27 17:18 - 01098313 _____ C:\Users\mohsin\Downloads\HTML_Gesamt (1).pdf
2017-01-27 17:15 - 2017-01-27 17:15 - 01098313 _____ C:\Users\mohsin\Downloads\HTML_Gesamt.pdf
2017-01-27 17:14 - 2017-02-01 00:05 - 00000000 ____D C:\Users\mohsin\Downloads\FRST-OlderVersion
2017-01-27 17:14 - 2017-01-27 17:16 - 00054023 _____ C:\Users\mohsin\Desktop\FRST.txt
2017-01-27 17:04 - 2017-01-27 17:05 - 00000000 ____D C:\Users\mohsin\Desktop\wi klausur
2017-01-27 17:04 - 2017-01-27 17:04 - 00000000 ____D C:\Users\mohsin\Downloads\wi klausur
2017-01-26 03:32 - 2017-01-26 03:33 - 00527360 _____ C:\Users\mohsin\Downloads\Launcher.dll
2017-01-25 19:55 - 2017-01-25 19:55 - 00614242 _____ C:\Users\mohsin\Downloads\Klausuren-Lösungen (1).pdf
2017-01-25 19:54 - 2017-01-25 19:54 - 00614242 _____ C:\Users\mohsin\Downloads\Klausuren-Lösungen.pdf
2017-01-25 18:51 - 2017-01-25 18:51 - 00000000 ____D C:\Program Files\HitmanPro
2017-01-25 14:23 - 2017-01-25 14:23 - 00101864 _____ C:\Users\mohsin\Downloads\bsp_klausur_WS0708 (1).pdf
2017-01-25 14:21 - 2017-01-25 14:21 - 00158620 _____ C:\Users\mohsin\Downloads\PROG1_Ueb_9.pdf
2017-01-25 14:11 - 2017-01-27 17:16 - 00028618 _____ C:\Users\mohsin\Desktop\Addition.txt
2017-01-25 14:10 - 2017-02-01 00:05 - 00000000 ____D C:\FRST
2017-01-25 14:09 - 2017-01-27 17:14 - 02420736 _____ (Farbar) C:\Users\mohsin\Downloads\FRST64.exe
2017-01-25 03:32 - 2017-01-25 03:32 - 01065376 _____ (Google Inc.) C:\Users\mohsin\Downloads\ChromeSetup (2).exe
2017-01-25 03:31 - 2017-01-26 00:41 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-25 03:31 - 2017-01-26 00:41 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-25 03:31 - 2017-01-25 03:31 - 01065376 _____ (Google Inc.) C:\Users\mohsin\Downloads\ChromeSetup (1).exe
2017-01-25 03:30 - 2017-01-25 03:35 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-25 03:30 - 2017-01-25 03:35 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-25 03:28 - 2017-01-25 03:28 - 01065376 _____ (Google Inc.) C:\Users\mohsin\Downloads\ChromeSetup.exe
2017-01-23 23:12 - 2017-01-23 23:12 - 00011106 _____ C:\Users\mohsin\Downloads\CarAdmin.java
2017-01-23 22:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-01-23 21:28 - 2017-01-23 21:28 - 00000000 _____ C:\Users\mohsin\Desktop\%)$(.txt
2017-01-22 22:19 - 2017-01-22 22:27 - 24669949 _____ C:\Users\mohsin\Downloads\Futtermischer_pack_placeable.zip
2017-01-22 15:02 - 2017-01-22 15:35 - 00000000 ____D C:\Users\mohsin\AppData\Local\TeamSpeak 3
2017-01-22 15:02 - 2017-01-22 15:02 - 00000000 ____D C:\Users\mohsin\.TeamSpeak 3
2017-01-22 15:02 - 2017-01-22 15:02 - 00000000 ____D C:\Users\mohsin\.QtWebEngineProcess
2017-01-22 02:13 - 2017-01-20 20:13 - 00001636 _____ C:\Users\mohsin\Desktop\StdInput.java
2017-01-21 22:51 - 2017-01-21 22:51 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13 (3).pdf
2017-01-21 22:51 - 2017-01-21 22:51 - 00358011 _____ C:\Users\mohsin\Downloads\Klausur+SS13.pdf
2017-01-21 22:51 - 2017-01-21 22:51 - 00328941 _____ C:\Users\mohsin\Downloads\Klausur+SS14.pdf
2017-01-21 22:51 - 2017-01-21 22:51 - 00291905 _____ C:\Users\mohsin\Downloads\Klausur+SS12 (3).pdf
2017-01-21 22:37 - 2017-01-21 22:37 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13 (2).pdf
2017-01-21 22:37 - 2017-01-21 22:37 - 00215750 _____ C:\Users\mohsin\Downloads\Probeklausur+WS12 (1).pdf
2017-01-21 18:20 - 2017-01-21 18:20 - 00228869 _____ C:\Users\mohsin\Downloads\Probeklausur+SS12 (1).pdf
2017-01-21 18:20 - 2017-01-21 18:20 - 00215750 _____ C:\Users\mohsin\Downloads\Probeklausur+WS12.pdf
2017-01-20 22:23 - 2017-01-26 04:50 - 00004789 _____ C:\Users\mohsin\Downloads\Settings.dat
2017-01-20 22:20 - 2017-01-20 22:20 - 00637440 _____ () C:\Users\mohsin\Downloads\EAITFE.dll
2017-01-20 22:20 - 2017-01-20 22:20 - 00228608 _____ C:\Users\mohsin\Downloads\ctb.dat
2017-01-20 20:13 - 2017-01-23 21:50 - 00000000 ____D C:\Users\mohsin\Downloads\Telegram Desktop
2017-01-20 16:56 - 2017-01-20 16:56 - 00275804 _____ C:\Users\mohsin\Downloads\Musterloesung+Probeklausur+SS12 (1).pdf
2017-01-20 16:56 - 2017-01-20 16:56 - 00228869 _____ C:\Users\mohsin\Downloads\Probeklausur+SS12.pdf
2017-01-19 11:56 - 2017-01-19 12:04 - 25586197 _____ C:\Users\mohsin\Downloads\FBM17_MBtracKlein.zip
2017-01-19 05:36 - 2017-01-19 05:39 - 11003462 _____ C:\Users\mohsin\Downloads\MB1800Intercooler_TSL_LS17wsb.zip
2017-01-16 14:49 - 2017-01-16 14:49 - 02101354 _____ C:\Users\mohsin\Downloads\DB_Klausuren.zip
2017-01-15 18:12 - 2017-01-15 18:12 - 00698136 _____ C:\Users\mohsin\Downloads\FS17_AutoDrive.zip
2017-01-15 15:17 - 2017-01-15 15:17 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13 (1).pdf
2017-01-15 15:07 - 2017-01-15 15:07 - 02077171 _____ C:\Users\mohsin\Downloads\Promod1_Klausuren.zip
2017-01-15 14:32 - 2017-01-15 14:32 - 00000000 ____D C:\Users\mohsin\Downloads\1361019588_SAPD Pack
2017-01-15 14:15 - 2017-01-15 14:15 - 24739376 _____ C:\Users\mohsin\Downloads\1361019588_SAPD Pack.rar
2017-01-15 14:10 - 2017-01-15 14:10 - 03988944 _____ C:\Users\mohsin\Downloads\adwcleaner_6.042.exe
2017-01-14 22:30 - 2017-01-14 22:30 - 00000000 ____D C:\Users\mohsin\AppData\Local\Chromium
2017-01-14 19:57 - 2017-01-14 19:57 - 00006807 _____ C:\Users\mohsin\Downloads\hitsounds.smx
2017-01-14 17:06 - 2017-01-14 17:06 - 00000000 ____D C:\Users\mohsin\AppData\LocalLow\Audiosurf_ LLC
2017-01-14 17:04 - 2017-01-14 17:04 - 00001615 _____ C:\Users\mohsin\Desktop\Audiosurf 2.lnk
2017-01-14 17:04 - 2017-01-14 17:04 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiosurf 2 1.0.0.2
2017-01-14 17:00 - 2017-01-14 17:01 - 233582003 _____ (Игры на Cat-A-Cat.NET ) C:\Users\mohsin\Downloads\Audiosurf 2.exe
2017-01-14 17:00 - 2017-01-14 17:00 - 00000824 _____ C:\Users\Public\Desktop\IPVanish.lnk
2017-01-14 16:59 - 2017-01-14 17:03 - 00000000 ____D C:\Users\mohsin\AppData\LocalLow\uTorrent
2017-01-14 15:37 - 2017-01-14 15:37 - 34773799 _____ C:\Users\mohsin\Downloads\FS17_Fendt1000_steph33_v1_3.zip
2017-01-14 14:48 - 2017-01-14 14:48 - 00291905 _____ C:\Users\mohsin\Downloads\Klausur+SS12 (2).pdf
2017-01-14 14:15 - 2017-01-14 14:15 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13.pdf
2017-01-14 13:58 - 2017-01-14 13:58 - 00291905 _____ C:\Users\mohsin\Downloads\Klausur+SS12 (1).pdf
2017-01-14 01:36 - 2017-01-14 01:36 - 00397579 _____ C:\Users\mohsin\Desktop\kaka.exe
2017-01-14 01:34 - 2017-01-14 01:36 - 00000676 _____ C:\Users\mohsin\Desktop\furz.xml
2017-01-14 01:18 - 2017-01-14 01:18 - 00137286 _____ C:\Users\mohsin\Downloads\ReceiptCalc.bmp.zip
2017-01-14 00:37 - 2017-01-14 00:39 - 00001803 _____ C:\Users\mohsin\Desktop\ReceptCalc.jar
2017-01-14 00:37 - 2017-01-14 00:37 - 05966202 _____ C:\Users\mohsin\Downloads\launch4j-3.1.0-beta1-win32.zip
2017-01-14 00:37 - 2017-01-14 00:37 - 00000000 ____D C:\Users\mohsin\Downloads\launch4j-3.1.0-beta1-win32
2017-01-13 22:06 - 2017-01-13 22:06 - 00000000 _____ C:\Users\mohsin\Desktop\Neues Textdokument (2).txt
2017-01-13 17:30 - 2017-01-13 17:30 - 01882759 _____ C:\Users\mohsin\Downloads\FlowCharts.pdf
2017-01-13 17:29 - 2017-01-13 17:29 - 00386555 _____ C:\Users\mohsin\Downloads\UML+Use+Case+Diagrams.pdf
2017-01-12 22:10 - 2017-01-12 22:10 - 00001453 _____ C:\Users\mohsin\Desktop\KlausurLösung.txt
2017-01-12 19:53 - 2017-01-12 19:53 - 00001663 _____ C:\Users\mohsin\Downloads\StdInput.java
2017-01-11 21:35 - 2017-01-11 21:35 - 00022250 _____ C:\Users\mohsin\Desktop\Mo&Judy prak 9.zip
2017-01-11 21:34 - 2017-01-11 21:34 - 00007993 _____ C:\Users\mohsin\Desktop\ecommerce.java
2017-01-11 20:45 - 2017-01-11 20:48 - 440291328 _____ C:\Users\mohsin\Downloads\Abenteuer Survival - Die Gruene Hoelle.avi
2017-01-11 20:43 - 2017-01-11 21:08 - 00000000 ____D C:\Users\mohsin\Desktop\Abenteuer_Survival
2017-01-11 02:40 - 2017-01-11 02:40 - 06158640 _____ C:\Users\mohsin\Downloads\Farming Simulator 17 Savegame Editor_v2.0.0.zip
2017-01-10 16:17 - 2017-01-10 16:17 - 00000847 _____ C:\Users\mohsin\Downloads\rechteck8_2 (1).class
2017-01-10 14:09 - 2017-01-10 14:09 - 00002069 _____ C:\Users\mohsin\Downloads\StdInput.class
2017-01-10 14:09 - 2017-01-10 14:09 - 00001311 _____ C:\Users\mohsin\Downloads\rechteck2.class
2017-01-10 14:09 - 2017-01-10 14:09 - 00000847 _____ C:\Users\mohsin\Downloads\rechteck8_2.class
2017-01-07 15:15 - 2017-01-07 15:15 - 00206734 _____ C:\Users\mohsin\Downloads\PROG1_Ueb_8.pdf
2017-01-07 15:03 - 2017-01-07 15:03 - 15086681 _____ C:\Users\mohsin\Downloads\PROG1_illik_J2SE_v8_161002_students (2).pdf
2017-01-07 13:07 - 2017-01-07 16:59 - 00000731 _____ C:\Users\mohsin\Desktop\BW BBz.txt
2017-01-07 11:35 - 2017-01-07 11:35 - 04692802 _____ C:\Users\mohsin\Desktop\187 Strassenbande - 10 Jahre (Jambeatz).m4a
2017-01-07 11:15 - 2017-01-07 11:15 - 02187986 _____ C:\Users\mohsin\Downloads\1163002632_Cheverolet_Caprice_SFPD_SPC.rar
2017-01-06 16:34 - 2017-01-25 16:04 - 00000676 _____ C:\Windows\system32\.crusader
2017-01-06 16:25 - 2017-01-06 16:33 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-06 14:09 - 2017-01-09 18:09 - 00000000 ____D C:\Users\mohsin\Desktop\Wiz Khalifa
2017-01-06 13:21 - 2017-01-06 13:22 - 11581544 _____ (SurfRight B.V.) C:\Users\mohsin\Downloads\hitmanpro_x64.exe
2017-01-05 14:33 - 2017-01-05 14:33 - 00131988 _____ C:\Users\mohsin\Downloads\_codeconventions-150003.pdf
2017-01-05 14:31 - 2017-01-05 14:31 - 00101864 _____ C:\Users\mohsin\Downloads\bsp_klausur_WS0708.pdf
2017-01-05 14:29 - 2017-01-05 14:30 - 00000000 ____D C:\Users\mohsin\AppData\Local\iWesoft
2017-01-05 14:29 - 2017-01-05 14:29 - 00001228 _____ C:\Users\mohsin\Desktop\Magic Zip Password Recovery.lnk
2017-01-05 14:29 - 2017-01-05 14:29 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Zip Password Recovery
2017-01-05 14:29 - 2017-01-05 14:29 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\iWesoft
2017-01-05 14:29 - 2017-01-05 14:29 - 00000000 ____D C:\Program Files (x86)\Magic Zip Password Recovery
2017-01-05 14:07 - 2017-01-05 14:07 - 04895331 _____ C:\Users\mohsin\Downloads\zippingpasttheshore.rar
2017-01-04 17:54 - 2017-01-04 17:54 - 00000154 _____ C:\Users\mohsin\.appletviewer
2017-01-04 15:23 - 2017-01-04 15:23 - 00345778 _____ C:\Users\mohsin\Downloads\promod1_case_studies.zip
2017-01-03 12:08 - 2017-01-03 12:08 - 15086681 _____ C:\Users\mohsin\Downloads\PROG1_illik_J2SE_v8_161002_students (1).pdf
2017-01-03 03:37 - 2017-01-03 03:37 - 00006824 _____ C:\Users\mohsin\Desktop\Brazzers.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-01-31 23:33 - 2016-12-04 11:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-01-31 21:11 - 2015-10-08 12:00 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\vlc
2017-01-31 20:01 - 2015-10-07 12:07 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6EAD9E2E-F1E5-4F67-8E1E-B97D411E429D}
2017-01-31 19:12 - 2016-05-14 21:55 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\BoL
2017-01-31 17:23 - 2015-12-07 18:23 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-31 17:08 - 2016-12-19 14:47 - 00000000 ____D C:\AdwCleaner
2017-01-31 16:39 - 2016-11-24 12:50 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Telegram Desktop
2017-01-31 15:46 - 2015-10-07 12:10 - 00003600 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3612516331-1481563410-2683479032-1001
2017-01-31 15:46 - 2015-10-07 12:07 - 00000000 ___DO C:\Users\mohsin\SkyDrive
2017-01-31 13:43 - 2016-12-10 23:27 - 00000000 ____D C:\Users\mohsin\Desktop\Tools
2017-01-31 13:40 - 2016-11-27 18:56 - 00000000 ____D C:\Program Files\IPVanish
2017-01-31 13:37 - 2015-10-07 12:09 - 00000000 ____D C:\ProgramData\NVIDIA
2017-01-31 13:37 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-01-31 04:17 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2017-01-31 03:27 - 2015-10-07 12:14 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\TS3Client
2017-01-30 11:12 - 2015-10-12 15:29 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\FileZilla
2017-01-30 08:58 - 2016-12-10 16:19 - 00000000 ____D C:\Users\mohsin\.p2
2017-01-30 08:57 - 2016-12-10 16:24 - 00000000 ____D C:\Users\mohsin\AppData\Local\Eclipse
2017-01-30 08:27 - 2015-10-08 16:44 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\DVDVideoSoft
2017-01-29 15:00 - 2016-12-10 16:23 - 00000000 ____D C:\Users\mohsin\workspace
2017-01-28 21:40 - 2015-10-11 19:10 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Riot Games
2017-01-28 21:38 - 2015-10-12 15:35 - 00000000 ____D C:\Users\mohsin\AppData\Local\CrashDumps
2017-01-28 21:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-27 19:45 - 2016-03-17 15:20 - 00003868 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1458224430
2017-01-27 19:45 - 2016-03-17 15:20 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-01-27 19:45 - 2016-03-17 15:20 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-27 19:39 - 2013-08-22 15:44 - 00477720 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-27 18:06 - 2015-10-12 15:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 18:06 - 2015-10-12 15:28 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-27 18:06 - 2015-10-12 15:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-27 18:06 - 2013-08-23 00:26 - 00000000 ____D C:\Windows\ShellNew
2017-01-27 18:06 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-27 18:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-27 18:05 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2017-01-27 18:05 - 2013-08-22 14:25 - 00000076 _____ C:\Windows\win.ini
2017-01-26 03:33 - 2016-12-11 21:24 - 01684992 _____ C:\Users\mohsin\Downloads\EAIT.dll
2017-01-26 03:33 - 2016-12-11 21:24 - 00000047 _____ C:\Users\mohsin\Downloads\README.txt
2017-01-25 03:30 - 2015-10-07 12:09 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-24 02:42 - 2015-10-07 12:02 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-24 02:42 - 2013-08-23 00:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2017-01-24 02:42 - 2013-08-23 00:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2017-01-22 15:02 - 2015-10-07 12:14 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-01-22 15:02 - 2015-10-07 12:04 - 00000000 ____D C:\Users\mohsin
2017-01-15 13:50 - 2015-10-26 13:15 - 00000000 ____D C:\Users\mohsin\Documents\SolidWorks Downloads
2017-01-15 13:48 - 2016-11-29 15:14 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\uTorrent
2017-01-15 13:48 - 2016-10-16 13:04 - 00000000 ____D C:\Windows\Minidump
2017-01-14 17:06 - 2015-10-07 12:05 - 00000000 ____D C:\Users\mohsin\AppData\Local\VirtualStore
