| |
| |||||||
Log-Analyse und Auswertung: Windows 10 Cmd Fenster öffnet ständig und schliesst sich wiederWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
11.05.2016, 13:33
| #1 |
| |  Windows 10 Cmd Fenster öffnet ständig und schliesst sich wieder Hallo, der Rechner meines Sohnes mit Windows 10 war mit etlichen Malware-Programmen gespickt, die die Browser geentert haben und irgendwelche Scan-Programme auf dem Rechner liefen lassen. Habe diese jetzt entfernen können, Rechner läuft normal bis auf die Tatsache, dass in Abständen von ca. 10 sekunden das cmd fenster ganz kurz öffnet und sich wieder schliesst. Wäre für Hilfe dankbar, welche Log-Dateien sollte ich posten? Ach so, alle Browser sind wieder funktionsfähig (Chrom, Firefox, IE) nur Edge scheint keine Verbindung zu bekommen. Kann keine Seiten laden. FRST Scan FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:09-05-2016
durchgeführt von Sebastian (lokal) (Administrator) auf SEBASTIAN-PC (11-05-2016 14:14:03)
Gestartet von C:\Users\Sebastian\Desktop\PROTECTION
Geladene Profile: Sebastian (lokal) (Verfügbare Profile: Sebastian (lokal))
Platform: Microsoft Windows 10 Pro Version 1511 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Amazon Inc.) C:\Program Files\Amazon\Amazon1ButtonApp\Amazon1ButtonService.Exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
() C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
() C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Ozmo Inc) C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe
(IObit) C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS32.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\RzKLService.exe
() C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
(Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\vVX1000.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Razer Inc.) C:\Program Files\Razer\Razer Cortex\RazerCortex.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(NETGEAR) C:\Program Files\NETGEAR\WNDA3100\WNDA3100.exe
(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe
(IObit) C:\Program Files\IObit\IObit Malware Fighter\IMF.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [PelAstro] => C:\ProgramData\HP Wi-Fi Mobile Mouse Config\PelAstro.exe [65536 2011-01-14] (Primax Electronics Ltd.)
HKLM\...\Run: [HPMonitor] => C:\Program Files\Hewlett-Packard\HP Wi-Fi Mobile Mouse\hpMonitor23.exe [106552 2011-11-03] (Hewlett-Packard)
HKLM\...\Run: [LifeCam] => C:\Program Files\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [VX1000] => C:\WINDOWS\vVX1000.exe [762736 2010-05-20] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [327680 2015-10-01] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [122880 2015-10-01] (Saitek)
HKLM\...\Run: [RazerCortex] => C:\Program Files\Razer\Razer Cortex\CortexLauncher.exe [222160 2016-04-29] (Razer Inc.)
HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe [748744 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [IObit Malware Fighter] => C:\Program Files\IObit\IObit Malware Fighter\IMF.exe [5890848 2016-04-21] (IObit)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3077712 2016-04-30] (Valve Corporation)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [51662464 2016-04-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\Run: [BingSvc] => C:\Users\Sebastian\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-12-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6825888 2016-04-20] (SUPERAntiSpyware)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6675672 2016-04-15] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNDA3100 Setup-Assistent.lnk [2016-05-11]
ShortcutTarget: NETGEAR WNDA3100 Setup-Assistent.lnk -> C:\Program Files\NETGEAR\WNDA3100\WNDA3100.exe (NETGEAR)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-05-11]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8,8.8.8.4
Tcpip\..\Interfaces\{aac68243-b4cc-446a-8cdb-1eb91c429ae4}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3448529311-3865688899-327216282-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-05-11] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-05-11] (Oracle Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-04-29] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\myq207lf.default
FF NewTab:
FF DefaultSearchEngine: Google
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-09] ()
FF Plugin: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-05-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-05-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\myq207lf.default\Extensions\ich@maltegoetz.de.xpi [2016-04-30]
FF Extension: Adblock Plus - C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\myq207lf.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
Chrome:
=======
CHR HomePage: ChromeDefaultData -> hxxp://www.google.de/
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.google.de/"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www-searching.com/search.aspx?s=G5Azcsdbl0BP,659b61bc-e0c5-4f92-937c-b59fed1c6324,&prd=smw&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> www-searching.com
CHR DefaultSuggestURL: ChromeDefaultData -> hxxp://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms}
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-23] (SUPERAntiSpyware.com)
R2 Amazon 1Button App Service; C:\Program Files\Amazon\Amazon1ButtonApp\Amazon1ButtonService.Exe [409376 2016-02-17] (Amazon Inc.)
R2 asComSvc; C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 AstroS; C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe [172032 2010-12-01] () [Datei ist nicht signiert]
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-04-29] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-04-29] (Microsoft Corporation)
S3 cphs; C:\WINDOWS\system32\IntelCpHeciSvc.exe [300960 2015-12-19] (Intel Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2016-03-03] (Freemake) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [318880 2015-12-19] (Intel Corporation)
R2 IMFservice; C:\Program Files\IObit\IObit Malware Fighter\IMFsrv.exe [1580320 2016-04-22] (IObit)
S3 jswpsapi; C:\Program Files\NETGEAR\WNDA3100\jswpsapi.exe [942080 2008-02-29] (Atheros Communications, Inc.) [Datei ist nicht signiert]
R2 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-04-21] (IObit)
R2 ozwpansvc; C:\Program Files\WPAN Driver\WPAN Driver\ozwpansvc.exe [79128 2011-10-06] (Ozmo Inc)
R2 Razer Game Scanner Service; C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe [187824 2016-04-19] ()
R2 RzKLService; C:\Program Files\Razer\Razer Cortex\RzKLService.exe [132864 2016-04-29] (Razer Inc.)
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)
S2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280376 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23256 2015-10-30] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 AsIO; C:\WINDOWS\System32\drivers\AsIO.sys [14720 2013-07-04] ()
R3 IMFFilter; C:\Program Files\IObit\IObit Malware Fighter\Drivers\win7_x86\IMFFilter.sys [21184 2016-03-31] (IObit)
R3 MEI; C:\WINDOWS\system32\DRIVERS\TeeDriver.sys [111904 2014-09-30] (Intel Corporation)
S3 NuidFltr; C:\WINDOWS\System32\drivers\NuidFltr.sys [25808 2014-01-07] (Microsoft Corporation)
S3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_x86.sys [16024 2016-02-02] (Secunia)
R3 RegFilter; C:\Program Files\IObit\IObit Malware Fighter\drivers\win7_x86\regfilter.sys [32288 2016-03-31] (IObit.com)
R2 rzpmgrk; C:\WINDOWS\system32\drivers\rzpmgrk.sys [27248 2016-03-10] (Razer, Inc.)
R2 rzpnk; C:\WINDOWS\system32\drivers\rzpnk.sys [70768 2016-04-17] (Razer, Inc.)
R3 SaiMini; C:\WINDOWS\System32\drivers\SaiMini.sys [22048 2015-12-08] (Saitek)
R3 SaiNtBus; C:\WINDOWS\system32\drivers\SaiBus.sys [45472 2015-12-08] (Saitek)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [16384 2015-10-30] (Microsoft Corporation)
R3 VX1000; C:\WINDOWS\system32\DRIVERS\VX1000.sys [1961072 2010-05-20] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37400 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [246104 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [98648 2015-10-30] (Microsoft Corporation)
R3 WNDA3100; C:\WINDOWS\System32\drivers\WNDA31v.sys [449536 2008-09-30] (Atheros Communications, Inc.)
