Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: "Watch4" Werbepopups

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 02.12.2015, 17:50   #1
weyesters
 
"Watch4" Werbepopups - Standard

"Watch4" Werbepopups



Hallo,

das erste Mal, dass ich mich hier melde (leider). Ich bin eigentlich sonst immer safe im Internet unterwegs und hatte noch nie AdWare, jedoch hab ich heute das erste Mal Popups von "watch4.de" bekommen (einmal bisher). Als ich hier ins Forum geguckt habe, scheint sich heute das watch4-Problem intensiviert zu haben (das ganze Forum ist seit heute voll davon, irgendwas muss da doch der Auslöser sein?).

Bisher gescannt habe ich mit AVira (Schnellscan erstmal nur), MBAM, FRST, ADW.

Hier die Logs: (Ich wäre dankbar, wenn ich auf eventuelle Gefahren in den Logs hingewiesen werde, also mit Erklärung was wo los ist, wäre super, danke =D Also anstelle von "Ja mach das", dankeschön! Möchte den Prozess nachvollziehen)

FRST.txt:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Maximilian (Administrator) auf MAXIMILIAN-PC (02-12-2015 17:36:07)
Gestartet von F:\Eigene Dateien\Eigene Downloads
Geladene Profile: Maximilian &  (Verfügbare Profile: Maximilian)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Flux Software LLC) C:\Users\Maximilian\AppData\Local\FluxSoftware\Flux\flux.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SystemPropertiesComputerName.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreamsDownloader.exe
(ppy) G:\Programme (x86)\osu!\osu!.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
(VS Revo Group) G:\Programme (x86)\Revo Uninstaller\Revouninstaller.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes) G:\Programme (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-27] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [13318424 2015-03-12] (Logitech Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [LifeCam] => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [Spotify Web Helper] => C:\Users\Maximilian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1206600 2015-08-07] (Hobbyist Software)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [Spotify] => C:\Users\Maximilian\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Run: [f.lux] => C:\Users\Maximilian\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify Web Helper] => C:\Users\Maximilian\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50137728 2015-11-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Hobbyist Software VLC Streamer] => C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe [1206600 2015-08-07] (Hobbyist Software)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Spotify] => C:\Users\Maximilian\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-16] (Spotify Ltd)
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [f.lux] => C:\Users\Maximilian\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{2EC32C92-9FB2-40BC-8876-79A96D442261}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-04-01] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 14.0 Helper -> {b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} -> G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll [2015-07-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-04-01] (Oracle Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Maximilian\AppData\Roaming\Mozilla\Firefox\Profiles\ttaFfah6.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_134.dll [2015-04-01] ()
FF Plugin: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll [2015-04-01] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-04-01] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-25] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: Avira Browser Safety - C:\Users\Maximilian\AppData\Roaming\Mozilla\Firefox\Profiles\ttaFfah6.default\Extensions\abs@avira.com [2015-10-07] [ist nicht signiert]