2017-01-14 17:03 - 2016-11-27 20:18 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\IPVanish VPN
2017-01-14 17:03 - 2016-10-13 12:17 - 00000000 ____D C:\Games
2017-01-14 17:00 - 2016-11-27 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2017-01-11 23:21 - 2015-10-13 11:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-01-11 23:20 - 2015-10-13 12:23 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 04:02 - 2015-10-11 16:20 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 04:02 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-11 04:01 - 2015-10-11 16:20 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-11 02:33 - 2016-12-04 11:03 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 02:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 02:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-06 16:34 - 2015-10-12 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files (x86)\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files (x86)\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files (x86)\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files (x86)\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files (x86)\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files (x86)\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files (x86)\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files (x86)\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files (x86)\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files (x86)\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files (x86)\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files (x86)\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files (x86)\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files (x86)\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files (x86)\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files (x86)\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files (x86)\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files (x86)\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files (x86)\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files (x86)\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files (x86)\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files (x86)\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files (x86)\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files (x86)\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files (x86)\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files (x86)\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files (x86)\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files (x86)\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files (x86)\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files (x86)\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files (x86)\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files (x86)\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files (x86)\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files (x86)\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files (x86)\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files (x86)\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files (x86)\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files (x86)\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files (x86)\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files (x86)\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files (x86)\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files (x86)\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files (x86)\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files (x86)\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files (x86)\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files (x86)\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files (x86)\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files (x86)\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files (x86)\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files (x86)\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files (x86)\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files (x86)\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files (x86)\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files (x86)\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files (x86)\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files (x86)\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files (x86)\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files (x86)\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files (x86)\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files (x86)\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files (x86)\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files (x86)\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files (x86)\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files (x86)\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files (x86)\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files (x86)\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files (x86)\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files (x86)\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files (x86)\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files (x86)\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files (x86)\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files (x86)\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files (x86)\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files (x86)\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files (x86)\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files (x86)\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files (x86)\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files (x86)\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files (x86)\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files (x86)\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files (x86)\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files (x86)\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files (x86)\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files (x86)\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files (x86)\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files (x86)\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files (x86)\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files (x86)\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files (x86)\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files (x86)\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files (x86)\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files (x86)\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files (x86)\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files (x86)\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files (x86)\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files (x86)\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files (x86)\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files (x86)\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files (x86)\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files (x86)\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files (x86)\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files (x86)\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files (x86)\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files (x86)\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files (x86)\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files (x86)\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files (x86)\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files (x86)\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files (x86)\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files (x86)\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files (x86)\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files (x86)\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files (x86)\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files (x86)\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files (x86)\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files (x86)\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files (x86)\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files (x86)\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files (x86)\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files (x86)\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files (x86)\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files (x86)\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files (x86)\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files (x86)\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files (x86)\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files (x86)\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files (x86)\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files (x86)\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files (x86)\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files (x86)\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files (x86)\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files (x86)\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files (x86)\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files (x86)\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files (x86)\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files (x86)\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files (x86)\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files (x86)\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files (x86)\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files (x86)\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files (x86)\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files (x86)\OCT2006_XACT_x86.cab
2016-11-27 22:50 - 2016-11-27 22:50 - 0001243 _____ () C:\Users\mohsin\AppData\Local\recently-used.xbel
2015-11-16 14:32 - 2015-11-16 14:32 - 0000000 _____ () C:\Users\mohsin\AppData\Local\Temptable.xml
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-27 17:39
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von mohsin (01-02-2017 00:06:56)
Gestartet von C:\Users\mohsin\Downloads\FRST-OlderVersion
Windows 8.1 Pro (Update) (X64) (2015-10-07 11:05:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3612516331-1481563410-2683479032-500 - Administrator - Disabled)
Gast (S-1-5-21-3612516331-1481563410-2683479032-501 - Limited - Disabled)
mohsin (S-1-5-21-3612516331-1481563410-2683479032-1001 - Administrator - Enabled) => C:\Users\mohsin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audiosurf 2 1.0.0.2 (HKLM-x32\...\Audiosurf 2 1.0.0.2) (Version: 1.0.0.2 - Èãðû íà Cat-A-Cat.NET)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.3.2280 - AVAST Software)
Avira Connect (HKLM-x32\...\{e7f56494-d786-472e-aba2-1b93089e06cd}) (Version: 1.2.76.20506 - Avira Operations GmbH & Co. KG)
BlueStacks App Player (HKLM-x32\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
IPVanish (HKLM\...\A57226AD-BDAF-4860-BD4E-EDA6BC546189_is1) (Version: 3.0.6.0 - IPVANISH)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Magic Zip Password Recovery (HKLM-x32\...\{C0A12F43-ED5F-43CF-AF14-0C13E1A29524}) (Version: 2.0.0.0 - iWesoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 (HKLM-x32\...\{7c8a1675-0fe9-41fd-a2ed-aa4871816197}) (Version: 14.0.24406.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 (HKLM-x32\...\{b5e24db9-876e-4af2-ac7f-00d0e8bc162c}) (Version: 14.0.24406.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SafeZone Stable 1.51.2220.62 (x32 Version: 1.51.2220.62 - Avast Software) Hidden
SkySaga Infinite Isles (HKLM-x32\...\SkySaga Infinite Isles 1.0.3677.0) (Version: 1.0.3677.0 - Radiant Worlds)
SkySaga Infinite Isles (x32 Version: 1.0.3677.0 - Radiant Worlds) Hidden
Slack (HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\slack) (Version: 2.3.3 - Slack Technologies)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Syncios 5.0.9 (HKLM-x32\...\Syncios) (Version: 5.0.9 - Anvsoft)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TS Notifier (HKLM-x32\...\{A8C69D46-A92E-40FA-B393-0E3A417D8F2A}) (Version: 1.6.0000 - Andreas Gebert)
TS3 Overlay (HKLM\...\TS3 Overlay) (Version: v3.0.16 - Rohrbacher Development)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {2E7D4542-9776-4F00-A324-0E68B4A3A6F1} - System32\Tasks\SafeZone scheduled Autoupdate 1481409026 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-09-06] (Avast Software)
Task: {30FD2691-9D23-4879-9255-50CECDB8B498} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {325FE91C-9909-4B9F-85BE-8398D827073B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-12-10] (AVAST Software)
Task: {431F1C70-3EB4-4352-87D4-E149511EDBE6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5BF350AA-877F-40AE-9111-D9BE68AC0BB3} - System32\Tasks\IPVanish => C:\Program Files\IPVanish\ElevateProcess.exe [2017-01-03] (IPVanish)
Task: {7332EE4C-8597-410A-AAE1-26B97132C314} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {95E41828-04A9-4426-BA90-52A74466038F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {A461150A-59B9-4C9F-9EF8-B4476A3D2109} - \AutoPico Daily Restart -> Keine Datei <==== ACHTUNG
Task: {AB6D3CB8-E4BB-4F88-A804-80022080D7D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {CB66ABBB-8D1B-459E-8BC6-3CC1C7D9E435} - System32\Tasks\Opera scheduled Autoupdate 1458224430 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {CCC71665-0DFD-4E7B-9D86-43914F14D47A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {D9F905A4-A882-4844-8BF8-5FA9BFDD5795} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Zip Password Recovery\Magic Zip Password Recovery Website.lnk -> hxxp://www.iwesoft.com/productinfo.php?id=2
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-18 09:27 - 2016-08-18 09:27 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-01-26 00:41 - 2017-01-25 08:29 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.76\libglesv2.dll