R3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [163328 2015-10-30] (Microsoft Corporation)
R3 xusb22; C:\WINDOWS\System32\drivers\xusb22.sys [72704 2015-10-30] (Microsoft Corporation)
R3 _usb_0738_1705; C:\WINDOWS\System32\drivers\_usb_0738_1705.sys [40640 2015-12-08] (Saitek)
U3 idsvc; kein ImagePath
U3 wpcsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-11 14:13 - 2016-05-11 14:14 - 00000000 ____D C:\FRST
2016-05-11 14:11 - 2016-05-11 14:11 - 00000000 ____D C:\AdwCleaner
2016-05-11 14:10 - 2016-05-11 14:10 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\ProductData
2016-05-11 14:02 - 2016-05-11 14:02 - 00000000 __HDC C:\ProgramData\{05F8FDD0-F454-4041-8E75-2F257D1B7196}
2016-05-11 14:02 - 2016-05-11 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RapidRip
2016-05-11 14:02 - 2016-05-11 14:02 - 00000000 ____D C:\Program Files\RapidRip
2016-05-11 14:01 - 2016-05-11 14:01 - 05600760 _____ (AudioVideoSoft ) C:\Users\Sebastian\Downloads\setup_rr.exe
2016-05-11 14:01 - 2016-05-11 14:01 - 01528320 _____ C:\Users\Sebastian\Downloads\msxml6.msi
2016-05-11 13:58 - 2016-05-11 13:58 - 00095808 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2016-05-11 13:58 - 2016-05-11 13:58 - 00000000 ____D C:\Users\Default\AppData\Roaming\Sun
2016-05-11 13:58 - 2016-05-11 13:58 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Sun
2016-05-11 13:58 - 2016-05-11 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-05-11 13:58 - 2016-05-11 13:58 - 00000000 ____D C:\Program Files\Java
2016-05-11 13:56 - 2016-05-11 13:56 - 04002104 _____ (Secunia) C:\Users\Sebastian\Downloads\PSISetup005.exe
2016-05-11 13:56 - 2016-05-11 13:56 - 00001100 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk
2016-05-11 13:56 - 2016-05-11 13:56 - 00000000 ____D C:\Program Files\Secunia
2016-05-11 13:48 - 2016-05-11 13:48 - 00852720 _____ C:\Users\Sebastian\Downloads\SecurityCheck.exe
2016-05-11 13:47 - 2016-05-11 13:47 - 01732096 _____ (Farbar) C:\Users\Sebastian\Downloads\FRST.exe
2016-05-11 13:44 - 2016-05-11 13:44 - 03640384 _____ C:\Users\Sebastian\Downloads\adwcleaner_5.116.exe
2016-05-11 13:39 - 2016-05-11 13:39 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ESET
2016-05-11 13:38 - 2016-05-11 13:39 - 06568608 _____ (ESET spol. s r.o.) C:\Users\Sebastian\Downloads\ESETOnlineScanner_ENU.exe
2016-05-11 13:38 - 2016-05-11 13:39 - 06568608 _____ (ESET spol. s r.o.) C:\Users\Sebastian\Downloads\ESETOnlineScanner_ENU (1).exe
2016-05-11 13:05 - 2016-05-11 13:05 - 00000000 ____D C:\ProgramData\ProductData
2016-05-11 13:03 - 2016-05-11 13:03 - 01610816 _____ (Malwarebytes) C:\Users\Sebastian\Downloads\JRT.exe
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\IObit
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow\IObit
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\ProgramData\IObit
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\ProgramData\{BE2ACE5C-32B7-4777-9BDF-ECF87CDAB705}
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\Program Files\IObit
2016-05-11 12:58 - 2016-05-11 12:58 - 00000000 ____D C:\Program Files\Common Files\IObit
2016-05-11 12:57 - 2016-05-11 12:57 - 43232552 _____ (IObit ) C:\Users\Sebastian\Downloads\IObit-Malware-Fighter-Setup.exe
2016-05-11 12:48 - 2016-05-11 12:48 - 00000000 ____D C:\Users\Sebastian\AppData\Local\BlueStacks
2016-05-11 11:24 - 2016-05-11 12:43 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-05-11 11:24 - 2016-05-11 11:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2016-05-11 11:24 - 2016-05-11 11:24 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-05-11 11:24 - 2016-05-11 11:24 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware
2016-05-11 11:24 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-05-11 11:24 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-05-11 11:24 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-05-11 11:04 - 2016-05-11 14:14 - 00000000 ____D C:\Users\Sebastian\Desktop\PROTECTION
2016-05-11 10:58 - 2016-05-11 10:58 - 06882192 _____ (Piriform Ltd) C:\Users\Sebastian\Downloads\ccsetup517 (1).exe
2016-05-11 10:58 - 2016-05-11 10:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2016-05-11 10:58 - 2016-05-11 10:58 - 00000000 ____D C:\Program Files\CCleaner
2016-05-11 10:57 - 2016-05-11 10:58 - 06882192 _____ (Piriform Ltd) C:\Users\Sebastian\Downloads\ccsetup517.exe
2016-05-11 10:38 - 2016-05-11 09:06 - 00002396 _____ C:\WINDOWS\system32\Drivers\etc\hosts.20160511-103834.backup
2016-05-11 10:26 - 2016-05-06 07:20 - 00077664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-05-11 10:26 - 2016-05-06 06:23 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-05-11 10:26 - 2016-05-06 06:13 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-05-11 10:26 - 2016-05-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-05-11 10:26 - 2016-05-06 06:05 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-05-11 10:26 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-05-11 10:26 - 2016-05-06 05:49 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-05-11 10:26 - 2016-04-30 08:53 - 01152000 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-05-11 10:26 - 2016-04-30 08:46 - 02974720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-05-11 10:26 - 2016-04-23 07:28 - 01561392 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-05-11 10:26 - 2016-04-23 07:28 - 01541792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-05-11 10:26 - 2016-04-23 07:28 - 00550240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-05-11 10:26 - 2016-04-23 07:28 - 00545432 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-05-11 10:26 - 2016-04-23 07:28 - 00083808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-05-11 10:26 - 2016-04-23 07:13 - 00502104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-05-11 10:26 - 2016-04-23 07:13 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-05-11 10:26 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-05-11 10:26 - 2016-04-23 07:01 - 00522176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-05-11 10:26 - 2016-04-23 06:35 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-05-11 10:26 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-05-11 10:26 - 2016-04-23 06:30 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-05-11 10:26 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-05-11 10:26 - 2016-04-23 06:27 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-05-11 10:26 - 2016-04-23 06:26 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-05-11 10:26 - 2016-04-23 06:25 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-05-11 10:26 - 2016-04-23 06:24 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-05-11 10:26 - 2016-04-23 06:24 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-05-11 10:26 - 2016-04-23 06:24 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-05-11 10:26 - 2016-04-23 06:22 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-05-11 10:26 - 2016-04-23 06:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-05-11 10:26 - 2016-04-23 06:21 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-05-11 10:26 - 2016-04-23 06:20 - 18676224 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-05-11 10:26 - 2016-04-23 06:18 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-05-11 10:26 - 2016-04-23 06:16 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-05-11 10:26 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-05-11 10:26 - 2016-04-23 06:15 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-05-11 10:26 - 2016-04-23 06:15 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-05-11 10:26 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-05-11 10:26 - 2016-04-23 06:14 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-05-11 10:26 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-05-11 10:26 - 2016-04-23 06:14 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-05-11 10:26 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-05-11 10:26 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-05-11 10:26 - 2016-04-23 06:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-05-11 10:26 - 2016-04-23 06:09 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-05-11 10:26 - 2016-04-23 06:08 - 05324288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-05-11 10:26 - 2016-04-23 06:07 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-05-11 10:26 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-05-11 10:26 - 2016-04-23 06:03 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 01232576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 00973504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 00576192 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 00440512 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 00248512 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 00149696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-05-11 10:25 - 2016-04-23 08:06 - 00081088 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-05-11 10:25 - 2016-04-23 08:06 - 00042688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-05-11 10:25 - 2016-04-23 07:28 - 05796704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-05-11 10:25 - 2016-04-23 07:28 - 00278368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-05-11 10:25 - 2016-04-23 07:26 - 00792328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-05-11 10:25 - 2016-04-23 07:21 - 00023776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-05-11 10:25 - 2016-04-23 07:14 - 00310112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-05-11 10:25 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-05-11 10:25 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-05-11 10:25 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-05-11 10:25 - 2016-04-23 07:12 - 00104800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-05-11 10:25 - 2016-04-23 07:11 - 00259424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-05-11 10:25 - 2016-04-23 07:10 - 02919832 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-05-11 10:25 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-05-11 10:25 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-05-11 10:25 - 2016-04-23 07:09 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-05-11 10:25 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-05-11 10:25 - 2016-04-23 07:09 - 00255168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-05-11 10:25 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-05-11 10:25 - 2016-04-23 07:07 - 00192704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-05-11 10:25 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-05-11 10:25 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-05-11 10:25 - 2016-04-23 07:01 - 01714520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-05-11 10:25 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-05-11 10:25 - 2016-04-23 07:01 - 00484704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-05-11 10:25 - 2016-04-23 07:01 - 00336224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-05-11 10:25 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-05-11 10:25 - 2016-04-23 07:00 - 01396584 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-05-11 10:25 - 2016-04-23 07:00 - 01273720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-05-11 10:25 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-05-11 10:25 - 2016-04-23 07:00 - 00049504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-05-11 