| |
| |||||||
Log-Analyse und Auswertung: Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehrWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
28.02.2017, 17:21
| #1 |
 |  Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Habe eventuell ein Trojaner/Virus Problem. Nachdem sich ein Bi.tly link geöffnet und direkt wieder geschlossen hat, lies sich die Avast(PREMIUM!) Benutzerschnittstelle nicht mehr öffnen. Also den PC neugestartet, und Avast lies sich nicht mehr starten da libcrypto.dll fehlt. Jetzt habe ich die befürchtung mir einen Trojaner geholt zu haben...  FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 27-02-2017 01 durchgeführt von Jan (Administrator) auf JANSPC (28-02-2017 16:56:07) Gestartet von C:\Users\Jan\Desktop Geladene Profile: Jan & (Verfügbare Profile: Jan & Administrator) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AppVerifierService) C:\ProgramData\ASCValidator\ASCValidatorService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe ( Rsupport Corporation) C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (AMD) C:\Windows\System32\atieclxx.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe () C:\Program Files (x86)\ClockworkMod\Universal Adb Driver\AdbNativeMessaging.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Microsoft Corporation) C:\Windows\System32\Taskmgr.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-12] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-05-22] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.9.384\ASUSWSLoader.exe [63296 2014-07-17] () HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-02-08] (AVAST Software) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] () HKLM-x32\...\Run: [DT HPC] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123688 2013-01-10] (Portrait Displays, Inc.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-09-28] (Plays.tv, LLC) HKLM-x32\...\Run: [SoundTouch Music Server] => d:\Programme\bose\SoundTouchMusicServer\SoundTouch Music Server.lnk [1993 2016-12-24] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5668968 2015-04-08] (FreeDownloadManager.ORG) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\MountPoints2: {03dc492f-f17e-11e3-8253-806e6f6e6963} - "F:\SETUP.EXE" HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\MountPoints2: {da3a65ad-b423-11e6-83c9-54271ee707f4} - "E:\PMCsetup.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\MountPoints2: {f1011440-5c60-11e4-828d-54271ee707f4} - "E:\LGAutoRun.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322248 2014-03-31] (Microsoft Corporation) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5668968 2015-04-08] (FreeDownloadManager.ORG) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {03dc492f-f17e-11e3-8253-806e6f6e6963} - "F:\SETUP.EXE" HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {da3a65ad-b423-11e6-83c9-54271ee707f4} - "E:\PMCsetup.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f1011440-5c60-11e4-828d-54271ee707f4} - "E:\LGAutoRun.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322248 2014-03-31] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-09-26] (AVAST Software) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-16] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-02-28] ShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk [2015-10-28] ShortcutTarget: Product Registration.lnk -> C:\Users\Jan\AppData\Local\Temp\is-RLDB0.tmp\ATR1.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyServer: [S-1-5-21-2520833252-57370397-164746935-1001] => http=;ftp=;https=; ProxyServer: [S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=;ftp=;https=; Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation) Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation) Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{1AA7A17D-1BA4-4C73-8F26-8128C8503BCB}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{94BC73E2-03D5-4B6C-81E0-1F8A191CB7EC}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{ABE8FDB7-9D8A-463E-8B8E-976CEBEBBABF}: [DhcpNameServer] 172.18.11.1 Internet Explorer: ================== HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-2520833252-57370397-164746935-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001 -> DefaultScope {D8B6FC24-BCD3-4E27-8E05-3586BE46007F} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001 -> {D8B6FC24-BCD3-4E27-8E05-3586BE46007F} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D8B6FC24-BCD3-4E27-8E05-3586BE46007F} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {D8B6FC24-BCD3-4E27-8E05-3586BE46007F} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-02-08] (AVAST Software) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Recorder Toolbar -> {120A8821-2BEE-4C29-BCDA-62C577781992} -> C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-12-16] (MedienTeam66) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-17] (Oracle Corporation) BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-02-08] (AVAST Software) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-04-08] (FreeDownloadManager.ORG) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-17] (Oracle Corporation) Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-12-16] (MedienTeam66) FireFox: ======== FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-09-28] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-09-28] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension FF Extension: (Free Download Manager plugin) - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-05-18] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-10] () FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-10] () FF Plugin-x32: @delorme.com/SendToGPS -> C:\Program Files (x86)\DeLorme\SendToGPS\nppnplugin.dll [2013-05-02] (DeLorme) FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-04] () FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-04] () Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.googel.de/ CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01" CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2017-02-28] CHR Extension: (Restlet Client - DHC) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2017-02-28] CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09] CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (GoMBoX) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\djmjacihdlchgibookpajeaompnjfgio [2015-02-22] CHR Extension: (Google Docs Offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Vysor) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2017-01-19] CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-26] CHR Extension: (SwagButton) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2016-12-18] CHR Extension: (Avast Online Security) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2016-12-18] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04] CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10] CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-04-12] CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-04-12] CHR Extension: (Google Präsentationen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-01] CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01] CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-01] CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01] CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01] CHR Extension: (Google Tabellen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-01] CHR Extension: (Avast Online Security) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-01] CHR Extension: (Google Wallet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-01] CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-02-16] (Adobe Systems) [Datei ist nicht signiert] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] () R2 ASCValidator; C:\ProgramData\ASCValidator\ASCValidatorService.exe [29696 2016-10-26] (AppVerifierService) [Datei ist nicht signiert] S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Datei ist nicht signiert] S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7142136 2017-02-15] (AVAST Software s.r.o.) S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-02-08] (AVAST Software) R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [Datei ist nicht signiert] S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-03] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-03] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-03] (BlueStack Systems, Inc.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [Datei ist nicht signiert] R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [140072 2013-01-10] (Portrait Displays, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark) R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-02-22] (AnchorFree Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [1277768 2017-02-02] ( Rsupport Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-11] (Electronic Arts) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [54544 2016-11-03] (Copyright (c) 2016 Plays.tv, LLC) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 Survarium Update Service; D:\Programme\Survarium\Survarium\game\binaries\x86\survarium_service.exe [214104 2016-03-18] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [41472 2016-05-11] () S3 VSStandardCollectorService140; D:\Programme\VS\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.) S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309784 2017-02-08] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-02-08] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-02-08] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-02-08] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-02-08] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-02-08] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126088 2017-02-08] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-02-08] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [74680 2017-02-08] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [991496 2017-02-08] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [547904 2017-02-27] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-02-27] (AVAST Software) S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-08-16] (The OpenVPN Project) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337080 2017-02-27] (AVAST Software) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-04-07] () S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-03] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-27] (Intel Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.) S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation) R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net) R3 LifeCamTrueColor; C:\Windows\system32\DRIVERS\LifeCamTrueColor.sys [37936 2016-07-27] (Microsoft Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-04-07] () R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.) S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2017-02-28] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 RtkA2dp; C:\Windows\system32\drivers\RtkA2dp.sys [178392 2013-06-27] (Realtek Semiconductor Corporation) R3 RtkAvrcp; C:\Windows\System32\drivers\RtkAvrcp.sys [57560 2013-08-13] (Realtek Semiconductor Corporation) R3 RtkAvrcpCtrlr; C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [69848 