2017-01-26 00:41 - 2017-01-25 08:29 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.76\libegl.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00143891 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 02750483 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00618515 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00079379 _____ () C:\Program Files\VideoLAN\VLC\libgcc_s_seh-1.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00038419 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 12272659 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 01478163 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00075795 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 02479123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00111123 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00259603 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00083475 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libvdr_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00051731 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00066579 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00672275 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00825363 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00132627 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00047635 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\librar_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\librecord_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00142867 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 01597459 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00341523 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00021011 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_msg_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00060435 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00044051 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libwin_hotkeys_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00229907 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00101395 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libfolder_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00755731 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00136723 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00026131 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00323091 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libjpeg_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00345619 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 01513491 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00837139 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00331795 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00025107 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00042003 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00048659 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsubstx3g_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00430099 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00031251 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00020499 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00192019 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 01805331 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00418835 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00024083 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00023571 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00027667 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00455699 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00127507 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdvbsub_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 14624275 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00887315 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00043027 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_sse2_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00030227 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_mmx_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00751635 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libswscale_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00033811 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_sse2_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00123923 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_sse2_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00059923 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_mmx_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00025619 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_mmx_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00038931 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00023059 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00052243 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00045587 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00035347 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00019475 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2015-04-16 15:15 - 2015-04-16 15:15 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00026643 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00141331 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00188947 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00083987 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 01507859 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00029203 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00017939 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00018963 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00024595 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00018451 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00022035 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2015-04-16 15:16 - 2015-04-16 15:16 - 00043539 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 04649976 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClient.exe
2016-11-24 12:39 - 2017-01-28 21:44 - 03532280 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClientUx.exe
2017-01-28 21:44 - 2017-01-28 21:44 - 03532280 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\LeagueClientUxHelper.exe
2016-03-16 15:03 - 2017-01-31 22:00 - 24043000 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.161\deploy\League of Legends.exe
2016-12-10 23:27 - 2016-12-10 23:27 - 00169064 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-01-31 13:38 - 2017-01-31 13:38 - 04377600 _____ () C:\Program Files\AVAST Software\Avast\defs\17013102\algo.dll
2016-12-10 23:27 - 2016-12-10 23:27 - 00482928 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-08-18 09:03 - 2016-08-18 09:03 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-08-18 09:17 - 2016-08-18 09:17 - 00751104 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-08-18 09:09 - 2016-08-18 09:09 - 00103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-12-10 23:27 - 2016-12-10 23:27 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 03337216 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-patcher\rcp-be-patcher.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 01046016 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-rso-auth\rcp-be-rso-auth.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 02525696 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-login\rcp-be-lol-login.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00583680 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-account-settings\rcp-be-lol-account-settings.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00582144 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-platform-config\rcp-be-lol-platform-config.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00729600 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-summoner\rcp-be-lol-summoner.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00641536 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-ranked-stats\rcp-be-lol-ranked-stats.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00563200 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-maps\rcp-be-lol-maps.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00707584 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-game-queues\rcp-be-lol-game-queues.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00866304 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-gameflow\rcp-be-lol-gameflow.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00934400 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-player-preferences\rcp-be-lol-player-preferences.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00688640 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-game-settings\rcp-be-lol-game-settings.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00663040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-settings\rcp-be-lol-settings.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00630784 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-sanitizer\rcp-be-sanitizer.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 02492416 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-chat\rcp-be-lol-chat.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00159224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\libexpat.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 02015232 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-riot-messaging-service\rcp-be-lol-riot-messaging-service.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00559616 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-heartbeat\rcp-be-lol-heartbeat.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00582144 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-shutdown\rcp-be-lol-shutdown.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00578048 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-acs\rcp-be-lol-acs.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00606720 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-player-notifications\rcp-be-player-notifications.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00564224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-loyalty\rcp-be-lol-loyalty.dll
2016-11-24 12:40 - 2017-01-28 21:45 - 01127936 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-collections\rcp-be-lol-collections.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00955904 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-loot\rcp-be-lol-loot.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00557056 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-kr-shutdown-law\rcp-be-lol-kr-shutdown-law.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 01033728 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-lobby-team-builder\rcp-be-lol-lobby-team-builder.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00685568 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-queue-eligibility\rcp-be-lol-queue-eligibility.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 01559552 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-lobby\rcp-be-lol-lobby.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00856064 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-license-agreement\rcp-be-lol-license-agreement.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 01189888 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-champ-select-legacy\rcp-be-lol-champ-select-legacy.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00666112 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-champ-select\rcp-be-lol-champ-select.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00813568 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-matchmaking\rcp-be-lol-matchmaking.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00538624 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-kr-playtime-reminder\rcp-be-lol-kr-playtime-reminder.dll
2016-11-24 12:39 - 2017-01-28 21:45 - 00552960 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-game-client-chat\rcp-be-lol-game-client-chat.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00624128 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-team-boosts\rcp-be-lol-team-boosts.dll
2016-11-24 12:39 - 2017-01-28 21:45 - 00820224 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-end-of-game\rcp-be-lol-end-of-game.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00585728 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-active-boosts\rcp-be-lol-active-boosts.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00607744 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-kudos\rcp-be-lol-kudos.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00663040 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-parties\rcp-be-lol-parties.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00882176 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-leagues\rcp-be-lol-leagues.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00674304 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-pft\rcp-be-lol-pft.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00679936 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-player-behavior\rcp-be-lol-player-behavior.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00668160 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-suggested-players\rcp-be-lol-suggested-players.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00594944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-service-status\rcp-be-lol-service-status.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00611840 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-leaver-buster\rcp-be-lol-leaver-buster.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00737280 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-match-history\rcp-be-lol-match-history.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00707584 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-recofriender\rcp-be-recofriender.dll
2016-11-24 12:39 - 2017-01-28 21:45 - 00850944 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-clubs\rcp-be-lol-clubs.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 01704448 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-clubs-public\rcp-be-lol-clubs-public.dll
