FRST; Addition
Hier is es: Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von Daniel (Administrator) auf LAPTOP (01-07-2016 07:38:57)
Gestartet von C:\Users\Daniel\Downloads
Geladene Profile: Daniel (Verfügbare Profile: Daniel)
Platform: Windows 8.1 Pro (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\msoia.exe
(WiseCleaner.com) C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [814608 2016-04-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [17008 2016-06-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8810200 2016-06-10] (Piriform Ltd)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2917456 2016-06-15] (Valve Corporation)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{04E21828-AB1A-4880-A398-56582BE594A3}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{1E1A188B-1378-4952-811A-32478B758EFD}: [DhcpNameServer] 82.163.142.7
Tcpip\..\Interfaces\{21A0E600-F523-4F9E-BF0B-A97E36F5C31C}: [NameServer] 195.37.88.2,195.37.88.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {4BDC21EA-91A2-49F0-8567-33F8261C8DB6} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {87CE2B2E-CA6B-4EC2-8FA2-0F950A2714B7} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {AD430B31-670C-430F-8AE7-176D9B720BC9} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001 -> {CDB7F44B-77DE-461C-939C-75FA1569613B} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2016-06-23] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2016-06-23] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2016-06-23] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-23] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2016-06-23] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-23] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-04-26] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-06-23] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2016-06-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1709449750-3236269397-1973272773-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Daniel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-18] (Unity Technologies ApS)
FF Extension: Avira Browser Safety - C:\Users\Daniel\AppData\Roaming\Mozilla\Firefox\Profiles\5c7xcxxr.default\Extensions\abs@avira.com [2016-06-23]
Chrome:
=======
CHR Profile: C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-31]
CHR Extension: (Google Drive) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-06-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-05-30]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2016-06-15]
CHR Extension: (YouTube) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-31]
CHR Extension: (Adblock Plus) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-06-29]
CHR Extension: (Avira Browserschutz) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-06-23]
CHR Extension: (Google Docs Offline) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-30]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-30]
CHR Extension: (Google Mail) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-31]
CHR Extension: (Chrome Media Router) - C:\Users\Daniel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-06-24]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [970656 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [467016 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1435704 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
S3 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1045928 2016-02-18] (AVG Technologies CZ, s.r.o.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
R3 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2855152 2016-06-05] (Microsoft Corporation)
S3 DAUpdaterSvc; C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [25832 2016-06-24] (BioWare)
S3 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156384 2015-10-12] (NVIDIA Corporation)
S3 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1873696 2015-10-12] (NVIDIA Corporation)
S3 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5568288 2015-10-12] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2057736 2015-09-17] (Electronic Arts)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [25760 2016-06-09] (Avira Operations GmbH & Co. KG)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [579832 2016-01-19] (WiseCleaner.com)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2015-09-04] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-04-04] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2016-04-04] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-04-04] (Avira Operations GmbH & Co. KG)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2015-09-04] ()
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20768 2015-10-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S4 secdrv; kein ImagePath
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 WiseHDInfo; C:\WINDOWS\WiseHDInfo64.dll [14800 2015-08-27] (wisecleaner.com)
R3 WiseRegNotify; C:\WINDOWS\WiseRegNotify.sys [29616 2016-05-27] (WiseCleaner.com)
R3 ykinw8; C:\Windows\system32\DRIVERS\ykinx64.sys [288768 2013-06-18] (Marvell)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-07-01 07:38 - 2016-07-01 07:39 - 00019752 _____ C:\Users\Daniel\Downloads\FRST.txt
2016-07-01 07:38 - 2016-07-01 07:38 - 02390016 _____ (Farbar) C:\Users\Daniel\Downloads\FRST64.exe
2016-07-01 07:38 - 2016-07-01 07:38 - 00000000 ____D C:\FRST