Chrome: 
=======
CHR Profile: C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-01]
CHR Extension: (BetterTTV) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-07-08]
CHR Extension: (Google Docs) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-01]
CHR Extension: (Google Drive) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2015-11-19]
CHR Extension: (YouTube) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-24]
CHR Extension: (uBlock Origin) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2015-11-03]
CHR Extension: (Google-Suche) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-11-09]
CHR Extension: (Yet another flags) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmchcmgddbhmbkakammmklpoonoiiomk [2015-04-01]
CHR Extension: (Grooveshark Germany unlocker) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejcnhmeicafddjdaeecddemnhnomiaai [2015-04-01]
CHR Extension: (Google Tabellen) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-01]
CHR Extension: (HTTPS Everywhere) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2015-08-26]
CHR Extension: (Google Docs Offline) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18]
CHR Extension: (AdBlock) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-11-24]
CHR Extension: (Live HTTP Headers) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaiioopjkcekapmldfgbebdclcnpgnlo [2015-04-01]
CHR Extension: (ModHeader) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgpnmonknjnojddfkpgkljpfnnfcklj [2015-08-26]
CHR Extension: (Erweiterung \) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd [2015-04-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-24]
CHR Extension: (Oddshot) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\olnoeeagkgpkplnhmnnlgodjnjgckhja [2015-10-24]
CHR Extension: (Google Mail) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-01]
CHR Extension: (RSS Feed Reader) - C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2015-11-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2015-04-02] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-27] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; G:\Programme (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-27] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-27] (NVIDIA Corporation)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 VSStandardCollectorService140; G:\Programme (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-01] (Avira Operations GmbH & Co. KG)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [469264 2013-06-26] (Intel Corporation)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2015-10-19] (REALiX(tm))
R3 LcUvcUpper; C:\Windows\system32\DRIVERS\LcUvcUpper.sys [34424 2015-02-09] (Microsoft Corporation)
S3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2015-12-02] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-27] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
S3 PVUSB; C:\Windows\System32\drivers\CESG64.sys [63808 2007-02-19] (CASIO COMPUTER CO.,LTD.)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-02 17:35 - 2015-12-02 17:36 - 00000000 ____D C:\FRST
2015-12-02 17:16 - 2015-12-02 17:16 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-02 17:16 - 2015-12-02 17:16 - 00000804 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-02 17:16 - 2015-12-02 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-02 17:16 - 2015-12-02 17:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-12-02 17:16 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-02 17:16 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-02 17:16 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-02 17:13 - 2015-12-02 17:13 - 00000000 ____D C:\AdwCleaner
2015-12-02 17:11 - 2015-12-02 17:11 - 00000794 _____ C:\Users\Maximilian\Desktop\Revo Uninstaller.lnk
2015-12-02 17:11 - 2015-12-02 17:11 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-11-29 14:09 - 2015-11-29 14:09 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\ParadoxInteractive
2015-11-12 12:42 - 2015-10-15 17:08 - 00990208 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-12 12:42 - 2015-10-15 16:46 - 00803328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-12 12:42 - 2015-10-13 18:10 - 00559616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-12 12:42 - 2015-10-13 18:10 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-12 12:42 - 2015-10-13 16:59 - 00397224 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-12 12:42 - 2015-10-13 16:59 - 00340872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-12 12:42 - 2015-10-13 16:59 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-12 12:42 - 2015-10-13 16:59 - 00120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-12 12:42 - 2015-10-13 16:59 - 00106952 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2015-11-12 12:42 - 2015-10-13 16:59 - 00091416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2015-11-12 12:42 - 2015-10-11 07:36 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-12 12:42 - 2015-10-11 07:36 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-12 12:42 - 2015-10-10 19:40 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-12 12:42 - 2015-10-10 19:39 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-12 12:42 - 2015-10-10 19:07 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-12 12:42 - 2015-10-10 18:33 - 01441280 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-12 12:42 - 2015-10-10 18:27 - 00432640 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-12 12:42 - 2015-10-10 18:11 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-12 12:42 - 2015-10-10 17:45 - 00359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-12 12:42 - 2015-09-29 13:24 - 00155480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2015-11-12 12:42 - 2015-09-07 17:22 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2015-11-12 12:42 - 2015-09-07 17:21 - 00825856 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2015-11-12 12:42 - 2015-09-07 17:17 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2015-11-12 12:42 - 2015-09-07 16:54 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2015-11-12 12:42 - 2015-09-07 16:30 - 01091584 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2015-11-12 12:42 - 2015-09-04 20:24 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tunnel.sys
2015-11-12 12:42 - 2015-09-03 03:18 - 02531400 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-11-12 12:42 - 2015-09-03 03:17 - 01903848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-11-12 12:42 - 2015-09-02 19:48 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-11-12 12:42 - 2015-09-02 18:09 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-11-12 12:42 - 2015-08-28 23:20 - 00183368 _____ (Microsoft Corporation) C:\Windows\system32\AuthHost.exe
2015-11-12 12:42 - 2015-08-20 21:45 - 01380048 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-11-12 12:42 - 2015-08-20 18:48 - 01096704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-11-12 12:42 - 2015-08-07 22:40 - 01134752 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-12 12:42 - 2015-08-07 22:40 - 00686960 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-11-12 12:42 - 2015-08-07 22:40 - 00507176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-11-12 12:42 - 2015-08-07 15:13 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-12 12:42 - 2015-08-06 18:05 - 00669184 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2015-11-12 12:42 - 2015-08-06 17:47 - 04710400 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2015-11-12 12:42 - 2015-08-06 17:37 - 00536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2015-11-12 12:42 - 2015-08-06 17:18 - 04068352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2015-11-12 12:41 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-12 12:41 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-12 12:41 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-12 12:41 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-12 12:41 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-12 12:41 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-12 12:41 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-12 12:41 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-12 12:41 - 2015-10-30 23:39 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-11-12 12:41 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-12 12:41 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-12 12:41 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-12 12:41 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-12 12:41 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-12 12:41 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-12 12:41 - 2015-10-30 23:14 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-11-12 12:41 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-12 12:41 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-12 12:41 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-12 12:41 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-12 12:41 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-12 12:41 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-12 12:41 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-12 12:41 - 2015-10-20 22:54 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-12 12:41 - 2015-10-20 15:53 - 03705856 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-12 12:41 - 2015-10-20 15:36 - 02243072 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-12 12:41 - 2015-10-20 15:35 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-12 12:41 - 2015-10-20 15:34 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-11-12 12:41 - 2015-10-20 15:34 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-12 12:41 - 2015-10-20 15:34 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-12 12:41 - 2015-10-20 15:33 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-12 12:41 - 2015-10-20 15:14 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-12 12:41 - 2015-10-20 15:13 