2013-06-21] (Realtek Semiconductor Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation ) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42088 2015-11-13] (Anchorfree Inc.) S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S4 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X] S4 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S4 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-28 16:56 - 2017-02-28 16:56 - 00040562 _____ C:\Users\Jan\Desktop\FRST.txt 2017-02-28 13:32 - 2017-02-28 16:56 - 00000000 ____D C:\FRST 2017-02-28 13:32 - 2017-02-28 13:32 - 01765376 _____ (Farbar) C:\Users\Jan\Desktop\FRST.exe 2017-02-28 13:31 - 2017-02-28 13:31 - 02423296 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe 2017-02-28 13:30 - 2017-02-28 13:30 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-27 13:51 - 2017-02-27 13:51 - 00001905 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2017-02-27 13:51 - 2017-02-27 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2017-02-27 13:51 - 2017-02-08 15:22 - 00456456 _____ (AVAST Software) C:\Windows\system32\Drivers\asw14A2.tmp 2017-02-27 13:49 - 2017-02-08 15:24 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6EF.tmp 2017-02-27 13:49 - 2017-02-08 15:24 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6ED.tmp 2017-02-27 13:49 - 2017-02-08 15:24 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6FF.tmp 2017-02-27 13:49 - 2017-02-08 15:24 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6EE.tmp 2017-02-27 13:49 - 2017-02-08 15:23 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6EC.tmp 2017-02-27 13:49 - 2017-02-08 15:23 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC6EB.tmp 2017-02-27 13:49 - 2017-02-08 15:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswC68B.tmp 2017-02-27 13:49 - 2017-02-08 15:22 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswC63B.tmp 2017-02-27 13:49 - 2017-02-08 15:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswC65B.tmp 2017-02-27 13:49 - 2017-02-08 15:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswC6DA.tmp 2017-02-27 13:49 - 2016-10-13 12:39 - 00293352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC701.tmp 2017-02-27 13:49 - 2016-09-26 12:54 - 00513632 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC700.tmp 2017-02-27 13:49 - 2016-09-26 12:53 - 00163416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswC702.tmp 2017-02-27 13:48 - 2017-02-27 13:48 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-02-27 13:21 - 2017-02-27 13:21 - 00001073 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2017-02-21 19:02 - 2017-02-21 19:02 - 04810188 _____ C:\Users\Jan\Desktop\Alty (1).jar 2017-02-11 12:39 - 2017-02-11 12:39 - 00002171 _____ C:\Users\Public\Desktop\Google Earth.lnk 2017-02-11 12:39 - 2017-02-11 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2017-02-09 18:16 - 2017-02-09 18:16 - 00001060 _____ C:\Users\Public\Desktop\Camtasia 9.lnk 2017-02-09 18:16 - 2017-02-09 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2017-02-09 18:16 - 2017-02-09 18:16 - 00000000 ____D C:\Program Files\TechSmith 2017-02-08 19:05 - 2017-02-08 19:05 - 00000000 ____D C:\Users\Jan\Neuer Ordner 2017-02-08 19:02 - 2017-02-08 19:02 - 00000000 ____D C:\Program Files (x86)\Image-Line 2017-02-08 15:26 - 2017-02-27 13:49 - 00003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-02-08 15:25 - 2017-02-08 15:22 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-02-08 15:25 - 2017-02-08 15:22 - 00309784 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-02-08 15:25 - 2017-02-08 15:22 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-02-08 15:25 - 2017-02-08 15:22 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-02-05 13:29 - 2017-02-05 13:29 - 00000000 ____D C:\Users\Jan\AppData\Local\TeamViewer 2017-02-04 16:50 - 2017-02-21 21:07 - 00000000 ____D C:\Users\Jan\AltDispenser 2017-02-04 16:49 - 2017-02-04 16:48 - 04810188 _____ C:\Users\Jan\Desktop\Alty.jar 2017-02-03 18:38 - 2017-02-22 17:25 - 00000000 ____D C:\Users\Jan\AppData\Roaming\.minecraft ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-02-28 16:50 - 2014-08-16 05:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype 2017-02-28 16:19 - 2015-06-16 13:53 - 00001230 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001UA.job 2017-02-28 15:29 - 2014-11-18 16:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-02-28 15:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2017-02-28 14:40 - 2014-08-16 04:28 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520833252-57370397-164746935-1001 2017-02-28 14:35 - 2014-11-18 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2017-02-28 14:35 - 2014-11-18 16:30 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2017-02-28 13:38 - 2014-09-15 17:37 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps 2017-02-28 13:31 - 2014-08-16 05:34 - 00000000 ___RD C:\Users\Jan\Dropbox 2017-02-28 13:31 - 2014-08-16 05:12 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Dropbox 2017-02-28 13:28 - 2014-08-16 04:33 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0404A49A-B262-4331-8ACA-CB48ABA5BD48} 2017-02-28 13:26 - 2014-08-16 04:33 - 00000000 __RDO C:\Users\Jan\OneDrive 2017-02-28 13:25 - 2015-08-20 21:27 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Raptr 2017-02-27 13:51 - 2016-09-28 12:34 - 00003896 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1475062453 2017-02-27 13:50 - 2016-09-28 12:34 - 00001026 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-02-27 13:49 - 2014-08-16 04:59 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-02-27 13:48 - 2014-08-16 04:59 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2017-02-27 13:48 - 2014-08-16 04:59 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148819979235904 2017-02-27 13:48 - 2014-08-16 04:59 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-02-27 13:41 - 2014-05-22 10:05 - 00392790 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-27 13:41 - 2014-03-13 01:45 - 08626448 _____ C:\Windows\system32\perfh007.dat 2017-02-27 13:41 - 2014-03-13 01:45 - 02543402 _____ C:\Windows\system32\perfc007.dat 2017-02-27 13:41 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2017-02-27 13:36 - 2016-11-28 13:57 - 00002822 _____ C:\appverifier.txt 2017-02-27 13:35 - 2014-06-11 16:43 - 00000000 ____D C:\ProgramData\Realtek 2017-02-27 13:34 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-27 13:34 - 2013-08-22 15:44 - 00667920 _____ C:\Windows\system32\FNTCACHE.DAT 2017-02-27 13:33 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2017-02-27 13:22 - 2015-12-10 14:35 - 00000000 ____D C:\ProgramData\Hotspot Shield 2017-02-27 13:22 - 2015-12-10 14:35 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2017-02-27 13:21 - 2015-12-10 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2017-02-27 13:21 - 2014-06-11 16:41 - 00000000 ____D C:\ProgramData\Package Cache 2017-02-27 11:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2017-02-26 19:19 - 2015-06-16 13:53 - 00001178 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001Core.job 2017-02-26 17:43 - 2016-07-01 16:43 - 00000324 _____ C:\Windows\Tasks\MT66 Software Update.job 2017-02-26 14:40 - 2016-09-12 17:12 - 00000000 ____D C:\Program Files (x86)\TunnelBear 2017-02-24 18:46 - 2014-08-16 05:58 - 00000000 ____D C:\Windows\system32\MRT 2017-02-24 18:42 - 2014-08-16 05:58 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-02-23 14:12 - 2014-08-16 05:50 - 00000000 ____D C:\ProgramData\Skype 2017-02-22 16:42 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2017-02-09 18:16 - 2014-09-11 17:44 - 00000000 ____D C:\ProgramData\TechSmith 2017-02-09 18:02 - 2014-08-16 04:21 - 00000000 ____D C:\Users\Jan 2017-02-08 15:34 - 2014-08-16 04:47 - 00002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-08 15:34 - 2014-08-16 04:47 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-08 15:26 - 2014-08-16 04:57 - 00000000 ____D C:\ProgramData\AVAST Software 2017-02-08 15:24 - 2014-08-16 04:59 - 00126088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-02-08 15:24 - 2014-08-16 04:59 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-02-08 15:24 - 2014-08-16 04:59 - 00074680 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-02-08 15:24 - 2014-08-16 04:59 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-02-08 15:23 - 2014-09-03 08:29 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-02-08 15:23 - 2014-08-16 04:59 - 00991496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-02-06 20:41 - 2016-10-13 08:34 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-02-06 20:41 - 2016-10-13 08:34 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-05 13:59 - 2016-06-01 18:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-02-05 13:40 - 2016-06-01 18:22 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2017-02-05 13:40 - 2016-06-01 18:22 - 00000978 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2017-02-02 20:38 - 2015-12-16 17:08 - 00000000 ___RD C:\Program Files (x86)\Skype ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-07 17:34 - 2014-09-07 17:39 - 0000100 _____ () C:\Users\Jan\AppData\Roaming\Camdata.ini 2014-09-07 17:34 - 2014-09-07 17:39 - 0000408 _____ () C:\Users\Jan\AppData\Roaming\CamLayout.ini 2014-09-07 17:34 - 2014-09-07 17:39 - 0000408 _____ () C:\Users\Jan\AppData\Roaming\CamShapes.ini 2014-09-07 17:33 - 2014-09-07 17:39 - 0004535 _____ () C:\Users\Jan\AppData\Roaming\CamStudio.cfg 2016-03-03 17:18 - 2016-03-03 17:18 - 0000000 _____ () C:\Users\Jan\AppData\Roaming\dc.ogt 2016-09-12 13:12 - 2016-09-24 22:03 - 0000675 _____ () C:\Users\Jan\AppData\Roaming\DriveCalculator Preferences 2015-07-12 10:01 - 2015-06-01 19:48 - 0005044 _____ () C:\Users\Jan\AppData\Roaming\Saint.json 2014-09-07 17:27 - 2014-09-07 17:35 - 0000096 _____ () C:\Users\Jan\AppData\Roaming\version2.xml 2014-08-16 04:22 - 2017-02-28 13:25 - 5961037 _____ () C:\Users\Jan\AppData\Local\BTServer.log 2015-04-21 13:59 - 2016-10-03 18:48 - 0034304 _____ () C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-27 09:17 - 2015-07-27 09:17 - 0000000 _____ () C:\Users\Jan\AppData\Local\Input.xml 2015-02-13 14:53 - 2015-02-13 14:53 - 0000600 _____ () C:\Users\Jan\AppData\Local\PUTTY.RND 2016-11-06 14:57 - 2016-11-06 14:57 - 0002071 _____ () C:\Users\Jan\AppData\Local\recently-used.xbel 2014-10-08 16:09 - 2016-09-04 17:07 - 0007602 _____ () C:\Users\Jan\AppData\Local\resmon.resmoncfg 2015-07-27 09:16 - 2015-07-27 09:16 - 0000000 _____ () C:\Users\Jan\AppData\Local\Settings.xml 2015-03-19 19:30 - 2015-03-19 19:30 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-05-22 10:24 - 2014-05-22 10:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Jan\Setup.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-02-26 10:15 ==================== Ende von FRST.txt ============================ Malwarebytes im Anhang addition.txt im Anhang, SORRY  |
|
01.03.2017, 10:39
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Avast deinstallieren. Einfach ne Software mit bunter GUI kaufen, installieren und sicher sein gibt es nicht.
__________________Gib Bescheid wenn Avast runter ist oder es Probleme bei der Deinstallation gibt, dann gibts weitere Instruktionen. 
__________________ |
|
01.03.2017, 15:57
| #3 |
| | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Avast ist Deinstalliert.