2016-11-24 12:39 - 2017-01-28 21:45 - 00649216 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-esport-stream-notifications\rcp-be-lol-esport-stream-notifications.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00779264 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-replays\rcp-be-lol-replays.dll
2017-01-28 21:46 - 2017-01-28 21:46 - 00579072 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-spectator\rcp-be-lol-spectator.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00697856 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-store\rcp-be-lol-store.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00571392 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-player-level-up\rcp-be-lol-player-level-up.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00547328 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-tencent-qt\rcp-be-lol-tencent-qt.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00624640 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-beta-opt-in\rcp-be-lol-beta-opt-in.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00607744 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-lol-player-messaging\rcp-be-lol-player-messaging.dll
2016-11-24 12:39 - 2017-01-28 21:46 - 00549888 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\Plugins\rcp-be-network-testing\rcp-be-network-testing.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 55617504 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\libcef.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 01876448 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\libglesv2.dll
2016-11-24 12:39 - 2017-01-28 21:44 - 00021984 _____ () C:\Riot Games\League of Legends\RADS\projects\league_client\releases\0.0.0.49\deploy\libegl.dll
2016-03-16 15:03 - 2017-01-28 23:12 - 00672256 _____ () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.161\deploy\RiotLauncher.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\aeriagames.com -> hxxp://aeriagames.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 141.28.230.16 - 141.28.230.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\StartupFolder: => "AutoFuriousPk.lnk"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\StartupFolder: => "Slack.lnk"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [TCP Query User{AB6F57D7-0444-41B4-89E7-B2C658DB617B}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5F027340-DB5B-444E-999A-CDAA351D51DD}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{4F7A2B6A-22B4-456D-8891-5069E575CAC0}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0A6D2488-379A-4C37-8CB4-D578829FCD55}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CC805CD1-4D84-4AB3-8C9F-40FE4CB617C6}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{14025715-050D-4B40-A931-E5A5708EF1DA}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3CAA157A-7AFB-4951-93A0-E2A4782AEBDF}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{1574FA05-643F-43D7-93FF-27FD334689CE}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{634C59E3-BBE6-46BB-BC9C-8F88D423D50C}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{14FC5755-9991-4BF3-8B7F-FB7831F222A2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1349F81E-B9EF-4FAA-A531-9F6AF6C33E16}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{61DF641E-57CA-4041-912C-A604AF119668}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{E3A87250-E15F-4828-8A4E-A7786BA50309}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0B520FD9-A541-4E5D-93C0-9F594B0728E9}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{B9FF92E2-B4D7-4A44-92BE-8C8D2B80204E}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{BF69D0E5-505A-43A0-9A9D-A645BEBC411E}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{B8AE473A-8231-4089-9DCB-0AA0B6FA090A}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{259609EE-CAE7-4D93-8FC2-FB192DEF515B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A866D313-1734-472C-AFEF-E29429F320BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7662DBEA-6CD0-46CA-8BB9-C721CBD1DA54}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{785C74D0-0606-41F7-A9B6-B32D03048C1D}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C651BB60-9949-42A7-81A0-8CA9D453A8C3}] => C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{F06FF7EF-BA2B-48AF-8C1C-52D797A25518}] => C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{6546C3E5-231D-4A22-A9DC-7D0E3176F4A3}] => C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{0F21E4B4-6A6D-4168-8FF3-94706BD19350}] => C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [TCP Query User{2038F9CF-561E-4BDB-9FAD-0CFC2D4AAE97}C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe] => C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [UDP Query User{98BDC5D1-FA55-45B9-B674-27E1F20FF814}C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe] => C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [{F2365009-73AF-4B0D-81A8-426C2F219112}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BFE86847-FAC8-4A69-AF21-192097B2082D}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8B9D6D0-749C-4217-B1D1-88C4AC5F2452}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E50CC71-82F1-4C83-A7FA-7A889213B300}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{033A3AC3-59A1-489D-AC1E-70376710BE7E}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{685B30A5-D028-47C9-94DA-64FDA08E7028}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{17CB9788-AA87-420B-8DA0-EC6F52529950}C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe] => C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe
FirewallRules: [UDP Query User{BBCAA1E9-CEA5-4BE8-B271-0BDDA1A4C2B1}C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe] => C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe
FirewallRules: [{756D8A3B-8A17-4B53-A623-F7A3EF505C16}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5A51319A-5DC3-443C-9FEE-67BA6447499A}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{76D71933-81A8-47FD-97EB-07DBE5D81804}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{882B2CB7-4176-417E-B5D2-466869648B4D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23DDA8A0-87D1-4A65-A10B-532361A779A5}] => C:\Program Files (x86)\Opera\42.0.2393.351\opera.exe
FirewallRules: [{DB6E392E-41E1-4923-94AB-D7E5C227B609}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7151E88B-819D-47D2-85DC-1E56ABF7F3DC}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
==================== Wiederherstellungspunkte =========================
28-01-2017 21:40:59 Microsoft Visual C++ 2005 Redistributable (x64) wird installiert
28-01-2017 21:41:31 Microsoft Visual C++ 2005 Redistributable wird installiert
29-01-2017 14:35:22 Malwarebytes Anti-Rootkit Restore Point
31-01-2017 13:46:06 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (01/31/2017 05:52:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BoL Studio.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1504
Startzeit: 01d27be16e7a9959
Endzeit: 2
Anwendungspfad: C:\Users\mohsin\Downloads\BoL+Studio\BoL+Studio\BoL Studio.exe
Berichts-ID: a05aacfc-e7d5-11e6-82b8-d43d7e6be76b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/31/2017 05:23:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BoL Studio.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b38
Startzeit: 01d27bddef0c0f6b
Endzeit: 4294967295
Anwendungspfad: C:\Users\mohsin\Downloads\Bot of Legends\BoL Studio.exe
Berichts-ID: 8793969d-e7d1-11e6-82b8-d43d7e6be76b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/31/2017 01:46:29 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 - 00000000000001C4,0x00530194,0000000000000000,0,000000940CBA20A0,4096,[0]).
Vorgang:
Schattenkopien abfragen
Error: (01/31/2017 01:46:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/29/2017 02:35:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/28/2017 09:42:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x1a0
Startzeit der fehlerhaften Anwendung: 0x01d278ccb6301fbe
Pfad der fehlerhaften Anwendung: C:\Windows\System32\svchost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 434b552a-e59a-11e6-82b3-d43d7e6be76b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/28/2017 09:41:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/28/2017 09:41:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/27/2017 06:05:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/27/2017 06:04:51 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (01/31/2017 01:46:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/29/2017 06:00:02 AM) (Source: DCOM) (EventID: 10010) (User: DRDRAVEN)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/28/2017 09:44:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Programmkompatibilitäts-Assistent-Dienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/28/2017 09:44:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Gerätezuordnungsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Diagnosesystemhost" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Programmkompatibilitäts-Assistent-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 8136.23 MB
Verfügbarer physikalischer RAM: 3463.53 MB
Summe virtueller Speicher: 9416.23 MB
Verfügbarer virtueller Speicher: 3868.45 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931 GB) (Free:724.43 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
01.02.2017, 09:35
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! Da ist ja immer noch Avast drauf. Du solltest das schon längst deinstalliert haben!
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2017, 11:29
| #27 |
| | Adware Problem, lässt sich nicht beheben! Upsi. Habs rausgehauen, ich wiederhole eben alle schritte, nicht sauer sein! Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows 8.1 Pro x64
Ran by mohsin (Administrator) on 01.02.2017 at 11:25:01,73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 01.02.2017 at 11:26:10,24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von mohsin (01-02-2017 11:28:20)
Gestartet von C:\Users\mohsin\Downloads\FRST-OlderVersion
Windows 8.1 Pro (Update) (X64) (2015-10-07 11:05:00)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3612516331-1481563410-2683479032-500 - Administrator - Disabled)
Gast (S-1-5-21-3612516331-1481563410-2683479032-501 - Limited - Disabled)
mohsin (S-1-5-21-3612516331-1481563410-2683479032-1001 - Administrator - Enabled) => C:\Users\mohsin
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
µTorrent (HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 24 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\{A2116AF9-FA9D-41EA-9874-1E40B227D4DE}) (Version: 12.2.5.195 - Adobe Systems, Inc)
Apple Application Support (32-Bit) (HKLM-x32\...\{D4B07658-F443-4445-A261-E643996E139D}) (Version: 4.3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{A6B0442B-E159-444B-B49D-6B9AC531EAE3}) (Version: 4.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audiosurf 2 1.0.0.2 (HKLM-x32\...\Audiosurf 2 1.0.0.2) (Version: 1.0.0.2 - Èãðû íà Cat-A-Cat.NET)
Avira Connect (HKLM-x32\...\{e7f56494-d786-472e-aba2-1b93089e06cd}) (Version: 1.2.76.20506 - Avira Operations GmbH & Co. KG)
BlueStacks App Player (HKLM-x32\...\{AA655366-D323-404D-AA9B-AD562CAE1DD0}) (Version: 2.2.21.6212 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.22 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
FileZilla Client 3.14.1 (HKLM-x32\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Fraps (HKLM-x32\...\Fraps) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.76 - Google Inc.)
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Gpg4win (2.3.3) (HKLM-x32\...\GPG4Win) (Version: 2.3.3 - The Gpg4win Project)
IPVanish (HKLM\...\A57226AD-BDAF-4860-BD4E-EDA6BC546189_is1) (Version: 3.0.6.0 - IPVANISH)
iTunes (HKLM\...\{955524E7-79EB-4CA9-BA4D-FD2DF587651B}) (Version: 12.4.3.1 - Apple Inc.)
Java 8 Update 102 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 4.2.1) (Version: 4.2.1 - Riot Games)
League of Legends (x32 Version: 4.2.1 - Riot Games) Hidden
Magic Zip Password Recovery (HKLM-x32\...\{C0A12F43-ED5F-43CF-AF14-0C13E1A29524}) (Version: 2.0.0.0 - iWesoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50709.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{82f2609e-68ba-408d-963f-530ad8809435}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{577ff5ba-39aa-4d8c-a3a9-f95012763438}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24406 (HKLM-x32\...\{7c8a1675-0fe9-41fd-a2ed-aa4871816197}) (Version: 14.0.24406.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24406 (HKLM-x32\...\{b5e24db9-876e-4af2-ac7f-00d0e8bc162c}) (Version: 14.0.24406.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2005 Remote Debugger Light (x64) - ENU) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Applications - ENU (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Applications - ENU) (Version: - Microsoft Corporation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2 - Notepad++ Team)
NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Opera Stable 42.0.2393.517 (HKLM-x32\...\Opera 42.0.2393.517) (Version: 42.0.2393.517 - Opera Software)
RuneScape Launcher 1.2.7 (HKLM-x32\...\{FA52A2D0-298E-4D40-8BB7-39928627EA6A}) (Version: 1.2.7 - Jagex Ltd)
SkySaga Infinite Isles (HKLM-x32\...\SkySaga Infinite Isles 1.0.3677.0) (Version: 1.0.3677.0 - Radiant Worlds)
SkySaga Infinite Isles (x32 Version: 1.0.3677.0 - Radiant Worlds) Hidden
Slack (HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\slack) (Version: 2.3.3 - Slack Technologies)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Syncios 5.0.9 (HKLM-x32\...\Syncios) (Version: 5.0.9 - Anvsoft)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TS Notifier (HKLM-x32\...\{A8C69D46-A92E-40FA-B393-0E3A417D8F2A}) (Version: 1.6.0000 - Andreas Gebert)
TS3 Overlay (HKLM\...\TS3 Overlay) (Version: v3.0.16 - Rohrbacher Development)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {30FD2691-9D23-4879-9255-50CECDB8B498} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {431F1C70-3EB4-4352-87D4-E149511EDBE6} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {5BF350AA-877F-40AE-9111-D9BE68AC0BB3} - System32\Tasks\IPVanish => C:\Program Files\IPVanish\ElevateProcess.exe [2017-01-03] (IPVanish)
Task: {7332EE4C-8597-410A-AAE1-26B97132C314} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {95E41828-04A9-4426-BA90-52A74466038F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-01-25] (Google Inc.)