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-12 12:41 - 2015-10-20 15:13 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-12 12:41 - 2015-10-20 15:13 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-12 12:41 - 2015-10-17 15:19 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-12 12:41 - 2015-10-15 00:02 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-12 12:41 - 2015-10-15 00:02 - 01659560 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-12 12:41 - 2015-10-15 00:02 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-12 12:41 - 2015-10-15 00:02 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-12 12:41 - 2015-10-15 00:02 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2015-11-12 12:41 - 2015-10-08 17:08 - 01083904 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2015-11-12 12:41 - 2015-09-19 04:18 - 00035384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-12 12:41 - 2015-09-18 14:42 - 01290752 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-12 12:41 - 2015-09-18 14:42 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-12 12:41 - 2015-09-18 14:42 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-12 12:41 - 2015-09-18 14:42 - 00699904 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-12 12:41 - 2015-09-18 14:42 - 00503296 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-12 12:41 - 2015-09-18 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-12 12:41 - 2015-09-12 14:47 - 00414559 _____ C:\Windows\system32\ApnDatabase.xml
2015-11-12 12:41 - 2015-08-22 14:42 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:42 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-11-12 12:41 - 2015-08-22 14:35 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-11-12 12:41 - 2015-08-10 19:15 - 00845312 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2015-11-12 12:41 - 2015-08-10 19:06 - 00422400 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2015-11-12 12:41 - 2015-08-10 18:49 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2015-11-12 12:41 - 2015-08-10 17:56 - 00272384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2015-11-12 12:41 - 2015-08-10 17:46 - 00561664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2015-11-12 12:41 - 2015-07-16 19:58 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\NcdAutoSetup.dll
2015-11-11 20:22 - 2015-11-11 21:31 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Bilago
2015-11-10 18:36 - 2015-11-10 18:36 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Fallout4
2015-11-09 22:19 - 2015-11-09 22:19 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-11-09 22:19 - 2015-11-09 22:19 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Apple Inc
2015-11-09 22:19 - 2015-11-09 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-11-09 22:19 - 2015-11-09 22:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2015-11-09 22:18 - 2015-11-09 22:19 - 00000000 ____D C:\Program Files\iTunes
2015-11-09 22:18 - 2015-11-09 22:18 - 00000000 ____D C:\Program Files\iPod
2015-11-09 22:18 - 2015-11-09 22:18 - 00000000 ____D C:\Program Files\Bonjour
2015-11-09 22:18 - 2015-11-09 22:18 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-11-09 22:18 - 2015-11-09 22:18 - 00000000 ____D C:\Program Files (x86)\Bonjour
2015-11-09 22:17 - 2015-11-09 22:17 - 00000000 ____D C:\Windows\System32\Tasks\Apple
2015-11-09 22:17 - 2015-11-09 22:17 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-11-09 12:53 - 2015-11-09 12:53 - 00004104 _____ C:\Users\Maximilian\AppData\Local\recently-used.xbel
2015-11-09 12:44 - 2015-11-09 12:52 - 00000000 ____D C:\Users\Maximilian\AppData\Local\gtk-2.0
2015-11-06 23:38 - 2015-11-25 13:59 - 00000000 ____D C:\Users\Maximilian\AppData\LocalLow\Unity
2015-11-06 23:38 - 2015-11-06 23:38 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Unity
2015-11-06 23:38 - 2015-11-06 23:38 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Unity
2015-11-06 23:38 - 2015-11-06 23:38 - 00000000 ____D C:\ProgramData\Unity
2015-11-02 18:59 - 2015-11-02 18:59 - 00000000 ____D C:\Users\Maximilian\.thumbnails
2015-11-02 18:58 - 2015-11-09 16:32 - 00000000 ____D C:\Users\Maximilian\.gimp-2.8
2015-11-02 18:58 - 2015-11-02 18:58 - 00000000 ____D C:\Users\Maximilian\AppData\Local\gegl-0.2
2015-11-02 18:58 - 2015-11-02 18:58 - 00000000 ____D C:\Users\Maximilian\AppData\Local\fontconfig
2015-11-02 18:52 - 2015-11-02 18:52 - 00002802 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2015-11-02 18:52 - 2015-11-02 18:52 - 00000691 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-11-02 18:52 - 2015-11-02 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-02 17:35 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-02 17:32 - 2015-04-01 19:29 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Skype
2015-12-02 17:21 - 2015-04-01 19:04 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1470861753-4088073532-1919527297-1001
2015-12-02 16:48 - 2015-04-01 21:18 - 00001146 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-02 15:48 - 2015-04-01 21:18 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-02 12:08 - 2015-04-01 21:32 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-02 12:08 - 2015-04-01 19:08 - 00000000 __SHD C:\Users\Maximilian\IntelGraphicsProfiles
2015-12-01 21:10 - 2015-04-01 18:59 - 01890242 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-01 21:10 - 2013-08-23 00:24 - 00806992 _____ C:\Windows\system32\perfh007.dat
2015-12-01 21:10 - 2013-08-23 00:24 - 00177002 _____ C:\Windows\system32\perfc007.dat
2015-12-01 21:10 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2015-12-01 21:04 - 2015-04-01 19:11 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-01 21:04 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-01 21:03 - 2015-04-01 21:16 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 21:03 - 2015-04-01 21:16 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 21:03 - 2015-04-01 21:16 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-01 21:03 - 2015-04-01 21:16 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-12-01 21:03 - 2015-04-01 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-12-01 16:55 - 2015-04-01 19:29 - 00000000 ____D C:\ProgramData\Skype
2015-11-30 20:09 - 2015-04-01 21:36 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Spotify
2015-11-30 20:07 - 2015-04-01 21:36 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Spotify
2015-11-29 21:06 - 2015-06-26 11:26 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Awesomium
2015-11-29 15:06 - 2015-04-06 20:24 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\TS3Client
2015-11-26 16:56 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2015-11-25 13:48 - 2013-08-22 15:44 - 05173848 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-25 13:46 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2015-11-25 13:46 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI
2015-11-24 22:48 - 2015-04-02 16:48 - 00000600 _____ C:\Users\Maximilian\AppData\Local\PUTTY.RND
2015-11-23 21:17 - 2015-04-14 19:46 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\FileZilla
2015-11-23 20:39 - 2015-05-21 15:38 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Deployment
2015-11-23 15:14 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2015-11-20 14:33 - 2015-04-01 20:54 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Microsoft Help
2015-11-19 18:44 - 2015-09-08 18:21 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Battle.net
2015-11-13 15:52 - 2015-04-16 12:52 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Eclipse
2015-11-12 14:20 - 2015-04-01 20:48 - 00000000 ___SD C:\Windows\system32\GWX
2015-11-12 12:48 - 2015-04-01 20:54 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-12 12:48 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2015-11-12 12:47 - 2015-04-01 20:48 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-11-12 12:46 - 2015-05-05 19:52 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-12 12:46 - 2015-04-01 20:47 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-12 12:45 - 2015-04-01 19:26 - 00000000 ____D C:\Windows\system32\MRT
2015-11-12 12:42 - 2015-04-01 19:26 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 22:48 - 2015-04-01 21:18 - 00002195 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-11-11 17:02 - 2015-09-03 13:15 - 00001154 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-11 17:02 - 2015-04-01 21:16 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-09 22:39 - 2015-04-24 17:18 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\vlc
2015-11-09 22:19 - 2015-04-01 21:38 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Apple Computer
2015-11-09 22:19 - 2015-04-01 21:38 - 00000000 ____D C:\Users\Maximilian\AppData\Local\Apple Computer
2015-11-09 22:18 - 2015-04-01 21:38 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-11-09 22:18 - 2015-04-01 21:38 - 00000000 ____D C:\Program Files\Common Files\Apple
2015-11-09 22:17 - 2015-04-01 21:38 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-11-09 19:48 - 2015-09-25 19:36 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\Audacity
2015-11-08 21:25 - 2015-04-02 16:54 - 00000641 _____ C:\Users\Maximilian\Desktop\osu!.lnk
2015-11-08 21:25 - 2015-04-02 16:54 - 00000641 _____ C:\Users\Maximilian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\osu!.lnk
2015-11-07 20:40 - 2015-04-01 21:58 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\OBS
2015-11-07 13:22 - 2015-07-09 16:18 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\MPC-HC
2015-11-06 23:38 - 2015-05-21 15:38 - 00000000 ____D C:\Users\Maximilian\AppData\Roaming\GitHub
2015-11-06 23:38 - 2015-05-21 15:38 - 00000000 ____D C:\Users\Maximilian\AppData\Local\GitHub
2015-11-06 16:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2015-11-03 01:23 - 2013-08-22 16:38 - 00810488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-03 01:23 - 2013-08-22 16:38 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-02 18:59 - 2015-04-01 18:57 - 00000000 ____D C:\Users\Maximilian

