Plagegeister aller Art und deren Bekämpfung: Google Chrome lädt Malware - MS Edge nicht
Google Chrome lädt Malware - MS Edge nicht

Hallo und
Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die mal fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs in CODE-Tags posten!
Relevant sind nur Logs der letzten 7 Tage bzw. seitdem das Problem besteht!

Zudem bitte auch ein Log mit Farbars Tool machen:

Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Hallo und vielen Dank für die Hilfe
Eine Log Datei von Malwarebytes. Obwohl der Suchlauf 12 Bedrohungen findet, wird in der Scan Log Datei keine Angeführt ???
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
![]() | #6 |
Dieses Tool findet nichts. Deswegen gibt's auch keinen Neustart.
ATTFilter Malwarebytes Anti-Rootkit BETA www.malwarebytes.org Database version: main: v2016.03.04.04 rootkit: v2016.02.27.01 Windows 10 x64 NTFS Internet Explorer 11.103.10586.0 hanne :: VEINTICUATRO-XE [administrator] 04.03.2016 18:06:42 mbar-log-2016-03-04 (18-06-42).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 468624 Time elapsed: 9 minute(s), 56 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte
2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
Also adwcleaner findet die mir bereits bekannten Dateien
ATTFilter # AdwCleaner v5.037 - Bericht erstellt am 04/03/2016 um 21:31:38 # Aktualisiert am 28/02/2016 von Xplode # Datenbank : 2016-02-28.2 [Lokal] # Betriebssystem : Windows 10 Pro (x64) # Benutzername : hanne - VEINTICUATRO-XE # Gestartet von : C:\Users\hanne\Desktop\AdwCleaner_5.037.exe # Option : Suchlauf # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** Datei Gefunden : C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage Datei Gefunden : C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_nps.pastaleads.com_0.localstorage-journal ***** [ DLL ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4956 Bytes] - [02/03/2016 20:25:35] C:\AdwCleaner\AdwCleaner[C2].txt - [1635 Bytes] - [03/03/2016 18:46:03] C:\AdwCleaner\AdwCleaner[S1].txt - [4565 Bytes] - [02/03/2016 20:17:26] C:\AdwCleaner\AdwCleaner[S2].txt - [952 Bytes] - [02/03/2016 20:29:16] C:\AdwCleaner\AdwCleaner[S3].txt - [1025 Bytes] - [02/03/2016 21:51:27] C:\AdwCleaner\AdwCleaner[S4].txt - [1098 Bytes] - [02/03/2016 23:32:25] C:\AdwCleaner\AdwCleaner[S5].txt - [1444 Bytes] - [03/03/2016 18:44:26] C:\AdwCleaner\AdwCleaner[S6].txt - [1436 Bytes] - [04/03/2016 21:31:38] ########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1509 Bytes] ########## Code:
ATTFilter # AdwCleaner v5.037 - Bericht erstellt am 04/03/2016 um 21:45:59 # Aktualisiert am 28/02/2016 von Xplode # Datenbank : 2016-02-28.2 [Lokal] # Betriebssystem : Windows 10 Pro (x64) # Benutzername : hanne - VEINTICUATRO-XE # Gestartet von : C:\Users\hanne\Desktop\AdwCleaner_5.037.exe # Option : Suchlauf # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** ***** [ Ordner ] ***** ***** [ Dateien ] ***** ***** [ DLL ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** ***** [ Registrierungsdatenbank ] ***** ***** [ Internetbrowser ] ***** ************************* C:\AdwCleaner\AdwCleaner[C1].txt - [4956 Bytes] - [02/03/2016 20:25:35] C:\AdwCleaner\AdwCleaner[C2].txt - [1635 Bytes] - [03/03/2016 18:46:03] C:\AdwCleaner\AdwCleaner[C3].txt - [972 Bytes] - [04/03/2016 21:34:44] C:\AdwCleaner\AdwCleaner[S1].txt - [4565 Bytes] - [02/03/2016 20:17:26] C:\AdwCleaner\AdwCleaner[S2].txt - [952 Bytes] - [02/03/2016 20:29:16] C:\AdwCleaner\AdwCleaner[S3].txt - [1025 Bytes] - [02/03/2016 21:51:27] C:\AdwCleaner\AdwCleaner[S4].txt - [1098 Bytes] - [02/03/2016 23:32:25] C:\AdwCleaner\AdwCleaner[S5].txt - [1444 Bytes] - [03/03/2016 18:44:26] C:\AdwCleaner\AdwCleaner[S6].txt - [1588 Bytes] - [04/03/2016 21:31:38] C:\AdwCleaner\AdwCleaner[S7].txt - [1309 Bytes] - [04/03/2016 21:45:59] ########## EOF - C:\AdwCleaner\AdwCleaner[S7].txt - [1382 Bytes] ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.3 (02.09.2016) Operating System: Windows 10 Pro x64 Ran by hanne (Administrator) on 04.03.2016 at 21:50:22,90 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 4 Successfully deleted: C:\Users\hanne\AppData\Local\crashrpt (Folder) Successfully deleted: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage-journal (File) Successfully deleted: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.re-markable00.re-markable.net_0.localstorage (File) Successfully deleted: C:\WINDOWS\system32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 (Task) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 04.03.2016 at 21:53:22,31 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST.TXT und Addition.TXT gibt's in meinem nächsten Posting FRST.TXT Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:04-03-2016 durchgeführt von hanne (Administrator) auf VEINTICUATRO-XE (04-03-2016 22:04:28) Gestartet von C:\Users\hanne\Desktop Geladene Profile: hanne (Verfügbare Profile: hanne) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Google Inc.) C:\Program Files (x86)\Google\Update\\GoogleCrashHandler64.exe (Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\\n360.exe (Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\\n360.exe (Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe (Future Systems Solutions, Inc.) C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe (Malwarebytes) F:\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) F:\ Malwarebytes Anti-Malware \mbamservice.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe (VMware, Inc.) F:\VMWare 12\vmware-authd.exe (VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe (VMware, Inc.) () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe Die Datei wird nicht verschoben.) HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [503856 2015-09-23] (Acronis) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-10-03] (NVIDIA Corporation) HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart HKLM\...\Run: [iTunesHelper] => F:\iiTunes\iTunesHelper.exe [170256 2015-12-09] (Apple Inc.) HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated) HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2015-12-18] (Adobe Systems Inc.) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [vmware-tray.exe] => F:\VMWare 12\vmware-tray.exe [104128 2015-08-14] (VMware, Inc.) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [651560 2015-09-22] (Acronis International GmbH) HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [7568104 2015-09-23] () HKLM-x32\...\Run: [WinCast] => R:\CDSetup\setup.exe -ldeu HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.) HKLM-x32\...\Run: [RoxWatchTray] => F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxWatchTray15.exe [295112 2014-09-25] (Corel Corporation) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-08-21] (Advanced Micro Devices, Inc.) HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [Steam] => F:\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation) HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [IDMan] => F:\Internet Download Manager\IDMan.exe [3933392 2016-02-11] (Tonec Inc.) HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [881336 2015-12-18] (Adobe Systems Incorporated) HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [AudialsNotifier] => F:\Audials\Audials 2016\AudialsNotifier.exe [2412952 2015-12-14] () HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Run: [AnyDVD] => F:\SlySoft\AnyDVD\AnyDVD.exe [109480 2015-08-27] (SlySoft, Inc.) HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\RunOnce: [Uninstall C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64" HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Policies\Explorer: [NoThumbnailCache] 1 IFEO\freegifmaker.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\freestudiomanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\premiummembershipoffer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" IFEO\uninstall.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe" ShellIconOverlayIdentifiers: [ IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => F:\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.) ShellIconOverlayIdentifiers: [ OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\\buShell.dll [2015-11-05] (Symantec Corporation) ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] () ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis) ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2015-09-10] (Acronis) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\..\Interfaces\{f3eb969f-39af-462b-a895-ac671597ea78}: [DhcpNameServer] Internet Explorer: ================== BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-02-24] (Microsoft Corporation) BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-02-24] (Microsoft Corporation) BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> F:\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.) BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\\coIEPlg.dll [2015-11-05] (Symantec Corporation) BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\\coIEPlg.dll [2015-11-05] (Symantec Corporation) Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated) Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\\coIEPlg.dll [2015-11-05] (Symantec Corporation) Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-09-11] (Microsoft Corporation) FireFox: ======== FF Plugin: @videolan.org/vlc,version=2.2.1 -> F:\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN) FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems) FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] () FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-09-11] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-10-03] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-10-03] (NVIDIA Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\\npGoogleUpdate3.dll [2016-02-02] (Google Inc.) FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems) FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon FF Extension: Norton Identity Safe - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon [2016-01-14] FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.2.15\coFFAddon FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-17] FF HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\hanne\AppData\Roaming\IDM\idmmzcc5 FF Extension: IDM CC - C:\Users\hanne\AppData\Roaming\IDM\idmmzcc5 [2016-03-04] [ist nicht signiert] FF HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - F:\Internet Download Manager\idmmzcc2.xpi FF Extension: IDM integration - F:\Internet Download Manager\idmmzcc2.xpi [2016-01-27] Chrome: ======= CHR DefaultSearchURL: Default -> hxxp://nortonsafe.search.ask.com/web?q={searchTerms}&o=apn10506&prt=cr CHR DefaultSearchKeyword: Default -> NortonSafe CHR DefaultSuggestURL: Default -> hxxp://ss-sym.ask.com/query?q={searchTerms}&sstype=prefix&li=ff CHR Profile: C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-03-02] CHR Extension: (Google Drive) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21] CHR Extension: (YouTube) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-04] CHR Extension: (Norton Security Toolbar) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2016-02-26] CHR Extension: (Google-Suche) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Adobe Acrobat) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-09] CHR Extension: (Norton Home Page for Chrome) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe [2015-11-09] CHR Extension: (Norton Identity Safe) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-09-11] CHR Extension: (IDM Integration Module) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2016-02-12] CHR Extension: (Norton Safe) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmgcfemagnogdodbambjhdcmfcpicngl [2015-11-09] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-11] CHR Extension: (Synology Web Clipper) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcfbfimijgibligmbglggnbiobgjgmbk [2016-03-03] CHR Extension: (Google Mail) - C:\Users\hanne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-11] CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\\Exts\Chrome.crx [2015-11-26] CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Internet Download Manager\IDMGCExt.crx [2016-02-11] CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton 360\Engine\\Exts\Chrome.crx [2015-11-26] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - F:\Internet Download Manager\IDMGCExt.crx [2016-02-11] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.) R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [22760 2014-01-22] () R2 caspereui; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [1168984 2014-09-03] (Future Systems Solutions, Inc.) R2 casperhpb; C:\Program Files\Common Files\Future Systems Solutions\Services\CASPERSVCS.EXE [1168984 2014-09-03] (Future Systems Solutions, Inc.) R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2809072 2016-01-20] (Microsoft Corporation) S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [382312 2015-10-13] (Digital Wave Ltd.) S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert] R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-10-03] (NVIDIA Corporation) R2 MBAMScheduler; F:\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; F:\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4884064 2015-08-11] (Acronis) R2 N360; C:\Program Files (x86)\Norton 360\Engine\\N360.exe [282016 2015-11-20] (Symantec Corporation) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-10-03] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-10-03] (NVIDIA Corporation) R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2013-09-13] (arvato digital services llc) R2 RoxioBurnLauncher; F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe [535784 2013-10-16] () S3 RoxMediaDB15; F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxMediaDB15.exe [1097928 2014-09-25] (Corel Corporation) S2 RoxWatch15; F:\Roxio\Roxio Creator NXT Pro 3\Common\RoxWatch15.exe [342216 2014-09-25] (Corel Corporation) S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [1042304 2016-01-19] (Enigma Software Group USA, LLC.) S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert] R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies) R2 VMAuthdService; F:\VMWare 12\vmware-authd.exe [89792 2015-08-14] (VMware, Inc.) R2 VMwareHostd; F:\VMWare 12\vmware-hostd.exe [12465344 2015-08-14] () S3 VSStandardCollectorService140; F:\MS Visual Studio 2015\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [56040 2015-11-19] (Microsoft Corporation) R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.) R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [150440 2015-04-28] (SlySoft, Inc.) R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\\Definitions\BASHDefs\20160213.003\BHDrvx64.sys [1665608 2015-10-08] (Symantec Corporation) R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1605050.00F\ccSetx64.sys [173808 2015-07-11] (Symantec Corporation) R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-11-18] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [157520 2015-11-18] (Symantec Corporation) R3 esgiguard; C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [15920 2015-11-08] (Enigma Software Group USA, LLC.) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [22704 2015-11-08] () R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [323040 2015-09-12] (Acronis International GmbH) R3 hcwhdpvr; C:\Windows\system32\DRIVERS\hcwhdpvr.sys [192072 2012-03-26] (Hauppauge, Inc.) R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\\Definitions\IPSDefs\20160303.001\IDSvia64.sys [767224 2016-02-13] (Symantec Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-03-04] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [193336 2015-09-06] (Intel Corporation) S3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\\Definitions\VirusDefs\20160304.003\ENG64.SYS [138488 2016-02-28] (Symantec Corporation) S3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\\Definitions\VirusDefs\20160304.003\EX64.SYS [2148080 2016-02-28] (Symantec Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-10-03] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-10-03] (NVIDIA Corporation) S3 prl_virtual_sound; C:\Windows\system32\DRIVERS\prl_virtual_sound.sys [46312 2015-05-27] (Parallels Holdings, Ltd. and its affiliates.) R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation) R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [25256 2015-09-02] (Audials AG) R0 Sahdad64; C:\Windows\System32\Drivers\Sahdad64.sys [28304 2013-10-16] (Corel Corporation) R0 Saibad64; C:\Windows\System32\Drivers\Saibad64.sys [20112 2013-10-16] (Corel Corporation) R1 SaibVdAd64; C:\Windows\System32\Drivers\SaibVdAd64.sys [27792 2013-10-16] (Corel Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R0 sptd2; C:\Windows\System32\Drivers\sptd2.sys [162360 2015-10-24] (Duplex Secure Ltd) S3 SRTSP; C:\Windows\System32\Drivers\N360x64\1605050.00F\SRTSP64.SYS [928496 2015-11-12] (Symantec Corporation) R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1605050.00F\SRTSPX64.SYS [50936 2015-07-11] (Symantec Corporation) R0 SymEFASI; C:\Windows\System32\drivers\N360x64\1605050.00F\SYMEFASI64.SYS [1621232 2015-11-12] (Symantec Corporation) S0 SymELAM; C:\Windows\System32\drivers\N360x64\1605050.00F\SymELAM.sys [24192 2015-07-11] (Symantec Corporation) R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-09-11] (Symantec Corporation) R1 SymIRON; C:\Windows\system32\drivers\N360x64\1605050.00F\Ironx64.SYS [297720 2015-07-11] (Symantec Corporation) R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1605050.00F\SYMNETS.SYS [577768 2015-11-12] (Symantec Corporation) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1057728 2015-10-07] (Acronis International GmbH) R2 tib_mounter; C:\Windows\system32\DRIVERS\tib_mounter.sys [198088 2015-10-07] (Acronis International GmbH) S3 tnd; C:\Windows\system32\DRIVERS\tnd.sys [553912 2015-10-07] (Acronis International GmbH) R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-07-23] (TuneUp Software) R1 UimBus; C:\Windows\System32\drivers\UimBus.sys [102576 2015-07-24] () R1 Uim_DEVIM; C:\Windows\System32\drivers\uim_devim.sys [25904 2015-07-24] () R1 Uim_IM; C:\Windows\System32\drivers\uim_im.sys [701232 2015-07-24] () R0 vsock; C:\Windows\System32\drivers\vsock.sys [75512 2015-08-04] (VMware, Inc.) R2 vstor2-mntapi20-shared; C:\Windows\SysWow64\drivers\vstor2-mntapi20-shared.sys [34520 2015-07-09] (VMware, Inc.) S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U5 xb1usb; C:\Windows\System32\Drivers\xb1usb.sys [34016 2014-05-27] (Microsoft Corporation) R3 XUIF; C:\Windows\System32\Drivers\x10ufx2.sys [33048 2015-09-06] (X10 Wireless Technology, Inc.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-04 22:00 - 2016-03-04 22:00 - 00000000 ____D C:\Users\hanne\Desktop\FRST-OlderVersion 2016-03-04 21:53 - 2016-03-04 21:53 - 00001049 _____ C:\Users\hanne\Desktop\JRT.txt 2016-03-04 21:49 - 2016-03-04 21:48 - 01609216 _____ (Malwarebytes) C:\Users\hanne\Desktop\JRT.exe 2016-03-04 21:20 - 2016-03-04 21:20 - 00000000 _____ C:\Users\hanne\Downloads\adwcleaner_5.037.exe 2016-03-04 21:15 - 2016-03-04 21:15 - 01518592 _____ C:\Users\hanne\Desktop\AdwCleaner_5.037.exe 2016-03-04 18:06 - 2016-03-04 18:17 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2016-03-04 18:05 - 2016-03-04 18:17 - 00000000 ____D C:\Users\hanne\Desktop\mbar 2016-03-04 18:04 - 2016-03-04 18:05 - 16563352 _____ (Malwarebytes Corp.) C:\Users\hanne\Desktop\mbar- 2016-03-03 22:52 - 2016-03-04 22:04 - 00029082 _____ C:\Users\hanne\Desktop\FRST.txt 2016-03-03 22:52 - 2016-03-03 22:53 - 00055320 _____ C:\Users\hanne\Desktop\Addition.txt 2016-03-03 22:44 - 2016-03-03 22:44 - 00001187 _____ C:\Users\hanne\Desktop\mwb.txt 2016-03-03 22:42 - 2016-03-03 22:42 - 00001192 _____ C:\Users\hanne\Desktop\mwb -log.txt 2016-03-03 22:24 - 2016-03-03 22:40 - 00001201 _____ C:\Users\hanne\Desktop\malwarebyte - log.txt 2016-03-03 21:38 - 2016-03-04 22:00 - 02374144 _____ (Farbar) C:\Users\hanne\Desktop\FRST64.exe 2016-03-03 21:35 - 2016-03-03 21:37 - 00108718 _____ C:\TDSSKiller. 2016-03-02 23:25 - 2016-03-02 23:27 - 00108726 _____ C:\TDSSKiller. 2016-03-02 23:23 - 2016-03-02 23:23 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\hanne\Desktop\tdsskiller.exe 2016-03-02 22:03 - 2016-03-04 22:04 - 00000000 ____D C:\FRST 2016-03-02 20:17 - 2016-03-04 21:45 - 00000000 ____D C:\AdwCleaner 2016-03-01 21:15 - 2016-03-01 21:15 - 00002231 _____ C:\Users\hanne\Downloads\event58035.pgn 2016-03-01 19:30 - 2016-02-23 12:27 - 07475040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-03-01 19:30 - 2016-02-23 12:25 - 01818696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2016-03-01 19:30 - 2016-02-23 12:23 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-03-01 19:30 - 2016-02-23 12:22 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-03-01 19:30 - 2016-02-23 12:15 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-03-01 19:30 - 2016-02-23 11:34 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll 2016-03-01 19:30 - 2016-02-23 11:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll 2016-03-01 19:30 - 2016-02-23 11:32 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2016-03-01 19:30 - 2016-02-23 11:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2016-03-01 19:30 - 2016-02-23 11:21 - 22564328 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2016-03-01 19:30 - 2016-02-23 11:21 - 06606568 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll 2016-03-01 19:30 - 2016-02-23 10:45 - 01998176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2016-03-01 19:30 - 2016-02-23 10:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll 2016-03-01 19:30 - 2016-02-23 10:27 - 21124344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2016-03-01 19:30 - 2016-02-23 10:26 - 05241984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll 2016-03-01 19:30 - 2016-02-23 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll 2016-03-01 19:30 - 2016-02-23 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2016-03-01 19:30 - 2016-02-23 09:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2016-03-01 19:30 - 2016-02-23 09:09 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2016-03-01 19:30 - 2016-02-23 09:06 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll 2016-03-01 19:30 - 2016-02-23 09:06 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2016-03-01 19:30 - 2016-02-23 09:00 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll 2016-03-01 19:30 - 2016-02-23 08:58 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll 2016-03-01 19:30 - 2016-02-23 08:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll 2016-03-01 19:30 - 2016-02-23 08:41 - 03594240 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys 2016-03-01 19:30 - 2016-02-23 08:30 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-03-01 19:30 - 2016-02-23 08:30 - 01731584 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2016-03-01 19:30 - 2016-02-23 08:24 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2016-03-01 19:30 - 2016-02-23 08:22 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll 2016-03-01 19:30 - 2016-02-23 08:21 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll 2016-03-01 19:30 - 2016-02-23 07:59 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2016-03-01 19:30 - 2016-02-23 07:55 - 04894208 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-03-01 19:30 - 2016-02-23 07:55 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2016-03-01 19:30 - 2016-02-23 07:52 - 11545600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2016-03-01 19:30 - 2016-02-23 07:50 - 22396416 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-03-01 19:30 - 2016-02-23 07:50 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2016-03-01 