Task: {A461150A-59B9-4C9F-9EF8-B4476A3D2109} - \AutoPico Daily Restart -> Keine Datei <==== ACHTUNG
Task: {AB6D3CB8-E4BB-4F88-A804-80022080D7D6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-11] (Adobe Systems Incorporated)
Task: {CB66ABBB-8D1B-459E-8BC6-3CC1C7D9E435} - System32\Tasks\Opera scheduled Autoupdate 1458224430 => C:\Program Files (x86)\Opera\launcher.exe [2017-01-26] (Opera Software)
Task: {CCC71665-0DFD-4E7B-9D86-43914F14D47A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-08-26] (Piriform Ltd)
Task: {D9F905A4-A882-4844-8BF8-5FA9BFDD5795} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-27] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Zip Password Recovery\Magic Zip Password Recovery Website.lnk -> hxxp://www.iwesoft.com/productinfo.php?id=2
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-05 14:23 - 2016-07-05 14:23 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-07-05 14:23 - 2016-07-05 14:23 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-08-18 09:27 - 2016-08-18 09:27 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2017-01-26 00:41 - 2017-01-25 08:29 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.76\libglesv2.dll
2017-01-26 00:41 - 2017-01-25 08:29 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.76\libegl.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll
2015-10-08 16:44 - 2016-03-21 14:47 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00222720 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-08-18 09:03 - 2016-08-18 09:03 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-08-18 09:14 - 2016-08-18 09:14 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-08-18 09:17 - 2016-08-18 09:17 - 00751104 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-08-18 09:09 - 2016-08-18 09:09 - 00103424 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\aeriagames.com -> hxxp://aeriagames.com
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 141.28.230.16 - 141.28.230.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "avgnt"
HKLM\...\StartupApproved\Run32: => "Avira SystrayStartTrigger"
HKLM\...\StartupApproved\Run32: => "Syncios device service"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\StartupFolder: => "AutoFuriousPk.lnk"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\StartupFolder: => "Slack.lnk"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => LPort=139
FirewallRules: [TCP Query User{AB6F57D7-0444-41B4-89E7-B2C658DB617B}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{5F027340-DB5B-444E-999A-CDAA351D51DD}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{4F7A2B6A-22B4-456D-8891-5069E575CAC0}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{0A6D2488-379A-4C37-8CB4-D578829FCD55}] => C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{CC805CD1-4D84-4AB3-8C9F-40FE4CB617C6}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{14025715-050D-4B40-A931-E5A5708EF1DA}] => C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{3CAA157A-7AFB-4951-93A0-E2A4782AEBDF}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{1574FA05-643F-43D7-93FF-27FD334689CE}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{634C59E3-BBE6-46BB-BC9C-8F88D423D50C}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{14FC5755-9991-4BF3-8B7F-FB7831F222A2}] => C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{1349F81E-B9EF-4FAA-A531-9F6AF6C33E16}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{61DF641E-57CA-4041-912C-A604AF119668}] => C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{E3A87250-E15F-4828-8A4E-A7786BA50309}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{0B520FD9-A541-4E5D-93C0-9F594B0728E9}C:\program files\videolan\vlc\vlc.exe] => C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{B9FF92E2-B4D7-4A44-92BE-8C8D2B80204E}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{BF69D0E5-505A-43A0-9A9D-A645BEBC411E}] => C:\ProgramData\BlueStacksGameManager\OBS\HD-OBS.exe
FirewallRules: [{B8AE473A-8231-4089-9DCB-0AA0B6FA090A}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{259609EE-CAE7-4D93-8FC2-FB192DEF515B}] => C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A866D313-1734-472C-AFEF-E29429F320BA}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7662DBEA-6CD0-46CA-8BB9-C721CBD1DA54}] => C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{785C74D0-0606-41F7-A9B6-B32D03048C1D}] => C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{C651BB60-9949-42A7-81A0-8CA9D453A8C3}] => C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{F06FF7EF-BA2B-48AF-8C1C-52D797A25518}] => C:\Games\World_of_Warships\WoWSLauncher.exe
FirewallRules: [{6546C3E5-231D-4A22-A9DC-7D0E3176F4A3}] => C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [{0F21E4B4-6A6D-4168-8FF3-94706BD19350}] => C:\Games\World_of_Warships\worldofwarships.exe
FirewallRules: [TCP Query User{2038F9CF-561E-4BDB-9FAD-0CFC2D4AAE97}C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe] => C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [UDP Query User{98BDC5D1-FA55-45B9-B674-27E1F20FF814}C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe] => C:\program files\farming simulator 17\x64\farmingsimulator2017game.exe
FirewallRules: [{F2365009-73AF-4B0D-81A8-426C2F219112}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BFE86847-FAC8-4A69-AF21-192097B2082D}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{F8B9D6D0-749C-4217-B1D1-88C4AC5F2452}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8E50CC71-82F1-4C83-A7FA-7A889213B300}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{033A3AC3-59A1-489D-AC1E-70376710BE7E}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{685B30A5-D028-47C9-94DA-64FDA08E7028}] => C:\Users\mohsin\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{17CB9788-AA87-420B-8DA0-EC6F52529950}C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe] => C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe
FirewallRules: [UDP Query User{BBCAA1E9-CEA5-4BE8-B271-0BDDA1A4C2B1}C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe] => C:\users\mohsin\eclipse\java-neon\eclipse\eclipse.exe
FirewallRules: [{756D8A3B-8A17-4B53-A623-F7A3EF505C16}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{5A51319A-5DC3-443C-9FEE-67BA6447499A}] => C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{76D71933-81A8-47FD-97EB-07DBE5D81804}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{882B2CB7-4176-417E-B5D2-466869648B4D}] => C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{23DDA8A0-87D1-4A65-A10B-532361A779A5}] => C:\Program Files (x86)\Opera\42.0.2393.351\opera.exe
FirewallRules: [{DB6E392E-41E1-4923-94AB-D7E5C227B609}] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{7151E88B-819D-47D2-85DC-1E56ABF7F3DC}] => C:\Program Files (x86)\Opera\42.0.2393.517\opera.exe
==================== Wiederherstellungspunkte =========================
31-01-2017 13:46:06 JRT Pre-Junkware Removal
01-02-2017 11:25:03 JRT Pre-Junkware Removal
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/01/2017 11:25:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/31/2017 05:52:28 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BoL Studio.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1504
Startzeit: 01d27be16e7a9959
Endzeit: 2
Anwendungspfad: C:\Users\mohsin\Downloads\BoL+Studio\BoL+Studio\BoL Studio.exe
Berichts-ID: a05aacfc-e7d5-11e6-82b8-d43d7e6be76b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/31/2017 05:23:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm BoL Studio.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b38
Startzeit: 01d27bddef0c0f6b
Endzeit: 4294967295
Anwendungspfad: C:\Users\mohsin\Downloads\Bot of Legends\BoL Studio.exe
Berichts-ID: 8793969d-e7d1-11e6-82b8-d43d7e6be76b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/31/2017 01:46:29 PM) (Source: VSS) (EventID: 12305) (User: )
Description: Volumeschattenkopie-Dienstfehler: Volume bzw. Datenträger ist nicht richtig angeschlossen oder wurde nicht gefunden.
Fehlerkontext: DeviceIoControl(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy2 - 00000000000001C4,0x00530194,0000000000000000,0,000000940CBA20A0,4096,[0]).
Vorgang:
Schattenkopien abfragen
Error: (01/31/2017 01:46:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/29/2017 02:35:31 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/28/2017 09:42:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_PcaSvc, Version: 6.3.9600.17415, Zeitstempel: 0x54504177
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18438, Zeitstempel: 0x57ae642e
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000925fa
ID des fehlerhaften Prozesses: 0x1a0
Startzeit der fehlerhaften Anwendung: 0x01d278ccb6301fbe
Pfad der fehlerhaften Anwendung: C:\Windows\System32\svchost.exe
Pfad des fehlerhaften Moduls: C:\Windows\SYSTEM32\ntdll.dll
Berichtskennung: 434b552a-e59a-11e6-82b3-d43d7e6be76b
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (01/28/2017 09:41:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/28/2017 09:41:07 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (01/27/2017 06:05:11 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Systemfehler:
=============
Error: (02/01/2017 11:25:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/31/2017 01:46:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/29/2017 06:00:02 AM) (Source: DCOM) (EventID: 10010) (User: DRDRAVEN)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (01/28/2017 09:44:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Programmkompatibilitäts-Assistent-Dienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/28/2017 09:44:09 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Gerätezuordnungsdienst" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
Es wird bereits eine Instanz des Dienstes ausgeführt.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Driver Foundation - Benutzermodus-Treiberframework" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Automatische WLAN-Konfiguration" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Diagnosesystemhost" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Überwachung verteilter Verknüpfungen (Client)" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (01/28/2017 09:43:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Superfetch" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-3350P CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 8136.23 MB
Verfügbarer physikalischer RAM: 5550.6 MB
Summe virtueller Speicher: 9416.23 MB
Verfügbarer virtueller Speicher: 6404.69 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:931 GB) (Free:723.87 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-01-2017
durchgeführt von mohsin (Administrator) auf DRDRAVEN (01-02-2017 11:27:28)
Gestartet von C:\Users\mohsin\Downloads\FRST-OlderVersion
Geladene Profile: mohsin (Verfügbare Profile: mohsin)
Platform: Windows 8.1 Pro (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe
() C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1806136 2015-09-06] (NVIDIA Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-07-26] (Apple Inc.)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe [1925136 2016-07-15] ()
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [957976 2016-04-26] (BlueStack Systems, Inc.)
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8912088 2016-08-26] (Piriform Ltd)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
Startup: C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Slack.lnk [2016-12-03]
ShortcutTarget: Slack.lnk -> C:\Users\mohsin\AppData\Local\slack\Update.exe ()
GroupPolicy: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 141.28.230.16 141.28.230.8
Tcpip\..\Interfaces\{400C1F4D-EB29-47C1-BD10-38368EF6D76A}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{636C4FFD-E430-4298-B185-C60A1FB06F84}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{768B14A1-6B35-4922-8118-2BFB02967E6C}: [DhcpNameServer] 198.18.0.1 198.18.0.2
Tcpip\..\Interfaces\{E444B94A-4746-44B0-8703-AAA7883AF869}: [DhcpNameServer] 141.28.230.16 141.28.230.8
ManualProxies:
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3612516331-1481563410-2683479032-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001 -> {68BD3833-CD31-4D09-81DE-B29B526B80D8} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-3612516331-1481563410-2683479032-1001 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_102\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll => Keine Datei
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\ssv.dll [2016-12-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\jp2ssv.dll [2016-12-04] (Oracle Corporation)
DPF: HKLM-x32 {55A2C0CD-3DE8-4264-9637-A0B40B05714E} hxxps://col430-sec.mail.live.com/mail/MailMigrationCabFileHolder.aspx?n=391707608
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_24_0_0_194.dll [2017-01-11] ()
FF Plugin: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\dtplugin\npDeployJava1.dll [2016-12-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.102.2 -> C:\Program Files (x86)\Java\jre1.8.0_102\bin\plugin2\npjp2.dll [2016-12-04] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50709.0\npctrl.dll [2016-07-11] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-25] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
Chrome:
=======
CHR StartupUrls: Default -> "hxxp://youtube.de/","hxxp://google.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default [2017-02-01]
CHR Extension: (ProxFlow) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2017-01-24]
CHR Extension: (Google Präsentationen) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-07]
CHR Extension: (Google Docs) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-07]
CHR Extension: (Google Drive) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-07]
CHR Extension: (Google-Suche) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26]
CHR Extension: (Google Tabellen) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-07]
CHR Extension: (Google Docs Offline) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-01-31]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-18]
CHR Extension: (ScriptSafe) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiigbmnaadbkfbmpbfijlflahbdbdgdf [2017-01-27]
CHR Extension: (Click&Clean App) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2017-01-09]
CHR Extension: (Google Mail) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-07]
CHR Extension: (Chrome Media Router) - C:\Users\mohsin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-01-27]
CHR HKLM-x32\...\Chrome\Extension: [eedgghdcpmmmilkmfpnklknlenbiolec] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-26] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [437784 2016-04-26] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-26] (BlueStack Systems, Inc.)