2016-06-30 20:13 - 2016-06-30 22:12 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-30 20:13 - 2016-06-30 20:13 - 00001407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-06-30 20:13 - 2016-06-30 20:13 - 00001395 _____ C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2016-06-30 20:13 - 2016-06-30 20:13 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-30 20:13 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\WINDOWS\system32\sdnclean64.exe
2016-06-30 20:12 - 2016-06-30 20:12 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\Daniel\Downloads\spybot-2.4.40.exe
2016-06-30 19:48 - 2016-06-30 22:11 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-06-30 19:48 - 2016-06-30 19:48 - 03086696 _____ C:\Users\Daniel\Downloads\instspeedfan452.exe
2016-06-30 19:48 - 2016-06-30 19:48 - 00000045 _____ C:\WINDOWS\SysWOW64\initdebug.nfo
2016-06-30 19:47 - 2016-06-30 19:47 - 00000946 _____ C:\Users\Public\Desktop\CPUID HWMonitor.lnk
2016-06-30 19:47 - 2016-06-30 19:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-06-30 19:47 - 2016-06-30 19:47 - 00000000 ____D C:\Program Files\CPUID
2016-06-30 19:46 - 2016-06-30 19:46 - 01224080 _____ ( ) C:\Users\Daniel\Downloads\hwmonitor_1.29.exe
2016-06-30 19:39 - 2016-06-30 19:39 - 00262144 ____N C:\WINDOWS\Minidump\063016-23484-01.dmp
2016-06-30 19:38 - 2016-06-30 19:38 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\NVIDIA
2016-06-30 19:37 - 2016-01-29 14:08 - 00082488 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2016-06-30 19:37 - 2016-01-29 14:08 - 00067520 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 06791736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 03529152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 02558328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00932728 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-30 19:37 - 2016-01-29 12:49 - 00384888 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00062512 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-30 19:37 - 2016-01-28 18:29 - 06150607 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-30 19:34 - 2016-06-30 19:34 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-06-30 19:34 - 2016-01-29 14:08 - 31523896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 24207296 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 23000000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 18634264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 17559240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 16128576 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 15302712 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 14497568 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 13916600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 13828032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 12911160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-30 19:34 - 2016-01-29 14:08 - 11272240 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 11209376 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 04252608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 03996216 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 03210784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 02825016 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 01908272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6434195.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 01557552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6434195.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00952256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00915392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00911928 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00878648 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-30 19:34 - 2016-01-29 14:08 - 00026157 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-30 19:32 - 2016-06-30 19:32 - 00000000 ____D C:\NVIDIA
2016-06-30 19:31 - 2016-06-30 19:32 - 283505784 _____ (NVIDIA Corporation) C:\Users\Daniel\Downloads\341.95-notebook-win8-win7-64bit-international.exe
2016-06-30 19:26 - 2016-06-30 19:26 - 00262144 ____N C:\WINDOWS\Minidump\063016-21546-01.dmp
2016-06-30 19:23 - 2016-06-30 19:23 - 01474568 _____ C:\Users\Daniel\Downloads\FurMark - CHIP-Installer.exe
2016-06-30 19:03 - 2016-06-30 19:03 - 00262144 ____N C:\WINDOWS\Minidump\063016-22093-01.dmp
2016-06-30 16:44 - 2016-06-30 16:44 - 00000222 _____ C:\Users\Daniel\Desktop\Pillars of Eternity.url
2016-06-30 15:52 - 2016-06-30 15:52 - 00067240 _____ C:\Users\Daniel\Downloads\Wahlergebnis Studierende (1).pdf
2016-06-30 12:01 - 2016-06-30 12:02 - 00067240 _____ C:\Users\Daniel\Downloads\Wahlergebnis Studierende.pdf
2016-06-30 09:58 - 2016-06-30 09:58 - 00262144 ____N C:\WINDOWS\Minidump\063016-24593-01.dmp
2016-06-30 09:56 - 2016-06-30 09:56 - 00262144 ____N C:\WINDOWS\Minidump\063016-25453-01.dmp
2016-06-30 09:35 - 2016-06-30 09:35 - 00262144 ____N C:\WINDOWS\Minidump\063016-24718-01.dmp
2016-06-29 08:01 - 2016-06-29 08:01 - 00291928 _____ C:\Users\Daniel\Downloads\1030118809.pdf
2016-06-29 05:57 - 2016-06-29 05:58 - 00564312 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-25 17:55 - 2016-06-25 17:56 - 00000000 ____D C:\Users\Daniel\Desktop\Corel
2016-06-25 14:21 - 2016-06-25 14:21 - 00000000 ____D C:\Users\Daniel\Documents\Meine Paletten
2016-06-25 14:04 - 2016-06-25 14:04 - 00000000 ____D C:\ProgramData\VsTelemetry
2016-06-25 14:04 - 2016-06-25 14:04 - 00000000 ____D C:\Program Files (x86)\gs
2016-06-25 14:03 - 2016-06-25 14:06 - 00003314 _____ C:\WINDOWS\System32\Tasks\CorelUpdateHelperTaskCore
2016-06-25 14:03 - 2016-06-25 14:03 - 00000000 ____D C:\Program Files (x86)\Corel