10:25 - 2016-04-23 06:55 - 00430432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-05-11 10:25 - 2016-04-23 06:29 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-05-11 10:25 - 2016-04-23 06:29 - 00046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-05-11 10:25 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-05-11 10:25 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-05-11 10:25 - 2016-04-23 06:28 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-05-11 10:25 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-05-11 10:25 - 2016-04-23 06:27 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-05-11 10:25 - 2016-04-23 06:27 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-05-11 10:25 - 2016-04-23 06:25 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-05-11 10:25 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-05-11 10:25 - 2016-04-23 06:23 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-05-11 10:25 - 2016-04-23 06:23 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-05-11 10:25 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-05-11 10:25 - 2016-04-23 06:23 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-05-11 10:25 - 2016-04-23 06:22 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-05-11 10:25 - 2016-04-23 06:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-05-11 10:25 - 2016-04-23 06:21 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-05-11 10:25 - 2016-04-23 06:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-05-11 10:25 - 2016-04-23 06:19 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-05-11 10:25 - 2016-04-23 06:19 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-05-11 10:25 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-05-11 10:25 - 2016-04-23 06:18 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-05-11 10:25 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-05-11 10:25 - 2016-04-23 06:17 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-05-11 10:25 - 2016-04-23 06:17 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-05-11 10:25 - 2016-04-23 06:16 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-05-11 10:25 - 2016-04-23 06:16 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-05-11 10:25 - 2016-04-23 06:16 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-05-11 10:25 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-05-11 10:25 - 2016-04-23 06:14 - 00739328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-05-11 10:25 - 2016-04-23 06:14 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-05-11 10:25 - 2016-04-23 06:14 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-05-11 10:25 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-05-11 10:25 - 2016-04-23 06:13 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-05-11 10:25 - 2016-04-23 06:13 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-05-11 10:25 - 2016-04-23 06:13 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-05-11 10:25 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-05-11 10:25 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-05-11 10:25 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-05-11 10:25 - 2016-04-23 06:12 - 00783872 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-05-11 10:25 - 2016-04-23 06:10 - 12125696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-05-11 10:25 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-05-11 10:25 - 2016-04-23 06:08 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-05-11 10:25 - 2016-04-23 06:07 - 01793024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-05-11 10:25 - 2016-04-23 06:07 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-05-11 10:25 - 2016-04-23 06:05 - 01895936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-05-11 10:25 - 2016-04-23 06:05 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-05-11 10:25 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-05-11 10:25 - 2016-04-23 06:04 - 01733632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-05-11 10:25 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-05-11 10:25 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-05-11 10:25 - 2016-04-23 06:03 - 01899520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-05-11 10:25 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-05-11 10:25 - 2016-04-23 06:03 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-05-11 10:25 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-05-11 10:25 - 2016-04-23 06:01 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-05-11 10:25 - 2016-04-23 04:10 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-05-11 10:25 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-05-11 10:18 - 2016-05-11 14:10 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-05-11 10:18 - 2016-05-11 10:19 - 00000000 ____D C:\Program Files\Spybot - Search & Destroy
2016-05-11 10:18 - 2016-05-11 10:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy
2016-05-11 10:04 - 2016-05-11 10:04 - 00000000 ____D C:\Users\Sebastian\Mozilla
2016-05-11 09:31 - 2016-05-11 09:31 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2016-05-11 09:29 - 2016-05-11 10:09 - 00000000 ____D C:\SUPERDelete
2016-05-11 09:27 - 2016-05-11 09:27 - 00000560 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 716b6db5-6b17-4d6a-a8d9-158ddb181712.job
2016-05-11 09:27 - 2016-05-11 09:27 - 00000560 _____ C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 44471c5a-fba6-49e1-94fe-e4dd74039158.job
2016-05-11 09:27 - 2016-05-11 09:27 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\SUPERAntiSpyware.com
2016-05-11 09:27 - 2016-05-11 09:27 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2016-05-11 09:27 - 2016-05-11 09:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2016-05-11 09:27 - 2016-05-11 09:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2016-05-11 09:16 - 2016-05-11 12:00 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2016-05-11 09:07 - 2016-05-11 09:06 - 00002396 _____ C:\WINDOWS\system32\Drivers\etc\hp.bak
2016-05-11 09:06 - 2016-05-11 11:35 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Apps\2.0
2016-05-11 09:05 - 2016-05-11 10:04 - 00000000 ____D C:\Program Files\Wohegh
2016-05-11 08:59 - 2016-05-11 08:59 - 00000000 ____D C:\WINDOWS\system32\ude
2016-05-11 08:54 - 2016-05-11 08:54 - 00000000 ____D C:\Program Files\GUMFAD6.tmp
2016-05-10 20:01 - 2016-05-10 20:01 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow0063F250
2016-05-10 19:20 - 2016-05-10 19:20 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow0051E940
2016-05-10 19:18 - 2016-05-11 10:41 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-05-10 19:18 - 2016-05-11 10:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-05-10 19:17 - 2016-05-11 14:08 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Kirnutl
2016-05-10 19:17 - 2016-05-10 19:17 - 00187904 _____ C:\WINDOWS\rsrcs.dll
2016-05-10 19:17 - 2016-05-10 19:17 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Brotsoft
2016-05-10 19:17 - 2016-05-10 19:17 - 00000000 ____D C:\Users\Sebastian\AppData\LocalLow0059EE58
2016-05-10 19:17 - 2016-05-10 19:17 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Tempfolder
2016-05-10 19:17 - 2016-05-10 19:17 - 00000000 ____D C:\Users\Public\Documents\dmp
2016-05-10 19:17 - 2016-05-10 19:17 - 00000000 ____D C:\uninst
2016-05-10 17:28 - 2016-05-10 17:28 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\ATI
2016-05-10 17:28 - 2016-05-10 17:28 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ATI
2016-05-10 17:28 - 2016-05-10 17:28 - 00000000 ____D C:\ProgramData\ATI
2016-05-10 17:19 - 2016-05-10 17:20 - 25853791 _____ C:\Users\Sebastian\Downloads\treiber-Sapphiretech_12-8_vista_win7_win8_32-64_xcode_634807352890575948.zip
2016-05-10 17:19 - 2016-05-10 17:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2016-05-10 17:19 - 2016-05-10 17:19 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2016-05-10 17:19 - 2016-05-10 17:19 - 00000000 ____D C:\Program Files\ATI Technologies
2016-05-10 17:19 - 2016-05-10 17:19 - 00000000 ____D C:\Program Files\AMD
2016-05-10 17:19 - 2016-05-10 17:19 - 00000000 ____D C:\AMD
2016-05-10 17:19 - 2016-05-10 17:19 - 00000000 _____ C:\WINDOWS\ativpsrm.bin
2016-05-10 17:05 - 2016-05-10 17:09 - 00000000 ____D C:\Users\Sebastian\Heaven
2016-05-10 17:04 - 2016-05-10 17:20 - 01065984 _____ C:\Users\Sebastian\AppData\Local\file__0.localstorage
2016-05-10 17:02 - 2016-05-10 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Unigine
2016-05-10 17:02 - 2016-05-10 17:02 - 00000000 ____D C:\Program Files\Unigine
2016-05-10 16:59 - 2016-05-10 17:02 - 258726655 _____ (Unigine Corp. ) C:\Users\Sebastian\Downloads\Unigine_Heaven-4.0.exe
2016-05-10 14:08 - 2016-05-10 14:08 - 00567296 ____H C:\WINDOWS\system32\BITA340.tmp
2016-05-10 14:08 - 2016-05-10 14:08 - 00567296 ____H C:\WINDOWS\system32\BIT847B.tmp
2016-05-09 17:14 - 2016-05-09 17:14 - 00000000 ____D C:\Users\Sebastian\Documents\SART
2016-05-08 16:38 - 2016-05-08 16:38 - 00564736 ____H C:\WINDOWS\system32\BITA5B2.tmp
2016-05-08 16:38 - 2016-05-08 16:38 - 00564736 ____H C:\WINDOWS\system32\BIT8680.tmp
2016-05-07 11:40 - 2016-05-07 11:46 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Sony
2016-05-07 11:40 - 2016-05-07 11:46 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Sony
2016-05-07 11:40 - 2016-05-07 11:40 - 00000000 ____D C:\ProgramData\Sony
2016-05-07 11:40 - 2016-05-07 11:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2016-05-07 11:40 - 2016-05-07 11:40 - 00000000 ____D C:\Program Files\Sony
2016-05-07 11:37 - 2016-05-07 16:03 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-05-07 08:37 - 2016-05-07 16:51 - 00000000 ____D C:\Users\Sebastian\Documents\MAGIX_MusicEditor
2016-05-07 08:37 - 2016-05-07 08:37 - 00000000 ____D C:\Users\Sebastian\Documents\Video deluxe 2013 Premium
2016-05-07 08:37 - 2016-05-07 08:37 - 00000000 ____D C:\Users\Sebastian\Documents\MAGIX
2016-05-07 08:37 - 2016-05-07 08:37 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Xara
2016-05-07 08:36 - 2016-05-07 08:36 - 00000000 ____D C:\Users\Public\Documents\MAGIX
2016-05-07 08:36 - 2016-05-07 08:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
2016-05-07 08:36 - 2016-05-07 08:36 - 00000000 ____D C:\Program Files\Common Files\MAGIX Shared
2016-05-07 08:35 - 2016-05-11 09:07 - 00000000 ____D C:\ProgramData\MAGIX
2016-05-07 08:35 - 2016-05-11 09:07 - 00000000 ____D C:\Program Files\MAGIX
2016-05-07 08:35 - 2016-05-11 09:06 - 00000000 ____D C:\Program Files\Common Files\MAGIX Services
2016-05-07 08:35 - 2016-05-07 08:35 - 00000000 ____D C:\Program Files\MSXML 4.0
2016-05-07 08:31 - 2016-05-07 16:51 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\MAGIX
2016-05-07 08:31 - 2016-05-07 08:31 - 00000000 ____D C:\Users\Sebastian\Documents\MAGIX Downloads
2016-05-06 07:48 - 2016-05-06 07:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cinema 4D R12
2016-05-06 07:46 - 2016-05-06 07:48 - 00000000 ____D C:\Program Files\Cinema 4D R12
2016-05-05 19:58 - 2016-05-05 19:58 - 00019208 _____ C:\Users\Sebastian\AppData\Local\recently-used.xbel
2016-05-05 17:01 - 2016-05-05 17:01 - 00000000 ____D C:\Users\Sebastian\AppData\Local\LucasArts
2016-05-03 16:06 - 2016-05-11 12:35 - 00000000 ____D C:\ProgramData\BlueStacksSetup
2016-04-30 09:07 - 2016-04-30 09:07 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Razer
2016-04-30 09:06 - 2016-04-30 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2016-04-30 09:06 - 2016-04-17 17:21 - 00070768 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpnk.sys