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-05-16 20:22 - 2015-09-08 15:53 - 1065984 _____ () C:\Users\Maximilian\AppData\Local\file__0.localstorage
2015-04-02 16:48 - 2015-11-24 22:48 - 0000600 _____ () C:\Users\Maximilian\AppData\Local\PUTTY.RND
2015-11-09 12:53 - 2015-11-09 12:53 - 0004104 _____ () C:\Users\Maximilian\AppData\Local\recently-used.xbel
2015-04-01 19:05 - 2015-04-01 19:05 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
C:\Users\Maximilian\AppData\Local\Temp\avgnt.exe
C:\Users\Maximilian\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-02 12:25

==================== Ende von FRST.txt ============================
         
Addition.txt:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Maximilian (2015-12-02 17:36:23)
Gestartet von F:\Eigene Dateien\Eigene Downloads
Windows 8.1 Pro (X64) (2015-04-01 17:57:56)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1470861753-4088073532-1919527297-500 - Administrator - Disabled)
Gast (S-1-5-21-1470861753-4088073532-1919527297-501 - Limited - Disabled)
Maximilian (S-1-5-21-1470861753-4088073532-1919527297-1001 - Administrator - Enabled) => C:\Users\Maximilian

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
AdVenture Capitalist (HKLM-x32\...\Steam App 346900) (Version:  - Hyper Hippo Games)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
AtoCC 1.33 (HKLM-x32\...\AtoCC_is1) (Version:  - )
Audacity 2.1.1 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.1 - Audacity Team)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.10.150607 - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.125 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.4 - GPL Public release.)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.11 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Drakonia Black (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version:  - )
DVD Architect Studio 5.0 (HKLM-x32\...\{3870B92E-08F8-11E3-A5E1-F04DA23A5C58}) (Version: 5.0.186 - Sony)
Dxtory version 2.0.122 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.122 - Dxtory Software)
ENB Organizer (HKLM-x32\...\{9093D693-0C5A-4A42-88DC-B32C49207551}) (Version: 1.0.0 - BluShark_Media)
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
F.E.A.R. 3 (HKLM-x32\...\Steam App 21100) (Version:  - Day 1 Studios)
f.lux (HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Flux) (Version:  - )
f.lux (HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Flux) (Version:  - )
Fallout 4 (HKLM-x32\...\Steam App 377160) (Version:  - Bethesda Game Studios)
Finale NotePad 2012 (HKLM-x32\...\Finale NotePad 2012) (Version: 2012..r1.1 - MakeMusic)
fx-9860GII OS Update (HKLM-x32\...\{50E0F657-2E2B-483D-A39E-CB652E3EA57E}) (Version: 2.04.0000 - CASIO COMPUTER CO., LTD.)
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
GitHub (HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
GitHub (HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5f7eb300e2ea4ebf) (Version: 2.13.2.4 - GitHub, Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
HWiNFO64 Version 5.06 (HKLM\...\HWiNFO64_is1) (Version: 5.06 - Martin Malík - REALiX)
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 7 Update 75 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417075FF}) (Version: 7.0.750 - Oracle)
Java 7 Update 80 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217080FF}) (Version: 7.0.800 - Oracle)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Java SE Development Kit 7 Update 75 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 7 Update 75 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170750}) (Version: 1.7.0.750 - Oracle)
Java SE Development Kit 8 Update 40 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
Java SE Development Kit 8 Update 40 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0180400}) (Version: 8.0.400.26 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version:  - TT Games)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Logitech Gaming Software 8.58 (HKLM\...\Logitech Gaming Software) (Version: 8.58.183 - Logitech Inc.)
Magicka 2 (HKLM-x32\...\Steam App 238370) (Version:  - Pieces Interactive)
MagicYUV Lossless Video Codec version 1.2rev0 (HKLM-x32\...\{90410593-E0EB-4F9B-B984-65BEA8F07B91}_is1) (Version: 1.2rev0 - INNOMAGIC Bt.)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
MediaInfo 0.7.75 (HKLM\...\MediaInfo) (Version: 0.7.75 - MediaArea.net)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{8EC9E7BB-2443-49B1-8476-490EBF932C2E}) (Version: 4.25.512.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst  (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server*2014 Express LocalDB  (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2015 Tools for Unity (HKLM-x32\...\{F0DB2786-18C8-4B0D-9DC2-BA58856A2821}) (Version: 2.1.0.0 - Microsoft Corporation)
Microsoft Visual Studio Enterprise 2015 (HKLM-x32\...\{ba680ed4-870b-41c6-a7e6-6cb9676fcbfd}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Visual Studio Premium 2013 (HKLM-x32\...\{436d3435-9d44-4506-8f2a-aaea22735e3e}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Movie Studio Platinum 13.0 (64-bit) (HKLM\...\{408D4D8F-CC02-11E3-B985-F04DA23A5C58}) (Version: 13.0.932 - Sony)
MPC-HC 1.7.9 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.9 - MPC-HC Team)
MSI Afterburner 4.1.1 (HKLM-x32\...\Afterburner) (Version: 4.1.1 - MSI Co., LTD)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.5 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 355.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.14.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.14.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 355.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 355.82 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 355.60 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 355.60 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
osu! (HKLM-x32\...\{6557905d-13bf-4820-95ac-7adbc49aed59}) (Version: latest - ppy Pty Ltd)
paint.net (HKLM\...\{DF3A46D9-67B3-44B2-9D01-25C8BA772C8A}) (Version: 4.0.6 - dotPDN LLC)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7076 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RivaTuner Statistics Server 6.3.0 (HKLM-x32\...\RTSS) (Version: 6.3.0 - Unwinder)
Rocket League (HKLM-x32\...\Steam App 252950) (Version:  - Psyonix)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
SagaraS Scriptmaker v5.6 (HKLM-x32\...\SagaraS Scriptmaker_is1) (Version:  - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.5.14.5 - NVIDIA Corporation) Hidden
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
SpeedRunners (HKLM-x32\...\Steam App 207140) (Version:  - DoubleDutch Games)
Spotify (HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Spotify (HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
The Binding of Isaac: Rebirth (HKLM-x32\...\Steam App 250900) (Version:  - Nicalis, Inc.)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Vanishing of Ethan Carter (HKLM-x32\...\Steam App 258520) (Version:  - The Astronauts)
TypeScript Power Tool (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.4.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.4.0 (HKLM-x32\...\{4cde0c8c-47b3-448f-babf-fe5d392432a6}) (Version: 1.5.23128.0 - Microsoft Corporation)
Unigine Valley Benchmark version 1.0 (HKLM-x32\...\Unigine Valley Benchmark_is1) (Version: 1.0 - Unigine Corp.)
Unity (HKLM-x32\...\Unity) (Version: 5.2.0f3 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Ut Video Codec Suite (HKLM\...\utvideo_is1) (Version: 15.2.0 - UMEZAWA Takeshi)
VC_CRT_x64 (Version: 1.02.0000 - Intel Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VLC Streamer 5.09 (HKLM-x32\...\VLC Streamer_is1) (Version:  - Hobbyist Software)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
Yenka (HKLM-x32\...\Yenka) (Version: 3.1.2.0 - Crocodile Clips Ltd)
YGOPro DevPro (HKLM-x32\...\{A115F80F-2B26-464E-97A3-8B13EC533C3D}) (Version: 2.1.2 - DevPro, LLC)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1470861753-4088073532-1919527297-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)