2016-06-25 14:02 - 2016-06-25 14:02 - 00000000 ____D C:\Program Files\Common Files\Corel
2016-06-25 14:00 - 2016-06-25 14:00 - 00000000 ____D C:\Users\Public\Documents\Corel
2016-06-25 13:58 - 2016-06-25 14:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CorelDRAW Graphics Suite X8 (64-bit)
2016-06-25 13:57 - 2016-06-25 14:19 - 00000000 ____D C:\Users\Daniel\Documents\Corel
2016-06-25 13:57 - 2016-06-25 14:07 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Corel
2016-06-25 13:55 - 2016-06-25 14:17 - 00000000 ____D C:\ProgramData\Corel
2016-06-25 13:54 - 2016-06-25 14:03 - 00000000 ____D C:\Program Files\Corel
2016-06-25 13:51 - 2016-06-25 13:51 - 00000000 ____D C:\ProgramData\UniqueId
2016-06-25 13:49 - 2016-06-25 13:49 - 01473544 _____ C:\Users\Daniel\Downloads\CorelDraw Graphics Suite X8 64 Bit - CHIP-Installer.exe
2016-06-25 13:41 - 2016-06-25 13:41 - 00001582 _____ C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-06-25 13:41 - 2016-06-25 13:41 - 00000000 ____D C:\Users\Daniel\AppData\Local\gtk-2.0
2016-06-25 13:39 - 2016-06-25 13:39 - 00000000 ____D C:\Users\Daniel\AppData\Local\webkit
2016-06-24 21:26 - 2016-06-24 21:26 - 00000979 _____ C:\Users\Public\Desktop\Steam.lnk
2016-06-24 21:25 - 2016-06-24 21:25 - 01476720 _____ C:\Users\Daniel\Downloads\SteamSetup__17.exe
2016-06-23 20:29 - 2016-06-23 20:29 - 00000000 ____D C:\Users\Daniel\AppData\Local\AviraSpeedup
2016-06-23 16:59 - 2016-06-23 16:59 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Avira
2016-06-23 16:57 - 2016-06-23 16:57 - 00000000 ____D C:\Users\Daniel\AppData\Local\Avira
2016-06-23 16:50 - 2016-06-29 05:25 - 00000000 ____D C:\Users\Public\Speedup Sessions
2016-06-23 16:50 - 2016-06-23 16:50 - 00003344 _____ C:\WINDOWS\System32\Tasks\Avira System Speedup Tray
2016-06-23 16:46 - 2016-04-04 17:07 - 00146712 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2016-06-23 16:46 - 2016-04-04 17:07 - 00128664 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2016-06-23 16:46 - 2016-04-04 17:07 - 00078208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2016-06-23 16:46 - 2016-04-04 17:07 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2016-06-23 16:45 - 2016-06-23 16:45 - 00001230 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-23 16:44 - 2016-06-23 16:50 - 00000000 ____D C:\Program Files (x86)\Avira
2016-06-23 16:44 - 2016-06-23 16:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-23 16:44 - 2016-06-23 16:46 - 00000000 ____D C:\ProgramData\Avira
2016-06-23 16:44 - 2016-06-23 16:44 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Daniel\Downloads\avira_de_avprodl_576bf5c903ea8__adw.exe
2016-06-23 16:44 - 2016-06-23 16:44 - 04657056 _____ (Avira Operations GmbH & Co. KG) C:\Users\Daniel\Downloads\avira_de_avprodl_576bf5c903ea8__adw (1).exe
2016-06-23 16:28 - 2016-06-23 16:28 - 06253640 _____ (AVAST Software) C:\Users\Daniel\Downloads\avast_free_antivirus_setup_online (1).exe
2016-06-23 15:20 - 2016-06-23 15:20 - 13166304 _____ (Microsoft Corporation) C:\Users\Daniel\Downloads\Silverlight_x64 (1).exe
2016-06-23 14:54 - 2016-06-23 14:54 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2016-06-23 14:03 - 2016-06-23 15:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Battle.net
2016-06-23 14:03 - 2016-06-23 14:03 - 00000000 ____D C:\Users\Daniel\AppData\Local\Blizzard Entertainment
2016-06-23 14:03 - 2016-06-23 14:03 - 00000000 ____D C:\ProgramData\Blizzard Entertainment
2016-06-23 14:02 - 2016-06-23 14:06 - 00000000 ____D C:\Program Files (x86)\Battle.net
2016-06-23 14:02 - 2016-06-23 14:02 - 03012080 _____ (Blizzard Entertainment) C:\Users\Daniel\Downloads\Battle.net-Setup.exe
2016-06-23 14:02 - 2016-06-23 14:02 - 00001134 _____ C:\Users\Public\Desktop\Battle.net.lnk
2016-06-23 14:02 - 2016-06-23 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2016-06-23 13:48 - 2016-06-23 15:17 - 00000000 ____D C:\ProgramData\Battle.net
2016-06-23 13:48 - 2016-06-23 14:06 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Battle.net
2016-06-23 13:48 - 2016-06-23 13:48 - 03219440 _____ (Blizzard Entertainment) C:\Users\Daniel\Downloads\Diablo-III-Setup.exe
2016-06-23 13:14 - 2016-06-23 13:14 - 06995720 _____ (Piriform Ltd) C:\Users\Daniel\Downloads\ccsetup519.exe
2016-06-23 13:07 - 2016-06-23 13:10 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Wise Euask
2016-06-23 13:06 - 2016-06-23 13:06 - 06812424 _____ (WiseCleaner.com ) C:\Users\Daniel\Downloads\WiseCare365 (3).exe
2016-06-22 08:33 - 2016-06-22 08:33 - 00002325 _____ C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-21 07:28 - 2016-06-22 08:33 - 00003178 _____ C:\WINDOWS\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1709449750-3236269397-1973272773-1001
2016-06-21 07:27 - 2016-06-21 07:27 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2016-06-21 07:26 - 2016-06-21 07:26 - 00002487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive for Business.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002484 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002480 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002459 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002437 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype for Business 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002434 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002398 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00002370 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-06-21 07:26 - 2016-06-21 07:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2016-06-21 07:24 - 2016-06-21 07:25 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-06-16 12:08 - 2016-06-16 12:08 - 03703360 _____ C:\Users\Daniel\Downloads\adwcleaner_5.200.exe