2016-04-30 09:06 - 2016-03-10 20:17 - 00027248 _____ (Razer, Inc.) C:\WINDOWS\system32\Drivers\rzpmgrk.sys
2016-04-30 09:05 - 2016-04-30 09:06 - 00000000 ____D C:\ProgramData\Razer
2016-04-30 09:05 - 2016-04-30 09:06 - 00000000 ____D C:\Program Files\Razer
2016-04-26 18:50 - 2016-04-26 18:51 - 00019982 _____ C:\Users\Sebastian\AppData\Local\0000-0797.avi
2016-04-24 12:19 - 2016-05-11 12:08 - 00001183 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prism Videodatei-Konverter.lnk
2016-04-12 19:44 - 2016-04-02 06:17 - 00297072 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-04-12 19:44 - 2016-04-02 06:14 - 00757192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-04-12 19:44 - 2016-04-02 06:14 - 00613112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-04-12 19:44 - 2016-04-02 06:14 - 00305296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-04-12 19:44 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-04-12 19:44 - 2016-04-02 05:20 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-04-12 19:44 - 2016-04-02 05:14 - 03197440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-04-12 19:44 - 2016-04-02 05:10 - 02871296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-04-12 19:44 - 2016-03-29 11:41 - 00875992 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-04-12 19:44 - 2016-03-29 11:41 - 00771120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-04-12 19:44 - 2016-03-29 11:41 - 00228696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-04-12 19:44 - 2016-03-29 11:38 - 01051584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-04-12 19:44 - 2016-03-29 11:38 - 00927072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-04-12 19:44 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 19:44 - 2016-03-29 11:36 - 01820512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-04-12 19:44 - 2016-03-29 11:33 - 00084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-04-12 19:44 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-04-12 19:44 - 2016-03-29 11:21 - 00922456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-04-12 19:44 - 2016-03-29 11:20 - 00856928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-04-12 19:44 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-04-12 19:44 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-04-12 19:44 - 2016-03-29 10:41 - 00203104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-04-12 19:44 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-04-12 19:44 - 2016-03-29 10:34 - 00153952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-04-12 19:44 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-04-12 19:44 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-04-12 19:44 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-04-12 19:44 - 2016-03-29 10:24 - 00063008 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-04-12 19:44 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-04-12 19:44 - 2016-03-29 10:01 - 00541304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-04-12 19:44 - 2016-03-29 09:46 - 01861984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-04-12 19:44 - 2016-03-29 09:46 - 00771424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-04-12 19:44 - 2016-03-29 09:42 - 00287072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-04-12 19:44 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\msorcl32.dll
2016-04-12 19:44 - 2016-03-29 09:28 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-04-12 19:44 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-04-12 19:44 - 2016-03-29 09:20 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-04-12 19:44 - 2016-03-29 09:20 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-04-12 19:44 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-04-12 19:44 - 2016-03-29 09:19 - 00037376 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-04-12 19:44 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-04-12 19:44 - 2016-03-29 09:16 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-04-12 19:44 - 2016-03-29 09:14 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-04-12 19:44 - 2016-03-29 09:13 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-04-12 19:44 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-04-12 19:44 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-04-12 19:44 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-04-12 19:44 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-04-12 19:44 - 2016-03-29 09:09 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-04-12 19:44 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-04-12 19:44 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-04-12 19:44 - 2016-03-29 09:08 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-04-12 19:44 - 2016-03-29 09:06 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-04-12 19:44 - 2016-03-29 09:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-04-12 19:44 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-04-12 19:44 - 2016-03-29 09:05 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-04-12 19:44 - 2016-03-29 09:05 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-04-12 19:44 - 2016-03-29 09:05 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-04-12 19:44 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-04-12 19:44 - 2016-03-29 09:05 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-04-12 19:44 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-04-12 19:44 - 2016-03-29 09:02 - 00303104 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-04-12 19:44 - 2016-03-29 09:02 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-04-12 19:44 - 2016-03-29 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-04-12 19:44 - 2016-03-29 08:56 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-04-12 19:44 - 2016-03-29 08:53 - 00424448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-04-12 19:44 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-04-12 19:44 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-04-12 19:44 - 2016-03-29 08:53 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-04-12 19:44 - 2016-03-29 08:52 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-04-12 19:44 - 2016-03-29 08:52 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-04-12 19:44 - 2016-03-29 08:52 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-04-12 19:44 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-04-12 19:44 - 2016-03-29 08:49 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-04-12 19:44 - 2016-03-29 08:47 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-04-12 19:44 - 2016-03-29 08:46 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-04-12 19:44 - 2016-03-29 08:44 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-04-12 19:44 - 2016-03-29 08:44 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-04-12 19:44 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-04-12 19:44 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-04-12 19:44 - 2016-03-29 08:41 - 00538624 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-04-12 19:44 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-04-12 19:44 - 2016-03-29 08:40 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-04-12 19:44 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-04-12 19:44 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-04-12 19:44 - 2016-03-29 08:37 - 01444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-04-12 19:44 - 2016-03-29 08:37 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-04-12 19:44 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-04-12 19:44 - 2016-03-29 08:36 - 00453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-04-12 19:44 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-04-12 19:44 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-04-12 19:44 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-04-12 19:44 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-04-12 19:44 - 2016-03-29 08:32 - 00601600 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-04-12 19:44 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-04-12 19:44 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-04-12 19:44 - 2016-03-29 08:29 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-04-12 19:44 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-04-12 19:44 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-04-12 19:44 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-04-12 19:44 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-04-12 19:44 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-04-12 19:44 - 2016-03-29 08:26 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-04-12 19:44 - 2016-03-29 08:26 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-04-12 19:44 - 2016-03-29 08:25 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-04-12 19:44 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-04-12 19:44 - 2016-03-29 08:18 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-04-12 19:44 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-04-12 19:44 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-04-12 19:44 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-04-12 19:44 - 2016-03-29 08:07 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-04-12 19:44 - 2016-03-29 08:06 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-04-12 19:44 - 2016-03-29 08:06 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-04-12 19:44 - 2016-03-29 08:06 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-04-12 19:44 - 2016-03-29 08:06 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-04-12 19:44 - 2016-03-29 08:05 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-04-12 19:44 - 2016-03-29 08:04 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-04-12 19:44 - 2016-03-29 08:02 - 02229760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-04-12 19:44 - 2016-03-29 07:58 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-04-12 19:44 - 2016-03-29 07:55 - 00614912 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-04-12 19:44 - 2016-03-29 07:49 - 01085952 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-04-12 19:44 - 2016-03-29 07:46 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-04-12 19:44 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-04-12 19:44 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-04-12 19:44 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-04-12 19:44 - 2016-03-29 07:36 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-04-12 19:44 - 2016-03-29 07:32 - 00742400 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-04-12 19:44 - 2016-03-29 07:30 - 00782336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-04-12 19:44 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-04-12 19:44 - 2016-03-29 07:25 - 00554496 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-04-12 19:44 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-04-12 19:44 - 2016-03-29 07:24 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-04-12 19:44 - 2016-03-29 07:21 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-04-12 19:43 - 2016-03-29 09:11 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-04-12 19:43 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\system32\MTF.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-05-11 14:12 - 2016-04-06 14:49 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-05-11 14:12 - 2016-03-26 10:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2016-05-11 14:12 - 2015-12-12 08:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-05-11 14:12 - 2015-10-30 07:13 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-05-11 14:11 - 2016-01-03 14:59 - 00000000 ____D C:\Program Files\Lavasoft