R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2016-03-21] (Digital Wave Ltd.)
R2 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [216576 2016-08-18] () [Datei ist nicht signiert]
S3 SolidWorks Licensing Service; C:\Program Files (x86)\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe [79360 2015-10-26] (SolidWorks) [Datei ist nicht signiert]
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [346872 2013-08-22] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23840 2013-08-22] (Microsoft Corporation)
S3 Steam Client Service; "C:\Program Files (x86)\Common Files\Steam\SteamService.exe" /RunAsService [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154168 2016-04-26] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R3 tapipvanish; C:\Windows\system32\DRIVERS\tapipvanish.sys [34520 2016-09-22] (The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [34760 2013-08-22] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [265056 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124256 2013-08-22] (Microsoft Corporation)
U0 aswVmm; kein ImagePath
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 11:18 - 2016-10-28 02:22 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2017-02-01 11:17 - 2017-02-01 11:17 - 00000022 _____ C:\Windows\S.dirmngr
2017-01-31 19:10 - 2017-01-31 19:10 - 04032905 _____ C:\Users\mohsin\Downloads\EloSpikes.rar
2017-01-31 19:10 - 2017-01-31 19:10 - 00000000 ____D C:\Users\mohsin\Downloads\EloSpikes
2017-01-31 17:33 - 2017-01-31 17:33 - 00000000 ____D C:\Users\mohsin\Downloads\BoL+Studio
2017-01-31 17:32 - 2017-01-31 17:32 - 31802960 _____ C:\Users\mohsin\Downloads\BoL+Studio.rar
2017-01-31 17:21 - 2017-01-31 17:21 - 06178953 _____ C:\Users\mohsin\Downloads\Bot of Legends (1).rar
2017-01-31 17:20 - 2017-01-31 17:23 - 00000000 ____D C:\Users\mohsin\Downloads\Bot of Legends
2017-01-31 17:20 - 2017-01-31 17:20 - 06178953 _____ C:\Users\mohsin\Downloads\Bot of Legends.rar
2017-01-31 14:29 - 2017-01-31 14:29 - 00662212 _____ C:\Users\mohsin\Downloads\ÜbungsklausurEinführungindieWirtschaftsinformatik (2).pdf
2017-01-31 14:04 - 2017-01-31 14:04 - 00662212 _____ C:\Users\mohsin\Downloads\ÜbungsklausurEinführungindieWirtschaftsinformatik (1).pdf
2017-01-31 13:47 - 2017-02-01 11:26 - 00000548 _____ C:\Users\mohsin\Desktop\JRT.txt
2017-01-31 13:43 - 2017-01-31 13:43 - 04015056 _____ C:\Users\mohsin\Downloads\adwcleaner_6.043.exe
2017-01-31 13:41 - 2017-01-31 13:41 - 00662212 _____ C:\Users\mohsin\Downloads\ÜbungsklausurEinführungindieWirtschaftsinformatik.pdf
2017-01-31 13:40 - 2017-01-31 13:40 - 06220202 _____ C:\Users\mohsin\Downloads\Mathe-Treffer-PDFs.pdf
2017-01-31 13:40 - 2017-01-31 13:40 - 00583026 _____ C:\Users\mohsin\Downloads\Uebungsklausur.pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_2 (1).pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Uebungstest_02 (4).pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Uebungstest_02 (3).pdf
2017-01-30 16:20 - 2017-01-30 16:20 - 00016380 _____ C:\Users\mohsin\Downloads\Uebungstest_01 (5).pdf
2017-01-30 15:28 - 2017-01-30 15:28 - 00169517 _____ C:\Users\mohsin\Downloads\Renten.pdf
2017-01-30 14:50 - 2017-01-30 14:50 - 00421190 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_2.pdf
2017-01-30 14:47 - 2017-01-30 14:47 - 00480104 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_1 (1).pdf
2017-01-30 14:47 - 2017-01-30 14:47 - 00016380 _____ C:\Users\mohsin\Downloads\Warhscheinlichkeiten_Teil_1.pdf
2017-01-30 14:43 - 2017-01-30 14:43 - 00340576 _____ C:\Users\mohsin\Downloads\Zinsen.pdf
2017-01-29 14:12 - 2017-01-29 15:07 - 00000000 ____D C:\Users\mohsin\Desktop\mbar
2017-01-29 14:12 - 2017-01-29 15:07 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-01-29 14:12 - 2017-01-29 14:49 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-01-29 14:12 - 2017-01-29 14:49 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2017-01-29 14:12 - 2017-01-29 14:12 - 16563352 _____ (Malwarebytes Corp.) C:\Users\mohsin\Downloads\mbar-1.09.3.1001.exe
2017-01-29 14:12 - 2017-01-29 14:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-01-28 21:42 - 2017-01-28 21:42 - 00001625 _____ C:\Users\Public\Desktop\League of Legends.lnk
2017-01-28 21:42 - 2017-01-28 21:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2017-01-28 21:40 - 2017-01-28 21:40 - 31876824 _____ (Riot Games) C:\Users\mohsin\Downloads\LeagueofLegends_EUW_Installer_2016_11_10.exe
2017-01-28 02:56 - 2017-01-28 02:57 - 2726419131 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E08 - Hearts Still Beating.mkv
2017-01-28 02:55 - 2017-01-28 02:56 - 2223923664 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E06 - Swear.mkv
2017-01-28 02:55 - 2017-01-28 02:56 - 2021339121 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E07 - Sing Me a Song.mkv
2017-01-28 02:54 - 2017-01-28 02:55 - 2011485912 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E04 - Service.mkv
2017-01-28 02:54 - 2017-01-28 02:55 - 1406380204 _____ C:\Users\mohsin\Desktop\The Walking Dead - S07E05 - Go Getters.mkv
2017-01-28 02:53 - 2017-01-28 02:53 - 06975096 _____ (Tim Kosse) C:\Users\mohsin\Downloads\FileZilla_3.24.0_win64-setup.exe
2017-01-27 18:12 - 2017-01-27 18:12 - 00000000 ____D C:\Users\mohsin\Downloads\HTML_Beispiele
2017-01-27 18:07 - 2017-01-27 21:24 - 00053196 _____ C:\Users\mohsin\Downloads\FRST.txt
2017-01-27 18:07 - 2017-01-27 21:24 - 00045971 _____ C:\Users\mohsin\Downloads\Addition.txt
2017-01-27 17:55 - 2017-01-27 17:55 - 01098313 _____ C:\Users\mohsin\Downloads\HTML_Gesamt (2).pdf
2017-01-27 17:20 - 2017-01-27 17:20 - 00694954 _____ C:\Users\mohsin\Downloads\HTML_Beispiele.zip
2017-01-27 17:18 - 2017-01-27 17:18 - 01098313 _____ C:\Users\mohsin\Downloads\HTML_Gesamt (1).pdf
2017-01-27 17:15 - 2017-01-27 17:15 - 01098313 _____ C:\Users\mohsin\Downloads\HTML_Gesamt.pdf
2017-01-27 17:14 - 2017-02-01 11:27 - 00000000 ____D C:\Users\mohsin\Downloads\FRST-OlderVersion
2017-01-27 17:14 - 2017-01-27 17:16 - 00054023 _____ C:\Users\mohsin\Desktop\FRST.txt
2017-01-27 17:04 - 2017-01-27 17:05 - 00000000 ____D C:\Users\mohsin\Desktop\wi klausur
2017-01-27 17:04 - 2017-01-27 17:04 - 00000000 ____D C:\Users\mohsin\Downloads\wi klausur
2017-01-26 03:32 - 2017-01-26 03:33 - 00527360 _____ C:\Users\mohsin\Downloads\Launcher.dll
2017-01-25 19:55 - 2017-01-25 19:55 - 00614242 _____ C:\Users\mohsin\Downloads\Klausuren-Lösungen (1).pdf
2017-01-25 19:54 - 2017-01-25 19:54 - 00614242 _____ C:\Users\mohsin\Downloads\Klausuren-Lösungen.pdf
2017-01-25 18:51 - 2017-01-25 18:51 - 00000000 ____D C:\Program Files\HitmanPro
2017-01-25 14:23 - 2017-01-25 14:23 - 00101864 _____ C:\Users\mohsin\Downloads\bsp_klausur_WS0708 (1).pdf
2017-01-25 14:21 - 2017-01-25 14:21 - 00158620 _____ C:\Users\mohsin\Downloads\PROG1_Ueb_9.pdf
2017-01-25 14:11 - 2017-01-27 17:16 - 00028618 _____ C:\Users\mohsin\Desktop\Addition.txt
2017-01-25 14:10 - 2017-02-01 11:27 - 00000000 ____D C:\FRST
2017-01-25 14:09 - 2017-02-01 11:23 - 02420736 _____ (Farbar) C:\Users\mohsin\Downloads\FRST64.exe
2017-01-25 03:32 - 2017-01-25 03:32 - 01065376 _____ (Google Inc.) C:\Users\mohsin\Downloads\ChromeSetup (2).exe
2017-01-25 03:31 - 2017-01-26 00:41 - 00002207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-01-25 03:31 - 2017-01-26 00:41 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-01-25 03:31 - 2017-01-25 03:31 - 01065376 _____ (Google Inc.) C:\Users\mohsin\Downloads\ChromeSetup (1).exe
2017-01-25 03:30 - 2017-01-25 03:35 - 00003542 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-01-25 03:30 - 2017-01-25 03:35 - 00003414 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-01-25 03:28 - 2017-01-25 03:28 - 01065376 _____ (Google Inc.) C:\Users\mohsin\Downloads\ChromeSetup.exe
2017-01-23 23:12 - 2017-01-23 23:12 - 00011106 _____ C:\Users\mohsin\Downloads\CarAdmin.java
2017-01-23 22:52 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2017-01-23 21:28 - 2017-01-23 21:28 - 00000000 _____ C:\Users\mohsin\Desktop\%)$(.txt
2017-01-22 22:19 - 2017-01-22 22:27 - 24669949 _____ C:\Users\mohsin\Downloads\Futtermischer_pack_placeable.zip
2017-01-22 15:02 - 2017-01-22 15:35 - 00000000 ____D C:\Users\mohsin\AppData\Local\TeamSpeak 3
2017-01-22 15:02 - 2017-01-22 15:02 - 00000000 ____D C:\Users\mohsin\.TeamSpeak 3
2017-01-22 15:02 - 2017-01-22 15:02 - 00000000 ____D C:\Users\mohsin\.QtWebEngineProcess
2017-01-22 02:13 - 2017-01-20 20:13 - 00001636 _____ C:\Users\mohsin\Desktop\StdInput.java
2017-01-21 22:51 - 2017-01-21 22:51 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13 (3).pdf
2017-01-21 22:51 - 2017-01-21 22:51 - 00358011 _____ C:\Users\mohsin\Downloads\Klausur+SS13.pdf
2017-01-21 22:51 - 2017-01-21 22:51 - 00328941 _____ C:\Users\mohsin\Downloads\Klausur+SS14.pdf
2017-01-21 22:51 - 2017-01-21 22:51 - 00291905 _____ C:\Users\mohsin\Downloads\Klausur+SS12 (3).pdf
2017-01-21 22:37 - 2017-01-21 22:37 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13 (2).pdf
2017-01-21 22:37 - 2017-01-21 22:37 - 00215750 _____ C:\Users\mohsin\Downloads\Probeklausur+WS12 (1).pdf
2017-01-21 18:20 - 2017-01-21 18:20 - 00228869 _____ C:\Users\mohsin\Downloads\Probeklausur+SS12 (1).pdf
2017-01-21 18:20 - 2017-01-21 18:20 - 00215750 _____ C:\Users\mohsin\Downloads\Probeklausur+WS12.pdf
2017-01-20 22:23 - 2017-01-26 04:50 - 00004789 _____ C:\Users\mohsin\Downloads\Settings.dat
2017-01-20 22:20 - 2017-01-20 22:20 - 00637440 _____ () C:\Users\mohsin\Downloads\EAITFE.dll
2017-01-20 22:20 - 2017-01-20 22:20 - 00228608 _____ C:\Users\mohsin\Downloads\ctb.dat
2017-01-20 20:13 - 2017-01-23 21:50 - 00000000 ____D C:\Users\mohsin\Downloads\Telegram Desktop
2017-01-20 16:56 - 2017-01-20 16:56 - 00275804 _____ C:\Users\mohsin\Downloads\Musterloesung+Probeklausur+SS12 (1).pdf
2017-01-20 16:56 - 2017-01-20 16:56 - 00228869 _____ C:\Users\mohsin\Downloads\Probeklausur+SS12.pdf
2017-01-19 11:56 - 2017-01-19 12:04 - 25586197 _____ C:\Users\mohsin\Downloads\FBM17_MBtracKlein.zip
2017-01-19 05:36 - 2017-01-19 05:39 - 11003462 _____ C:\Users\mohsin\Downloads\MB1800Intercooler_TSL_LS17wsb.zip
2017-01-16 14:49 - 2017-01-16 14:49 - 02101354 _____ C:\Users\mohsin\Downloads\DB_Klausuren.zip
2017-01-15 18:12 - 2017-01-15 18:12 - 00698136 _____ C:\Users\mohsin\Downloads\FS17_AutoDrive.zip
2017-01-15 15:17 - 2017-01-15 15:17 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13 (1).pdf
2017-01-15 15:07 - 2017-01-15 15:07 - 02077171 _____ C:\Users\mohsin\Downloads\Promod1_Klausuren.zip
2017-01-15 14:32 - 2017-01-15 14:32 - 00000000 ____D C:\Users\mohsin\Downloads\1361019588_SAPD Pack
2017-01-15 14:15 - 2017-01-15 14:15 - 24739376 _____ C:\Users\mohsin\Downloads\1361019588_SAPD Pack.rar
2017-01-15 14:10 - 2017-01-15 14:10 - 03988944 _____ C:\Users\mohsin\Downloads\adwcleaner_6.042.exe
2017-01-14 22:30 - 2017-01-14 22:30 - 00000000 ____D C:\Users\mohsin\AppData\Local\Chromium
2017-01-14 19:57 - 2017-01-14 19:57 - 00006807 _____ C:\Users\mohsin\Downloads\hitsounds.smx
2017-01-14 17:06 - 2017-01-14 17:06 - 00000000 ____D C:\Users\mohsin\AppData\LocalLow\Audiosurf_ LLC
2017-01-14 17:04 - 2017-01-14 17:04 - 00001615 _____ C:\Users\mohsin\Desktop\Audiosurf 2.lnk
2017-01-14 17:04 - 2017-01-14 17:04 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Audiosurf 2 1.0.0.2
2017-01-14 17:00 - 2017-01-14 17:01 - 233582003 _____ (Игры на Cat-A-Cat.NET ) C:\Users\mohsin\Downloads\Audiosurf 2.exe
2017-01-14 17:00 - 2017-01-14 17:00 - 00000824 _____ C:\Users\Public\Desktop\IPVanish.lnk
2017-01-14 16:59 - 2017-01-14 17:03 - 00000000 ____D C:\Users\mohsin\AppData\LocalLow\uTorrent
2017-01-14 15:37 - 2017-01-14 15:37 - 34773799 _____ C:\Users\mohsin\Downloads\FS17_Fendt1000_steph33_v1_3.zip
2017-01-14 14:48 - 2017-01-14 14:48 - 00291905 _____ C:\Users\mohsin\Downloads\Klausur+SS12 (2).pdf