2016-06-15 20:54 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 20:54 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 20:54 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 20:54 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 20:54 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 20:54 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 20:54 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 20:54 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 20:54 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 20:53 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 20:53 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 20:53 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 20:53 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 20:53 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 20:53 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 20:53 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 20:53 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 20:53 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 20:53 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 20:53 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 20:53 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 20:53 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 20:53 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 20:53 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 20:53 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 20:53 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 20:53 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 20:52 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 20:52 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 20:52 - 2016-05-12 18:24 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2016-06-15 20:52 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 20:52 - 2016-05-12 18:12 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpscript.dll
2016-06-15 20:52 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 20:52 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 20:52 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 20:52 - 2016-05-12 17:48 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2016-06-15 20:52 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 20:52 - 2016-05-12 17:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpscript.dll
2016-06-15 20:52 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 20:51 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 20:51 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 20:51 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 20:51 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 20:51 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 20:51 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 20:51 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 20:51 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 20:51 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 20:51 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 20:51 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 20:50 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 20:50 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 20:50 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 20:50 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 20:50 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 20:50 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 20:50 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 20:50 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 20:50 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 20:50 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 20:50 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 20:50 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 20:50 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 20:50 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 20:50 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 20:50 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 20:50 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 20:50 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 20:50 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 20:50 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 20:50 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 20:50 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 20:50 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 20:50 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 20:50 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 20:50 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 20:50 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 20:50 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 20:50 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 20:50 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 20:50 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 20:50 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 20:50 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 20:50 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 20:50 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 20:50 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 20:50 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-12 23:27 - 2016-06-15 20:30 - 00000000 ____D C:\Users\Daniel\AppData\Local\ESET