19:30 - 2016-02-23 07:40 - 24603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2016-03-01 19:30 - 2016-02-23 07:39 - 13382656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2016-03-01 19:30 - 2016-02-23 07:36 - 19341312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2016-03-01 19:30 - 2016-02-23 07:36 - 18680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-03-01 19:30 - 2016-02-23 07:36 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2016-03-01 19:30 - 2016-02-23 07:36 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-03-01 19:30 - 2016-02-09 04:24 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-03-01 19:30 - 2016-02-09 04:07 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll 2016-03-01 19:30 - 2016-02-09 04:04 - 01946624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2016-03-01 19:29 - 2016-02-23 12:29 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2016-03-01 19:29 - 2016-02-23 12:29 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ C:\WINDOWS\system32\CoreUIComponents.dll 2016-03-01 19:29 - 2016-02-23 12:27 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-03-01 19:29 - 2016-02-23 12:27 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-03-01 19:29 - 2016-02-23 12:25 - 02152288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2016-03-01 19:29 - 2016-02-23 12:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2016-03-01 19:29 - 2016-02-23 12:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll 2016-03-01 19:29 - 2016-02-23 12:09 - 01614176 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll 2016-03-01 19:29 - 2016-02-23 12:08 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi 2016-03-01 19:29 - 2016-02-23 11:34 - 01859960 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll 2016-03-01 19:29 - 2016-02-23 11:33 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll 2016-03-01 19:29 - 2016-02-23 11:33 - 00389992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2016-03-01 19:29 - 2016-02-23 11:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-03-01 19:29 - 2016-02-23 11:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll 2016-03-01 19:29 - 2016-02-23 11:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2016-03-01 19:29 - 2016-02-23 11:32 - 00498448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2016-03-01 19:29 - 2016-02-23 11:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll 2016-03-01 19:29 - 2016-02-23 11:31 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-03-01 19:29 - 2016-02-23 11:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll 2016-03-01 19:29 - 2016-02-23 11:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2016-03-01 19:29 - 2016-02-23 11:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2016-03-01 19:29 - 2016-02-23 11:25 - 03671888 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2016-03-01 19:29 - 2016-02-23 11:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll 2016-03-01 19:29 - 2016-02-23 11:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys 2016-03-01 19:29 - 2016-02-23 10:49 - 00216416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2016-03-01 19:29 - 2016-02-23 10:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2016-03-01 19:29 - 2016-02-23 10:45 - 00576352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys 2016-03-01 19:29 - 2016-02-23 10:45 - 00394080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2016-03-01 19:29 - 2016-02-23 10:45 - 00259336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2016-03-01 19:29 - 2016-02-23 10:44 - 00640984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2016-03-01 19:29 - 2016-02-23 10:44 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2016-03-01 19:29 - 2016-02-23 10:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2016-03-01 19:29 - 2016-02-23 10:39 - 00502112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll 2016-03-01 19:29 - 2016-02-23 10:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll 2016-03-01 19:29 - 2016-02-23 10:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll 2016-03-01 19:29 - 2016-02-23 10:32 - 00791744 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-03-01 19:29 - 2016-02-23 10:30 - 02919320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2016-03-01 19:29 - 2016-02-23 10:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll 2016-03-01 19:29 - 2016-02-23 10:25 - 00534368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2016-03-01 19:29 - 2016-02-23 10:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll 2016-03-01 19:29 - 2016-02-23 10:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys 2016-03-01 19:29 - 2016-02-23 10:19 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys 2016-03-01 19:29 - 2016-02-23 10:17 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll 2016-03-01 19:29 - 2016-02-23 10:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll 2016-03-01 19:29 - 2016-02-23 10:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll 2016-03-01 19:29 - 2016-02-23 10:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe 2016-03-01 19:29 - 2016-02-23 10:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2016-03-01 19:29 - 2016-02-23 10:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll 2016-03-01 19:29 - 2016-02-23 10:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys 2016-03-01 19:29 - 2016-02-23 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll 2016-03-01 19:29 - 2016-02-23 10:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll 2016-03-01 19:29 - 2016-02-23 09:58 - 00187744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll 2016-03-01 19:29 - 2016-02-23 09:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll 2016-03-01 19:29 - 2016-02-23 09:57 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe 2016-03-01 19:29 - 2016-02-23 09:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll 2016-03-01 19:29 - 2016-02-23 09:55 - 00221600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll 2016-03-01 19:29 - 2016-02-23 09:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2016-03-01 19:29 - 2016-02-23 09:54 - 00539256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll 2016-03-01 19:29 - 2016-02-23 09:54 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe 2016-03-01 19:29 - 2016-02-23 09:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll 2016-03-01 19:29 - 2016-02-23 09:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll 2016-03-01 19:29 - 2016-02-23 09:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe 2016-03-01 19:29 - 2016-02-23 09:50 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-03-01 19:29 - 2016-02-23 09:48 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll 2016-03-01 19:29 - 2016-02-23 09:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll 2016-03-01 19:29 - 2016-02-23 09:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll 2016-03-01 19:29 - 2016-02-23 09:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2016-03-01 19:29 - 2016-02-23 09:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll 2016-03-01 19:29 - 2016-02-23 09:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll 2016-03-01 19:29 - 2016-02-23 09:37 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll 2016-03-01 19:29 - 2016-02-23 09:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll 2016-03-01 19:29 - 2016-02-23 09:37 - 00204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll 2016-03-01 19:29 - 2016-02-23 09:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll 2016-03-01 19:29 - 2016-02-23 09:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll 2016-03-01 19:29 - 2016-02-23 09:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2016-03-01 19:29 - 2016-02-23 09:33 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll 2016-03-01 19:29 - 2016-02-23 09:32 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe 2016-03-01 19:29 - 2016-02-23 09:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2016-03-01 19:29 - 2016-02-23 09:30 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll 2016-03-01 19:29 - 2016-02-23 09:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll 2016-03-01 19:29 - 2016-02-23 09:28 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll 2016-03-01 19:29 - 2016-02-23 09:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2016-03-01 19:29 - 2016-02-23 09:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2016-03-01 19:29 - 2016-02-23 09:25 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll 2016-03-01 19:29 - 2016-02-23 09:25 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2016-03-01 19:29 - 2016-02-23 09:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2016-03-01 19:29 - 2016-02-23 09:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll 2016-03-01 19:29 - 2016-02-23 09:22 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2016-03-01 19:29 - 2016-02-23 09:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2016-03-01 19:29 - 2016-02-23 09:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2016-03-01 19:29 - 2016-02-23 09:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll 2016-03-01 19:29 - 2016-02-23 09:20 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 19:29 - 2016-02-23 09:19 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll 2016-03-01 19:29 - 2016-02-23 09:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2016-03-01 19:29 - 2016-02-23 09:18 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll 2016-03-01 19:29 - 2016-02-23 09:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll 2016-03-01 19:29 - 2016-02-23 09:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe 2016-03-01 19:29 - 2016-02-23 09:13 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll 2016-03-01 19:29 - 2016-02-23 09:13 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2016-03-01 19:29 - 2016-02-23 09:12 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2016-03-01 19:29 - 2016-02-23 09:11 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll 2016-03-01 19:29 - 2016-02-23 09:11 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2016-03-01 19:29 - 2016-02-23 09:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll 2016-03-01 19:29 - 2016-02-23 09:10 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll 2016-03-01 19:29 - 2016-02-23 09:09 - 01390592 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys 2016-03-01 19:29 - 2016-02-23 09:09 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll 2016-03-01 19:29 - 2016-02-23 09:09 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll 2016-03-01 19:29 - 2016-02-23 09:06 - 01848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2016-03-01 19:29 - 2016-02-23 09:06 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll 2016-03-01 19:29 - 2016-02-23 09:05 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe 2016-03-01 19:29 - 2016-02-23 09:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll 2016-03-01 19:29 - 2016-02-23 09:04 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll 2016-03-01 19:29 - 2016-02-23 09:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll 2016-03-01 19:29 - 2016-02-23 09:02 - 01318912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll 2016-03-01 19:29 - 2016-02-23 09:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2016-03-01 19:29 - 2016-02-23 09:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2016-03-01 19:29 - 2016-02-23 08:58 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll 2016-03-01 19:29 - 2016-02-23 08:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll 2016-03-01 19:29 - 2016-02-23 08:58 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll 2016-03-01 19:29 - 2016-02-23 08:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll 2016-03-01 19:29 - 2016-02-23 08:54 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2016-03-01 19:29 - 2016-02-23 08:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll 2016-03-01 19:29 - 2016-02-23 08:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll 2016-03-01 19:29 - 2016-02-23 08:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2016-03-01 19:29 - 2016-02-23 08:47 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll 2016-03-01 19:29 - 2016-02-23 08:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll 2016-03-01 19:29 - 2016-02-23 08:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll 2016-03-01 19:29 - 2016-02-23 08:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2016-03-01 19:29 - 2016-02-23 08:37 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2016-03-01 19:29 - 2016-02-23 08:37 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll 2016-03-01 19:29 - 2016-02-23 08:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll 2016-03-01 19:29 - 2016-02-23 08:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll 2016-03-01 19:29 - 2016-02-23 08:36 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2016-03-01 19:29 - 2016-02-23 08:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2016-03-01 19:29 - 2016-02-23 08:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll 2016-03-01 19:29 - 2016-02-23 08:31 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll 2016-03-01 19:29 - 2016-02-23 08:30 - 01832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2016-03-01 19:29 - 2016-02-23 08:30 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll 2016-03-01 19:29 - 2016-02-23 08:29 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll 2016-03-01 19:29 - 2016-02-23 08:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll 2016-03-01 19:29 - 2016-02-23 08:28 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll 2016-03-01 19:29 - 2016-02-23 08:28 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll 2016-03-01 19:29 - 2016-02-23 08:26 - 02158592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2016-03-01 19:29 - 2016-02-23 08:26 - 01498112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe 2016-03-01 19:29 - 2016-02-23 08:25 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll 2016-03-01 19:29 - 2016-02-23 08:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2016-03-01 19:29 - 2016-02-23 08:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll 2016-03-01 19:29 - 2016-02-23 08:24 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll 2016-03-01 19:29 - 2016-02-23 08:21 - 01001984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12SDKLayers.dll 2016-03-01 19:29 - 2016-02-23 08:21 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll 2016-03-01 19:29 - 2016-02-23 08:20 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll 2016-03-01 19:29 - 2016-02-23 08:17 - 02635264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll 2016-03-01 19:29 - 2016-02-23 08:14 - 00990720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2016-03-01 19:29 - 2016-02-23 08:11 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll 2016-03-01 19:29 - 2016-02-23 08:05 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2016-03-01 19:29 - 2016-02-23 08:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2016-03-01 19:29 - 2016-02-23 07:58 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll 2016-03-01 19:29 - 2016-02-23 07:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll 2016-03-01 19:29 - 2016-02-23 07:55 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll 2016-03-01 19:29 - 2016-02-23 07:53 - 01799168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll 2016-03-01 19:29 - 2016-02-23 07:52 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12SDKLayers.dll 2016-03-01 19:29 - 2016-02-23 07:51 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll 2016-03-01 19:29 - 2016-02-23 07:42 - 03425792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-03-01 19:29 - 2016-02-23 07:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll 2016-03-01 19:29 - 2016-02-23 07:39 - 02581504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2016-03-01 19:29 - 2016-02-23 07:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2016-03-01 19:29 - 2016-02-23 07:33 - 14254080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2016-03-01 19:29 - 2016-02-23 07:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll 2016-03-01 19:29 - 2016-02-23 07:32 - 02793472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-03-01 19:29 - 2016-02-23 07:30 - 02061312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll 2016-03-01 19:29 - 2016-02-23 07:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2016-03-01 19:29 - 2016-02-23 07:26 - 12587520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll 2016-03-01 19:29 - 2016-02-09 05:28 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2016-03-01 19:29 - 2016-02-09 05:13 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2016-03-01 19:29 - 2016-02-09 04:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2016-03-01 19:29 - 2016-02-09 04:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll 2016-03-01 19:29 - 2016-02-09 04:07 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe 2016-02-26 17:36 - 2016-02-26 17:36 - 00000000 ____D C:\Users\hanne\AppData\Local\TempTaskUpdateDetection72F652F6-855E-44A2-9053-2E8F6EB79632 2016-02-25 20:35 - 2016-02-25 20:35 - 00023416 _____ C:\Users\hanne\Downloads\Sage DPW.html 2016-02-25 20:35 - 2016-02-25 20:35 - 00000000 ____D C:\Users\hanne\Downloads\Sage DPW_files 2016-02-18 19:35 - 2016-02-18 19:35 - 00000000 ____D C:\Users\hanne\AppData\Local\Stardock 2016-02-18 19:35 - 2016-02-18 19:35 - 00000000 ____D C:\ProgramData\Stardock 2016-02-18 19:33 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll 2016-02-18 19:33 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll 2016-02-18 19:33 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll 2016-02-18 19:33 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll 2016-02-18 19:33 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll 2016-02-18 19:33 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll 2016-02-18 19:33 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll 2016-02-18 19:33 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll 2016-02-18 19:33 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll 2016-02-18 19:32 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll 2016-02-18 19:32 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll 2016-02-18 19:32 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll 2016-02-18 19:32 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll 2016-02-18 19:32 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll 2016-02-18 19:32 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll 2016-02-18 19:32 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll 2016-02-18 19:32 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll 2016-02-18 19:32 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll 2016-02-18 19:32 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll 2016-02-18 19:32 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll 2016-02-18 19:32 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll 2016-02-18 19:32 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll 2016-02-18 19:32 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll 2016-02-18 19:32 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll 2016-02-18 19:32 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll 2016-02-18 19:32 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll 2016-02-18 19:32 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll 2016-02-18 19:32 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll 2016-02-18 19:32 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll 2016-02-18 19:32 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll 2016-02-18 19:32 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll 2016-02-18 19:32 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll 2016-02-18 19:32 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll 2016-02-18 19:32 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll 2016-02-18 19:32 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll 2016-02-18 19:32 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll 2016-02-18 19:32 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll 2016-02-18 19:32 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll 2016-02-18 19:32 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll 2016-02-18 19:32 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll 2016-02-18 19:32 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll 2016-02-18 19:32 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll 2016-02-18 19:32 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll 2016-02-18 19:32 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll 2016-02-18 19:32 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll 2016-02-18 19:32 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll 2016-02-18 19:32 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll 2016-02-18 19:32 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll 2016-02-18 19:32 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll 2016-02-18 19:32 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll 2016-02-18 19:32 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll 2016-02-18 19:32 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll 2016-02-18 19:32 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll 2016-02-18 19:32 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll 2016-02-18 19:32 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll 2016-02-18 19:32 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll 2016-02-18 19:32 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll 2016-02-18 19:32 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll 2016-02-18 19:32 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll 2016-02-18 19:32 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll 2016-02-18 19:32 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll 2016-02-18 19:32 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll 2016-02-18 19:32 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll 2016-02-18 19:32 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll 2016-02-18 19:32 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll 2016-02-18 19:32 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll 2016-02-18 19:32 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll 2016-02-18 19:32 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll 2016-02-18 19:32 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll 2016-02-18 19:32 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll 2016-02-18 19:32 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll 2016-02-18 19:32 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll 2016-02-18 19:32 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll 2016-02-18 19:32 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll 2016-02-18 19:32 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll 2016-02-18 19:32 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll 2016-02-18 19:32 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll 2016-02-18 19:13 - 2016-02-18 19:13 - 00000202 _____ C:\Users\hanne\Desktop\Galactic Civilizations III.url 2016-02-17 21:52 - 2016-02-17 21:52 - 00017359 _____ C:\Users\hanne\Downloads\Calendar of Events 2015-2017-v2015-08-18.xlsx 2016-02-11 15:26 - 2016-01-28 10:20 - 00209056 _____ (Tonec Inc.) C:\WINDOWS\system32\Drivers\idmwfp.sys 2016-02-09 19:46 - 2016-01-29 07:57 - 04502352 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2016-02-09 19:46 - 2016-01-27 06:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2016-02-09 19:46 - 2016-01-27 06:01 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll 2016-02-09 19:46 - 2016-01-27 05:52 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2016-02-09 19:46 - 2016-01-27 05:49 - 05662208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-02-09 19:46 - 2016-01-27 05:42 