2017-01-14 14:15 - 2017-01-14 14:15 - 00429042 _____ C:\Users\mohsin\Downloads\Klausur+WS13.pdf
2017-01-14 13:58 - 2017-01-14 13:58 - 00291905 _____ C:\Users\mohsin\Downloads\Klausur+SS12 (1).pdf
2017-01-14 01:36 - 2017-01-14 01:36 - 00397579 _____ C:\Users\mohsin\Desktop\kaka.exe
2017-01-14 01:34 - 2017-01-14 01:36 - 00000676 _____ C:\Users\mohsin\Desktop\furz.xml
2017-01-14 01:18 - 2017-01-14 01:18 - 00137286 _____ C:\Users\mohsin\Downloads\ReceiptCalc.bmp.zip
2017-01-14 00:37 - 2017-01-14 00:39 - 00001803 _____ C:\Users\mohsin\Desktop\ReceptCalc.jar
2017-01-14 00:37 - 2017-01-14 00:37 - 05966202 _____ C:\Users\mohsin\Downloads\launch4j-3.1.0-beta1-win32.zip
2017-01-14 00:37 - 2017-01-14 00:37 - 00000000 ____D C:\Users\mohsin\Downloads\launch4j-3.1.0-beta1-win32
2017-01-13 22:06 - 2017-01-13 22:06 - 00000000 _____ C:\Users\mohsin\Desktop\Neues Textdokument (2).txt
2017-01-13 17:30 - 2017-01-13 17:30 - 01882759 _____ C:\Users\mohsin\Downloads\FlowCharts.pdf
2017-01-13 17:29 - 2017-01-13 17:29 - 00386555 _____ C:\Users\mohsin\Downloads\UML+Use+Case+Diagrams.pdf
2017-01-12 22:10 - 2017-01-12 22:10 - 00001453 _____ C:\Users\mohsin\Desktop\KlausurLösung.txt
2017-01-12 19:53 - 2017-01-12 19:53 - 00001663 _____ C:\Users\mohsin\Downloads\StdInput.java
2017-01-11 21:35 - 2017-01-11 21:35 - 00022250 _____ C:\Users\mohsin\Desktop\Mo&Judy prak 9.zip
2017-01-11 21:34 - 2017-01-11 21:34 - 00007993 _____ C:\Users\mohsin\Desktop\ecommerce.java
2017-01-11 20:45 - 2017-01-11 20:48 - 440291328 _____ C:\Users\mohsin\Downloads\Abenteuer Survival - Die Gruene Hoelle.avi
2017-01-11 20:43 - 2017-01-11 21:08 - 00000000 ____D C:\Users\mohsin\Desktop\Abenteuer_Survival
2017-01-11 02:40 - 2017-01-11 02:40 - 06158640 _____ C:\Users\mohsin\Downloads\Farming Simulator 17 Savegame Editor_v2.0.0.zip
2017-01-10 16:17 - 2017-01-10 16:17 - 00000847 _____ C:\Users\mohsin\Downloads\rechteck8_2 (1).class
2017-01-10 14:09 - 2017-01-10 14:09 - 00002069 _____ C:\Users\mohsin\Downloads\StdInput.class
2017-01-10 14:09 - 2017-01-10 14:09 - 00001311 _____ C:\Users\mohsin\Downloads\rechteck2.class
2017-01-10 14:09 - 2017-01-10 14:09 - 00000847 _____ C:\Users\mohsin\Downloads\rechteck8_2.class
2017-01-07 15:15 - 2017-01-07 15:15 - 00206734 _____ C:\Users\mohsin\Downloads\PROG1_Ueb_8.pdf
2017-01-07 15:03 - 2017-01-07 15:03 - 15086681 _____ C:\Users\mohsin\Downloads\PROG1_illik_J2SE_v8_161002_students (2).pdf
2017-01-07 13:07 - 2017-01-07 16:59 - 00000731 _____ C:\Users\mohsin\Desktop\BW BBz.txt
2017-01-07 11:35 - 2017-01-07 11:35 - 04692802 _____ C:\Users\mohsin\Desktop\187 Strassenbande - 10 Jahre (Jambeatz).m4a
2017-01-07 11:15 - 2017-01-07 11:15 - 02187986 _____ C:\Users\mohsin\Downloads\1163002632_Cheverolet_Caprice_SFPD_SPC.rar
2017-01-06 16:34 - 2017-01-25 16:04 - 00000676 _____ C:\Windows\system32\.crusader
2017-01-06 16:25 - 2017-01-06 16:33 - 00000000 ____D C:\ProgramData\HitmanPro
2017-01-06 14:09 - 2017-01-09 18:09 - 00000000 ____D C:\Users\mohsin\Desktop\Wiz Khalifa
2017-01-06 13:21 - 2017-01-06 13:22 - 11581544 _____ (SurfRight B.V.) C:\Users\mohsin\Downloads\hitmanpro_x64.exe
2017-01-05 14:33 - 2017-01-05 14:33 - 00131988 _____ C:\Users\mohsin\Downloads\_codeconventions-150003.pdf
2017-01-05 14:31 - 2017-01-05 14:31 - 00101864 _____ C:\Users\mohsin\Downloads\bsp_klausur_WS0708.pdf
2017-01-05 14:29 - 2017-01-05 14:30 - 00000000 ____D C:\Users\mohsin\AppData\Local\iWesoft
2017-01-05 14:29 - 2017-01-05 14:29 - 00001228 _____ C:\Users\mohsin\Desktop\Magic Zip Password Recovery.lnk
2017-01-05 14:29 - 2017-01-05 14:29 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Magic Zip Password Recovery
2017-01-05 14:29 - 2017-01-05 14:29 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\iWesoft
2017-01-05 14:29 - 2017-01-05 14:29 - 00000000 ____D C:\Program Files (x86)\Magic Zip Password Recovery
2017-01-05 14:07 - 2017-01-05 14:07 - 04895331 _____ C:\Users\mohsin\Downloads\zippingpasttheshore.rar
2017-01-04 17:54 - 2017-01-04 17:54 - 00000154 _____ C:\Users\mohsin\.appletviewer
2017-01-04 15:23 - 2017-01-04 15:23 - 00345778 _____ C:\Users\mohsin\Downloads\promod1_case_studies.zip
2017-01-03 12:08 - 2017-01-03 12:08 - 15086681 _____ C:\Users\mohsin\Downloads\PROG1_illik_J2SE_v8_161002_students (1).pdf
2017-01-03 03:37 - 2017-01-03 03:37 - 00006824 _____ C:\Users\mohsin\Desktop\Brazzers.txt
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-02-01 11:24 - 2016-12-19 14:47 - 00000000 ____D C:\AdwCleaner
2017-02-01 11:23 - 2015-10-07 12:10 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3612516331-1481563410-2683479032-1001
2017-02-01 11:22 - 2015-10-07 12:07 - 00003934 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6EAD9E2E-F1E5-4F67-8E1E-B97D411E429D}
2017-02-01 11:20 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2017-02-01 11:19 - 2015-10-07 12:07 - 00000000 ___DO C:\Users\mohsin\SkyDrive
2017-02-01 11:17 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-02-01 11:16 - 2016-12-10 23:26 - 00000000 ____D C:\ProgramData\AVAST Software
2017-02-01 11:16 - 2015-10-07 12:09 - 00000000 ____D C:\ProgramData\NVIDIA
2017-02-01 11:16 - 2013-08-22 14:25 - 01310720 ___SH C:\Windows\system32\config\BBI
2017-02-01 11:08 - 2016-11-24 12:50 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Telegram Desktop
2017-02-01 10:33 - 2016-12-04 11:03 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2017-02-01 08:09 - 2016-11-27 18:56 - 00000000 ____D C:\Program Files\IPVanish
2017-02-01 01:15 - 2015-10-08 12:00 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\vlc
2017-01-31 19:12 - 2016-05-14 21:55 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\BoL
2017-01-31 17:23 - 2015-12-07 18:23 - 00000000 ____D C:\Program Files (x86)\Steam
2017-01-31 13:43 - 2016-12-10 23:27 - 00000000 ____D C:\Users\mohsin\Desktop\Tools
2017-01-31 03:27 - 2015-10-07 12:14 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\TS3Client
2017-01-30 11:12 - 2015-10-12 15:29 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\FileZilla
2017-01-30 08:58 - 2016-12-10 16:19 - 00000000 ____D C:\Users\mohsin\.p2
2017-01-30 08:57 - 2016-12-10 16:24 - 00000000 ____D C:\Users\mohsin\AppData\Local\Eclipse
2017-01-30 08:27 - 2015-10-08 16:44 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\DVDVideoSoft
2017-01-29 15:00 - 2016-12-10 16:23 - 00000000 ____D C:\Users\mohsin\workspace
2017-01-28 21:40 - 2015-10-11 19:10 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\Riot Games
2017-01-28 21:38 - 2015-10-12 15:35 - 00000000 ____D C:\Users\mohsin\AppData\Local\CrashDumps
2017-01-28 21:38 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2017-01-27 19:45 - 2016-03-17 15:20 - 00003868 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1458224430
2017-01-27 19:45 - 2016-03-17 15:20 - 00001063 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2017-01-27 19:45 - 2016-03-17 15:20 - 00000000 ____D C:\Program Files (x86)\Opera
2017-01-27 19:39 - 2013-08-22 15:44 - 00477720 _____ C:\Windows\system32\FNTCACHE.DAT
2017-01-27 18:06 - 2015-10-12 15:30 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-01-27 18:06 - 2015-10-12 15:28 - 00000000 ____D C:\Program Files\Microsoft Office
2017-01-27 18:06 - 2015-10-12 15:28 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-01-27 18:06 - 2013-08-23 00:26 - 00000000 ____D C:\Windows\ShellNew
2017-01-27 18:06 - 2013-08-22 16:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-01-27 18:06 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-01-27 18:05 - 2013-08-22 16:36 - 00000000 ____D C:\Program Files\Common Files\System
2017-01-27 18:05 - 2013-08-22 14:25 - 00000076 _____ C:\Windows\win.ini
2017-01-26 03:33 - 2016-12-11 21:24 - 01684992 _____ C:\Users\mohsin\Downloads\EAIT.dll
2017-01-26 03:33 - 2016-12-11 21:24 - 00000047 _____ C:\Users\mohsin\Downloads\README.txt
2017-01-25 03:30 - 2015-10-07 12:09 - 00000000 ____D C:\Program Files (x86)\Google
2017-01-24 02:42 - 2015-10-07 12:02 - 01776918 _____ C:\Windows\system32\PerfStringBackup.INI
2017-01-24 02:42 - 2013-08-23 00:24 - 00764340 _____ C:\Windows\system32\perfh007.dat
2017-01-24 02:42 - 2013-08-23 00:24 - 00159160 _____ C:\Windows\system32\perfc007.dat
2017-01-22 15:02 - 2015-10-07 12:14 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client
2017-01-22 15:02 - 2015-10-07 12:04 - 00000000 ____D C:\Users\mohsin
2017-01-15 13:50 - 2015-10-26 13:15 - 00000000 ____D C:\Users\mohsin\Documents\SolidWorks Downloads
2017-01-15 13:48 - 2016-11-29 15:14 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\uTorrent
2017-01-15 13:48 - 2016-10-16 13:04 - 00000000 ____D C:\Windows\Minidump
2017-01-14 17:06 - 2015-10-07 12:05 - 00000000 ____D C:\Users\mohsin\AppData\Local\VirtualStore
2017-01-14 17:03 - 2016-11-27 20:18 - 00000000 ____D C:\Users\mohsin\AppData\Roaming\IPVanish VPN
2017-01-14 17:03 - 2016-10-13 12:17 - 00000000 ____D C:\Games
2017-01-14 17:00 - 2016-11-27 18:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPVanish
2017-01-11 23:21 - 2015-10-13 11:57 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-01-11 23:20 - 2015-10-13 12:23 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-01-11 04:02 - 2015-10-11 16:20 - 00000000 ____D C:\Windows\system32\MRT
2017-01-11 04:02 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2017-01-11 04:01 - 2015-10-11 16:20 - 135657872 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-01-11 02:33 - 2016-12-04 11:03 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2017-01-11 02:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-01-11 02:33 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\Macromed
2017-01-06 16:34 - 2015-10-12 15:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files (x86)\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files (x86)\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files (x86)\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files (x86)\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files (x86)\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files (x86)\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files (x86)\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files (x86)\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files (x86)\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files (x86)\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files (x86)\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files (x86)\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files (x86)\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files (x86)\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files (x86)\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files (x86)\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files (x86)\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files (x86)\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files (x86)\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files (x86)\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files (x86)\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files (x86)\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files (x86)\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files (x86)\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files (x86)\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files (x86)\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files (x86)\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files (x86)\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files (x86)\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files (x86)\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files (x86)\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files (x86)\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files (x86)\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files (x86)\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files (x86)\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files (x86)\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files (x86)\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files (x86)\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files (x86)\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files (x86)\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files (x86)\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files (x86)\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files (x86)\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files (x86)\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files (x86)\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files (x86)\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files (x86)\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files (x86)\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files (x86)\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files (x86)\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files (x86)\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files (x86)\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files (x86)\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files (x86)\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files (x86)\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files (x86)\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files (x86)\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files (x86)\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files (x86)\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files (x86)\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files (x86)\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files (x86)\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files (x86)\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files (x86)\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files (x86)\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files (x86)\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files (x86)\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files (x86)\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files (x86)\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files (x86)\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files (x86)\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files (x86)\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files (x86)\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files (x86)\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files (x86)\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files (x86)\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files (x86)\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files (x86)\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files (x86)\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files (x86)\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files (x86)\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files (x86)\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files (x86)\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files (x86)\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files (x86)\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files (x86)\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files (x86)\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files (x86)\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files (x86)\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files (x86)\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files (x86)\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files (x86)\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files (x86)\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files (x86)\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files (x86)\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files (x86)\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files (x86)\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files (x86)\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files (x86)\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files (x86)\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files (x86)\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files (x86)\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files (x86)\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files (x86)\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files (x86)\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files (x86)\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files (x86)\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files (x86)\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files (x86)\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files (x86)\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files (x86)\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files (x86)\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files (x86)\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files (x86)\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files (x86)\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files (x86)\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files (x86)\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files (x86)\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files (x86)\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files (x86)\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files (x86)\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files (x86)\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files (x86)\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files (x86)\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files (x86)\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files (x86)\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files (x86)\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files (x86)\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files (x86)\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files (x86)\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files (x86)\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files (x86)\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files (x86)\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files (x86)\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files (x86)\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files (x86)\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files (x86)\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files (x86)\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files (x86)\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files (x86)\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files (x86)\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files (x86)\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files (x86)\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files (x86)\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files (x86)\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files (x86)\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files (x86)\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files (x86)\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files (x86)\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files (x86)\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files (x86)\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files (x86)\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files (x86)\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files (x86)\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files (x86)\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files (x86)\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files (x86)\OCT2006_XACT_x86.cab
2016-11-27 22:50 - 2016-11-27 22:50 - 0001243 _____ () C:\Users\mohsin\AppData\Local\recently-used.xbel
2015-11-16 14:32 - 2015-11-16 14:32 - 0000000 _____ () C:\Users\mohsin\AppData\Local\Temptable.xml
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-01-27 17:39
==================== Ende von FRST.txt ============================
|
|
01.02.2017, 11:40
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter Task: {A461150A-59B9-4C9F-9EF8-B4476A3D2109} - \AutoPico Daily Restart -> Keine Datei <==== ACHTUNG
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
GroupPolicy: Beschränkung <======= ACHTUNG
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
U0 aswVmm; kein ImagePath
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
C:\Program Files\KMSpico
emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.02.2017, 11:53
| #29 |
| | Adware Problem, lässt sich nicht beheben!Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-01-2017
durchgeführt von mohsin (01-02-2017 11:49:40) Run:1
Gestartet von C:\Users\mohsin\Desktop
Geladene Profile: mohsin (Verfügbare Profile: mohsin)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
Task: {A461150A-59B9-4C9F-9EF8-B4476A3D2109} - \AutoPico Daily Restart -> Keine Datei <==== ACHTUNG
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei
GroupPolicy: Beschränkung <======= ACHTUNG
S3 WinDivert1.1; \??\C:\Program Files\KMSpico\WinDivert.sys [X]
U0 aswVmm; kein ImagePath
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
C:\Program Files\KMSpico
emptytemp:
*****************
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A461150A-59B9-4C9F-9EF8-B4476A3D2109} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A461150A-59B9-4C9F-9EF8-B4476A3D2109} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => Schlüssel erfolgreich entfernt
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => Schlüssel erfolgreich entfernt
HKCR\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => Schlüssel nicht gefunden.
C:\Windows\system32\GroupPolicy\Machine => erfolgreich verschoben
C:\Windows\system32\GroupPolicy\GPT.ini => erfolgreich verschoben
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => erfolgreich verschoben
HKLM\System\CurrentControlSet\Services\WinDivert1.1 => Schlüssel erfolgreich entfernt
WinDivert1.1 => Dienst erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\aswVmm => Schlüssel erfolgreich entfernt
aswVmm => Dienst erfolgreich entfernt
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico => erfolgreich verschoben
"C:\Program Files\KMSpico" => nicht gefunden.
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17270082 B
Java, Flash, Steam htmlcache => 188096280 B
Windows/system/drivers => 36202194 B
Edge => 0 B
Chrome => 455453693 B
Firefox => 0 B
Opera => 6920192 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile32 => 128 B
LocalService => 16791344 B
NetworkService => 6876 B
mohsin => 48080379 B
RecycleBin => 10743808 B
EmptyTemp: => 751.5 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 11:49:50 ====
|
|
01.02.2017, 12:01
| #30 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Adware Problem, lässt sich nicht beheben! Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte  Malwarebytes Anti-Malware
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte  SecurityCheck und:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Adware Problem, lässt sich nicht beheben! |
| adware, allgemeine, automatisch, beheben, browser, chrome, cleaner, fenster, meinem, nerviges, nicht, problem, scans, schließe, schlimmes, search, secure, secure search, tagen, toolbar, viren, werbung |
Linear-Darstellung