2016-05-11 14:11 - 2015-10-30 07:47 - 00000000 ____D C:\WINDOWS\INF
2016-05-11 14:05 - 2016-01-31 15:42 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-05-11 14:05 - 2015-12-12 08:54 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Packages
2016-05-11 14:05 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-05-11 14:04 - 2015-10-30 07:48 - 00000000 ___HD C:\Program Files\WindowsApps
2016-05-11 14:02 - 2016-04-06 14:49 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-05-11 14:00 - 2016-01-04 17:25 - 00000000 ____D C:\Program Files\QuickTime
2016-05-11 13:57 - 2016-04-06 14:48 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Google
2016-05-11 13:03 - 2016-01-03 14:59 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Lavasoft
2016-05-11 13:03 - 2016-01-03 14:59 - 00000000 ____D C:\ProgramData\Lavasoft
2016-05-11 12:48 - 2015-10-30 07:48 - 00000000 __RHD C:\Users\Public\Libraries
2016-05-11 12:34 - 2015-12-12 08:53 - 01799166 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-05-11 12:34 - 2015-10-30 17:07 - 00775524 _____ C:\WINDOWS\system32\perfh007.dat
2016-05-11 12:34 - 2015-10-30 17:07 - 00155338 _____ C:\WINDOWS\system32\perfc007.dat
2016-05-11 12:08 - 2016-04-09 11:45 - 00000279 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Papierkorb.lnk
2016-05-11 12:08 - 2016-04-06 14:49 - 00002210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-05-11 12:08 - 2016-04-02 12:08 - 00001211 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoPad Video-Editor.lnk
2016-05-11 12:08 - 2016-03-13 15:57 - 00002300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
2016-05-11 12:08 - 2016-03-13 15:57 - 00001393 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2016-05-11 12:08 - 2016-03-13 15:57 - 00001304 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
2016-05-11 12:08 - 2016-03-04 13:16 - 00001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-05-11 12:08 - 2016-01-17 10:03 - 00001120 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2016-05-11 12:08 - 2016-01-04 17:49 - 00001186 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-05-11 12:08 - 2016-01-04 17:49 - 00001174 _____ C:\Users\Sebastian\Desktop\Mozilla Firefox.lnk
2016-05-11 12:08 - 2016-01-04 17:25 - 00002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-05-11 12:08 - 2015-12-12 20:29 - 00002624 _____ C:\Users\Public\Desktop\Skype.lnk
2016-05-11 12:08 - 2015-12-12 08:56 - 00002437 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-05-11 12:08 - 2015-12-12 08:55 - 00001047 _____ C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2016-05-11 12:08 - 2015-12-12 08:48 - 00001544 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2016-05-11 11:48 - 2015-12-12 08:48 - 00000000 ____D C:\Users\Sebastian
2016-05-11 11:48 - 2015-12-11 19:57 - 00000000 ____D C:\WINDOWS\Downloaded Installations
2016-05-11 11:03 - 2015-12-12 09:23 - 00000000 ____D C:\Program Files\Steam
2016-05-11 11:00 - 2015-12-11 22:24 - 00000000 ____D C:\ProgramData\Avg
2016-05-11 11:00 - 2015-12-11 22:23 - 00000000 ____D C:\Users\Sebastian\AppData\Local\AvgSetupLog
2016-05-11 10:58 - 2016-01-21 15:14 - 00000000 ____D C:\Users\Sebastian\AppData\Local\CrashDumps
2016-05-11 10:58 - 2015-12-12 20:29 - 00000000 ____D C:\Users\Sebastian\Tracing
2016-05-11 10:43 - 2015-12-12 08:54 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-05-11 10:40 - 2015-10-30 17:10 - 00000000 ____D C:\Program Files\Windows Journal
2016-05-11 10:40 - 2015-10-30 07:48 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-05-11 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-05-11 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-05-11 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\Provisioning
2016-05-11 10:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-05-11 10:37 - 2016-01-17 10:04 - 00000000 ____D C:\Users\Sebastian\.gimp-2.8
2016-05-11 10:30 - 2015-10-30 07:39 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-05-11 10:29 - 2015-12-12 11:20 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-05-11 10:26 - 2015-12-12 11:20 - 136686448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-05-11 10:21 - 2015-12-11 19:43 - 00000000 ____D C:\Users\Sebastian\AppData\Local\VirtualStore
2016-05-11 09:57 - 2016-03-27 13:48 - 00000000 ____D C:\Program Files\VID_0E8F&PID_0008
2016-05-11 09:57 - 2016-03-27 13:48 - 00000000 ____D C:\Program Files\VID_0E8F&PID_0003
2016-05-11 09:08 - 2015-12-31 12:44 - 00000000 ____D C:\ProgramData\Package Cache
2016-05-11 09:07 - 2015-12-12 20:29 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Skype
2016-05-10 19:26 - 2015-12-12 10:16 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\.minecraft
2016-05-10 17:28 - 2016-04-02 20:46 - 00000000 ___RD C:\Users\Sebastian\Desktop\Sonstiges
2016-05-09 16:43 - 2016-04-02 20:40 - 00000000 ____D C:\Users\Sebastian\Desktop\Spiele
2016-05-08 19:09 - 2015-12-31 15:36 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\OBS
2016-05-08 11:18 - 2016-04-02 20:41 - 00000000 ____D C:\Users\Sebastian\Desktop\Minecraft
2016-05-07 16:50 - 2016-04-06 10:07 - 00000000 ____D C:\Users\Public\Documents\Lightworks
2016-05-07 16:47 - 2016-04-06 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
2016-05-07 16:47 - 2016-04-06 10:07 - 00000000 ____D C:\Program Files\Lightworks
2016-05-07 16:03 - 2016-01-04 17:49 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-05-07 16:03 - 2015-12-12 08:47 - 00313576 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-05-07 08:37 - 2007-04-27 10:43 - 00120200 _____ () C:\WINDOWS\system32\DLLDEV32i.dll
2016-05-06 13:51 - 2016-03-04 11:30 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ftblauncher
2016-05-06 13:13 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-05-06 10:13 - 2015-12-12 20:29 - 00000000 ___RD C:\Program Files\Skype
2016-05-06 10:09 - 2016-04-02 20:47 - 00000000 ____D C:\Users\Sebastian\Desktop\Musik
2016-05-05 10:18 - 2015-12-12 09:23 - 00000000 ____D C:\Program Files\Common Files\Steam
2016-05-03 03:24 - 2015-10-30 07:49 - 00829944 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2016-05-03 03:24 - 2015-10-30 07:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2016-05-02 16:43 - 2016-01-17 10:11 - 00000000 ____D C:\Users\Sebastian\AppData\Local\gtk-2.0
2016-04-29 19:30 - 2015-12-11 20:40 - 00000000 ____D C:\Users\Sebastian\AppData\Local\ElevatedDiagnostics
2016-04-27 18:06 - 2015-12-12 20:29 - 00000000 ____D C:\ProgramData\Skype
2016-04-24 12:19 - 2016-02-22 16:14 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\NCH Software
2016-04-24 12:19 - 2016-02-22 16:14 - 00000000 ____D C:\ProgramData\NCH Software
2016-04-24 12:19 - 2016-02-22 16:14 - 00000000 ____D C:\Program Files\NCH Software
2016-04-24 08:31 - 2015-12-12 08:56 - 00000000 ___RD C:\Users\Sebastian\OneDrive
2016-04-23 09:28 - 2015-12-30 19:52 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\.technic
2016-04-22 09:57 - 2016-03-27 15:29 - 00374944 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-04-19 16:40 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\rescache
2016-04-17 10:29 - 2016-03-13 15:56 - 00000000 ____D C:\Users\Sebastian\AppData\Local\Windows Live
2016-04-17 09:10 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-04-17 09:10 - 2015-10-30 07:48 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-04-12 18:34 - 2015-12-31 15:36 - 00000000 ____D C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Open Broadcaster Software
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-04-26 18:50 - 2016-04-26 18:51 - 0019982 _____ () C:\Users\Sebastian\AppData\Local\0000-0797.avi
2016-02-21 19:23 - 2016-02-21 19:23 - 0004608 _____ () C:\Users\Sebastian\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2016-05-10 17:04 - 2016-05-10 17:20 - 1065984 _____ () C:\Users\Sebastian\AppData\Local\file__0.localstorage
2016-05-05 19:58 - 2016-05-05 19:58 - 0019208 _____ () C:\Users\Sebastian\AppData\Local\recently-used.xbel
2016-04-05 18:32 - 2016-04-05 18:32 - 0017408 _____ () C:\Users\Sebastian\AppData\Local\WebpageIcons.db
Einige Dateien in TEMP:
====================
C:\Users\Sebastian\AppData\Local\Temp\HD-Logger-Native.dll
C:\Users\Sebastian\AppData\Local\Temp\HD-ShortcutHandler.dll
C:\Users\Sebastian\AppData\Local\Temp\libeay32.dll
C:\Users\Sebastian\AppData\Local\Temp\msvcr120.dll
C:\Users\Sebastian\AppData\Local\Temp\sqlite3.dll
C:\Users\Sebastian\AppData\Local\Temp\uninstall.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-05-01 14:50
==================== Ende vom FRST.txt ============================
FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:09-05-2016
durchgeführt von Sebastian (lokal) (2016-05-11 14:14:20)
Gestartet von C:\Users\Sebastian\Desktop\PROTECTION
Microsoft Windows 10 Pro Version 1511 (X86) (2015-12-12 06:54:18)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3448529311-3865688899-327216282-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3448529311-3865688899-327216282-503 - Limited - Disabled)
Gast (S-1-5-21-3448529311-3865688899-327216282-501 - Limited - Disabled)
hdied (S-1-5-21-3448529311-3865688899-327216282-1004 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3448529311-3865688899-327216282-1002 - Limited - Enabled)
jdied (S-1-5-21-3448529311-3865688899-327216282-1003 - Limited - Disabled)
Sebastian (lokal) (S-1-5-21-3448529311-3865688899-327216282-1000 - Administrator - Enabled) => C:\Users\Sebastian
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: IObit Malware Fighter (Disabled - Out of date) {4D381C57-3C7A-6F22-07EB-639F49E836D4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: IObit Malware Fighter (Enabled - Up to date) {A751AC20-3B48-5237-898A-78C4436BB78D}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
8BitBoy (HKLM\...\Steam App 296910) (Version: - AwesomeBlade)
Action! (HKLM\...\Mirillis Action!) (Version: 1.29.0 - Mirillis)
Adobe Flash Player 21 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.1.2 (HKLM\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Avidemux 2.6 - 32 bits (32-bit) (HKLM\...\Avidemux 2.6 - 32 bits) (Version: 2.6.12.160304 - )
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version: - Bandisoft.com)
Blender (HKLM\...\{35AD7B4C-CB23-4B2E-9A40-9780B8ACC50D}) (Version: 2.76.0 - Blender Foundation)
Camtasia Studio 8 (HKLM\...\{E7AFA156-D5CB-4B8C-843D-E7CA58D36B0A}) (Version: 8.6.0.2054 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.17 - Piriform)
Cinema 4D version R12 (HKLM\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
Coldfire Keep (HKLM\...\Steam App 296530) (Version: - Steve Jarman)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Devilian (HKLM\...\Steam App 407510) (Version: - Bluehole Ginno Games)
Dungeons: The Eye of Draconus (HKLM\...\Steam App 303510) (Version: - SuckerFree Games)
FIFA 16 DEMO (HKLM\...\{D09AD1AE-6AAC-45EB-B9F6-C1F223DD8481}) (Version: 1.0.0.0 - Electronic Arts)
Fotogalerie (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fraps (remove only) (HKLM\...\Fraps) (Version: - )
Freemake Video Converter Version 4.1.9 (HKLM\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Chrome (HKLM\...\Google Chrome) (Version: 50.0.2661.94 - Google Inc.)