2016-06-12 23:26 - 2016-06-13 11:50 - 06858912 _____ (ESET spol. s r.o.) C:\Users\Daniel\Downloads\esetonlinescanner_enu.exe
2016-06-12 13:26 - 2016-06-12 13:26 - 00000000 _____ C:\WINDOWS\SysWOW64\last.dump
2016-06-09 21:51 - 2016-07-01 07:32 - 00000416 _____ C:\WINDOWS\Tasks\Wise Care 365.job
2016-06-09 21:51 - 2016-06-30 21:00 - 00000444 _____ C:\WINDOWS\Tasks\Wise Turbo Checker.job
2016-06-09 21:51 - 2016-06-09 21:51 - 00003094 _____ C:\WINDOWS\System32\Tasks\Wise Turbo Checker
2016-06-09 21:51 - 2016-06-09 21:51 - 00002824 _____ C:\WINDOWS\System32\Tasks\Wise Care 365
2016-06-08 13:06 - 2016-06-08 13:06 - 00036009 _____ C:\Users\Daniel\Downloads\1186_6b73.pdf
2016-06-07 21:31 - 2016-06-07 21:31 - 00000000 ____D C:\Users\Daniel\.thumbnails
2016-06-07 21:11 - 2016-06-07 21:11 - 06976264 _____ (WiseCleaner.com ) C:\Users\Daniel\Downloads\WiseCare365 (2).exe
2016-06-07 20:48 - 2016-06-07 20:48 - 01471450 _____ C:\Users\Daniel\Downloads\Wiederholtes Wahlausschreiben.zip
2016-06-06 21:05 - 2016-06-06 21:05 - 00098144 _____ C:\Users\Daniel\Downloads\Satzung_FSR_GT_URT.pdf
2016-06-06 15:56 - 2016-06-06 15:56 - 00015755 _____ C:\Users\Daniel\Downloads\Haushaltsplan FSR.odt
2016-06-06 15:56 - 2016-06-06 15:56 - 00015755 _____ C:\Users\Daniel\Downloads\Haushaltsplan FSR (1).odt
2016-06-04 00:24 - 2016-06-04 00:24 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-04 00:24 - 2016-06-04 00:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-04 00:23 - 2016-06-04 00:24 - 00000000 ____D C:\Program Files\iTunes
2016-06-04 00:23 - 2016-06-04 00:23 - 00000000 ____D C:\Program Files\iPod
2016-06-04 00:23 - 2016-06-04 00:23 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-04 00:06 - 2016-06-04 00:06 - 03677248 _____ C:\Users\Daniel\Downloads\adwcleaner_5.119 (1).exe
2016-06-04 00:05 - 2016-06-04 00:06 - 03677248 _____ C:\Users\Daniel\Downloads\Nicht bestätigt 769587.crdownload
2016-06-03 19:37 - 2016-06-03 19:37 - 00001709 _____ C:\Users\Daniel\Downloads\1054364214_bibframe.rdf
2016-06-02 15:18 - 2016-06-02 15:18 - 00701008 _____ C:\Users\Daniel\Downloads\Anlagen.zip
2016-06-01 16:55 - 2016-06-01 16:55 - 00070662 _____ C:\Users\Daniel\Downloads\Protokoll Umweltanalytik V3.odt.pdf
2016-06-01 16:48 - 2016-06-01 16:49 - 215483212 _____ C:\Users\Daniel\Downloads\Amazon-Music-Download_2016-06-01_16-48.zip
2016-06-01 16:43 - 2016-06-01 16:56 - 205744746 _____ C:\Users\Daniel\Downloads\Amazon-Music-Download_2016-06-01_16-43.zip
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2099-01-01 01:01 - 2015-08-27 11:11 - 00003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{40BEC314-F4CB-4B1E-A590-6DFF4B087C8D}
2016-07-01 07:32 - 2015-08-19 19:16 - 00000000 ___RD C:\Users\Daniel\OneDrive
2016-07-01 07:31 - 2015-11-17 07:46 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-06-30 23:15 - 2015-08-19 14:06 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-06-30 22:25 - 2015-08-19 09:18 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1709449750-3236269397-1973272773-1001
2016-06-30 22:13 - 2016-05-22 17:50 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Wise Care 365
2016-06-30 22:12 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-30 22:11 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-06-30 22:11 - 2013-08-22 15:25 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-06-30 22:10 - 2015-08-19 18:55 - 00000000 ____D C:\Users\Daniel
2016-06-30 22:03 - 2015-09-22 20:09 - 00000000 ____D C:\Users\Daniel\Desktop\CD-Coves itunes
2016-06-30 19:39 - 2015-08-24 13:01 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-30 19:37 - 2016-02-28 00:47 - 00000000 ____D C:\Temp
2016-06-30 19:37 - 2015-11-16 19:27 - 00000000 ____D C:\ProgramData\NVIDIA
2016-06-30 19:37 - 2015-08-19 18:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-06-30 19:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\Help
2016-06-30 19:36 - 2015-08-20 05:35 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-30 18:57 - 2015-08-20 07:58 - 00000000 ____D C:\Program Files (x86)\Steam
2016-06-29 08:12 - 2014-09-24 08:16 - 01776918 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-29 08:12 - 2014-09-24 07:43 - 00765582 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-29 08:12 - 2014-09-24 07:43 - 00159366 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-29 05:56 - 2015-11-01 22:11 - 00000000 ____D C:\AdwCleaner
2016-06-28 21:46 - 2015-08-19 09:12 - 00000000 ____D C:\Users\Daniel\AppData\Local\Packages
2016-06-26 18:17 - 2015-08-20 07:26 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-06-25 23:38 - 2015-11-17 07:46 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-06-25 17:58 - 2016-01-23 15:38 - 00000000 ____D C:\Users\Daniel\Desktop\SecurityAndCleaner
2016-06-25 17:58 - 2016-01-23 15:36 - 00000000 ____D C:\Users\Daniel\Desktop\Spiele
2016-06-25 17:57 - 2015-11-15 21:49 - 00000000 ____D C:\Users\Daniel\Desktop\Files
2016-06-25 14:04 - 2015-09-17 19:56 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-25 14:04 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2016-06-25 13:54 - 2016-05-29 19:42 - 00000000 ____D C:\Users\Daniel\.gimp-2.8
2016-06-24 21:33 - 2016-02-20 22:52 - 00000000 ____D C:\Users\Daniel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-24 21:26 - 2015-10-24 10:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2016-06-23 20:32 - 2015-11-02 17:36 - 00000000 ____D C:\WINDOWS\SoftwareDistribution.old
2016-06-23 20:32 - 2015-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\PDF24