__________________Der Windows Defender ist nach 10 Stunden (hab ihn vor dem Post hier gestartet) Durchgelaufen und hat einen Trojaner namens Backdoor: MSIL/Bladabindi.BI gefunden und gelöscht. Avast hat wieder funktioniert, und der ESET Online Scanner hat nichts mehr gefunden. im Anhang neue Logdateien, wäre gut wenn Du nochmal drüberschaust ob der PC clean ist, irgendwie traue ich dem Defender nicht... habe Außerdem Bei jedem Start des PCs Firewall Meldungen die mich fragen ob ich Skype und Chrome zulassen will Außerdem bekomme ich seit neustem eine Meldung das die App auf dem PC nicht ausgeführt werden kann. (welche App weiß ich nicht) |
|
01.03.2017, 16:01
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
01.03.2017, 16:44
| #5 |
| | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehrCode:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017 durchgeführt von Jan (Administrator) auf JANSPC (01-03-2017 15:10:29) Gestartet von C:\Users\Jan\Desktop Geladene Profile: Jan & (Verfügbare Profile: Jan & Administrator) Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\AvrcpService.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe () C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTDevMgr.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DTSRVC.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe ( Rsupport Corporation) C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe (Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe (Copyright (c) 2016 Plays.tv, LLC) C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (AMD) C:\Windows\System32\atieclxx.exe () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe (ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe (ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe (Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\Realtek Bluetooth\BTServer.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsscp.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cnext.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPNetworkCommunicatorCom.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (BlueStack Systems, Inc.) C:\Program Files (x86)\Bluestacks\HD-Agent.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (Dropbox, Inc.) C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr.exe (Raptr, Inc) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_im.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe () C:\Program Files (x86)\ClockworkMod\Universal Adb Driver\AdbNativeMessaging.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Raptr Inc.) C:\Program Files (x86)\Raptr Inc\Raptr\raptr_ep64.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) D:\Programme\VS\Common7\IDE\VSIXAutoUpdate.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-12] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1368792 2013-11-13] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [280576 2013-09-26] (Realtek Semiconductor Corporation) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\cnext.exe [4859592 2015-11-18] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3216032 2014-05-22] (ASUSTek Computer Inc.) HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.9.384\ASUSWSLoader.exe [63296 2014-07-17] () HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated) HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [PivotSoftware] => C:\Program Files (x86)\Portrait Displays\Pivot Software\wpctrl.exe [694824 2009-03-03] () HKLM-x32\...\Run: [DT HPC] => C:\Program Files (x86)\Common Files\Portrait Displays\Shared\DT_startup.exe [123688 2013-01-10] (Portrait Displays, Inc.) HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr Inc\Raptr\raptrstub.exe [58584 2016-09-28] (Raptr, Inc) HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.) HKLM-x32\...\Run: [PlaysTV] => C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe [71440 2016-09-28] (Plays.tv, LLC) HKLM-x32\...\Run: [SoundTouch Music Server] => d:\Programme\bose\SoundTouchMusicServer\SoundTouch Music Server.lnk [1993 2016-12-24] () HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation) HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\...\Run: [HydraVisionDesktopManager] => "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5668968 2015-04-08] (FreeDownloadManager.ORG) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\MountPoints2: {03dc492f-f17e-11e3-8253-806e6f6e6963} - "F:\SETUP.EXE" HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\MountPoints2: {da3a65ad-b423-11e6-83c9-54271ee707f4} - "E:\PMCsetup.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\MountPoints2: {f1011440-5c60-11e4-828d-54271ee707f4} - "E:\LGAutoRun.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322248 2014-03-31] (Microsoft Corporation) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HP Officejet Pro 8610 (NET)] => C:\Program Files\HP\HP Officejet Pro 8610\Bin\ScanToPCActivationApp.exe [3485728 2013-09-11] (Hewlett-Packard Co.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Free Download Manager] => C:\Program Files (x86)\Free Download Manager\fdm.exe [5668968 2015-04-08] (FreeDownloadManager.ORG) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dropbox Update] => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27427808 2017-02-08] (Skype Technologies S.A.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\Bluestacks\HD-Agent.exe [978456 2016-08-03] (BlueStack Systems, Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1368816 2016-07-04] (Bogdan Sharkov) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_1F14D2380DB1DE09582B9D790BD95BA5] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [945496 2017-02-01] (Google Inc.) HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {03dc492f-f17e-11e3-8253-806e6f6e6963} - "F:\SETUP.EXE" HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {da3a65ad-b423-11e6-83c9-54271ee707f4} - "E:\PMCsetup.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {f1011440-5c60-11e4-828d-54271ee707f4} - "E:\LGAutoRun.exe" HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\WLXPGSS.SCR [322248 2014-03-31] (Microsoft Corporation) HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries) ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.9.384\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> Keine Datei Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk [2016-02-16] ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-02-28] ShortcutTarget: Dropbox.lnk -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Product Registration.lnk [2015-10-28] ShortcutTarget: Product Registration.lnk -> C:\Users\Jan\AppData\Local\Temp\is-RLDB0.tmp\ATR1.exe (Keine Datei) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) ProxyServer: [S-1-5-21-2520833252-57370397-164746935-1001] => http=;ftp=;https=; ProxyServer: [S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=;ftp=;https=; Winsock: Catalog5 08 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation) Winsock: Catalog5 09 C:\Windows\SysWOW64\wlidNSP.dll [50176 2014-10-29] (Microsoft Corporation) Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation) Winsock: Catalog5-x64 09 C:\Windows\system32\wlidnsp.dll [74240 2014-10-29] (Microsoft Corporation) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{1AA7A17D-1BA4-4C73-8F26-8128C8503BCB}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{94BC73E2-03D5-4B6C-81E0-1F8A191CB7EC}: [DhcpNameServer] 8.8.8.8 Tcpip\..\Interfaces\{ABE8FDB7-9D8A-463E-8B8E-976CEBEBBABF}: [DhcpNameServer] 172.18.11.1 Internet Explorer: ================== HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus13.msn.com/?pc=ASJB HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-2520833252-57370397-164746935-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus13.msn.com/?pc=ASJB SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001 -> DefaultScope {D8B6FC24-BCD3-4E27-8E05-3586BE46007F} URL = SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {D8B6FC24-BCD3-4E27-8E05-3586BE46007F} URL = SearchScopes: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Recorder Toolbar -> {120A8821-2BEE-4C29-BCDA-62C577781992} -> C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-12-16] (MedienTeam66) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2017-01-17] (Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation) BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2015-04-08] (FreeDownloadManager.ORG) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2017-01-17] (Oracle Corporation) Toolbar: HKLM-x32 - Recorder Toolbar - {120A8821-2BEE-4C29-BCDA-62C577781992} - C:\Program Files (x86)\MedienTeam66\CHIP Free MP3 converter for YouTube\IEPlugin.dll [2014-12-16] (MedienTeam66) FireFox: ======== FF HKLM-x32\...\Firefox\Extensions: [fdm_ffext@freedownloadmanager.org] - C:\Program Files (x86)\Free Download Manager\Firefox\Extension FF Extension: (Free Download Manager plugin) - C:\Program Files (x86)\Free Download Manager\Firefox\Extension [2015-05-18] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_203.dll [2015-07-10] () FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_203.dll [2015-07-10] () FF Plugin-x32: @delorme.com/SendToGPS -> C:\Program Files (x86)\DeLorme\SendToGPS\nppnplugin.dll [2013-05-02] (DeLorme) FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.) FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2016-10-06] (Google) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2017-01-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2017-01-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-18] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-04] () FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Jan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-11-11] (Unity Technologies ApS) FF Plugin HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2016-08-04] () Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> hxxp://www.googel.de/ CHR StartupUrls: Default -> "hxxp://www.msn.com/?pc=AV01" CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2017-03-01] CHR Extension: (Restlet Client - DHC) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2017-02-28] CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-09] CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (GoMBoX) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\djmjacihdlchgibookpajeaompnjfgio [2015-02-22] CHR Extension: (Google Docs Offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-17] CHR Extension: (Vysor) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gidgenkbbabolejbgbpnhbimgjbffefm [2017-01-19] CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-02-26] CHR Extension: (SwagButton) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gngocbkfmikdgphklgmmehbjjlfgdemm [2016-12-18] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-19] CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-04] CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-10] CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2015-04-12] CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1 [2015-04-12] CHR Extension: (Google Präsentationen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-01] CHR Extension: (Google Docs) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-01] CHR Extension: (Google Drive) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-01] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2015-02-01] CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-01] CHR Extension: (Google-Suche) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-01] CHR Extension: (Google Tabellen) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-01] CHR Extension: (Avast Online Security) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-02-01] CHR Extension: (Google Wallet) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-01] CHR Extension: (Google Mail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-01] ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2016-02-16] (Adobe Systems) [Datei ist nicht signiert] R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] () S4 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.0.3.226\AsusWSWinService.exe [71680 2013-08-16] (ASUS Cloud Corporation) [Datei ist nicht signiert] R2 AvrcpService; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\AvrcpService.exe [35328 2013-05-07] (Realtek Semiconductor Corporation) [Datei ist nicht signiert] S3 BstHdAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Service.exe [445976 2016-08-03] (BlueStack Systems, Inc.) R2 BstHdLogRotatorSvc; C:\Program Files (x86)\Bluestacks\HD-LogRotatorService.exe [425496 2016-08-03] (BlueStack Systems, Inc.) S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\Bluestacks\HD-Plus-Service.exe [462360 2016-08-03] (BlueStack Systems, Inc.) R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [59392 2013-09-26] () [Datei ist nicht signiert] R2 DTSRVC; C:\Program Files (x86)\Common Files\Portrait Displays\Shared\dtsrvc.exe [140072 2013-01-10] (Portrait Displays, Inc.) S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [344288 2015-03-20] (Futuremark) R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries) R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2604664 2017-02-22] (AnchorFree Inc.