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2016-02-09 19:46 - 2016-01-27 05:38 - 07835648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-02-09 19:46 - 2016-01-27 05:32 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2016-02-09 19:45 - 2016-01-29 07:33 - 04064320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2016-02-09 19:45 - 2016-01-27 07:15 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll 2016-02-09 19:45 - 2016-01-27 07:01 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2016-02-09 19:45 - 2016-01-27 06:59 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2016-02-09 19:45 - 2016-01-27 06:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll 2016-02-09 19:45 - 2016-01-27 06:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll 2016-02-09 19:45 - 2016-01-27 06:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe 2016-02-09 19:45 - 2016-01-27 06:54 - 00295264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll 2016-02-09 19:45 - 2016-01-27 06:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2016-02-09 19:45 - 2016-01-27 06:44 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2016-02-09 19:45 - 2016-01-27 06:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe 2016-02-09 19:45 - 2016-01-27 06:43 - 00359776 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll 2016-02-09 19:45 - 2016-01-27 06:21 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll 2016-02-09 19:45 - 2016-01-27 06:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll 2016-02-09 19:45 - 2016-01-27 06:11 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll 2016-02-09 19:45 - 2016-01-27 06:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll 2016-02-09 19:45 - 2016-01-27 06:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2016-02-09 19:45 - 2016-01-27 06:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll 2016-02-09 19:45 - 2016-01-27 06:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll 2016-02-09 19:45 - 2016-01-27 06:04 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll 2016-02-09 19:45 - 2016-01-27 06:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll 2016-02-09 19:45 - 2016-01-27 05:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll 2016-02-09 19:45 - 2016-01-27 05:57 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-02-09 19:45 - 2016-01-27 05:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2016-02-09 19:45 - 2016-01-27 05:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll 2016-02-09 19:45 - 2016-01-27 05:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-03-04 21:50 - 2015-10-05 18:01 - 00000000 ____D C:\Users\hanne\AppData\Local\CrashDumps 2016-03-04 21:46 - 2015-11-27 17:49 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton 360 2016-03-04 21:46 - 2015-10-30 19:35 - 00819822 _____ C:\WINDOWS\system32\perfh007.dat 2016-03-04 21:46 - 2015-10-30 19:35 - 00173854 _____ C:\WINDOWS\system32\perfc007.dat 2016-03-04 21:46 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-03-04 21:46 - 2015-09-06 10:39 - 01917186 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-03-04 21:43 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-03-04 21:42 - 2015-10-04 17:04 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-03-04 21:41 - 2015-09-11 23:29 - 00000000 ____D C:\ProgramData\VMware 2016-03-04 21:40 - 2015-12-12 04:06 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-03-04 21:40 - 2015-12-12 03:59 - 00000000 ____D C:\Users\hanne 2016-03-04 21:40 - 2015-12-12 03:58 - 00000000 ____D C:\ProgramData\NVIDIA 2016-03-04 21:40 - 2015-09-11 20:10 - 00001146 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-03-04 20:37 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-03-04 20:35 - 2015-09-11 20:10 - 00001150 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-03-04 20:09 - 2015-09-11 20:18 - 00000000 ____D C:\Users\hanne\OneDrive\Dokumente\Outlook-Dateien 2016-03-04 19:23 - 2015-09-11 20:25 - 00000000 ____D C:\Users\hanne\Downloads\Compressed 2016-03-04 19:00 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\rescache 2016-03-04 18:05 - 2015-10-04 17:03 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-03-04 17:54 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-03-04 17:53 - 2015-09-11 19:33 - 00004172 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0E4E2C49-7D3D-48D2-A695-64BB57B55EF8} 2016-03-04 17:53 - 2015-09-11 18:03 - 00000000 ____D C:\Users\hanne\AppData\Local\Adobe 2016-03-03 18:46 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-03-03 18:36 - 2015-09-11 20:24 - 00000000 ____D C:\Users\hanne\AppData\Roaming\DMCache 2016-03-02 20:17 - 2015-10-19 18:39 - 00000000 ____D C:\Users\hanne\AppData\Local\NPE 2016-03-02 18:25 - 2015-09-06 10:41 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-03-02 18:24 - 2015-12-12 03:57 - 05102488 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-03-01 23:54 - 2015-10-30 19:47 - 00000000 ____D C:\Program Files\Windows Journal 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 __RSD C:\WINDOWS\Media 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Portable Devices 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices 2016-03-01 23:54 - 2015-10-30 08:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform 2016-03-01 23:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-03-01 23:54 - 2015-10-30 07:28 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-03-01 19:51 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-02-28 09:27 - 2015-09-11 23:15 - 00000000 ____D C:\Users\hanne\AppData\Roaming\vlc 2016-02-27 13:18 - 2015-09-06 10:41 - 00000000 ____D C:\Users\hanne\AppData\Local\Packages 2016-02-26 17:41 - 2015-10-30 08:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-02-26 17:40 - 2015-09-11 16:27 - 00000000 ____D C:\Program Files\Microsoft Office 15 2016-02-20 09:45 - 2015-09-11 19:37 - 00000000 ____D C:\Users\hanne\OneDrive\Dokumente\My Games 2016-02-20 09:45 - 2015-09-11 19:37 - 00000000 ____D C:\Users\hanne\AppData\Local\My Games 2016-02-19 23:36 - 2015-09-11 20:10 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-02-19 23:36 - 2015-09-11 20:10 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-02-18 19:32 - 2015-09-06 10:39 - 00000000 ____D C:\ProgramData\Package Cache 2016-02-18 19:13 - 2015-11-15 12:39 - 00000000 ____D C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-02-18 18:42 - 2015-09-11 20:24 - 00000000 ____D C:\Users\hanne\AppData\Roaming\IDM 2016-02-17 18:34 - 2015-09-11 18:55 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk 2016-02-11 19:18 - 2015-09-06 10:42 - 00002387 _____ C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-02-11 19:18 - 2015-09-06 10:42 - 00000000 ___RD C:\Users\hanne\OneDrive 2016-02-11 17:16 - 2015-12-15 19:41 - 00000017 _____ C:\WINDOWS\.ini 2016-02-10 18:12 - 2015-09-06 10:47 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-02-10 18:09 - 2015-09-06 10:47 - 146614896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-02-10 17:54 - 2015-09-11 18:08 - 00000000 ___RD C:\Users\hanne\Creative Cloud Files 2016-02-10 17:54 - 2015-09-11 18:07 - 00000000 ____D C:\ProgramData\boost_interprocess 2016-02-09 20:46 - 2015-12-20 14:29 - 00000000 ____D C:\WINDOWS\symbols 2016-02-03 20:01 - 2015-10-30 08:26 - 00828920 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-02-03 20:01 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-09-12 21:14 - 2015-10-03 23:47 - 0094795 _____ () C:\Users\hanne\AppData\Local\parallels-pax.log 2015-10-24 08:02 - 2015-10-24 10:13 - 0000600 _____ () C:\Users\hanne\AppData\Local\PUTTY.RND 2015-09-16 13:09 - 2015-09-16 13:09 - 0000040 ___SH () C:\ProgramData\.zreglib 2014-10-14 02:49 - 2014-10-14 02:49 - 0002465 _____ () C:\ProgramData\regid.2012-08.com.Corel,Roxio_76C7858E-078C-4C49-AB1A-2A7072664935.swidtag Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\hanne\ParallelsAccess-3.0.1-30654-win.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-02-29 19:28 ==================== Ende von FRST.txt ============================ |
![]() | #9 |
![]() | ![]() Google Chrome lädt Malware - MS Edge nicht Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016 durchgeführt von hanne (2016-03-04 22:04:56) Gestartet von C:\Users\hanne\Desktop Windows 10 Pro Version 1511 (X64) (2015-12-12 03:08:42) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1936510213-3086724655-2435381783-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-1936510213-3086724655-2435381783-503 - Limited - Disabled) Gast (S-1-5-21-1936510213-3086724655-2435381783-501 - Limited - Disabled) hanne (S-1-5-21-1936510213-3086724655-2435381783-1002 - Administrator - Enabled) => C:\Users\hanne ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Norton 360 (Disabled - Up to date) {53C7D717-52E2-B95E-FA61-6F32ECC805DB} AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Norton 360 (Disabled - Up to date) {E8A636F3-74D8-B6D0-C0D1-5440974F4F66} FW: Norton 360 (Enabled) {6BFC5632-188D-B806-D13E-C607121B42A0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 5KPlayer 3.1 (HKLM-x32\...\5KPlayer_is1) (Version: - DearMob, Inc.) Acronis True Image 2016 (HKLM-x32\...\{5E5999D7-85DD-4B82-B48B-5F60BDFAC502}Visible) (Version: 19.0.5634 - Acronis)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.010.20059 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: - Adobe Systems Incorporated) AllSync (HKLM-x32\...\AllSync_is1) (Version: 3.5.102 - Michael Thummerer Software Design) Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon) Amazon Kindle (HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\Amazon Kindle) (Version: - Amazon) AnyDVD (HKLM-x32\...\AnyDVD) (Version: - SlySoft) Apple Application Support (32-Bit) (HKLM-x32\...\{C5815ACF-FD34-4553-8A22-C7411B7E662B}) (Version: 4.1.1 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{CBF12D2F-CF64-4CB7-858B-2C1F21068E5F}) (Version: 4.1.1 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: - Apple Inc.) Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{903D0F33-D3CF-48D6-967D-84004089428A}) (Version: 4.0.51203.1 - Microsoft Corporation) ArcSoft TotalMedia Extreme (HKLM-x32\...\{E7A1B94F-A981-49B2-868F-DFEA471AB17D}) (Version: - ArcSoft) Audials (HKLM-x32\...\{0336AD00-7F30-47A9-8EFB-CDDAD979C19E}) (Version: 12.1.9700.0 - Audials AG) Audials (HKLM-x32\...\{39DE26F8-C180-47F3-9CCC-6EE4B95DA93D}) (Version: 14.0.51000.0 - Audials AG) AVG PC TuneUp 2015 (de-DE) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies) AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden BASE 6.1 (HKLM-x32\...\BASE 6.1) (Version: - ) bl (x32 Version: 1.0.0 - Your Company Name) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: - Apple Inc.) Canon iP4300 (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4300) (Version: - ) Casper 8.0 (HKLM\...\{1A22A914-D43F-4BF6-BE8C-8C4D8E76CAF6}) (Version: 8.0.46120 - Future Systems Solutions, Inc.) CDLIB 5.1 (HKLM-x32\...\CDLIB) (Version: 5.1 - CDLIB) ChessBase 13 64-bit (HKLM\...\{9422AB50-000A-496D-83D2-B0E9EE49FD2C}) (Version: - ChessBase) Contents (x32 Version: - Corel Corporation) Hidden Corel FastFlick (HKLM-x32\...\_{10EC8494-8A92-49D8-9677-2483EB01F7F1}) (Version: - Corel Corporation) Creator NXT 3 Content (x32 Version: 16.0.004 - Roxio) Hidden Dazzle Video Capture DVC100 X64 Driver 1.06 (x32 Version: 1.06.0000 - Pinnacle) Hidden DesignPro 5 (HKLM-x32\...\InstallShield_{F82C6574-AD88-4B40-A432-970BC77F1BD2}) (Version: 5.5.708 - Avery) DesignPro 5 (x32 Version: 5.5.708 - Avery) Hidden DirectX 9 Runtime (x32 Version: 1.00.0000 - Sonic Solutions) Hidden Dispatcher (HKLM-x32\...\Steam App 341980) (Version: - CivilSavages) Dotfuscator and Analytics Community Edition 5.19.0 (x32 Version: - PreEmptive Solutions) Hidden DVR-Capture 2.00 (HKLM-x32\...\DVR-Capture 2) (Version: 2.00 - Haenien-Software) DVR-Studio HD 3 (HKLM-x32\...\DVR-Studio HD 3) (Version: 3.19 - Haenlein-Software) DVR-Studio HD 4 (HKLM-x32\...\DVR-Studio HD 4) (Version: 4.02.03 - Haenlein-Software) EF Multi File Renamer (HKLM\...