2016-06-23 20:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2016-06-23 20:32 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\catroot2.old
2016-06-23 17:06 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-23 17:06 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-23 16:34 - 2015-11-16 22:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 16:34 - 2015-11-16 22:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 16:34 - 2015-08-20 07:21 - 00000000 ____D C:\ProgramData\AVAST Software
2016-06-23 15:20 - 2015-11-16 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-23 14:55 - 2013-08-22 17:36 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-23 14:52 - 2015-12-03 15:34 - 00000000 ____D C:\Program Files\Microsoft Office
2016-06-23 13:07 - 2016-05-22 17:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Care 365
2016-06-19 17:14 - 2016-05-14 17:13 - 00003418 _____ C:\WINDOWS\System32\Tasks\Apple Diagnostics
2016-06-18 10:05 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 22:43 - 2015-09-08 20:02 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-17 21:31 - 2015-11-17 07:46 - 00003908 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-06-17 21:31 - 2015-11-17 07:46 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 16:04 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-16 15:41 - 2015-08-19 23:44 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-16 15:41 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-15 22:09 - 2015-08-19 12:16 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 21:58 - 2015-08-19 12:16 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 19:13 - 2016-03-11 18:02 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2016-03-11 18:02 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-12 19:42 - 2016-05-14 17:16 - 00000000 ____D C:\Users\Daniel\AppData\Local\8213A5E2-8274-4FEC-AFAA-678F401A5C73.aplzod
2016-06-12 19:42 - 2016-05-14 17:14 - 00000000 ___RD C:\Users\Daniel\iCloudDrive
2016-06-12 19:42 - 2015-08-28 21:25 - 00000000 ____D C:\Users\Daniel\AppData\Local\Apple
2016-06-12 09:27 - 2016-04-09 19:54 - 00001079 _____ C:\Users\Daniel\Desktop\MikrSan Vers2.txt
2016-06-04 00:23 - 2015-08-28 21:24 - 00000000 ____D C:\Program Files\Common Files\Apple
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-09-08 22:29 - 2015-09-08 22:29 - 0106602 _____ () C:\Users\Daniel\AppData\Local\ars.cache
2015-09-08 22:29 - 2015-09-08 22:29 - 0265562 _____ () C:\Users\Daniel\AppData\Local\census.cache
2015-09-08 22:08 - 2015-09-08 22:08 - 0000036 _____ () C:\Users\Daniel\AppData\Local\housecall.guid.cache
2016-06-25 13:41 - 2016-06-25 13:41 - 0001582 _____ () C:\Users\Daniel\AppData\Local\recently-used.xbel
2016-02-09 22:10 - 2016-02-09 22:10 - 0000000 _____ () C:\Users\Daniel\AppData\Local\{89A237CE-4F1B-41B8-898A-E841E7003022}
Einige Dateien in TEMP:
====================
C:\Users\Daniel\AppData\Local\Temp\avgnt.exe
C:\Users\Daniel\AppData\Local\Temp\libeay32.dll
C:\Users\Daniel\AppData\Local\Temp\msvcr120.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Daniel\AppData\Local\Temp\sfamcc00002.dll
C:\Users\Daniel\AppData\Local\Temp\sfareca00001.dll
C:\Users\Daniel\AppData\Local\Temp\sfextra.dll
C:\Users\Daniel\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-06-29 06:52
==================== Ende von FRST.txt ============================
FRST Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von Daniel (2016-07-01 07:40:24)
Gestartet von C:\Users\Daniel\Downloads
Windows 8.1 Pro (Update) (X64) (2015-08-19 17:11:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1709449750-3236269397-1973272773-500 - Administrator - Disabled)
Daniel (S-1-5-21-1709449750-3236269397-1973272773-1001 - Administrator - Enabled) => C:\Users\Daniel
Gast (S-1-5-21-1709449750-3236269397-1973272773-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Amazon Music (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\Amazon Amazon Music) (Version: 4.3.1.1354 - Amazon Services LLC)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 2.5.4.2277 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.19 - Piriform)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM T (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (Version: 18.0.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.0.0.450 - Corel Corporation)
CorelDRAW Graphics Suite X8 (Version: 18.0 - Corel Corporation) Hidden
CPUID HWMonitor 1.29 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
Dragon Age: Origins - Ultimate Edition (HKLM\...\Steam App 47810) (Version: - BioWare)
FMW 1 (Version: 1.62.2 - AVG Technologies) Hidden
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Earth (HKLM-x32\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.21.169 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IPM_Installer (Version: 2.1 - Your Company Name) Hidden
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java 8 Update 74 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JetBoost (HKLM-x32\...\JetBoost_is1) (Version: 2.0.0 - BlueSprig)
JetClean (HKLM-x32\...\BlueSprig_JetClean_is1) (Version: 1.5.0 - BlueSprig)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.6741.2048 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\OneDriveSetup.exe) (Version: 17.3.6390.0509 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA Grafiktreiber 341.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.95 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (Version: 16.0.6701.1029 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.8.3.59237 - Electronic Arts, Inc.)