Google Update Helper (Version: 1.3.30.3 - Google Inc.) Hidden
HandBrake 0.9.9 (HKLM\...\HandBrake) (Version: 0.9.9 - )
Heaven Benchmark version 4.0 (HKLM\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HitFilm Standard (HKLM\...\{F15B0C02-8D65-46A0-9FAE-52ED31BD5943}) (Version: 1.1.3109.41259 - FXhome)
HP Mouse Suite 2.3 (HKLM\...\{00BBA545-EC0D-4A70-83F6-3D2CC5CAEEFC}) (Version: 2.3 - Hewlett-Packard)
Intel(R) Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4331 - Intel Corporation)
IObit Malware Fighter 4 (HKLM\...\IObit Malware Fighter_is1) (Version: 4.1 - IObit)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Junk Mail filter update (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
KRUNCH (HKLM\...\Steam App 280500) (Version: - LeGrudge & Rugged)
Lagarith Lossless Codec (1.3.27) (HKLM\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LEGO® Star Wars™: The Complete Saga (HKLM\...\Steam App 32440) (Version: - Traveller's Tales)
LEGO® Worlds (HKLM\...\Steam App 332310) (Version: - TT Games)
Lightworks (HKLM\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 12.6.0.0 - Lightworks)
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.1 - LoiLo inc.)
LoiLoScope 2 (HKLM\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.4.2 - LoiLo inc)
Magicka (HKLM\...\Steam App 42910) (Version: - Arrowhead Game Studios)
MAGIX Video deluxe 2013 Premium (HKLM\...\MAGIX_{47E960B1-A285-4D31-87BA-4D2936FC8FF1}) (Version: 12.0.3.4 - MAGIX AG)
MAGIX Video deluxe 2013 Premium (Version: 12.0.3.4 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
MediaJoin (HKLM\...\MediaJoin) (Version: - Mystik Media)
MediaJoin (Version: 2.0 - Mystik Media) Hidden
Microsoft LifeCam (HKLM\...\{5FC7AB5C-61FC-42DF-A923-5139BCF10D42}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mini Motor Racing EVO (HKLM\...\Steam App 209520) (Version: - The Binary Mill)
Movie Maker (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 46.0.1 (x86 de) (HKLM\...\Mozilla Firefox 46.0.1 (x86 de)) (Version: 46.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 46.0.1.5966 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
NETGEAR RangeMax Duo Wireless-N USB Adapter WNDA3100 (HKLM\...\InstallShield_{C0100D9E-2372-45E2-BDA5-BD18F9B03298}) (Version: 1.00.0000 - NETGEAR)
OBS Multiplatform (HKLM\...\OBS Multiplatform) (Version: 0.12.3 - OBS Project)
OBS Studio (HKLM\...\OBS Studio) (Version: 0.13.4 - OBS Project)
Open Broadcaster Software (HKLM\...\Open Broadcaster Software) (Version: - )
Planets Under Attack (HKLM\...\Steam App 218510) (Version: - Targem Games)
Prism Videodatei-Konverter (HKLM\...\Prism) (Version: 2.27 - NCH Software)
Pro Evolution Soccer 2016 myClub (HKLM\...\Steam App 407250) (Version: - Konami Digital Entertainment)
RapidRip (HKLM\...\RapidRip) (Version: - AudioVideoSoft)
RapidRip (Version: 3.0 - AudioVideoSoft) Hidden
Razer Cortex (HKLM\...\Razer Cortex_is1) (Version: 7.2.16.12597 - Razer Inc.)
Secunia PSI (3.0.0.11005) (HKLM\...\Secunia PSI) (Version: 3.0.0.11005 - Secunia)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.1.0.9134 - Microsoft Corporation)
Skype™ 7.22 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.45.2 (HKLM\...\{B9CC1585-3B42-4036-8355-7C2BB5D901FA}) (Version: 7.0.45.2 - Mad Catz)
Sonic & All-Stars Racing Transformed (HKLM\...\Steam App 212480) (Version: - Sumo Digital)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
STRIKE NX GAMEPAD (HKLM\...\{DEC7CD2E-2BB5-40C3-9592-078F646F7E6C}) (Version: 1.00.0000 - speedlink)
Super Puzzle Platformer Deluxe (HKLM\...\Steam App 238530) (Version: - Andrew Morrish)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1218 - SUPERAntiSpyware.com)
Vegas Pro 11.0 (HKLM\...\{B644D34F-0296-11E2-938E-F04DA23A5C58}) (Version: 11.0.700 - Sony)
VideoPad Video-Editor (HKLM\...\VideoPad) (Version: 4.02 - NCH Software)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 5.30 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
WNDA3100 (Version: 1.00.0000 - NETGEAR) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0617C5FF-80CE-46E3-B72A-B015FFF11F41} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0737C69D-CFC4-4D12-B8F9-21755CA2D320} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {170DF9C6-9289-4B7C-B42E-9163884E8BC4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {18267D35-76BA-488D-B7F1-11DF8CB1E75E} - System32\Tasks\0116tbUpdateInfo => C:\ProgramData\Avg_Update_0116tb\0116tb_{8784441F-333C-46B3-9F20-87832808B4F9}.exe
Task: {2087CEF1-C2BC-43AD-9F8B-D9DB732BF448} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {28BA7DE2-ABCF-4D84-B37C-BBAF20D2A3C0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-04-09] (Adobe Systems Incorporated)
Task: {3EB0DACB-611C-4A5A-B54C-C68E4FA08075} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4466DBEB-C12A-4444-B517-A8E97E8B664E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {50D43919-3F6A-470A-BFDE-43AE678EF4FB} - \{0B790A47-7A0D-0B7E-0D11-0B0E0E0D117D} -> Keine Datei <==== ACHTUNG
Task: {5E81B703-6454-4B06-B064-377F451B3CCA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5F07AAED-8FB8-4235-A8F4-FD0B2CFF2A99} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {65C32941-806E-4449-95A6-A502A0511244} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {74588292-C4B3-4E90-A398-9A265E6D32D4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7ED8B954-51E8-4C01-96E1-D6B161464AF7} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-05-11] (Microsoft Corporation)
Task: {7F51BC88-B369-4584-9FDF-529A8DB248E2} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8086D242-478A-4622-A729-D8934B9DBB9C} - System32\Tasks\Wohegh Server => C:\Program Files\Wohegh\Woheghservertask.exe
Task: {9637F089-5004-4B79-9D0E-3C0ABE54DA24} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9AD48138-D350-4EB5-9413-2BB34B60831E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {9CDA3E69-F249-48E0-B583-D73393621127} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {9DD31392-297C-41A7-AB41-EFCF079CA16D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A6F50668-6DC5-41EA-B2AC-101131F1BEC1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B558CC95-29E0-470D-9D85-5C949E985B51} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {B7A13AE2-EAE8-4213-AC1C-796F4E8F67B3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-04-15] (Piriform Ltd)
Task: {CA7F788A-CE6E-4605-8F4D-CB5A9E8F987A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCC4BA3B-ECCA-4679-88B7-6A1A79F53657} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DF26847C-4A18-49A7-B68D-D6702892EF5C} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {DFE954DD-5D51-4DC8-AF18-8EC220BF5E9C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {E1F349D9-383E-413F-9DD7-E9C95C28C149} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E9E7765D-C687-4194-883A-03228B6F2210} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {EFE38A65-96FB-4959-AB24-3A8AFC35F2D5} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F30EA973-B455-497B-AD80-B7D5D5E08664} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9D151EA-C267-4676-B6ED-8A7C7C7DAFD0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 44471c5a-fba6-49e1-94fe-e4dd74039158.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
Task: C:\WINDOWS\Tasks\SUPERAntiSpyware Scheduled Task 716b6db5-6b17-4d6a-a8d9-158ddb181712.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-10-30 07:44 - 2015-10-30 07:44 - 00022528 _____ () C:\WINDOWS\SYSTEM32\efsext.dll
2015-10-30 07:44 - 2015-10-30 07:44 - 00149504 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2010-12-01 11:35 - 2010-12-01 11:35 - 00172032 _____ () C:\ProgramData\HP Wi-Fi Mobile Mouse Config\AstroS.exe
2015-12-12 08:57 - 2013-07-04 04:32 - 00936728 _____ () C:\Program Files\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-12-12 08:57 - 2016-05-11 14:12 - 00036496 _____ () C:\Program Files\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2015-12-12 08:57 - 2013-07-04 04:32 - 00104448 _____ () C:\Program Files\ASUS\AXSP\1.01.02\ATKEX.dll