\EF Multi File Renamer) (Version: - EFSoftware) EF Multi File Renamer (HKLM-x32\...\EF Multi File Renamer) (Version: - EFSoftware) Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Free Studio (HKLM-x32\...\Free Studio_is1) (Version: - DVDVideoSoft Ltd.) Galactic Civilizations III (HKLM-x32\...\Steam App 226860) (Version: - Stardock Entertainment) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.) Google Update Helper (x32 Version: - Google Inc.) Hidden Hauppauge HDPVR Scheduler (HKLM-x32\...\Hauppauge HDPVR Scheduler) (Version: - Hauppauge Computer Works) Hauppauge WinTV IR Blaster (HKLM-x32\...\Hauppauge WinTV IR Blaster) (Version: 7.4.29102 - Hauppauge Computer Works, Inc.) Hauppauge WinTV Scheduler (HKLM-x32\...\Hauppauge WinTV Scheduler) (Version: - ) Houdini 4 Pro (HKLM\...\{FEBA7043-8935-4747-9EC4-0672C8B134CE}_is1) (Version: 4 - Houdini Chess) ICA (x32 Version: - Corel Corporation) Hidden iCloud (HKLM\...\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}) (Version: - Apple Inc.) IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.) IPM_VS_Pro (x32 Version: 1.0 - Corel Corporation) Hidden iTunes (HKLM\...\{0D44E3A4-6C3D-45D7-B443-079509E5BE5D}) (Version: - Apple Inc.) KC Softwares VideoInspector (HKLM-x32\...\KC Softwares VideoInspector_is1) (Version: - KC Softwares) Malwarebytes Anti-Malware Version (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: - Malwarebytes) MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU) (HKLM-x32\...\{290FC320-2F5A-329E-8840-C4193BD7A9EE}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (ENU) (HKLM-x32\...\{034547E9-D8FA-49E7-8B9C-4C9861FB9146}) (Version: 4.6.00127 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.24720 - Microsoft Corporation) Microsoft Office Professional 2013 - de-de (HKLM\...\ProfessionalRetail - de-de) (Version: 15.0.4797.1003 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{AB8DE9BA-19E1-446A-BCFA-6B3DA9751E21}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (HKLM-x32\...\{2774595F-BC2A-4B12-A25B-0C37A37049B0}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Management Objects (x64) (HKLM\...\{1F9EB3B6-AED7-4AA7-B8F1-8E314B74B2A5}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 Transact-SQL ScriptDom (HKLM\...\{020CDFE0-C127-4047-B571-37C82396B662}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server 2014 T-SQL Language Service (HKLM-x32\...\{47D08E7A-92A1-489B-B0BF-415516497BCE}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - enu (14.0.50616.0) (HKLM-x32\...\{58246C80-3941-4B69-AE31-264644E2ADB8}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM\...\{FC3BB979-AA54-4B60-BBA3-2C4DA6E08D80}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft System CLR Types for SQL Server 2014 (HKLM-x32\...\{091CE6AA-2753-4F6E-AD1C-0E875744EB54}) (Version: 12.0.2402.29 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{e6e75766-da0f-4ba2-9788-6ea593ce702d}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 with Update 1 (HKLM-x32\...\{5642384f-2a89-46d3-acd5-bfe8bf6e8b2f}) (Version: 14.0.24720.0 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft Xbox One Controller for Windows (HKLM\...\{DC2CB48C-FD96-48EB-A36A-7D995BB587EB}) (Version: 1.0.2 - Microsoft Corporation) Movavi Video Suite 14 (HKLM-x32\...\Movavi Video Suite 14) (Version: 14.3.0 - Movavi) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden Multi-Device Hybrid Apps using C# - Templates - ENU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google) Norton 360 (HKLM-x32\...\N360) (Version: - Symantec Corporation) NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation) NVIDIA 3D Vision Treiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 358.50 - NVIDIA Corporation) NVIDIA GeForce Experience (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: - NVIDIA Corporation) NVIDIA Grafiktreiber 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 358.50 - NVIDIA Corporation) NVIDIA HD-Audiotreiber (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: - NVIDIA Corporation) NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation) Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Licensing Component (Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4797.1003 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) Paragon Festplatten Manager™ 15 Suite (HKLM\...\{29258311-EA49-11DE-967C-005056C00008}) (Version: 90.00.0003 - Paragon Software) Paragon Partition Manager™ 15 Professional (HKLM\...\{A35001F0-F1E4-11DD-A38B-005056C00008}) (Version: 90.00.0003 - Paragon Software) ph (x32 Version: 1.0.0 - Your Company Name) Hidden Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.0.5 - CEWE Stiftung u Co. KGaA) PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Prerequisites for SSDT (HKLM-x32\...\{21373064-AD95-48DB-A32E-0D9E08EF7355}) (Version: 12.0.2000.8 - Microsoft Corporation) QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements) QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: - Apple Inc.) RBVirtualFolder64Inst (Version: 1.00.0000 - Roxio, Inc.) Hidden Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Roslyn Language Services - x86 (x32 Version: 14.0.24723 - Microsoft Corporation) Hidden Roxio Creator NXT 3 Content (HKLM-x32\...\{2DF5BF6E-D32C-4B81-9012-F62B58AFF819}) (Version: - Roxio) Roxio Creator NXT Pro 3 (HKLM-x32\...\{7B4B9450-39C8-454A-AA2D-6548EE4D21EB}) (Version: - Roxio) Roxio Virtual Drive x64 (Version: 1.00.0000 - Roxio, Inc.) Hidden Setup (x32 Version: - Corel Corporation) Hidden Share (x32 Version: - Corel Corporation) Hidden SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden SHIELD Wireless Controller Driver (Version: - NVIDIA Corporation) Hidden SmartControlCenter (HKLM-x32\...\{63CE935C-03E3-4EB4-B194-792CB2F91C87}) (Version: - Netgear) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.24712 - Microsoft Corporation) Hidden Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TVgenial 5.40 (HKLM-x32\...\TVgenial) (Version: - ) TypeScript Power Tool (x32 Version: - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (HKLM-x32\...\{33e2204a-4ec6-4458-895a-47e2a404d990}) (Version: 1.7.24720.0 - Microsoft Corporation) UE4 Prerequisites (x86) (HKLM-x32\...\{162863d7-4b83-429c-baa7-fcedd09f331f}) (Version: - Epic Games, Inc.) UE4 Prerequisites (x86) (x32 Version: - Epic Games, Inc.) Hidden Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Visual Studio 2015 Update 1 (KB3022398) (HKLM-x32\...\{fcaa9dba-9438-48b6-ad91-4e9b4cc7084a}) (Version: 14.0.24720 - Microsoft Corporation) VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN) VMware Workstation (HKLM\...\{132E3257-14F1-411A-BC6C-0CA32D3A9BC6}) (Version: 12.0.0 - VMware, Inc.) VS Update core components (x32 Version: 14.0.24720 - Microsoft Corporation) Hidden VSClassic (x32 Version: - Corel Corporation) Hidden VSPro (x32 Version: - Corel Corporation) Hidden VueScan x64 (HKLM\...\VueScan x64) (Version: - ) WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (03/19/2014 (HKLM\...\B97004A400E30DCF940971EFA7A0C13C6B0A4B66) (Version: 03/19/2014 - Silicon Laboratories) WinRAR 5.10 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-04310A690DF6}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{1F6DE925-8416-40D4-BC66-D69DB9D4360B}\InprocServer32 -> F:\Roxio\Roxio Creator NXT Pro 3\Virtual Drive 10\DC_ShellExt64.dll (Corel Corporation) CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\hanne\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1936510213-3086724655-2435381783-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {01A26BF1-3F1C-40BD-BEAD-2F59F5F4D357} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-02-10] (Microsoft Corporation)
Task: {1BD57935-9038-4536-9569-F3642D6C3534} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\\WSCStub.exe [2015-11-20] (Symantec Corporation) Task: {51D97364-0FE0-44E3-9C16-8E916568DEFC} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {5F86521A-5443-4819-B1EF-AC0170B620C7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-13] (Adobe Systems Incorporated) Task: {6688E82F-836B-44F7-B7C9-B55757A2496C} - System32\Tasks\ArcSoft Connect Daemon => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe Task: {719ACE92-93A1-4432-8803-A8552049D0A6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-01-12] (Microsoft Corporation) Task: {73B1D130-5DBD-4EE9-93EC-0CC8DA51D2DF} - System32\Tasks\SpyHunter4Startup => C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe [2016-01-19] (Enigma Software Group USA, LLC.) Task: {797D6177-E44D-4169-AD6C-D0D80C934471} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {A6E450AA-1023-48D6-B22E-D137AB5A9F99} - System32\Tasks\Norton 360\Norton Autofix => C:\Program Files (x86)\Norton 360\Engine\\SymErr.exe [2015-11-05] (Symantec Corporation) Task: {CED3A03F-10D5-4BCF-9677-E65373C98EE8} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.) Task: {D6DA70B0-CB58-44B5-B099-3AC9782CA033} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-11] (Google Inc.) Task: {E049E2F0-4385-42CB-9058-2B3A81299F35} - System32\Tasks\Future Systems Solutions\Casper\Casper 8.0 Update Notification Task => F:\Future Systems Solutions\Casper 8.0\CASPER.EXE [2014-09-19] (Future Systems Solutions, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-01-22 18:32 - 2016-01-22 18:33 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2016-03-01 19:29 - 2016-02-23 12:27 - 02654872 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-11-27 17:46 - 2015-11-14 04:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll 2015-09-11 16:27 - 2015-10-13 04:34 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll 2015-05-15 15:26 - 2015-05-15 15:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-01-22 00:04 - 2014-01-22 00:04 - 00022760 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe 2015-08-04 13:26 - 2015-08-04 13:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll 2015-08-14 13:02 - 2015-08-14 13:02 - 12465344 _____ () F:\VMWare 12\vmware-hostd.exe 2013-10-16 01:02 - 2013-10-16 01:02 - 00535784 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\RoxioBurnLauncher.exe 2015-12-17 20:52 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2016-03-01 19:29 - 2016-02-23 09:36 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-12 22:20 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-12 22:20 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-27 22:47 - 2016-01-16 06:10 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-27 22:47 - 2016-01-16 06:13 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-08-04 13:26 - 2015-08-04 13:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll 2013-10-16 01:03 - 2013-10-16 01:03 - 01723624 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\Roxio Burn.exe 2016-01-22 18:32 - 2016-01-22 18:33 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2016-01-22 18:32 - 2016-01-22 18:33 - 22330368 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.13.20000.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2014-01-22 00:04 - 2014-01-22 00:04 - 03322600 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\BEngine.dll 2014-01-22 00:04 - 2014-01-22 00:04 - 00108776 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\Logging.dll 2014-01-22 00:04 - 2014-01-22 00:04 - 00524520 _____ () C:\Program Files (x86)\Roxio\BackOnTrack\App\TRREngine.dll 2015-08-14 13:02 - 2015-08-14 13:02 - 01301696 _____ () F:\VMWare 12\libxml2.dll 2015-08-14 13:02 - 2015-08-14 13:02 - 00165056 _____ () F:\VMWare 12\nfc-types.dll 2015-08-14 13:02 - 2015-08-14 13:02 - 00191680 _____ () F:\VMWare 12\LIBEXPAT.dll 2015-08-14 13:02 - 2015-08-14 13:02 - 00388800 _____ () F:\VMWare 12\ssoClient.dll 2013-10-16 01:02 - 2013-10-16 01:02 - 00679144 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\BBEngineAS.dll 2012-05-22 18:01 - 2012-05-22 18:01 - 00723600 _____ () F:\Roxio\Roxio Creator NXT Pro 3\Roxio Burn\AS_Archive.dll 2015-10-21 21:05 - 2015-10-03 05:58 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2015-07-10 12:04 - 2015-07-10 12:02 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\hanne\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper DNS Servers: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKLM\...