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 Mobizen plugin; C:\Program Files (x86)\RSUPPORT\MobizenService\MobizenService.exe [1277768 2017-02-02] ( Rsupport Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-11] (Electronic Arts) R2 PlaysService; C:\Program Files (x86)\Raptr Inc\PlaysTV\plays_service.exe [54544 2016-11-03] (Copyright (c) 2016 Plays.tv, LLC) R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S3 Survarium Update Service; D:\Programme\Survarium\Survarium\game\binaries\x86\survarium_service.exe [214104 2016-03-18] () S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [Datei ist nicht signiert] R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH) R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe [41472 2016-05-11] () S3 VSStandardCollectorService140; D:\Programme\VS\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) S3 andnetadb; C:\Windows\System32\Drivers\lgandnetadb.sys [31744 2013-04-18] (Google Inc) S3 AndNetDiag; C:\Windows\system32\DRIVERS\lgandnetdiag64.sys [29184 2013-04-18] (LG Electronics Inc.) S3 ANDNetModem; C:\Windows\system32\DRIVERS\lgandnetmodem64.sys [36352 2013-06-28] (LG Electronics Inc.) S3 andnetndis; C:\Windows\system32\DRIVERS\lgandnetndis64.sys [93696 2013-04-23] (LG Electronics Inc.) R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] () R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] () R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] () S3 aswTap; C:\Windows\system32\DRIVERS\aswTap.sys [44640 2014-08-16] (The OpenVPN Project) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Advanced Micro Devices) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [88480 2015-04-07] () S3 BstHdDrv; C:\Program Files (x86)\Bluestacks\HD-Hypervisor-amd64.sys [152672 2016-08-03] (BlueStack Systems) S3 BstkDrv; C:\Program Files (x86)\Bluestacks\BstkDrv.sys [307768 2016-07-28] (Bluestack System Inc. ) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.) R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-27] (Intel Corporation) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [44296 2015-01-20] (LogMeIn Inc.) S3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation) R3 libusb0; C:\Windows\system32\DRIVERS\libusb0.sys [44480 2011-05-17] (hxxp://libusb-win32.sourceforge.net) R3 LifeCamTrueColor; C:\Windows\system32\DRIVERS\LifeCamTrueColor.sys [37936 2016-07-27] (Microsoft Corporation) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [46400 2015-04-07] () R3 ManyCam; C:\Windows\system32\DRIVERS\mcvidrv.sys [49776 2014-07-25] (Visicom Media Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2017-03-01] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-04-14] (Malwarebytes Corporation) R3 mcaudrv_simple; C:\Windows\system32\drivers\mcaudrv_x64.sys [35440 2014-05-13] (Visicom Media Inc.) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 RtkA2dp; C:\Windows\system32\drivers\RtkA2dp.sys [178392 2013-06-27] (Realtek Semiconductor Corporation) R3 RtkAvrcp; C:\Windows\System32\drivers\RtkAvrcp.sys [57560 2013-08-13] (Realtek Semiconductor Corporation) R3 RtkAvrcpCtrlr; C:\Windows\System32\drivers\RtkAvrcpCtrlr.sys [69848 2013-06-21] (Realtek Semiconductor Corporation) R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [548056 2013-09-05] (Realtek Semiconductor Corporation) R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [2944216 2013-08-21] (Realtek Semiconductor Corporation ) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.) R3 tap-tb-0901; C:\Windows\system32\DRIVERS\tap-tb-0901.sys [38656 2015-08-10] (The OpenVPN Project) R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42088 2015-11-13] (Anchorfree Inc.) S3 usbrndis6; C:\Windows\system32\DRIVERS\usb80236.sys [20992 2015-04-25] (Microsoft Corporation) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [119712 2016-04-28] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [192352 2016-04-28] (Oracle Corporation) S3 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [135768 2016-04-28] (Oracle Corporation) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) R2 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) S4 cpuz138; \??\C:\Windows\TEMP\cpuz138\cpuz138_x64.sys [X] S4 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X] S4 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-03-01 15:10 - 2017-03-01 15:10 - 00036668 _____ C:\Users\Jan\Desktop\FRST.txt 2017-03-01 15:10 - 2017-03-01 15:10 - 00000000 ____D C:\Users\Jan\Desktop\FRST-OlderVersion 2017-03-01 15:03 - 2017-02-28 19:41 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\asw919.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9E9.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA38.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswA58.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9C8.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\asw968.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9D8.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\asw9B7.tmp 2017-03-01 15:03 - 2017-02-28 19:41 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\asw8F9.tmp 2017-03-01 15:03 - 2017-02-28 19:40 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw889.tmp 2017-03-01 15:03 - 2017-02-28 19:40 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw849.tmp 2017-03-01 15:03 - 2017-02-28 19:40 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw869.tmp 2017-03-01 15:03 - 2017-02-28 19:40 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\asw89A.tmp 2017-02-28 20:37 - 2017-02-28 20:37 - 00000000 ____D C:\Users\Jan\AppData\Local\ESET 2017-02-28 17:15 - 2017-02-28 17:15 - 00001790 _____ C:\Users\Jan\Desktop\malwarebytes.zip 2017-02-28 13:32 - 2017-03-01 15:10 - 00000000 ____D C:\FRST 2017-02-28 13:31 - 2017-03-01 15:10 - 02423808 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe 2017-02-28 13:30 - 2017-02-28 13:30 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2017-02-27 13:21 - 2017-02-27 13:21 - 00001073 _____ C:\Users\Public\Desktop\Hotspot Shield.lnk 2017-02-21 19:02 - 2017-02-21 19:02 - 04810188 _____ C:\Users\Jan\Desktop\Alty (1).jar 2017-02-11 12:39 - 2017-02-11 12:39 - 00002171 _____ C:\Users\Public\Desktop\Google Earth.lnk 2017-02-11 12:39 - 2017-02-11 12:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2017-02-09 18:16 - 2017-02-09 18:16 - 00001060 _____ C:\Users\Public\Desktop\Camtasia 9.lnk 2017-02-09 18:16 - 2017-02-09 18:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TechSmith 2017-02-09 18:16 - 2017-02-09 18:16 - 00000000 ____D C:\Program Files\TechSmith 2017-02-08 19:05 - 2017-02-08 19:05 - 00000000 ____D C:\Users\Jan\Neuer Ordner 2017-02-08 19:02 - 2017-02-08 19:02 - 00000000 ____D C:\Program Files (x86)\Image-Line 2017-02-05 13:29 - 2017-02-05 13:29 - 00000000 ____D C:\Users\Jan\AppData\Local\TeamViewer 2017-02-04 16:50 - 2017-02-21 21:07 - 00000000 ____D C:\Users\Jan\AltDispenser 2017-02-04 16:49 - 2017-02-04 16:48 - 04810188 _____ C:\Users\Jan\Desktop\Alty.jar 2017-02-03 18:38 - 2017-02-22 17:25 - 00000000 ____D C:\Users\Jan\AppData\Roaming\.minecraft ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-03-01 15:09 - 2014-11-18 16:30 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-03-01 15:07 - 2014-08-16 05:50 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Skype 2017-03-01 15:04 - 2014-08-16 04:57 - 00000000 ____D C:\ProgramData\AVAST Software 2017-03-01 15:04 - 2014-08-16 04:28 - 00003592 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2520833252-57370397-164746935-1001 2017-03-01 15:03 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2017-03-01 15:02 - 2014-08-16 04:33 - 00003914 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{0404A49A-B262-4331-8ACA-CB48ABA5BD48} 2017-03-01 15:01 - 2014-08-16 05:34 - 00000000 ___RD C:\Users\Jan\Dropbox 2017-03-01 15:00 - 2015-08-20 21:27 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Raptr 2017-03-01 15:00 - 2014-09-15 17:37 - 00000000 ____D C:\Users\Jan\AppData\Local\CrashDumps 2017-03-01 15:00 - 2014-08-16 04:33 - 00000000 __RDO C:\Users\Jan\OneDrive 2017-02-28 21:19 - 2015-06-16 13:53 - 00001230 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001UA.job 2017-02-28 20:11 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-02-28 20:10 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI 2017-02-28 19:23 - 2014-05-22 10:05 - 00392790 _____ C:\Windows\system32\PerfStringBackup.INI 2017-02-28 19:23 - 2014-03-13 01:45 - 08640822 _____ C:\Windows\system32\perfh007.dat 2017-02-28 19:23 - 2014-03-13 01:45 - 02547752 _____ C:\Windows\system32\perfc007.dat 2017-02-28 19:19 - 2015-06-16 13:53 - 00001178 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001Core.job 2017-02-28 17:43 - 2016-07-01 16:43 - 00000324 _____ C:\Windows\Tasks\MT66 Software Update.job 2017-02-28 17:35 - 2016-09-12 17:12 - 00000000 ____D C:\Program Files (x86)\TunnelBear 2017-02-28 15:25 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2017-02-28 14:35 - 2014-11-18 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2017-02-28 14:35 - 2014-11-18 16:30 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2017-02-28 13:31 - 2014-08-16 05:12 - 00000000 ____D C:\Users\Jan\AppData\Roaming\Dropbox 2017-02-27 13:48 - 2014-08-16 04:59 - 00337080 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys.148819979235904 2017-02-27 13:36 - 2016-11-28 13:57 - 00002822 _____ C:\appverifier.txt 2017-02-27 13:35 - 2014-06-11 16:43 - 00000000 ____D C:\ProgramData\Realtek 2017-02-27 13:34 - 2013-08-22 15:44 - 00667920 _____ C:\Windows\system32\FNTCACHE.DAT 2017-02-27 13:22 - 2015-12-10 14:35 - 00000000 ____D C:\ProgramData\Hotspot Shield 2017-02-27 13:22 - 2015-12-10 14:35 - 00000000 ____D C:\Program Files (x86)\Hotspot Shield 2017-02-27 13:21 - 2015-12-10 14:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield 2017-02-27 13:21 - 2014-06-11 16:41 - 00000000 ____D C:\ProgramData\Package Cache 2017-02-27 11:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness 2017-02-24 18:46 - 2014-08-16 05:58 - 00000000 ____D C:\Windows\system32\MRT 2017-02-24 18:42 - 2014-08-16 05:58 - 138020592 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-02-23 14:12 - 2014-08-16 05:50 - 00000000 ____D C:\ProgramData\Skype 2017-02-22 16:42 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp 2017-02-09 18:16 - 2014-09-11 17:44 - 00000000 ____D C:\ProgramData\TechSmith 2017-02-09 18:02 - 2014-08-16 04:21 - 00000000 ____D C:\Users\Jan 2017-02-08 15:34 - 2014-08-16 04:47 - 00002214 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-02-08 15:34 - 2014-08-16 04:47 - 00002202 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-02-06 20:41 - 2016-10-13 08:34 - 00835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-02-06 20:41 - 2016-10-13 08:34 - 00177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-02-05 13:59 - 2016-06-01 18:22 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2017-02-05 13:40 - 2016-06-01 18:22 - 00000990 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2017-02-05 13:40 - 2016-06-01 18:22 - 00000978 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2017-02-02 20:38 - 2015-12-16 17:08 - 00000000 ___RD C:\Program Files (x86)\Skype ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-09-07 17:34 - 2014-09-07 17:39 - 0000100 _____ () C:\Users\Jan\AppData\Roaming\Camdata.ini 2014-09-07 17:34 - 2014-09-07 17:39 - 0000408 _____ () C:\Users\Jan\AppData\Roaming\CamLayout.ini 2014-09-07 17:34 - 2014-09-07 17:39 - 0000408 _____ () C:\Users\Jan\AppData\Roaming\CamShapes.ini 2014-09-07 17:33 - 2014-09-07 17:39 - 0004535 _____ () C:\Users\Jan\AppData\Roaming\CamStudio.cfg 2016-03-03 17:18 - 2016-03-03 17:18 - 0000000 _____ () C:\Users\Jan\AppData\Roaming\dc.ogt 2016-09-12 13:12 - 2016-09-24 22:03 - 0000675 _____ () C:\Users\Jan\AppData\Roaming\DriveCalculator Preferences 2015-07-12 10:01 - 2015-06-01 19:48 - 0005044 _____ () C:\Users\Jan\AppData\Roaming\Saint.json 2014-09-07 17:27 - 2014-09-07 17:35 - 0000096 _____ () C:\Users\Jan\AppData\Roaming\version2.xml 2014-08-16 04:22 - 2017-03-01 15:00 - 5966503 _____ () C:\Users\Jan\AppData\Local\BTServer.log 2015-04-21 13:59 - 2016-10-03 18:48 - 0034304 _____ () C:\Users\Jan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-07-27 09:17 - 2015-07-27 09:17 - 0000000 _____ () C:\Users\Jan\AppData\Local\Input.xml 2015-02-13 14:53 - 2015-02-13 14:53 - 0000600 _____ () C:\Users\Jan\AppData\Local\PUTTY.RND 2016-11-06 14:57 - 2016-11-06 14:57 - 0002071 _____ () C:\Users\Jan\AppData\Local\recently-used.xbel 2014-10-08 16:09 - 2016-09-04 17:07 - 0007602 _____ () C:\Users\Jan\AppData\Local\resmon.resmoncfg 2015-07-27 09:16 - 2015-07-27 09:16 - 0000000 _____ () C:\Users\Jan\AppData\Local\Settings.xml 2015-03-19 19:30 - 2015-03-19 19:30 - 0000057 _____ () C:\ProgramData\Ament.ini 2014-05-22 10:24 - 2014-05-22 10:24 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Jan\Setup.exe ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-02-26 10:15 ==================== Ende von FRST.txt ============================ |
|
01.03.2017, 16:44
| #6 |
| | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Additions Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Jan (01-03-2017 15:13:26)
Gestartet von C:\Users\Jan\Desktop
Windows 8.1 (Update) (X64) (2014-08-16 03:22:32)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2520833252-57370397-164746935-500 - Administrator - Enabled) => C:\Users\Administrator
Gast (S-1-5-21-2520833252-57370397-164746935-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2520833252-57370397-164746935-1003 - Limited - Enabled)
Jan (S-1-5-21-2520833252-57370397-164746935-1001 - Administrator - Enabled) => C:\Users\Jan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Active Directory Authentication Library for SQL Server (Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Active Directory Authentication Library for SQL Server (x86) (x32 Version: 13.0.1601.5 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.203 - Adobe Systems Incorporated)
Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 5.00 - Advanced Micro Devices, Inc.)