2016-05-11 12:58 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files\IObit\LiveUpdate\ProductStatistics.dll
2016-04-19 01:55 - 2016-04-19 01:55 - 00187824 _____ () C:\Program Files\Razer\Razer Services\GSS\GameScannerService.exe
2016-04-12 19:44 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-12 19:44 - 2016-03-29 11:37 - 01862008 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-04-24 08:31 - 2016-04-24 08:31 - 00679624 _____ () C:\Users\Sebastian\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\ClientTelemetry.dll
2015-12-19 02:00 - 2015-12-19 02:00 - 00423840 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-12-19 15:24 - 2015-12-07 06:11 - 00070656 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-05-11 10:25 - 2016-04-23 06:20 - 00316416 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-05-11 10:25 - 2016-04-23 06:05 - 05340672 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-05-11 10:25 - 2016-04-23 05:58 - 00471552 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-05-11 10:25 - 2016-04-23 05:58 - 02366976 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-05-11 10:25 - 2016-04-23 06:01 - 02656768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-04-30 09:06 - 2016-04-29 13:53 - 00149352 _____ () C:\Program Files\Razer\Razer Cortex\SimbaDeviceControl.dll
2016-05-11 12:58 - 2016-03-31 17:57 - 00899872 _____ () C:\Program Files\IObit\IObit Malware Fighter\webres.dll
2016-05-11 12:58 - 2016-03-31 17:57 - 00188704 _____ () C:\Program Files\IObit\IObit Malware Fighter\unrar.dll
2016-05-11 12:58 - 2016-03-31 17:57 - 00151840 _____ () C:\Program Files\IObit\IObit Malware Fighter\zlibwapi.dll
2016-05-11 12:58 - 2016-03-31 17:57 - 00625440 _____ () C:\Program Files\IObit\IObit Malware Fighter\ProductStatistics.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\.DEFAULT\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
Da befinden sich 7898 mehr Seiten.
IE trusted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\webcompanion.com -> hxxp://webcompanion.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\123simsen.com -> www.123simsen.com
Da befinden sich 7898 mehr Seiten.
==================== Hosts Inhalt: ==========================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:04 - 2016-05-11 12:49 - 00453382 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.mirillis.com
127.0.0.1 s0ft4pc.com
127.0.0.1 serwer2.paka-service.com
0.0.0.1 mssplus.mcafee.com
127.0.0.1 down.baidu2016.com
127.0.0.1 123.sogou.com
127.0.0.1 www.czzsyzgm.com
127.0.0.1 www.czzsyzxl.com
127.0.0.1 union.baidu2019.com127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
Da befinden sich 15530 zusätzliche Einträge.
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sebastian\Pictures\2016-04-03_13.12.23.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "simplicheck.lnk"
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "AvgUi"
HKLM\...\StartupApproved\Run: => "IDSCCOMBG1"
HKLM\...\StartupApproved\Run: => "IDSCCOMIWX"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "LifeCam"
HKLM\...\StartupApproved\Run: => "PelAstro"
HKLM\...\StartupApproved\Run: => "ProductUpdater"
HKLM\...\StartupApproved\Run: => "QuickTime Task"
HKLM\...\StartupApproved\Run: => "sun21"
HKLM\...\StartupApproved\Run: => "WINCOMNY0"
HKLM\...\StartupApproved\Run: => "comoBoss"
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\StartupApproved\Run: => "BlueStacks Agent"
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-3448529311-3865688899-327216282-1000\...\StartupApproved\Run: => "Caster"
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{EF8A928E-3614-4464-8351-09E30A480F75}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{67393791-064A-4D89-833D-0F50AD0E7E69}] => (Allow) C:\Program Files\Steam\Steam.exe
FirewallRules: [{E40E60A2-3434-4C89-96F7-52E1BF8A2814}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{D7EC427B-6217-4E30-A7BA-07E5969C7C4A}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{00B6E350-6BBC-422D-869D-F07054C5C35E}] => (Allow) E:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{601F9ACE-6578-4F1D-B653-27A0605C0ABC}] => (Allow) E:\SteamLibrary\steamapps\common\Cities_Skylines\Cities.exe
FirewallRules: [{9BA476F6-E016-4642-BED4-4DD8778F09CE}] => (Allow) E:\SteamLibrary\steamapps\common\Super Puzzle Platformer Deluxe\SuperPuzzlePlatformerDeluxe.exe
FirewallRules: [{18FDA635-5052-444E-857B-41097D5F9DB7}] => (Allow) E:\SteamLibrary\steamapps\common\Super Puzzle Platformer Deluxe\SuperPuzzlePlatformerDeluxe.exe
FirewallRules: [TCP Query User{89ED4ACE-5984-4EE6-9FD7-49C34F371860}E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F05A93EB-0EA9-4A9B-BF08-9B8DD419C975}E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{8615B97B-F681-4198-A6D0-31FEA1398771}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C8F1D904-B829-4E1B-B032-AD30278FB01E}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{DE30CECD-0961-42E0-94B3-F75EF7B54786}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeCam.exe
FirewallRules: [{02794F79-0835-49B1-A2E4-F300F0AA9484}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{8A716E50-2D60-47D4-8D73-5903A4AE28E1}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeEnC2.exe
FirewallRules: [{C46009AA-F7FD-437E-B164-4F762CA44368}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{79F2B4B7-6397-4583-B406-0F453B106347}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeExp.exe
FirewallRules: [{0AED30CC-F768-405A-895F-087BF3F54820}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [{16F933CA-BCC1-4D32-9404-4084E9CE7FBE}] => (Allow) C:\Program Files\Microsoft LifeCam\LifeTray.exe
FirewallRules: [TCP Query User{CBCB5721-060A-43C8-9F90-06B888AFA760}E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F8FCE0B4-7526-4678-AA54-1AE9DE9C9770}E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe] => (Block) E:\gma\games\minecraft\runtime\jre-x32\1.8.0_25\bin\javaw.exe
FirewallRules: [{CE3DD564-8602-422D-97B2-3FBF39A3DB0C}] => (Allow) C:\Program Files\Origin Games\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{8B7543A5-0440-4A8D-B559-F779A7B87111}] => (Allow) C:\Program Files\Origin Games\FIFA 16 DEMO\fifasetup\fifaconfig.exe
FirewallRules: [{FFA0A6C7-ADBD-4F6A-924B-1C155F047D7F}] => (Allow) E:\SteamLibrary\steamapps\common\Devilian\GlyphClient.exe
FirewallRules: [{0393E281-0063-4549-9A55-A1EB1751939D}] => (Allow) E:\SteamLibrary\steamapps\common\Devilian\GlyphClient.exe
FirewallRules: [{CA8E8E36-005D-4C50-83B7-E484D8EBEB20}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{5E00ACEC-9832-4B25-9FE4-B19C650855C3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{8F58DAB4-EFCF-4C74-BF5F-DFA5088C0A20}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{FC7EEAAE-87B5-4B4C-84AC-9FC333223D50}] => (Allow) LPort=8317
FirewallRules: [{CCE3487C-F981-4DB1-A1FE-651FBB787D98}] => (Allow) E:\SteamLibrary\steamapps\common\planets under attack\game.exe
FirewallRules: [{6E3E132A-8484-4680-9C31-57D921523EFE}] => (Allow) E:\SteamLibrary\steamapps\common\planets under attack\game.exe
FirewallRules: [{E7F9118B-E581-42FE-8BA0-B016CC664C06}] => (Allow) E:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{588FF584-E0ED-4B87-A6C5-CF8F992CC0FD}] => (Allow) E:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{7F45C932-858C-42F2-8DA8-3CFEEA761E8F}] => (Allow) E:\SteamLibrary\steamapps\common\KRUNCH\KRUNCH.exe
FirewallRules: [{74D30A3A-D97A-4F74-8B11-69F7DDA1BEC5}] => (Allow) E:\SteamLibrary\steamapps\common\KRUNCH\KRUNCH.exe
FirewallRules: [{AA91906A-36B8-4FAF-8E57-FDF18E3ED3FC}] => (Allow) E:\SteamLibrary\steamapps\common\Dungeons The Eye Of Draconus\DungeonsLauncher.exe
FirewallRules: [{8FF71F0C-384A-4265-AD81-57A58A436BB4}] => (Allow) E:\SteamLibrary\steamapps\common\Dungeons The Eye Of Draconus\DungeonsLauncher.exe
FirewallRules: [{245EE1B7-29A2-4213-8F7B-C2C4ECD62B14}] => (Allow) E:\SteamLibrary\steamapps\common\Coldfire Keep\ColdfireKeep.exe