==================== Wiederherstellungspunkte =========================

29-11-2015 13:47:04 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2015-08-28 16:04 - 00001648 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {1455A3F9-B45A-43E5-9924-460126FC748A} - System32\Tasks\CCleanerSkipUAC => G:\Programme\CCleaner\CCleaner.exe [2015-10-19] (Piriform Ltd)
Task: {7108B6C0-E722-4301-B17C-FAF57FB399B7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {AAB4A06F-03CA-412C-A3A1-3CFE8405EBA5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {AE2CA0EB-F9FF-4A48-B62C-04315D7C2E85} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-01] (Google Inc.)
Task: {E3FD10AE-3DE8-41B4-AB36-F1177AAEBEA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.)
Task: {F0017D55-77A6-4659-8131-75C7F82B66E3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-04-01] (Google Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Public\Desktop\Valley Benchmark 1.0.lnk -> G:\Programme (x86)\Valley Benchmark 1.0\valley.bat () <==== ACHTUNG

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-01 19:11 - 2015-08-25 15:24 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-09-18 08:23 - 2014-09-18 08:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 08:23 - 2014-09-18 08:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-03-12 19:23 - 2015-03-12 19:23 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2015-05-05 19:27 - 2013-10-29 13:49 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2015-05-05 19:27 - 2013-06-26 16:01 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2015-04-01 19:03 - 2013-09-16 11:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-01 19:13 - 2015-08-27 01:37 - 00011896 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-04-01 21:32 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-04-01 21:32 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-04-01 21:32 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll
2015-04-01 21:32 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-04-01 21:32 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-04-01 21:32 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-04-01 21:32 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-04-01 21:32 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-04-01 21:32 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-04-01 21:32 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-04-01 21:32 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-22 19:12 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-02-13 03:20 - 2015-02-13 03:20 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-04-01 21:32 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-05-05 19:27 - 2013-01-15 16:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2015-05-05 19:27 - 2013-06-26 16:01 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-11-01 12:43 - 2015-11-01 12:43 - 00139336 ____H () G:\Programme (x86)\osu!\libEGL.dll
2015-11-01 12:43 - 2015-11-01 12:43 - 03130440 ____H () G:\Programme (x86)\osu!\libGLESv2.dll
2013-09-04 23:14 - 2013-09-04 23:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2015-11-11 22:48 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll
2015-11-11 22:48 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Maximilian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Maximilian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\StartupApproved\Run: => "Hobbyist Software VLC Streamer"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dxtory Update Checker 2.0"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Hobbyist Software VLC Streamer"
HKU\S-1-5-21-1470861753-4088073532-1919527297-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Spotify"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{FAA470EA-3BE2-4F07-A17D-3F665E26FFC8}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{E299DC64-D781-44D1-BB70-6FE4B7260251}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{96249B2B-0EAF-4473-838A-1D951C5B1F83}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F639BB73-2625-4FE9-A4A8-F2E4D7B92ADA}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{F1684802-D069-4225-8656-087BF43EE882}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{337396AE-19FF-4727-9884-B61EC762E0B4}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{0B66A19C-7F4B-45EE-8288-8E41BC5B2502}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ED087CE6-29D3-4CF6-9808-35BCBFA9C4D7}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{0FC364D8-B57D-41DC-B7C1-BD55BEF5E7AC}C:\users\maximilian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maximilian\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{AEBEF939-E8A3-4C01-8D12-A2CB6177284E}C:\users\maximilian\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\maximilian\appdata\roaming\spotify\spotify.exe
FirewallRules: [{25E032F0-C02A-45B5-B745-B6C006FB5419}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{67CBCC53-040D-4C11-8FF2-848C20553EED}] => (Allow) C:\Program Files\Logitech Gaming Software\LCore.exe
FirewallRules: [{F53C0514-469F-4308-A8A9-F66BFA52E162}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{0AD82268-0F7B-4D7D-A3CD-1DFFC02C0177}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{176E3366-BB43-4064-8702-B8B0F7AB98FC}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{DF3BB5A9-4E38-4433-B17E-DEE1B352E548}] => (Allow) LPort=12292
FirewallRules: [TCP Query User{FA34E045-7CF1-4CEE-95D7-6610BA7C6142}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{DBB908DC-692D-45AC-961B-72AA577C52C7}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{6132461F-1C7D-477B-A0B6-968BCC31CCBC}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [UDP Query User{A78F258C-AD39-4AF6-B64A-62495E8F5276}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe
FirewallRules: [TCP Query User{12B73598-FD70-4A4C-BA91-E3BE2CE66CC3}C:\program files\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\java.exe
FirewallRules: [UDP Query User{0713D004-E67A-43A6-8E74-1BBF3CC236D3}C:\program files\java\jre1.8.0_40\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\java.exe
FirewallRules: [{A98780A1-1C5D-47FC-8046-8F840609BF91}] => (Allow) E:\Steam Games\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{6A4DFB72-2377-47BE-B535-8DD37CCFF746}] => (Allow) E:\Steam Games\steamapps\common\Unturned\Unturned.exe
FirewallRules: [{AC0E315D-4076-4BF1-8AEC-6777CD8BE151}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{BC89DB79-CABF-472B-A906-5811DD06FEC4}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\AdVenture Capitalist\adventure-capitalist.exe
FirewallRules: [{B4BBD43A-EF65-4B31-9D96-CCFAC97ADA36}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5EB3807C-23C8-46D9-ACC4-F4777F5818CF}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [TCP Query User{0FC28014-E294-4F6F-9378-CC0AC82864AB}C:\users\maximilian\appdata\local\temp\i1432635898\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\maximilian\appdata\local\temp\i1432635898\windows\resource\jre\bin\javaw.exe
FirewallRules: [UDP Query User{81ABD958-82E7-484A-A78D-24602CF24AF8}C:\users\maximilian\appdata\local\temp\i1432635898\windows\resource\jre\bin\javaw.exe] => (Allow) C:\users\maximilian\appdata\local\temp\i1432635898\windows\resource\jre\bin\javaw.exe