Anno 1701 - Der Fluch des Drachen (HKLM-x32\...\{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}) (Version: 2.03 - Sunflowers)
ANT Drivers Installer x64 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Any Video Converter 5.9.1 (HKLM-x32\...\Any Video Converter_is1) (Version: - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{0E4C791E-B78E-477D-BD5A-CDD0985BA6EC}) (Version: 7.0.20622.1 - Microsoft Corporation)
Assassin's Creed II (HKLM-x32\...\{8570BEE8-0CA3-4977-9AB1-80ED93F0513C}) (Version: 1.01 - Ubisoft)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.12 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.10 - ASUSTeK Computer Inc.)
ASUS Manager - Family Safety (HKLM-x32\...\{016AFF97-4E18-4560-B8E5-B684BB124E32}) (Version: 2.00.03 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.08 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.02 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.02.04 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.08.00 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM-x32\...\MAGIX_{AB515018-7F9D-4047-B0C0-F26BAC30F3E1}) (Version: 18.0.4.1 - MAGIX AG)
ASUS Music Maker (Version: 18.0.4.1 - MAGIX AG) Hidden
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5424.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5424.52 - CyberLink Corp.) Hidden
AsusVibe2.0 (HKLM-x32\...\Asus Vibe2.0) (Version: 2.0.12.311 - ASUSTEK)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Azure AD Authentication Connected Service (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - )
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden
Besiege (HKLM\...\Steam App 346010) (Version: - Spiderling Studios)
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blender (HKLM\...\{D593042C-8739-488D-93B8-E6B202013E57}) (Version: 2.76.1 - Blender Foundation)
Bloons TD Battles (HKLM\...\Steam App 444640) (Version: - Ninja Kiwi)
BlueStacks App Player (HKLM-x32\...\BlueStacks) (Version: 2.4.43.6254 - BlueStack Systems, Inc.)
Brick-Force (HKLM-x32\...\{9853ABB2-6416-4C87-8650-DD8E528FF564}}_is1) (Version: 4.4.393.134.20 - Infernum Productions AG)
Build Tools for Windows 10 - ENU (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Build Tools for Windows 10 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden
Camtasia 9 (HKLM-x32\...\{7ff06f7e-2ee0-41f9-a698-0f26c1cad6b0}) (Version: 9.0.3.1627 - TechSmith Corporation)
Camtasia 9 (Version: 9.0.3.1627 - TechSmith Corporation) Hidden
Catalyst Control Center Next Localization BR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2015.1118.123.2413 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
CHIP Free MP3 converter for YouTube 3.0 Professional-E (HKLM-x32\...\{2ED4869A-6D7B-4a8f-8261-B842DA4852FA}_is1) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Cities: Skylines (HKLM-x32\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version: - )
CodedUITestUAP (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Counter-Strike: Global Offensive (HKLM\...\Steam App 730) (Version: - Valve)
CPUID CPU-Z 1.71.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.4428 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DeLorme Send To GPS 1.5 (HKLM\...\{0F60FD8E-3E58-4F8E-BF2C-DFA4C9987AE2}_is1) (Version: 1.5 - DeLorme Publishing)
Diablo (HKLM-x32\...\Diablo) (Version: - )
Dotfuscator and Analytics Community Edition 5.22.0 (x32 Version: 5.22.0.3788 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 20.4.19 - Dropbox, Inc.)
Dxtory 2.0.104 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.104 - Dxtory Software)
Elevated Installer (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
eManual (HKLM-x32\...\{0C84E634-EB68-4A54-B21E-A05EC87A4CC5}) (Version: 1.00.07 - ASUSTeK Computer Inc.)
Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation)
erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Euro Truck Simulator 1.00 (HKLM-x32\...\Euro Truck Simulator) (Version: 1.00 - )
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
FileZilla Client 3.9.0.6 (HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Free Download Manager 3.9.5 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)
Free Hide IP (HKLM-x32\...\FreeHideIP) (Version: 4.0.1.6 - )
Free WMA to MP3 Converter 1.16 (HKLM-x32\...\Free WMA to MP3 Converter_is1) (Version: - Jodix Technologies Ltd.)
Futuremark SystemInfo (HKLM-x32\...\{79659071-4B68-4EC8-833C-49C97B68FCD0}) (Version: 4.36.512.0 - Futuremark)
Galeria de Fotografias (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GlassFish Server Open Source Edition 4.1.1 (HKLM\...\nbi-glassfish-mod-4.1.1.0.1) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Earth Plug-in (HKLM-x32\...\{57BB4801-61C8-4E74-9672-2160728A461E}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
Google Web Designer (HKLM\...\{811767F4-C586-4673-A41F-E9D767497222}) (Version: 1.3.10.0 - Google Inc.)
Greenshot 1.2.6.7 (HKLM\...\Greenshot_is1) (Version: 1.2.6.7 - Greenshot)
HeavyLoad V3.3 (64 bit) (HKLM\...\HeavyLoad_is1) (Version: 3.3 - JAM Software)
Hotspot Shield 6.5.1 (HKLM-x32\...\{062b2408-c7e3-4030-9ddc-6cbb1e37279e}) (Version: 6.5.1.10355 - AnchorFree Inc.)
Hotspot Shield 6.5.1 (x32 Version: 6.5.1 - AnchorFree Inc.) Hidden
Hotspot Shield 6.5.1 (x32 Version: 6.5.1.10355 - AnchorFree Inc.) Hidden
HP FWUpdateEDO2 (HKLM-x32\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP My Display (HKLM-x32\...\{15733AD1-1CEF-459A-9245-0924FC63BDD5}) (Version: 2.01.006 - Portrait Displays, Inc.)