\StartupApproved\Run: => "iTunesHelper" HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor" HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe" HKLM\...\StartupApproved\Run32: => "ArcSoft Connection Service" HKLM\...\StartupApproved\Run32: => "QuickTime Task" HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\StartupApproved\Run: => "AdobeBridge" HKU\S-1-5-21-1936510213-3086724655-2435381783-1002\...\StartupApproved\Run: => "Parallels Access" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{5C5FD17E-AF7E-4CC8-9A8D-81555F1040FB}] => (Allow) F:\Steam\steamapps\common\Dispatcher\Disp1.exe FirewallRules: [{C7D5D696-3847-43FF-B5E0-CCE004EA6DD9}] => (Allow) F:\Steam\steamapps\common\Dispatcher\Disp1.exe FirewallRules: [{76739F11-5CC2-47CA-9ED5-CCDACDE81EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{C1DF8A39-D7AA-43A7-82F9-A30C20777A8C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe FirewallRules: [{1FF4610F-83FD-4E5C-9015-25B43EB7AB37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe FirewallRules: [{F3710BF0-2B62-40AD-9D6E-7292BA52DAC8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{2DD4B2E2-302C-4EB8-BE35-472B7936AFAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe FirewallRules: [{208FE073-2ECA-41FE-8906-6A2872EFC482}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{509F4541-95E4-4BB2-8546-FACDEA230DC9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe FirewallRules: [{85FFC6DA-4BA9-41A2-AE6D-5BC51CA1E660}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{EB378A2D-251F-4FB8-9640-9CEDBEEA47AF}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{F4EBFA81-EB07-40C7-912C-69363D1F9324}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe FirewallRules: [{835ACABC-AEFF-4666-A858-3839398ECEF5}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{CAE1E754-F6B0-4A8E-934A-88B790EE80D8}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{0484CEB0-58BD-40D7-805E-BC3EA51BA2CA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{822F8943-7180-48FD-8F76-38B7832B4D47}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{0D35F2DE-6C64-46F2-A8AE-CB7DC0B4F3C3}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{D8D14C10-26D0-49D4-B0AB-2030922C85C2}] => (Allow) LPort=31931 FirewallRules: [{5AF41AFE-D156-4C16-8F63-473795BA01CC}] => (Allow) LPort=14714 FirewallRules: [{2A7E5042-56E0-484F-9207-B54F2C271A60}] => (Allow) LPort=12972 FirewallRules: [{ABEB0780-1FDB-4FDC-8654-8B7A9E3FDAE4}] => (Allow) F:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{6FD6C5E4-A993-41C1-9071-C50AECAC8C76}] => (Allow) F:\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{A789A793-0647-4AEA-ACFE-49A8938811A8}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe FirewallRules: [{C078F5EA-2668-42A9-BE31-4084E9E17172}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe FirewallRules: [{0CFFCF02-3676-4C1C-8982-2F75AAA902CA}] => (Allow) F:\VMWare 12\vmware-hostd.exe FirewallRules: [{F7DE2D5C-E01C-49FA-A899-37353D1579EE}] => (Allow) F:\VMWare 12\vmware-hostd.exe FirewallRules: [{0F1723F8-B187-47D2-B741-ACDED9AFB81A}] => (Allow) F:\VMWare 12\vmware-authd.exe FirewallRules: [{5E2FB1BA-62FC-4600-876E-E86183C441A3}] => (Allow) F:\VMWare 12\vmware-authd.exe FirewallRules: [{B3024B8D-44B5-4374-93D6-85C5DFCEB71F}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{8E956805-A5C5-401B-866C-BDED3E13039C}] => (Allow) F:\Steam\bin\steamwebhelper.exe FirewallRules: [{211E353A-9E0A-4DE1-B56A-17E2850C46AE}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{8CD32749-01FE-43B6-B478-9AE5A98B8BBB}] => (Allow) F:\Steam\Steam.exe FirewallRules: [{34FB88CD-0AF1-407C-A3C5-A6CA483E9DA1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe FirewallRules: [{D4A18D3A-F00C-4020-AF3A-09FAE1728251}] => (Allow) F:\iiTunes\iTunes.exe FirewallRules: [{97BCEB7D-437F-49E9-BE50-E754F1716CC9}] => (Allow) F:\Audials\Audials 12\Audials.exe FirewallRules: [{503763CB-E969-43B2-8FEF-24E7143A1055}] => (Allow) F:\Audials\Audials 2016\Audials.exe FirewallRules: [TCP Query User{F3F1B885-D346-456B-B4BE-32C8A9AB3AB2}F:\dvr-studio hd 4\dvr-studio hd.exe] => (Allow) F:\dvr-studio hd 4\dvr-studio hd.exe FirewallRules: [UDP Query User{9D4874D7-971F-4647-BACC-54C4E6F3E555}F:\dvr-studio hd 4\dvr-studio hd.exe] => (Allow) F:\dvr-studio hd 4\dvr-studio hd.exe FirewallRules: [{3E95E14B-CD69-4350-B144-3A9CB1503D44}] => (Allow) F:\MS Visual Studio 2015\Common7\IDE\devenv.exe FirewallRules: [{4A968DBD-1B60-4DD0-B3B8-D6101211DCE0}] => (Allow) C:\Program Files\VueScan\vuescan.exe FirewallRules: [{2CCA03DA-24E2-440F-A2DC-5615025C1F15}] => (Allow) C:\Program Files\VueScan\vuescan.exe FirewallRules: [{A7F1C9E2-39EB-4DC9-9750-CF9F2D9C6D2A}] => (Allow) F:\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe FirewallRules: [{5D9B7DFE-9BF5-4BA3-80B3-BBF89FBF1EC7}] => (Allow) F:\Steam\steamapps\common\Galactic Civilizations III\GalCiv3.exe FirewallRules: [{832DDA4C-476E-47BF-83F6-726D50D6214B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 26-02-2016 17:30:47 Norton_Power_Eraser_20160226173046602 01-03-2016 19:50:26 Windows Update 03-03-2016 18:54:25 JRT Pre-Junkware Removal 03-03-2016 21:04:56 JRT Pre-Junkware Removal 04-03-2016 21:50:23 JRT Pre-Junkware Removal ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: SAS-Controller Description: SAS-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Epson Perfection 1670/GT-8400UF Description: Epson Perfection 1670/GT-8400UF Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Hamrick Software Service: usbscan Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (03/04/2016 09:50:37 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version:, Zeitstempel: 0x564a80aa Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44 Ausnahmecode: 0xc0000005 Fehleroffset: 0x00444106 ID des fehlerhaften Prozesses: 0x135c Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0 Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1 Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2 Berichtskennung: Adobe CEF Helper.exe3 Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5 Error: (03/04/2016 09:50:25 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer". Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll. System Error: Zugriff verweigert . Error: (03/04/2016 09:43:13 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (03/04/2016 09:43:12 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (03/04/2016 09:40:38 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for F:\Steam\bin\steamwebhelper.exe Error: (03/04/2016 09:40:38 PM) (Source: Steam Client Service) (EventID: 1) (User: ) Description: Error: Failed to add firewall exception for F:\Steam\steam.exe Error: (03/04/2016 09:36:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE) Description: Bei der Aktivierung der App „Microsoft.Windows.ShellExperienceHost_cw5n1h2txyewy!App“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (03/04/2016 09:36:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (03/04/2016 08:37:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (03/04/2016 07:37:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: VEINTICUATRO-XE) Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147024891. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (03/04/2016 09:53:29 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (03/04/2016 09:50:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (03/04/2016 09:43:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: AnwendungsspezifischLokalAktivierung{3185A766-B338-11E4-A71E-12E3F512A338}{7006698D-2974-4091-A424-85DD0B909E23}NT-AUTORITÄTNetzwerkdienstS-1-5-20LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar Error: (03/04/2016 09:43:13 PM) (Source: DCOM) (EventID: 10001) (User: VEINTICUATRO-XE) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server5microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mcaNicht verfügbarNicht verfügbar Error: (03/04/2016 09:43:12 PM) (Source: DCOM) (EventID: 10001) (User: VEINTICUATRO-XE) Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.6568.46121.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server5microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mcaNicht verfügbarNicht verfügbar Error: (03/04/2016 09:41:13 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 Error: (03/04/2016 09:41:13 PM) (Source: DCOM) (EventID: 10016) (User: VEINTICUATRO-XE) Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}VEINTICUATRO-XEhanneS-1-5-21-1936510213-3086724655-2435381783-1002LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742 CodeIntegrity: =================================== Date: 2016-03-02 18:25:25.012 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-02-17 18:42:45.411 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-17 18:42:45.333 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-17 18:37:00.304 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-17 18:37:00.181 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-16 21:22:09.804 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-16 21:22:09.788 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-16 21:22:09.772 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-16 21:22:09.750 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2016-02-15 19:14:22.097 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Xeon(R) CPU E5-2697 v2 @ 2.70GHz Prozentuale Nutzung des RAM: 5% Installierter physikalischer RAM: 65484.54 MB Verfügbarer physikalischer RAM: 62034.13 MB Summe virtueller Speicher: 75212.54 MB Verfügbarer virtueller Speicher: 71714.44 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:364.61 GB) (Free:256.31 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: () (Fixed) (Total:364.61 GB) (Free:298.92 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive e: (VOLUME) (Fixed) (Total:38.73 GB) (Free:17.92 GB) NTFS Drive f: () (Fixed) (Total:527.73 GB) (Free:287.5 GB) NTFS Drive g: (VOLUME) (Fixed) (Total:38.73 GB) (Free:17.92 GB) NTFS Drive h: () (Fixed) (Total:527.73 GB) (Free:279.52 GB) NTFS Drive w: (Video) (Network) (Total:74178.58 GB) (Free:65656.2 GB) NTFS Drive y: (Music) (Network) (Total:74178.58 GB) (Free:65656.2 GB) NTFS Drive z: (Dateien) (Network) (Total:74178.58 GB) (Free:65656.2 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 138B141C) Partition 1: (Active) - (Size=364.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=566.5 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 286718E8) Partition 1: (Active) - (Size=364.6 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=450 MB) - (Type=27) Partition 3: (Not Active) - (Size=566.5 GB) - (Type=OF Extended) ==================== Ende von Addition.txt ============================ |
![]() | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Google Chrome lädt Malware - MS Edge nicht FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [] => [X] emptytemp: Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #11 |
![]() | ![]() Google Chrome lädt Malware - MS Edge nicht Okay was haben wir da entfernt ? Fixlog.txt Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016 durchgeführt von hanne (2016-03-04 23:32:16) Run:1 Gestartet von C:\Users\hanne\Desktop Geladene Profile: hanne (Verfügbare Profile: hanne) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** HKLM-x32\...\Run: [] => [X] emptytemp: ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert erfolgreich entfernt ==== Ende von Fixlog 23:32:16 ==== |
![]() | #12 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Google Chrome lädt Malware - MS Edge nicht Das klappt so nicht. Du musst das Script 1:1 kopieren, du darfst auch keine Zeilenumbrüche entfernen. Kann es sein, dass du den Text in Word oder so kopiert hast??