FirewallRules: [TCP Query User{B628032B-9749-4826-95E6-3469A5B9141C}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [UDP Query User{DFAE1966-D43A-4192-9B12-EFCBC165CD52}C:\program files\java\jre1.8.0_40\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_40\bin\javaw.exe
FirewallRules: [{5A0D45DE-AE37-4273-8167-47E6313B46AA}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{DB792503-ECBF-46CD-9BA0-450EA677652C}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\F.E.A.R. 3\F.E.A.R. 3.exe
FirewallRules: [{137AAB58-3531-460C-BFFD-A7D0A487A23B}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{67E83FAC-C385-47BA-BD01-B9802FD751C7}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
FirewallRules: [{9CF0703E-D857-4201-A819-80A3CB37EE46}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [{ACB34A61-1988-4EE3-B2F8-518D0D95D4E7}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\The Vanishing of Ethan Carter\Binaries\Launcher.exe
FirewallRules: [TCP Query User{56B9C4DD-7B63-4024-85E4-C47D0475AA5C}G:\programme (x86)\steam games\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) G:\programme (x86)\steam games\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [UDP Query User{B9F784AC-D49F-4ADC-81FB-DF08B56C0442}G:\programme (x86)\steam games\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe] => (Allow) G:\programme (x86)\steam games\steamapps\common\the vanishing of ethan carter\binaries\win64\astronautsgame-win64-shipping.exe
FirewallRules: [{1CA3C01B-1ED6-4E51-BEC9-5B730484D344}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{399B118D-9EE1-4363-BA87-3E97E89350BB}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{35DF6F6F-D87F-42F7-832E-6529C76871CA}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{C9490CB0-30D4-4C3D-B10D-B64A16E4124A}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\Terraria\Terraria.exe
FirewallRules: [TCP Query User{5BB455E0-2FD7-42D7-B3F7-A2914D4102AA}F:\eigene dateien\eigene downloads\terraria-server-1303\terrariaserver.exe] => (Allow) F:\eigene dateien\eigene downloads\terraria-server-1303\terrariaserver.exe
FirewallRules: [UDP Query User{FB33B591-6EC4-4178-82EE-D7FADC63912C}F:\eigene dateien\eigene downloads\terraria-server-1303\terrariaserver.exe] => (Allow) F:\eigene dateien\eigene downloads\terraria-server-1303\terrariaserver.exe
FirewallRules: [TCP Query User{C796410B-0106-4F8C-970B-86D25CFC1107}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6D08475E-734F-4FA5-9C79-2B2B528136D4}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3474D5CD-F229-4AEE-8760-44E4AE877286}] => (Allow) C:\Users\Maximilian\AppData\Roaming\RIOTGames\rgDownload\rgDownload.exe
FirewallRules: [{9735B799-2902-4871-9937-A33AD7046DC0}] => (Allow) C:\Users\Maximilian\AppData\Roaming\RIOTGames\rgDownload\rgDownload.exe
FirewallRules: [{4594AFD3-22F6-48F3-A8C6-F2FB4755AFD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{EC4BB3E7-92AD-4E3D-88A9-CE6D55721287}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DC623ED4-ABF1-4A6E-B590-C71EAC3C3F82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{5476CB22-6D8A-4059-8738-C785B94F6643}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{FD4AA28B-A8D4-496D-9308-784A38ACF33C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{474E09EB-445D-4A8B-9F94-2870203F8B1B}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{FDBD79DC-87AC-4D9B-8B24-F3F42BD439AB}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{18A562A2-54F4-4C8F-8441-650F5B348F40}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{322E191F-D3FC-4100-B3F5-50307298E738}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{F6B9580E-A732-49CF-95AB-13A1B511463E}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{9465776B-E6C0-4EC5-8323-F0A73AE38A7C}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{ABEA4D96-750B-48FA-9DED-7179DB18A83E}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{851BFA97-61F4-48A8-8857-2A13BF0FA312}] => (Allow) G:\Programme (x86)\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{08ABC74B-4E9A-4608-A80A-45B89BC794FA}] => (Allow) G:\Programme (x86)\Battle.net\Battle.net\Battle.net.exe
FirewallRules: [{F4EAB62D-26A1-4DA6-A936-738830E7EA2E}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\VLC Streamer Configuration.exe
FirewallRules: [{B3B0D177-EF4F-4DBB-9A87-16D6FFAAF2BF}] => (Allow) C:\Program Files (x86)\Hobbyist Software\VLC Streamer\mDNSResponder.exe
FirewallRules: [{6C7A3301-7EFE-4A81-A711-55BBE443A6DD}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{1F538851-8507-4CCB-925D-8D7D2D75E44D}G:\programme (x86)\diablo 3\diablo iii\diablo iii.exe] => (Allow) G:\programme (x86)\diablo 3\diablo iii\diablo iii.exe
FirewallRules: [UDP Query User{388DA063-9AEC-4761-AC03-ED7EF7D6F1EE}G:\programme (x86)\diablo 3\diablo iii\diablo iii.exe] => (Allow) G:\programme (x86)\diablo 3\diablo iii\diablo iii.exe
FirewallRules: [{05CB89EA-11A0-498B-8C9A-2DD2F41C7049}] => (Allow) E:\Steam Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{4D5061E7-C6E1-4A14-BC67-9AE24E7D7F39}] => (Allow) E:\Steam Games\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [TCP Query User{AB0A6A77-C100-474E-9452-E65B9CD2B594}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{89B05AEF-CB39-44D0-B77D-F0E5668ABBD4}C:\program files (x86)\videolan\vlc\vlc.exe] => (Allow) C:\program files (x86)\videolan\vlc\vlc.exe
FirewallRules: [{0424C837-71E2-47D8-A0AD-B651129B8900}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio Tools for Unity\2015\UnityVS.OpenFile.exe
FirewallRules: [{D533C527-889E-4603-8028-CFFF359672EA}] => (Allow) G:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [TCP Query User{29125757-83B9-4769-A0D2-E7C1D09CE8BD}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [UDP Query User{75E31235-D7DD-4D9D-9E10-F9E6984D1045}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe
FirewallRules: [{1407BCCB-05A8-41FF-9850-2D0BCC153B34}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{A97F499C-BEEC-4DF0-A58A-39D8C7012255}] => (Allow) G:\Programme (x86)\Steam Games\steamapps\common\SpeedRunners\SpeedRunners.exe
FirewallRules: [{CD481B5B-F740-4305-A6DC-AED826901550}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F83780F6-D521-4CA8-BFF5-4CDE842606FF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{23B8587C-B25F-4228-BE87-9FAAC778F833}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3E2E0FF0-780A-4D1A-83FD-C92B08796992}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C88D272C-D403-4D9F-855D-8287F8047CCC}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{895AA8B7-0854-4EE0-A26D-9ED390E2ECFA}] => (Allow) E:\Steam Games\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{70F719E8-8BCB-4677-BBCB-759B5799063D}] => (Allow) E:\Steam Games\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{81D25B42-72FD-4C68-8759-D66186753B21}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B6C1B6E9-BE1B-4063-AFBB-04E0F17553F2}] => (Allow) E:\Steam Games\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{664E5D6D-F223-49F2-894E-9CDFCC3CDAB1}] => (Allow) E:\Steam Games\steamapps\common\Magicka 2\engine\Magicka2.exe
FirewallRules: [{2A9C7E0C-6617-49A4-87F0-DC33D413F72E}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe
FirewallRules: [{9D6B50E4-D51E-49BF-873A-7AF39702960F}] => (Allow) E:\Steam Games\steamapps\common\rocketleague\Binaries\Win32\RocketLeague.exe