HP Officejet Pro 8610 - Grundlegende Software für das Gerät (HKLM\...\{1D8BE3A3-7BA2-4E27-93D5-645342B6801E}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
HP Officejet Pro 8610 Hilfe (HKLM-x32\...\{2466D8D5-4856-4492-BDEF-48A640F58866}) (Version: 32.0.0 - Hewlett Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
IDE Tools for Windows 10 - ENU (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
IDE Tools for Windows 10 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
IIS 10.0 Express (HKLM\...\{13FD7E30-D2F1-498D-ABC2-A4242DB6610E}) (Version: 10.0.1736 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
International Karting - from Midas (HKLM-x32\...\International Karting - from Midas) (Version: - )
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java SE Development Kit 8 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180250}) (Version: 8.0.250.18 - Oracle Corporation)
Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Kits Configuration Installer (x32 Version: 10.1.10586.212 - Microsoft) Hidden
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4e2a-80D2-1D0FF6ACBFBA}) (Version: 3.10.1.0 - LG Electronics)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)
MAGIX Audio Cleaning Lab 2014 (HKLM-x32\...\MX.{95F8CEFC-5089-4E8C-ADA3-F48AF00CF446}) (Version: 20.0.0.36 - MAGIX Software GmbH)
MAGIX Audio Cleaning Lab 2014 (Version: 20.0.0.36 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (HKLM-x32\...\MX.{4E5B902F-D917-4AB9-BDFD-C1E0C8D75C46}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe (HKLM\...\MX.{7874960A-3F7A-4A03-A49A-8BD4CE4E4B6F}) (Version: 16.0.1.22 - MAGIX Software GmbH)
MAGIX Video deluxe (Version: 16.0.1.22 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
ManyCam 4.0.110 (HKLM-x32\...\ManyCam) (Version: 4.0.110 - Visicom Media Inc.)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft Flight Simulator X (HKLM-x32\...\InstallShield_{9527A496-5DF9-412A-ADC7-168BA5379CA6}) (Version: 10.0.60905 - Microsoft Game Studios)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.0 Language Pack - DEU) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.25420 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{A106D33E-6B43-42C0-9BFC-D03303261FA7}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server 2016 LocalDB (HKLM\...\{E359515A-92E6-4FA3-A2C9-E1BA02D8DE6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (HKLM-x32\...\{0F1C8E2F-199A-4946-B3BF-0906DACFD032}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 Management Objects (x64) (HKLM\...\{20EA85AA-2A1D-4F11-B09F-4BA2BF3C8989}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL Language Service (HKLM-x32\...\{8BFDE775-C5B8-46DB-84EF-43FFC8A2E8AD}) (Version: 13.0.14500.10 - Microsoft Corporation)
Microsoft SQL Server 2016 T-SQL ScriptDom (HKLM\...\{D091DE8C-EA0F-49AF-8DE3-BD6C79737C6E}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (14.0.60519.0) (HKLM-x32\...\{4E27B0EF-7BAB-432A-AF3D-3FC8F3F7353F}) (Version: 14.0.60519.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM\...\{96EB5054-C775-4BEF-B7B9-AA96A295EDCD}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2016 (HKLM-x32\...\{84C23ECA-FE4D-494F-9247-3EBAD57E7F0C}) (Version: 13.0.1601.5 - Microsoft Corporation)
Microsoft Visual Basic 2010 Express - DEU (HKLM-x32\...\Microsoft Visual Basic 2010 Express - DEU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24210 (HKLM-x32\...\{f144e08f-9cbe-4f09-9a8c-f2b858b7ee7f}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24210 (HKLM-x32\...\{23658c02-145e-483d-ba6b-1eb82c580529}) (Version: 14.0.24210.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{616C6F39-4CE1-3434-A665-2F6A04C09A7F}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - DEU (HKLM\...\{3C983A67-DFB2-3D3D-AD9E-CA1A5A09FD18}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 with Updates (HKLM-x32\...\{79b486b9-c5f0-4096-a00c-8351f59587c2}) (Version: 14.0.25420.1 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{94E1227C-08A9-4962-B388-1F05D89AEA75}) (Version: 3.1238.1962 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
MIT App Inventor Tools 2.3.0 (HKLM-x32\...\MIT App Inventor Tools) (Version: 2.3.0 - Massachusetts Institute of Technology)
Mobizen (HKLM-x32\...\{BA0D3A44-BCEE-4C8B-BCD4-F7F1E64F41E3}) (Version: 2.20.0.3 - RSUPPORT)
MorphVOX Pro (HKLM-x32\...\{3d4c1f36-77bf-4740-ab20-a7b8de6cc900}) (Version: 4.4.21.19489 - Screaming Bee)
MorphVOX Pro (x32 Version: 4.4.21.19489 - Screaming Bee) Hidden
MotoCalc 8.09 (HKLM-x32\...\MotoCalc 8_is1) (Version: - Capable Computing, Inc.)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 Parser und SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MT66 Software Update (HKLM-x32\...\{F2E4F3A5-A8F0-46F4-8E91-E8C1DE1FCFE5}_is1) (Version: - )
Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
My IP Hide 1.21 (HKLM-x32\...\My IP Hide_is1) (Version: - hxxp://myiphide.com)
NetBeans IDE 8.1 (HKLM\...\nbi-nb-base-8.1.0.0.201510222201) (Version: 8.1 - NetBeans.org)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version: - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.1.1 - Vitalwerks Internet Solutions LLC)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
OEM Application Profile (x32 Version: 1.00.0000 - Ihr Firmenname) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Oracle VM VirtualBox 5.0.20 (HKLM\...\{8209969B-9A31-4021-B0D8-E6F719F7F995}) (Version: 5.0.20 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation)
PHP 5.3.29 (HKLM-x32\...\{5673A884-98A4-4A90-A29B-743A9901EB31}) (Version: 5.3.29 - The PHP Group)
Pivot Software (x32 Version: 9.03.004 - Portrait Displays, Inc.) Hidden
PlaysTV (HKLM-x32\...\PlaysTV) (Version: 1.16.3-r117977-trunk - Plays.tv, LLC)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation)
Prerequisites for SSDT (HKLM-x32\...\{B7E94916-7AE6-4F7F-A377-7A410A42BA19}) (Version: 13.0.1601.5 - Microsoft Corporation)
Project and Item Templates for Visual Studio Express 2015 for Windows 10 - ENU (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Project and Item Templates for Visual Studio Professionald 2015 - ENU (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Python 2.7.11 (HKLM-x32\...\{16E52445-1392-469F-9ADB-FC03AF00CD61}) (Version: 2.7.11150 - Python Software Foundation)
Q500 GUI version 1.0 (HKLM-x32\...\{05282008-69B0-409A-8B05-CB77A5E0D99E}_is1) (Version: 1.0 - Yuneec)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raccolta foto (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Raptr (HKLM-x32\...\Raptr) (Version: 5.2.7-r116720-release - Raptr, Inc)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.769.769.092613 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30166 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7116 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.00.0224 - REALTEK Semiconductor Corp.)
Robocraft version 0.3.290 (HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam)
Robocraft version 0.3.290 (HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam)
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
Rome - Total War(TM) Demo (x32 Version: 1.0 - Activision) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Roslyn Language Services - x86 (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
Safety Driving Simulator (HKLM-x32\...\{35DCB4C8-FE05-4E05-B92F-3D609595BD79}) (Version: 1.0.8 - Ticonblu)
SDK (x32 Version: 2.33.005 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
ShaderTFX version 1.1 (HKLM\...\ShaderTFX_is1) (Version: - )
ShareKM 1.0.19 (HKLM-x32\...\ShareKM) (Version: 1.0.19 - Liveov)
SketchUp 2015 (HKLM\...\{A83795B9-570F-40FF-ACB4-710B568EBA22}) (Version: 15.3.331 - Trimble Navigation Limited)
Skype™ 7.32 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.32.104 - Skype Technologies S.A.)
Socks Proxy Checker 1.14 (HKLM-x32\...\Socks Proxy Checker_is1) (Version: - hxxp://www.didsoft.com)
Sothink SWF Decompiler (HKLM-x32\...\{BCDB856C-D247-4DEE-9132-89C02F4D6B8C}_is1) (Version: 7.4 - SourceTec Software Co., LTD)
SoundTouch (HKLM-x32\...\{68E3ECD7-63C7-4D71-8B24-D3A50A165932}) (Version: 14.0.15.339 - BOSE)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Studie zur Verbesserung von HP Officejet Pro 8610 (HKLM\...\{4A6CFA5A-E542-4417-A426-30B50DE90A56}) (Version: 32.0.90.45518 - Hewlett-Packard Co.)
SUPER © v2015.build.64+Recorder (2015/02/13) Version v2015.buil (HKLM-x32\...\{8E2A29E2-96BF-8759-4DA7-5C16C90729A4}_is1) (Version: v2015.build.64+Recorder - eRightSoft)
Survarium (HKLM-x32\...\{FEA2E954-A6D0-42FA-8FF1-DFA325758FAC}_is1) (Version: 0.40c - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2015 Update 3 CTP1 (x32 Version: 14.98.25331 - Microsoft) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
TerraTech (HKLM-x32\...\Steam App 285920) (Version: - Payload Studios)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
Tunatic (HKLM-x32\...\Tunatic) (Version: - )
TunnelBear (HKLM-x32\...\{90e7dc26-e7df-406b-af23-61df6728a9f6}) (Version: 2.3.25.0 - TunnelBear)
TunnelBear (x32 Version: 2.3.25.0 - TunnelBear) Hidden
TypeScript Power Tool (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.8.34.0 - Microsoft Corporation) Hidden
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 4.6.0f2 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{C0E08D8D-6076-4117-B644-2AF34F35B757}) (Version: 1.0.4 - ClockworkMod)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Universal General MIDI DLS Extension SDK (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Valokuvavalikoima (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
Virtavia Merlin FSX (HKLM-x32\...\{ABDCC4B7-8FB8-460F-AABB-329C9E3E13B8}) (Version: 1.0.0 - Virtavia)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{CFCB8616-A5D1-4281-80E8-389F685BFAE2}) (Version: 4.0.8080.0 - Microsoft Corporation)
Visual Studio 2015 Update 3 (KB3022398) (HKLM-x32\...\{7a68448b-9cf2-4049-bd73-5875f1aa7ba2}) (Version: 14.0.25420 - Microsoft Corporation)
VS Update core components (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
vs_update3notification (x32 Version: 14.0.25420 - Microsoft Corporation) Hidden
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version: - )
WAV To MP3 V2 (HKLM-x32\...\WAV To MP3_is1) (Version: - hxxp://www.WAVMP3.net)
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.9.384 - ASUS Cloud Corporation)
WinAppDeploy (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows SDK AddOn (HKLM-x32\...\{75C39BA6-1D02-4BEA-844F-0EA6C4B7FA1B}) (Version: 10.1.0.0 - Microsoft Corporation)
Windows Software Development Kit - Windows 10.0.10586.212 (HKLM-x32\...\{43d9f43d-c90b-4fdf-9dfe-ecf9990bfa2a}) (Version: 10.1.10586.212 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinHex (HKLM-x32\...\WinHex) (Version: - )
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinRT Intellisense Desktop - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Desktop - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense IoT - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense PPI - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense UAP - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.1.10586.212 - Microsoft Corporation) Hidden
Wireshark 2.0.4 (32-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.4 - The Wireshark developer community, hxxps://www.wireshark.org)
WPT Redistributables (x32 Version: 8.100.26866 - Microsoft) Hidden
WPTx64 (x32 Version: 8.100.26837 - Microsoft) Hidden
Συλλογή φωτογραφιών (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
影像中心 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
照片库 (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Jan\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileCoAuthLib64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2520833252-57370397-164746935-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Jan\AppData\Roaming\Dropbox\bin\DropboxExt64.14.0.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {08A0DC55-0973-44D8-A0EA-FB1FD764ED2B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-28] (AVAST Software)
Task: {2032C9B5-8213-4A20-886F-D9A8BD12FD0B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {2666541D-B2E6-4E79-BA85-FDB8C430DD3D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {2D3DF89C-46C6-40F2-B7D7-F9BCD2824A1D} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001Core => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {2D7C4D98-54CF-4721-A09D-4E831F7AD6FE} - System32\Tasks\Microsoft\VisualStudio\VSIX Auto Update 14 => D:\Programme\VS\Common7\IDE\VSIXAutoUpdate.exe [2016-06-20] (Microsoft Corporation)
Task: {3052F1E7-DADA-4B7E-96C5-E39AA133ED9B} - System32\Tasks\HPCustParticipation HP Officejet Pro 8610 => C:\Program Files\HP\HP Officejet Pro 8610\Bin\HPCustPartic.exe [2013-09-11] (Hewlett-Packard Co.)