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #13 |
![]() | ![]() Google Chrome lädt Malware - MS Edge nicht Okay beim Kopieren wird automatisch der Zeilenumbrauch entfernt. Also nochmals: Jetzt sind offenbar 700 MB temporäre Dateien entfernt HTML-Code: Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:04-03-2016 durchgeführt von hanne (2016-03-04 23:53:49) Run:2 Gestartet von C:\Users\hanne\Desktop Geladene Profile: hanne (Verfügbare Profile: hanne) Start-Modus: Normal ============================================== fixlist Inhalt: ***************** HKLM-x32\...\Run: [] => [X] emptytemp: ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert nicht gefunden. EmptyTemp: => 713.7 MB temporäre Dateien entfernt. Das System musste neu gestartet werden. ==== Ende von Fixlog 23:54:39 ==== |
![]() | #14 |
/// Winkelfunktion /// TB-Süch-Tiger™ ![]() ![]() ![]() ![]() ![]() ![]() | ![]() Google Chrome lädt Malware - MS Edge nicht so isses richtig!!! ![]() Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte: 1. Schritt: MBAM Downloade Dir bitte ![]()
2. Schritt: ESET ESET Online Scanner
3. Schritt: SecurityCheck Downloade Dir bitte ![]()
__________________ Logfiles bitte immer in CODE-Tags posten ![]() |
![]() | #15 |
![]() | ![]() Google Chrome lädt Malware - MS Edge nichtCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 05.03.2016 Suchlaufzeit: 08:04 Protokolldatei: mbam.txt Administrator: Ja Version: Malware-Datenbank: v2016.03.05.02 Rootkit-Datenbank: v2016.02.27.01 Lizenz: Premium-Version Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: hanne Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 469315 Abgelaufene Zeit: 12 Min., 23 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # osver=6.2.9200 NT # compatibility_mode_1='' # compatibility_mode=3589 16777213 100 57 1287108 219783582 0 0 # compatibility_mode_1='' # compatibility_mode=5893 16776574 100 94 66341 11001140 0 0 # scanned=2451293 # found=48 # cleaned=0 # scan_time=24063 sh=AEC3934D53A51AA388A4CBDAF2FD337211F8892B ft=1 fh=4d6154421951c19a vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hanne\AppData\Roaming\StormFall\CreateShortCut.dll.vir" sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hanne\AppData\Roaming\StormFall\TaskScheduler.dll.vir" sh=B8772D6269D0410CD055E6792B0E7673E876665A ft=1 fh=99f8a9ba75ddbf93 vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\hanne\AppData\Roaming\StormFall\Uninstaller.exe.vir" sh=AEC3934D53A51AA388A4CBDAF2FD337211F8892B ft=1 fh=4d6154421951c19a vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="D:\Users\hanne\AppData\Roaming\StormFall\CreateShortCut.dll" sh=A5BE0C1A6877CFECACE44C10F7A77AE1925F9292 ft=1 fh=5b8d6bde69b054c1 vn="Variante von Win32/InstallCore.ACL evtl. unerwünschte Anwendung" ac=I fn="D:\Users\hanne\AppData\Roaming\StormFall\TaskScheduler.dll" sh=B8772D6269D0410CD055E6792B0E7673E876665A ft=1 fh=99f8a9ba75ddbf93 vn="Variante von Win32/InstallCore.ADB evtl. unerwünschte Anwendung" ac=I fn="D:\Users\hanne\AppData\Roaming\StormFall\Uninstaller.exe" sh=05D232953916ED81EBB081A0C363A770E4D02F30 ft=1 fh=575e43895d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\$R86K91K.exe" sh=72BB409E3CD1F7FFB76BB3E34B3C705BB6BCFCE3 ft=1 fh=8ae750594b542a83 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="E:\$RECYCLE.BIN\$RR6ST7Q.exe" sh=524C1A9B5B2D0CB5E91830F0868638BCEB9EBAF9 ft=1 fh=8dab1ebd74d9b955 vn="Win32/SmartFileAdvisor.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Alcohol120_retail_2.0.3.6732.exe" sh=83407DB699FA5983071EEBCE2436693159D18F72 ft=1 fh=e8b4478e9f4aa877 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Avery Zweckform DesignPro - CHIP-Installer.exe" sh=FBFC6D75140BD4F7E850212EFF4E05465D349E7B ft=1 fh=7a247928f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Brettspiele-Deluxe-Setup.exe" sh=D773D466C7FD03C3F13FA03F6DA6B515C648F9E9 ft=1 fh=8b0bf2da65de7bab vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\cnet_cvtsetup_exe.exe" sh=5CA32567B720FC112E426A2BC542D45B503EB49F ft=1 fh=5e160bab0f9ecb23 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\DesktopOK 64 Bit - CHIP-Installer.exe" sh=19E32F9FD945DC0E5632586E0A92EDB3CDC48A0C ft=1 fh=32e4e9a808441098 vn="Variante von MSIL/Packed.PvLogNetProtector.E verdächtige Datei" ac=I fn="E:\Downloads\DVR-Compress 2 Setup204Ger.exe" sh=37487B87DC75908F5B7EEE8FE79591879D4E4920 ft=1 fh=afbe3d46e005f130 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\EF_Multi_File_Renamer_4.40_CB-DL-Manager.exe" sh=C2D5E06850F15CB244DB01B28ECFEAFF76F5F541 ft=1 fh=1696cdc80b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\Free-Video-Dub-Setup.exe" sh=B5F3861AF8A540EFA94A31140B068529268CBCCD ft=1 fh=0186c3a4cd73d147 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToDVDConverter.exe" sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToMp3Converter.exe" sh=BEB2872C5EE9890C656B293C5EFBAD0220B4E538 ft=1 fh=3852d8d68dbe73c3 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToMP3Converter31014.exe" sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeYouTubeToMp3Converter39.exe" sh=1959A6017B7BC8BABA9AD5377D2F784C96D668A5 ft=1 fh=99de4023e6592c16 vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\isobuster_install.exe" sh=C4C85FD848A0E2A84770DE1B229B86BE7B9EE42A ft=1 fh=78d2e5e467c0ecf5 vn="Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\powersuite.exe" sh=CBFC54C66BDF09DEB03E66BA7BBAB7DEE4CAA790 ft=1 fh=8558a61d316992a9 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\registrybooster.exe" sh=26C5CC92C355D7AAEF3F70479E25CFB9DE73FC35 ft=1 fh=1df8bc41e7f4c46c vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\SweetImSetup.exe" sh=21ECE50E242CD2014C3A73262BFAD894267BE7E3 ft=1 fh=745906623ff06dd1 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\YouTubeDownloaderSetup34.exe" sh=21825C03CB1A667D80033F0E3B10EADC3F4EB847 ft=1 fh=4d81a715f53ac34e vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\YTDSetup.exe" sh=B4799BA5FDDE7B0E267FCE9AA2DC43B9685432EE ft=1 fh=caf5ffb8a3d62e41 vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung" ac=I fn="E:\Downloads\FreeVideoToJPGConverter\FreeVideoToJPGConverter\FreeVideoToJPGConverter.exe" sh=05D232953916ED81EBB081A0C363A770E4D02F30 ft=1 fh=575e43895d29f3b6 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="G:\$RECYCLE.BIN\$R86K91K.exe" sh=72BB409E3CD1F7FFB76BB3E34B3C705BB6BCFCE3 ft=1 fh=8ae750594b542a83 vn="Win32/SoftonicDownloader.A evtl. unerwünschte Anwendung" ac=I fn="G:\$RECYCLE.BIN\$RR6ST7Q.exe" sh=524C1A9B5B2D0CB5E91830F0868638BCEB9EBAF9 ft=1 fh=8dab1ebd74d9b955 vn="Win32/SmartFileAdvisor.B evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Alcohol120_retail_2.0.3.6732.exe" sh=83407DB699FA5983071EEBCE2436693159D18F72 ft=1 fh=e8b4478e9f4aa877 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Avery Zweckform DesignPro - CHIP-Installer.exe" sh=FBFC6D75140BD4F7E850212EFF4E05465D349E7B ft=1 fh=7a247928f97fb48a vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Brettspiele-Deluxe-Setup.exe" sh=D773D466C7FD03C3F13FA03F6DA6B515C648F9E9 ft=1 fh=8b0bf2da65de7bab vn="Variante von Win32/InstallCore.D evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\cnet_cvtsetup_exe.exe" sh=5CA32567B720FC112E426A2BC542D45B503EB49F ft=1 fh=5e160bab0f9ecb23 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\DesktopOK 64 Bit - CHIP-Installer.exe" sh=19E32F9FD945DC0E5632586E0A92EDB3CDC48A0C ft=1 fh=32e4e9a808441098 vn="Variante von MSIL/Packed.PvLogNetProtector.E verdächtige Datei" ac=I fn="G:\Downloads\DVR-Compress 2 Setup204Ger.exe" sh=37487B87DC75908F5B7EEE8FE79591879D4E4920 ft=1 fh=afbe3d46e005f130 vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\EF_Multi_File_Renamer_4.40_CB-DL-Manager.exe" sh=C2D5E06850F15CB244DB01B28ECFEAFF76F5F541 ft=1 fh=1696cdc80b27c805 vn="Win32/WinloadSDA.C evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\Free-Video-Dub-Setup.exe" sh=B5F3861AF8A540EFA94A31140B068529268CBCCD ft=1 fh=0186c3a4cd73d147 vn="Variante von Win32/Toolbar.Conduit.AI evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToDVDConverter.exe" sh=07CF040FEFA25DFDA4287BAB632EAB806E294695 ft=1 fh=0db8f293d4a19d8f vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToMp3Converter.exe" sh=BEB2872C5EE9890C656B293C5EFBAD0220B4E538 ft=1 fh=3852d8d68dbe73c3 vn="Win32/Toolbar.Conduit.S evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToMP3Converter31014.exe" sh=C5388074F31DF07BE6C1DDEF0D762EC5A8819E77 ft=1 fh=fcf810b56806cfeb vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeYouTubeToMp3Converter39.exe" sh=1959A6017B7BC8BABA9AD5377D2F784C96D668A5 ft=1 fh=99de4023e6592c16 vn="Win32/SmartFileAdvisor.A evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\isobuster_install.exe" sh=C4C85FD848A0E2A84770DE1B229B86BE7B9EE42A ft=1 fh=78d2e5e467c0ecf5 vn="Variante von Win32/UniBlue.F evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\powersuite.exe" sh=CBFC54C66BDF09DEB03E66BA7BBAB7DEE4CAA790 ft=1 fh=8558a61d316992a9 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\registrybooster.exe" sh=26C5CC92C355D7AAEF3F70479E25CFB9DE73FC35 ft=1 fh=1df8bc41e7f4c46c vn="Variante von Win32/SweetIM.B evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\SweetImSetup.exe" sh=21ECE50E242CD2014C3A73262BFAD894267BE7E3 ft=1 fh=745906623ff06dd1 vn="Variante von Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\YouTubeDownloaderSetup34.exe" sh=21825C03CB1A667D80033F0E3B10EADC3F4EB847 ft=1 fh=4d81a715f53ac34e vn="Win32/Toolbar.Widgi evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\YTDSetup.exe" sh=B4799BA5FDDE7B0E267FCE9AA2DC43B9685432EE ft=1 fh=caf5ffb8a3d62e41 vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung" ac=I fn="G:\Downloads\FreeVideoToJPGConverter\FreeVideoToJPGConverter\FreeVideoToJPGConverter.exe" Code:
ATTFilter Results of screen317's Security Check version 1.009 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Norton 360 Windows Defender WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` AVG PC TuneUp 2015 AVG PC TuneUp 2015 (de-DE) AVG PC TuneUp 2015 Microsoft VisualStudio JavaScript Language Service Microsoft VisualStudio JavaScript Project System Java version 32-bit out of Date! Google Chrome (48.0.2564.109) Google Chrome (48.0.2564.116) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe ESET ESET Online Scanner OnlineScannerApp.exe mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
![]() |
Themen zu Google Chrome lädt Malware - MS Edge nicht |
adware, bestpriceninja, besuch, chrome, chrome automatisch tab öffnung virus, entferne, entfernen, geladen, google, google chrome, hunter, immer wieder, lädt, malware, nicht, price, problemlos, spy, spy hunter, taucht, websites, werbung |