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (11/30/2015 03:17:29 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (11/29/2015 01:47:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/29/2015 01:47:03 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (11/28/2015 07:28:46 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
   bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/23/2015 09:55:32 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
   bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/23/2015 04:40:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (11/23/2015 04:40:13 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (11/22/2015 11:55:00 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "Wiederherstellung" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (11/21/2015 06:12:31 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Anwendung: IAStorIcon.exe
Frameworkversion: v4.0.30319
Beschreibung: Der Prozess wurde aufgrund einer unbehandelten Ausnahme beendet.
Ausnahmeinformationen: System.ObjectDisposedException
Stapel:

Server stack trace: 
   bei System.ServiceModel.Channels.CommunicationObject.ThrowIfDisposedOrNotOpen()
   bei System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   bei System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   bei System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
   bei System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
   bei System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
   bei IAStorDataMgrSvcInterfaces.IPublisher.GetServerBit()
   bei IAStorIcon.StorageIcon.<trySubscription>b__0(System.Object)
   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
   bei System.Threading.ThreadPoolWorkQueue.Dispatch()
   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (11/19/2015 06:06:10 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm DevPro.exe, Version 1.9.3.3 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3b10

Startzeit: 01d122ec6502f492

Endzeit: 3

Anwendungspfad: G:\Programme (x86)\DevPro\DevPro.exe

Berichts-ID: d240b074-8edf-11e5-8270-74d43588e583

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:


Systemfehler:
=============
Error: (12/02/2015 00:26:13 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/02/2015 00:25:42 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (12/01/2015 05:19:46 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (12/01/2015 05:19:16 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/30/2015 03:18:19 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/30/2015 03:17:49 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/30/2015 03:10:39 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (11/30/2015 03:10:09 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/30/2015 02:58:17 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (11/30/2015 02:57:46 PM) (Source: DCOM) (EventID: 10010) (User: Maximilian-PC)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4770K CPU @ 3.50GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 16271.75 MB
Verfügbarer physikalischer RAM: 11584.18 MB
Summe virtueller Speicher: 18703.75 MB
Verfügbarer virtueller Speicher: 12460.1 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:118.73 GB) (Free:23.72 GB) NTFS
Drive e: (Game-SSD) (Fixed) (Total:119.24 GB) (Free:44.4 GB) NTFS
Drive f: (Dateien) (Fixed) (Total:1024 GB) (Free:818.34 GB) NTFS
Drive g: (Programme) (Fixed) (Total:838.89 GB) (Free:723.33 GB) NTFS
Drive h: (Aufnahmen) (Fixed) (Total:1863.01 GB) (Free:1849.69 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: C569555C)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: A28EF417)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 119.2 GB) (Disk ID: 0123B247)

Partition: GPT.

==================== Ende von Addition.txt ============================
         

Alt 02.12.2015, 18:57   #2
weyesters
 
"Watch4" Werbepopups - Standard

"Watch4" Werbepopups



ADW Log:
Code:
ATTFilter
# AdwCleaner v5.023 - Bericht erstellt am 02/12/2015 um 17:44:43
# Aktualisiert am 30/11/2015 von Xplode
# Datenbank : 2015-11-30.1 [Server]
# Betriebssystem : Windows 8.1 Pro  (x64)
# Benutzername : Maximilian - MAXIMILIAN-PC
# Gestartet von : F:\Eigene Dateien\Eigene Downloads\adwcleaner_5.023.exe
# Option : Suchlauf
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****

Datei Gefunden : C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage
Datei Gefunden : C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal

***** [ DLL ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****


***** [ Internetbrowser ] *****


########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [916 Bytes] ##########
         
MBAM Log:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.12.2015
Suchlaufzeit: 17:18
Protokolldatei: MBAM.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.02.04
Rootkit-Datenbank: v2015.11.26.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Maximilian

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 431648
Abgelaufene Zeit: 9 Min., 50 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
Achso, hier noch mein JRT Log, hatte ich vorhin vergessen zu machen:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 8.1 Pro x64 
Ran by Maximilian (Administrator) on 02.12.2015 at 18:54:18,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2 

Successfully deleted: C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage-journal (File) 
Successfully deleted: C:\Users\Maximilian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_st.chatango.com_0.localstorage (File) 



Registry: 1 

Successfully deleted: HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b924f0b4-0b3c-49c0-bab2-213fb9ebd1d3} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.12.2015 at 18:55:21,69
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Ich hab irgendwie Skype Werbung im Verdacht, die sich selbständig macht. Denn jeder Betroffene hat Skype laufen (nach meiner Erkenntnis) und ich glaube das Problem gab es schonmal. Trotzdem wäre ich für weitere Anweisungen/Sicherheitschecks/Logchecks meiner bisher geposteten Logs dankbar.

Schönen Abend auf jeden Fall und danke!
__________________


Alt 04.12.2015, 00:08   #3
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
"Watch4" Werbepopups - Standard

"Watch4" Werbepopups





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.