paint.net (HKLM\...\{DADC2AF6-DC9F-4BCF-BFCE-DCEC16EF507C}) (Version: 4.0.9 - dotPDN LLC)
PDF24 Creator 7.4.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
PDFTK Builder 3.9.4 (HKLM-x32\...\PDFTK Builder_is1) (Version: - )
Pillars of Eternity (HKLM\...\Steam App 291650) (Version: - Obsidian Entertainment)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Risen (HKLM-x32\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
SafeZone Stable 1.46.1990.55 (x32 Version: 1.46.1990.55 - Avast Software) Hidden
SHIELD Streaming (Version: 4.1.500 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.15.54 - NVIDIA Corporation) Hidden
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unity Web Player (HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\UnityWebPlayer) (Version: 5.1.3f1 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 7.4 - Ubisoft)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.3 - VideoLAN)
Wise Care 365 4.21 (HKLM-x32\...\Wise Care 365_is1) (Version: 4.21 - WiseCleaner.com, Inc.)
YouTube Song Downloader 2016 (HKLM-x32\...\{03C5002E-9F10-4A13-A592-6792A2547BE5}_is1) (Version: 16.0 - Abelssoft)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\FileCoAuthLib64.dll ()
CustomCLSID: HKU\S-1-5-21-1709449750-3236269397-1973272773-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {13382F7A-EDA9-4956-AE11-95E475C0A383} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {1942A3FB-F31A-47E7-A0F5-7B8F55A03CDA} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2016-04-22] (Apple Inc.)
Task: {247201C6-B141-4462-A3E6-7CB68925992E} - System32\Tasks\Wise Care 365 => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe [2016-06-06] (WiseCleaner.com)
Task: {349FB186-3805-46DE-957F-BB667983C9E1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2016-06-03] (AVAST Software)
Task: {3929718E-7E23-4E81-8F88-62492FD614DB} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {498343BC-11E0-4931-BE1B-46C304472777} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {4B85E31A-546F-4833-90BC-814D040EB1E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {508BA283-7254-4EF2-8582-CEFB21B67BC2} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-06-23] (Microsoft Corporation)
Task: {60563777-51CA-4B1A-87AF-FDE0A02EFC3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2016-06-23] (Microsoft Corporation)
Task: {63C17159-385D-4323-BD3D-CA1529026783} - System32\Tasks\JetBoost_AutoUpdate => C:\Program Files (x86)\BlueSprig\JetBoost\AutoUpdate.exe [2012-11-27] (BlueSprig)
Task: {65EBBB35-1867-4617-8F15-CB052C5ABA66} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-1709449750-3236269397-1973272773-1001 => C:\Users\Daniel\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-06-22] (Microsoft Corporation)
Task: {66013A97-8D86-4FF2-914F-9A4D50D3A42F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {669D913A-4CE3-4BD2-9C44-CCCAEAF5965D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {9E13C112-26B2-4201-9532-6E1E97990868} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {AE18AC8B-D8AF-40CD-96D8-4DC7510504F4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-06-10] (Piriform Ltd)
Task: {B5DE45FD-AC31-4362-80E9-7BB0D9907A5E} - System32\Tasks\JetCleanLoginCheckUpdate => C:\Program Files (x86)\BlueSprig\JetClean\AutoUpdate.exe [2013-05-14] (BlueSprig)
Task: {BD1E406F-7582-43DF-A944-E5A633C829C8} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-05] (Microsoft Corporation)
Task: {C2965C3B-1EF1-40CA-9F1A-91C96655A583} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2016-03-24] (WiseCleaner.COM)
Task: {C7D36B38-1D9E-4256-87A0-55E07F6588A6} - System32\Tasks\CorelUpdateHelperTaskCore => c:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-02-26] (Corel Corporation)
Task: {CFC47512-31AD-4A30-AC5C-5D3F2BE0AE5A} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {D1B8CF01-FB76-4EB7-9EF9-E0BFD2D2ED61} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-04-01] (Oracle Corporation)
Task: {E0AD3D0C-4BF9-4265-80FF-85983D7FF8A1} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {E1FA123E-BDF2-4DBD-A6E4-E3B183F70CB9} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {ED825BD1-D3A0-406A-8388-21A1F814781C} - System32\Tasks\Avira System Speedup Tray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2016-06-09] (Avira Operations GmbH & Co. KG)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_192_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Wise Care 365.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTray.exe
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-03-18 23:56 - 2016-03-18 23:56 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-06 04:06 - 2016-06-05 05:51 - 00173256 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2016-06-30 19:37 - 2016-01-29 12:49 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-19 21:49 - 2015-08-19 21:49 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2016-06-18 14:16 - 2016-06-15 10:26 - 02334360 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-18 14:16 - 2016-06-15 10:26 - 00105112 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2016-06-30 20:13 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2016-06-30 20:13 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2016-06-30 20:13 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2016-06-30 20:13 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2016-06-30 20:13 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-08-20 05:42 - 2015-10-12 05:05 - 00013088 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2016-02-28 01:01 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Daniel\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\hintergrundbild der windows-fotoanzeige.jpg