Task: {317AFD70-F5FD-4AE7-88A3-2B88BCDB6A4B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {36B9DA08-4712-4DFB-B4B3-5B934052C94A} - System32\Tasks\MT66 Software Update => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe [2009-11-18] (MedienTeam66)
Task: {44BAA015-D374-4DD4-A01D-CC3373B086A2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001UA => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {4C575AE0-20F8-460A-8B99-1CDDD03E777A} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2013-08-24] ()
Task: {4D245372-9881-4B54-BD2F-8ED371BD4CD7} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2013-11-27] (ASUSTeK Computer Inc.)
Task: {675F173E-A5D9-40D1-AD90-3B6359275823} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-02-21] (ASUSTeK)
Task: {6CC76EC1-18A6-4C5B-8865-6449E202D3D2} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-02-24] (Microsoft Corporation)
Task: {90BD2C46-67FD-4DB4-85BC-F067DCF1CABB} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-03-26] ()
Task: {A29AE95B-1445-48CB-806B-A4FA98B0F005} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2013-11-29] ()
Task: {B5347A83-C082-4935-A13F-BA960EB6A5C5} - System32\Tasks\{826EEB88-C98E-42A3-B75A-83CB1F1E4168} => pcalua.exe -a F:\PLAYER.EXE -d F:\
Task: {BB42533B-CBC4-4CCD-9D8C-9977B632C1A5} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2013-11-28] ()
Task: {BFE55ED6-124D-4DB5-B255-F196711AC4F6} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {CF4F9996-4864-4F1C-8B73-F2835C2C789B} - System32\Tasks\AsusVibeSchedule => C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe [2013-11-05] ()
Task: {D54A5F8E-6762-4282-A12E-27B4B27EB4A6} - System32\Tasks\{9F9BCA62-E226-495E-92FF-465A7F7A07A9} => pcalua.exe -a C:\Users\Jan\Downloads\forge-1.7.10-10.13.0.1199-installer-win.exe -d C:\Users\Jan\Downloads
Task: {DB3C46AC-5016-4858-915D-056915F6A8A5} - System32\Tasks\{53EE2769-5F7D-4C68-BFAF-4F132F11B6B6} => pcalua.exe -a "D:\Programme\Togolino Buchstabenarbenteuer\autostart.exe" -d "D:\Programme\Togolino Buchstabenarbenteuer"
Task: {F2B756CF-05E9-49A7-AA74-68D8CDE68634} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001Core.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2520833252-57370397-164746935-1001UA.job => C:\Users\Jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\MT66 Software Update.job => C:\Program Files (x86)\Common Files\MT66 Software Update\UpdateClient.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Jan\Desktop\Start AltLoader (Windows).bat - Verknüpfung.lnk -> d:\Downloads\Release\Start AltLoader (Windows).bat ()
ShortcutWithArgument: C:\Users\Jan\Desktop\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Vysor.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=gidgenkbbabolejbgbpnhbimgjbffefm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-06-11 16:43 - 2013-09-26 19:15 - 00059392 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2014-05-22 10:36 - 2012-04-24 11:43 - 00390632 ____R () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-05-11 07:48 - 2016-05-11 07:48 - 00041472 _____ () C:\Program Files (x86)\TunnelBear\TBear.Maintenance.exe
2014-06-11 16:46 - 2013-11-06 11:58 - 00920736 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-06-11 16:47 - 2014-03-26 02:36 - 00929936 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2014-06-11 16:47 - 2014-03-12 23:51 - 00907776 _____ () C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-06-25 16:34 - 2015-06-25 16:34 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 16:37 - 2015-06-25 16:37 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 16:35 - 2015-06-25 16:35 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 16:38 - 2015-06-25 16:38 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 15:53 - 2015-06-25 15:53 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 15:51 - 2015-06-25 15:51 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-08-31 16:09 - 2015-08-31 16:09 - 00005632 _____ () C:\Program Files (x86)\ClockworkMod\Universal Adb Driver\AdbNativeMessaging.exe
2015-07-03 16:58 - 2015-07-03 16:58 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-11-07 10:06 - 2014-11-07 02:06 - 01016104 _____ () C:\Program Files (x86)\RSUPPORT\MobizenService\dat\adb.exe
2016-11-08 18:14 - 2016-11-08 18:14 - 00326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 00073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2015-11-13 00:25 - 2015-11-13 00:25 - 00261328 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2016-09-13 21:07 - 2016-09-13 21:07 - 00033280 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\cx_Logging.cp35-win32.pyd
2016-08-15 23:38 - 2016-08-15 23:38 - 00103424 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32api.pyd
2016-01-11 23:11 - 2016-01-11 23:11 - 00111616 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pywintypes35.dll
2016-08-15 23:38 - 2016-08-15 23:38 - 00041984 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32process.pyd
2016-01-11 23:12 - 2016-01-11 23:12 - 00405504 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\pythoncom35.dll
2016-08-15 23:38 - 2016-08-15 23:38 - 00173568 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\win32gui.pyd
2016-08-15 23:33 - 2016-08-15 23:33 - 01934336 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtGui.pyd
2016-08-15 23:33 - 2016-08-15 23:33 - 00077824 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\sip.pyd
2016-08-15 23:33 - 2016-08-15 23:33 - 01780736 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtCore.pyd
2016-08-15 23:33 - 2016-08-15 23:33 - 00505856 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtNetwork.pyd
2016-08-15 23:33 - 2016-08-15 23:33 - 03812864 _____ () C:\Program Files (x86)\Raptr Inc\PlaysTV\PyQt5.QtWidgets.pyd
2014-06-11 16:46 - 2017-02-28 20:13 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2014-06-11 16:46 - 2010-06-29 03:58 - 00104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2014-06-11 16:41 - 2013-09-16 21:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-12-19 16:12 - 2016-03-09 07:28 - 03306496 _____ () C:\Program Files (x86)\Bluestacks\libGLESv2.dll
2015-03-09 18:07 - 2014-10-29 04:59 - 01029952 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSEngine.dll
2015-03-09 18:06 - 2014-10-29 01:46 - 00531456 _____ () C:\Windows\SYSTEM32\speech\engines\tts\MSTTSLoc.DLL
2017-02-28 19:41 - 2017-02-28 19:41 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-02-28 13:30 - 2017-02-21 19:58 - 00802112 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2015-12-13 10:53 - 2017-01-25 22:03 - 00035792 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2015-12-13 10:53 - 2017-01-25 22:03 - 00100296 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2015-12-13 10:53 - 2017-01-25 22:03 - 00018888 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\select.pyd
2015-12-13 10:53 - 2017-02-21 20:01 - 00019776 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2015-12-13 10:53 - 2017-01-25 22:03 - 00694224 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00020824 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2015-12-13 10:53 - 2017-01-25 22:04 - 00123856 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 01682768 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00020816 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-02-28 13:30 - 2017-01-25 22:03 - 00145864 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-02-28 13:30 - 2017-01-25 22:04 - 00019408 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-02-28 13:30 - 2017-01-25 22:03 - 00116688 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2015-12-13 10:53 - 2017-01-25 22:06 - 00105928 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32api.pyd
2016-08-11 12:08 - 2017-02-21 20:01 - 00022864 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00038712 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00052544 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00024528 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-02-28 13:30 - 2017-01-25 22:03 - 00392144 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-02-28 13:30 - 2017-01-25 22:06 - 00020936 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00116176 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32security.pyd
2015-12-13 10:53 - 2017-02-21 20:01 - 00381760 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00124880 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32file.pyd
2016-08-11 12:08 - 2017-02-21 20:01 - 00026456 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00024016 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00175560 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32gui.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00030160 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00043472 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32process.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00048592 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32service.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00057808 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00024016 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00246608 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00027488 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2016-08-11 12:08 - 2017-01-25 22:05 - 00241104 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00022336 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00028616 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 01826104 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2015-12-13 10:53 - 2017-01-25 22:04 - 00083912 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\sip.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 01972536 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 03928896 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00531264 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00053072 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2015-12-13 10:53 - 2017-02-21 20:01 - 00025432 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00133432 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00224064 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00207680 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-01-24 15:52 - 2017-02-21 20:01 - 00022864 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-01-24 15:52 - 2017-02-21 20:01 - 00022872 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-01-24 15:52 - 2017-02-21 20:01 - 00021848 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-01-24 15:52 - 2017-02-21 20:01 - 00022872 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00350152 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00103232 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2016-02-20 11:06 - 2017-02-21 20:01 - 00023896 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00025936 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-02-28 13:30 - 2017-01-25 22:01 - 00036296 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\librsync.dll
2017-02-28 13:30 - 2017-02-21 20:01 - 00084288 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-02-28 13:30 - 2017-01-25 22:11 - 00017864 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-02-28 13:30 - 2017-01-25 22:11 - 01631184 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-02-28 13:30 - 2017-02-21 20:01 - 00042816 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00171336 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00357688 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2015-12-13 10:53 - 2017-01-25 22:06 - 00060880 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\win32print.pyd
2016-08-11 12:08 - 2017-02-21 20:01 - 00026456 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-02-28 13:30 - 2017-02-21 20:01 - 00546104 _____ () C:\Users\Jan\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2017-02-08 15:34 - 2017-02-01 10:01 - 01870168 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll
2017-02-08 15:33 - 2017-02-01 10:01 - 00085848 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00087040 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ctypes.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00043008 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_socket.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00805376 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_ssl.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 05812736 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtGui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00067584 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sip.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 01662464 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtCore.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00494592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00096256 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32api.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00110592 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pywintypes26.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00010240 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\select.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00356864 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_hashlib.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00036352 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32process.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00111104 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32file.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00044544 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\_sqlite3.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 00417501 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\sqlite3.dll
2010-11-22 23:57 - 2010-11-22 23:57 - 00167936 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\win32gui.pyd
2014-05-14 00:26 - 2014-05-14 00:26 - 00313856 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00127488 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\pyexpat.pyd
2010-11-22 23:56 - 2010-11-22 23:56 - 00009216 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\winsound.pyd
2015-10-21 21:29 - 2015-10-21 21:29 - 00113171 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlc.dll
2015-10-21 21:29 - 2015-10-21 21:29 - 02396691 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libvlccore.dll
2010-11-22 23:56 - 2010-11-22 23:56 - 00583680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\unicodedata.pyd
2010-11-22 23:57 - 2010-11-22 23:57 - 00141312 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\gobject._gobject.pyd
2016-04-19 18:08 - 2016-04-19 18:08 - 02717595 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\heliotrope._purple.pyd
2011-02-15 19:17 - 2011-02-15 19:17 - 01213633 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libxml2-2.dll
2010-11-23 00:06 - 2010-11-23 00:06 - 00055808 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\zlib1.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00495680 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libaim.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 01183699 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\liboscar.dll
2013-05-10 00:52 - 2013-05-10 00:52 - 00483306 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libicq.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00655356 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libirc.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 01306387 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libmsn.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00565461 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libxmpp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01640221 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libjabber.dll
2013-05-03 19:56 - 2013-05-03 19:56 - 00506276 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoo.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 01053730 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\libymsg.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00497782 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\libyahoojp.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00603326 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl-nss.dll
2013-05-03 19:57 - 2013-05-03 19:57 - 00474199 _____ () C:\Program Files (x86)\Raptr Inc\Raptr\plugins\ssl.dll
2016-12-18 17:06 - 2016-12-18 17:06 - 00747520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vbeb7089b#\767193e02d3f76ddeb2e7ab449e4f841\Microsoft.VisualStudio.Threading.ni.dll
2016-12-18 17:07 - 2016-12-18 17:07 - 00052224 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Vd43b287e#\2ec999866870f8826cc6054227f82546\Microsoft.VisualStudio.Validation.ni.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxldtlfudivq`qsp`26hfm [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2017-02-21 19:06 - 00000081 ____A C:\Windows\system32\Drivers\etc\hosts
164.132.122.135 authserver.mojang.com
164.132.122.135 sessionserver.mojang.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\AvGeneric_S-1-5-21-2520833252-57370397-164746935-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-2520833252-57370397-164746935-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fan_art_minecraft_photo_wallpaper.png
HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\fan_art_minecraft_photo_wallpaper.png
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
HKLM\...\StartupApproved\Run: => "BtServer"
HKLM\...\StartupApproved\Run: => "mcpltui_exe"
HKLM\...\StartupApproved\Run: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "ASUSPRP"
HKLM\...\StartupApproved\Run32: => "WebStorage"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "LWS"
HKLM\...\StartupApproved\Run32: => "APSDaemon"
HKLM\...\StartupApproved\Run32: => "SoundTouch Music Server"
HKLM\...\StartupApproved\Run32: => "DT HPC"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "PivotSoftware"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\StartupApproved\StartupFolder: => "Product Registration.lnk"
HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\StartupApproved\Run: => "BlazeServoTool"
HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-2520833252-57370397-164746935-1001\...\StartupApproved\Run: => "CyberGhost"
HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\StartupFolder: => "Product Registration.lnk"
HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "BlazeServoTool"
HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Free Download Manager"
HKU\S-1-5-21-2520833252-57370397-164746935-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CyberGhost"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
24-02-2017 18:41:24 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (03/01/2017 03:00:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: playstv_launcher.exe, Version: 1.14.1.0, Zeitstempel: 0x4bbd3163
Name des fehlerhaften Moduls: python26.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000135
Fehleroffset: 0x0009d3c2
ID des fehlerhaften Prozesses: 0x23d0
Startzeit der fehlerhaften Anwendung: 0x01d29294314b824f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
Pfad des fehlerhaften Moduls: python26.dll
Berichtskennung: 727c702d-fe87-11e6-83da-54271ee707f4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (03/01/2017 03:00:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (03/01/2017 03:00:28 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Error: (03/01/2017 03:00:27 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Das Serverdienst-Leistungsobjekt kann nicht geöffnet werden. Die ersten vier Bytes (DWORD) des Datenabschnitts enthalten den Statuscode.
Error: (03/01/2017 03:00:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "MSDTC" in der DLL "C:\Windows\system32\msdtcuiu.DLL" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (03/01/2017 03:00:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "Lsa" in der DLL "C:\Windows\System32\Secur32.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (03/01/2017 03:00:27 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (02/28/2017 08:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: playstv_launcher.exe, Version: 1.14.1.0, Zeitstempel: 0x4bbd3163
Name des fehlerhaften Moduls: python26.dll, Version: 6.3.9600.18233, Zeitstempel: 0x56bb4e1d
Ausnahmecode: 0xc0000135
Fehleroffset: 0x0009d3c2
ID des fehlerhaften Prozesses: 0x1f24
Startzeit der fehlerhaften Anwendung: 0x01d291f9b90d7b2f
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Raptr Inc\PlaysTV\playstv_launcher.exe
Pfad des fehlerhaften Moduls: python26.dll
Berichtskennung: f8260ef6-fdec-11e6-83da-54271ee707f4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (02/28/2017 08:34:41 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "WmiApRpl" in der DLL "C:\Windows\system32\wbem\wmiaprpl.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (02/28/2017 08:34:40 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL rdyboost kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
Systemfehler:
=============
Error: (02/28/2017 10:04:05 PM) (Source: DCOM) (EventID: 10010) (User: JANSPC)
Description: Der Server "{3FCB7074-EC9E-4AAF-9BE3-C0E356942366}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (02/28/2017 08:38:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/28/2017 08:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/28/2017 08:38:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (02/28/2017 07:27:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/28/2017 07:27:47 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/28/2017 07:27:46 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (02/28/2017 07:20:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "aswbIDSAgent" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.
Error: (02/28/2017 07:20:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst aswbIDSAgent erreicht.
Error: (02/28/2017 07:15:22 PM) (Source: DCOM) (EventID: 10010) (User: JANSPC)
Description: Der Server "{3FCB7074-EC9E-4AAF-9BE3-C0E356942366}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
CodeIntegrity:
===================================
Date: 2014-09-07 18:45:18.672
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\atksgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-09-07 18:45:18.500
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\lirsgt.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 8131.11 MB
Verfügbarer physikalischer RAM: 4072.63 MB
Summe virtueller Speicher: 10115.11 MB
Verfügbarer virtueller Speicher: 5230.14 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:150 GB) (Free:2.43 GB) NTFS
Drive d: (Data) (Fixed) (Total:1693.95 GB) (Free:1057.76 GB) NTFS
Drive f: (DIABLO) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 1863 GB) (Disk ID: C826CDC5)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
01.03.2017, 21:00
| #7 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Sei auch so gut alle anderen Logs (zB von malwarebytes) so zu posten.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.03.2017, 22:11
| #8 |
| | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Malwarebytes findet genauso wie der ESET Online Scanner nichts. Ist der PC Clean? |
|
03.03.2017, 09:45
| #9 |
| /// Winkelfunktion /// TB-Süch-Tiger™ |  Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Nun poste doch einfach mal die Logs. So ein Log gibt mehr Infos als nur Fund oder kein Fund.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.03.2017, 09:44
| #10 |
| | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehrCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 02.03.2017 Suchlauf-Zeit: 20:17:05 Logdatei: malwarebytes.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2017.03.02.12 Rootkit Datenbank: v2017.02.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 8.1 CPU: x64 Dateisystem: NTFS Benutzer: Jan Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 457824 Verstrichene Zeit: 17 Min, 55 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) |
|
05.03.2017, 10:30
| #11 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr Im Verlauf...
__________________ Logfiles bitte immer in CODE-Tags posten |
|
06.03.2017, 14:59
| #12 |
| | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehrCode:
ATTFilter Der folgende Fehler ist aufgetreten: Fehlercode: 0x80070070. Es steht nicht genug Speicherplatz auf dem Datenträger zur Verfügung.
Kategorie: Hintertür
Beschreibung: Dieses Programm stellt einen Remotezugriff auf den Computer bereit, auf dem es installiert ist.
Empfohlene Aktion: Entfernen Sie diese Software unverzüglich.
Elemente:
containerfile:C:\Users\Jan\Downloads\Who's Your Daddy.zip
file:C:\Users\Jan\Downloads\Who's Your Daddy.zip->Who's Your Daddy/Start Game.exe->(RarSfx)->WYD.exe
|
|
06.03.2017, 15:19
| #13 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehrZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
| Themen zu Avast startet nachdem sich ein Browsertab geöffnet und direkt wieder geschlossen hat nicht mehr |
| adobe, antivirus, avast, browser, computer, converter, defender, explorer, free download, ftp, google, helper, homepage, malware, mp3, programm kann nicht geöffnet werden, prozesse, realtek, registry, scan, security, software, starten, svchost.exe, system, temp, trojaner, trojaner/virus, virus, windows, winlogon.exe |
Linear-Darstellung