Los geht's:

Schritt 1

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
__________________

Alt 04.12.2015, 15:45   #4
weyesters
 
"Watch4" Werbepopups - Standard

"Watch4" Werbepopups



Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=56ed7e1215199440acdd7a52080dbbae
# end=init
# utc_time=2015-12-04 11:16:57
# local_time=2015-12-04 12:16:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 27041
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=56ed7e1215199440acdd7a52080dbbae
# end=updated
# utc_time=2015-12-04 11:18:34
# local_time=2015-12-04 12:18:34 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=56ed7e1215199440acdd7a52080dbbae
# engine=27041
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-04 02:43:16
# local_time=2015-12-04 03:43:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8481331 22916463 0 0
# scanned=972220
# found=4
# cleaned=0
# scan_time=12282
sh=EC0F32716E0FA3D306D0A84719ED38EB620BCEBE ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.RPX.K Trojaner" ac=I fn="F:\Eigene Dateien\Eigene Dokumente\Visual Studio 2013\Projects\Zorania 2 Launcher\Zorania 2 Launcher\Rpx 1.3.zip"
sh=FE1D161B379CDAC1B35829026DA051688D74A18E ft=0 fh=0000000000000000 vn="Variante von MSIL/Packed.Confuser.J verdächtige Datei" ac=I fn="F:\Eigene Dateien\Eigene Dokumente\Visual Studio 2013\Projects\Zorania 2 Launcher\Zorania 2 Launcher\bin\Test\Confused\Zorania 2 Launcher.zip"
sh=1E4D271D9D447A8D5C4A9F64BADF5FEF11C57877 ft=1 fh=6c30bf35379f6f47 vn="Variante von MSIL/Packed.Confuser.J verdächtige Datei" ac=I fn="F:\Eigene Dateien\Eigene Dokumente\Visual Studio 2013\Projects\Zorania 2 Launcher\Zorania 2 Launcher\bin\Test\Confused\Zorania2_BasicSecure.exe"
sh=B588F35B84E1C6650E396E254793437076DEC421 ft=1 fh=ce1f385e49ded974 vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung" ac=I fn="F:\Eigene Dateien\Eigene Downloads\FileZilla_3.10.3_win64-setup.exe"
         
Die 3 Confuser Funde sind von mir mit RPX verschlüsselte Tools und das andere ist wohl irgendne AdWare im FileZilla Installer...

Alt 04.12.2015, 23:15   #5
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
"Watch4" Werbepopups - Standard

"Watch4" Werbepopups



Richtig, hängt offensichtlich mit Skype zusammen. Malware ist das keine. Echte Malware benutzt unbemerkt Deinen PC oder Dein Netzwerk für kriminelle Handlungen oder übernimmt für dich die Kontoführung.

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu "Watch4" Werbepopups
.dll, adobe, adware, antivir, antivirus, avira, bonjour, cpu, defender, desktop, dnsapi.dll, explorer, flash player, google, internet, mozilla, popups, prozesse, realtek, registry, rundll, software, super, svchost.exe, system, ublock, ublock origin, udp, visual c++ 2015, windows



Ähnliche Themen: "Watch4" Werbepopups


  1. WIN 7: Werbepopups in Internetbrowsern, Umleitung auf bzw. Aufploppen von anderen Seiten "ADS by Info/realdeal"
    Log-Analyse und Auswertung - 01.05.2015 (17)
  2. Diverse Malware ("CoolSaleCoupon", "ddownlloaditkeep", "omiga-plus", "SaveSense", "SaleItCoupon"); lahmer PC & viel Werbung!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2015 (16)
  3. "monstermarketplace.com" Infektion und ihre Folgen; "Anti-Virus-Blocker"," unsichtbare Toolbars" + "Browser-Hijacker" von selbst installiert
    Log-Analyse und Auswertung - 16.11.2013 (21)
  4. "Antiviren Werbung" "Langsamer PC" "PC stürzt ab" Banner und Popups beim surfen
    Plagegeister aller Art und deren Bekämpfung - 05.11.2013 (28)
  5. "Deutsche Post(eMail-Anhang)" Alle "EXE(Programme)" werden blockiert "WIN 7 Defender"
    Plagegeister aller Art und deren Bekämpfung - 27.12.2012 (3)
  6. "The document has moved. Redirecting"+"Popup unten rechts"+"Nicht alle Links anklickbar"
    Plagegeister aller Art und deren Bekämpfung - 24.10.2012 (38)
  7. AVIRA meldet "W32/Patched.ZA", "TR/ATRAPS.Gen2", "TR/ATRAPS.Gen", "ZR/sirefe.P.487"
    Log-Analyse und Auswertung - 30.07.2012 (9)
  8. Malwarereinigung: "TR/Kazy.25747.40", "Trojan.Downloader..." und "Backdoor: Win32Cycbot.B"
    Log-Analyse und Auswertung - 09.06.2011 (1)
  9. "Stutter.X,"Windows XP recovery"-Aufforderung, "Festplatte beschädigt"-Meldung, Bildschrim schwarz,
    Log-Analyse und Auswertung - 29.05.2011 (20)
  10. Öffentliches Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Netzwerk und Hardware - 02.05.2011 (14)
  11. Netzwerk: Opera sendet/empfängt Daten an/von "Dani-PC", "Anne-PC", "PAULA-HP"...
    Alles rund um Windows - 16.04.2011 (0)
  12. "0.05870814618642739.exe" ("Win32:Trojan-gen") in "C:\Users\***\AppData\Local\Temp\"
    Plagegeister aller Art und deren Bekämpfung - 02.01.2011 (25)
  13. "Adware.Virtumonde"/"Downloader.MisleadApp"/"TR/VB.agt.4"/"NewDotNet.A.1350"/"Fakerec
    Plagegeister aller Art und deren Bekämpfung - 22.08.2008 (6)
  14. "error cleaner" "privacy protector" "spyware&malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (7)
  15. "error cleaner" "privacy protector" "spyware und malware protection"
    Plagegeister aller Art und deren Bekämpfung - 28.06.2008 (2)
  16. Beheben des Problems "kein Internet"/"rsvp32_2.dll"/"Can't load library from memory"
    Plagegeister aller Art und deren Bekämpfung - 25.03.2007 (22)
  17. ">"">><meta http-equiv="Refresh" content="0;url=http://askimizsonsuza.com/code/">"">
    Plagegeister aller Art und deren Bekämpfung - 04.09.2006 (4)

Zum Thema "Watch4" Werbepopups - Hallo, das erste Mal, dass ich mich hier melde (leider). Ich bin eigentlich sonst immer safe im Internet unterwegs und hatte noch nie AdWare, jedoch hab ich heute das erste - "Watch4" Werbepopups...
Archiv
Du betrachtest: "Watch4" Werbepopups auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.