DNS Servers: 195.37.88.2 - 195.37.88.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "MailCheck IE Broker"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "Amazon Music"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudPhotos"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "AppleIEDAV"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "iCloudDrive"
HKU\S-1-5-21-1709449750-3236269397-1973272773-1001\...\StartupApproved\Run: => "ApplePhotoStreams"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{516D38C1-9507-41AD-BD80-152A7D7739E6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{600484C7-CFB7-4B32-8AC2-F766E0ECEE08}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F0E8DDE1-7506-46A3-89D2-326F8348AA27}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A62FBBBA-123A-4013-8CFD-9F135399175E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{BB4B3C5A-958D-4E46-AAB1-19DFF1A83961}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{D8EBD861-BBA7-42C3-8E44-90BD4839BC59}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\DAOriginsLauncher.exe
FirewallRules: [{4C2CB540-53C1-4B52-913F-CB383F063CAF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [{0FAA2744-D843-4DA2-B6CE-F7DADCA78DFD}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe
FirewallRules: [TCP Query User{220022D1-EAFB-463A-9980-EBC2A33F55C2}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{E73378C6-4BD1-4565-9028-CDBE9AF44C98}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{09FC3CF8-BBBB-4028-8134-45EF68200817}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [UDP Query User{19C98646-0666-4C69-AF5C-7A0BFA255830}C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe] => (Block) C:\program files (x86)\steam\steamapps\common\dragon age ultimate edition\bin_ship\daorigins.exe
FirewallRules: [{AD1CB20E-BDB0-48AA-9BBB-169CD25D3C1A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
FirewallRules: [{25928986-E265-433C-B99E-2315323A0A68}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Pillars of Eternity\PillarsOfEternity.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
30-06-2016 20:37:07 Revo Uninstaller's restore point - SpeedFan (remove only)
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/01/2016 07:34:11 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:42 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Error: (07/01/2016 07:31:41 AM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (4428) Instance: Fehler -1811 (0xfffff8ed) beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00034.log.
Systemfehler:
=============
Error: (06/30/2016 10:12:41 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (06/30/2016 07:40:21 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (06/30/2016 07:40:20 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 30.06.2016 um 19:27:40 unerwartet heruntergefahren.
Error: (06/30/2016 07:27:43 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (06/30/2016 07:27:40 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 30.06.2016 um 19:04:35 unerwartet heruntergefahren.
Error: (06/30/2016 07:04:48 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (06/30/2016 07:04:35 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 30.06.2016 um 18:31:54 unerwartet heruntergefahren.
Error: (06/30/2016 05:52:08 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
Error: (06/30/2016 05:12:48 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (06/30/2016 10:00:36 AM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT-AUTORITÄT)
Description: Schwerwiegender Hardwarefehler.
Gemeldet von Komponente: Prozessorkern
Fehlerquelle: 3
Fehlertyp: 9
Prozessor-APIC-ID: 0
Die Detailansicht dieses Eintrags beinhaltet weitere Informationen.
CodeIntegrity:
===================================
Date: 2016-06-23 16:41:15.090
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume2\Program Files\Windows Defender\NisSrv.exe that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2016-06-23 16:41:14.811
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-06-23 15:29:31.102
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-19 18:23:15.748
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-19 18:23:15.654
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-19 14:33:52.663
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-08-19 14:33:52.507
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Prozentuale Nutzung des RAM: 34%
Installierter physikalischer RAM: 6076.41 MB
Verfügbarer physikalischer RAM: 3953.37 MB
Summe virtueller Speicher: 7100.41 MB
Verfügbarer virtueller Speicher: 4255.95 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:575.18 GB) (Free:441.6 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive g: (TOSHIBA EXT) (Fixed) (Total:931.41 GB) (Free:744.92 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 7BA3F2D1)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=575.2 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.9 GB) - (Type=12)
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2067C1CD)
Partition 1: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Addition
Gruß
LuciLu |
FRST 32-Bit | FRST 64-Bit
Lesestoff:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
AdwCleaner auf deinen Desktop.