FirewallRules: [{BE88A22E-D600-4696-BE2B-BE108CFB8FC6}] => (Allow) E:\SteamLibrary\steamapps\common\Coldfire Keep\ColdfireKeep.exe
FirewallRules: [{3A530EC0-F1B5-4D5F-AAC8-013350DDCDB3}] => (Allow) E:\SteamLibrary\steamapps\common\8BitBoy\8bitboy.exe
FirewallRules: [{1DBDA4CC-7617-4C0A-981A-77DF63C1828D}] => (Allow) E:\SteamLibrary\steamapps\common\8BitBoy\8bitboy.exe
FirewallRules: [TCP Query User{576C3C94-3449-40F5-A4D5-E5A12001D278}E:\steamlibrary\steamapps\common\pro evolution soccer 2016 myclub\pes2016.exe] => (Allow) E:\steamlibrary\steamapps\common\pro evolution soccer 2016 myclub\pes2016.exe
FirewallRules: [UDP Query User{EE7DCE7F-CA7C-4567-97F5-FD2CE63805B9}E:\steamlibrary\steamapps\common\pro evolution soccer 2016 myclub\pes2016.exe] => (Allow) E:\steamlibrary\steamapps\common\pro evolution soccer 2016 myclub\pes2016.exe
FirewallRules: [{09E36B9F-A541-4472-8160-C97FA64DBC59}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{A1A6FCB6-3BBB-42C2-93DD-109872FDED98}] => (Allow) LPort=2869
FirewallRules: [{C0CBE72D-C8BE-49A1-9311-AF746B4A3B00}] => (Allow) LPort=1900
FirewallRules: [{3A34FD06-F38D-4432-8262-F2038CB9528C}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DDE70B8C-8AAC-4CA2-9F9E-196CE183AF46}] => (Allow) E:\SteamLibrary\steamapps\common\LEGO Worlds\LEGO_Worlds.exe
FirewallRules: [{C5CBA511-06D5-437C-AD07-CE4B86E541D9}] => (Allow) E:\SteamLibrary\steamapps\common\LEGO Worlds\LEGO_Worlds.exe
FirewallRules: [TCP Query User{630BD506-48F6-4C56-967B-525F6B1DEA28}C:\program files\lightworks\ntcardvt.exe] => (Allow) C:\program files\lightworks\ntcardvt.exe
FirewallRules: [UDP Query User{43FE1300-D48E-4CF6-A0FF-9A6EEC591051}C:\program files\lightworks\ntcardvt.exe] => (Allow) C:\program files\lightworks\ntcardvt.exe
FirewallRules: [{65AA9B86-25EA-4A86-9835-2C981EC3B914}] => (Allow) E:\SteamLibrary\steamapps\common\Mini Motor Racing\Mini Motor Evo.exe
FirewallRules: [{53DA9D51-5B54-4167-96ED-AB91D02C3A6C}] => (Allow) E:\SteamLibrary\steamapps\common\Mini Motor Racing\Mini Motor Evo.exe
FirewallRules: [{D00CF87C-658D-4A0D-80A4-C3C9A52312EA}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{21EE0D2C-5872-49CE-A92E-8DF3C4C71B04}] => (Allow) E:\SteamLibrary\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{D4A48D9A-C3DA-4A97-A0C3-4CE7615DAC55}] => (Allow) E:\SteamLibrary\steamapps\common\Lego Star Wars Saga\LEGOStarWarsSaga.exe
FirewallRules: [{F8BBCECD-01AF-4E11-9412-DBA70C5E01C5}] => (Allow) C:\Program Files\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{17B3412E-4420-444B-AFA4-6CA55ADF6A7C}] => (Allow) C:\Program Files\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\ASN_App_PcDx9_Final.exe
FirewallRules: [{AFD927FE-AB5F-4DFD-B4FF-AECF5AF128B4}] => (Allow) C:\Program Files\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
FirewallRules: [{DF6CD896-D2FD-481B-927C-8568954B5B05}] => (Allow) C:\Program Files\Steam\steamapps\common\Sonic & All-Stars Racing Transformed\Launcher.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/11/2016 02:14:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/11/2016 02:14:36 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1".
Die abhängige Assemblierung "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (05/11/2016 02:12:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SEBASTIAN-PC)
Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (05/11/2016 02:12:49 PM) (Source: DCOM) (EventID: 10016) (User: SEBASTIAN-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Sebastian-PCSebastian (lokal)S-1-5-21-3448529311-3865688899-327216282-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/11/2016 02:12:49 PM) (Source: DCOM) (EventID: 10016) (User: SEBASTIAN-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Sebastian-PCSebastian (lokal)S-1-5-21-3448529311-3865688899-327216282-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/11/2016 02:12:49 PM) (Source: DCOM) (EventID: 10016) (User: SEBASTIAN-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Sebastian-PCSebastian (lokal)S-1-5-21-3448529311-3865688899-327216282-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/11/2016 02:12:49 PM) (Source: DCOM) (EventID: 10016) (User: SEBASTIAN-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Sebastian-PCSebastian (lokal)S-1-5-21-3448529311-3865688899-327216282-1000LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742
Error: (05/11/2016 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: SEBASTIAN-PC)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (05/11/2016 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: SEBASTIAN-PC)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (05/11/2016 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: SEBASTIAN-PC)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (05/11/2016 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: SEBASTIAN-PC)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (05/11/2016 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: SEBASTIAN-PC)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
Error: (05/11/2016 02:12:48 PM) (Source: DCOM) (EventID: 10010) (User: SEBASTIAN-PC)
Description: App.AppXck5aaxyarfx8gxrgfk6pvakmmxeqvepc.mca
CodeIntegrity:
===================================
Date: 2016-05-11 12:42:08.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 12:42:08.493
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 12:42:08.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 12:42:08.432
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 11:50:39.079
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 11:50:39.060
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 11:50:39.041
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 11:50:39.014
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 11:49:45.472
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
Date: 2016-05-11 11:49:45.453
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\dnsapi.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-4460 CPU @ 3.20GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 3462.98 MB
Verfügbarer physikalischer RAM: 2000 MB
Summe virtueller Speicher: 7046.98 MB
Verfügbarer virtueller Speicher: 5408.23 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:111.25 GB) (Free:38.92 GB) NTFS
Drive e: (Volume) (Fixed) (Total:931.51 GB) (Free:900.27 GB) NTFS
Drive f: (SP UFD U3) (Removable) (Total:14.57 GB) (Free:14.53 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: F3891271)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: BF17D39F)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 14.6 GB) (Disk ID: 0DFF7265)
No partition Table on disk 2.
==================== Ende vom Addition.txt ============================
|
|
11.05.2016, 14:29
| #2 |
| | Windows 10 Cmd Fenster öffnet ständig und schliesst sich wiederCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 11.05.2016 Suchlaufzeit: 12:54 Protokolldatei: Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.05.11.02 Rootkit-Datenbank: v2016.05.06.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x86 Dateisystem: NTFS Benutzer: Sebastian (lokal) Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 306167 Abgelaufene Zeit: 3 Min., 33 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Junkware Removal Tool (JRT) by Malwarebytes Version: 8.0.6 (04.25.2016) Operating System: Windows 10 Pro x86 Ran by Sebastian (lokal) (Administrator) on 11.05.2016 at 13:03:40,62 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 16 Failed to delete: C:\Program Files\Common Files\avg secure search\vtoolbarupdater (Folder) Failed to delete: C:\Program Files\lavasoft\web companion (Folder) Successfully deleted: C:\ProgramData\avg security toolbar (Folder) Successfully deleted: C:\ProgramData\lavasoft\web companion (Folder) Successfully deleted: C:\ProgramData\productdata (Folder) Successfully deleted: C:\Users\Sebastian\Appdata\LocalLow\company (Folder) Successfully deleted: C:\Users\Sebastian\AppData\Roaming\lavasoft\web companion (Folder) Successfully deleted: C:\Users\Sebastian\AppData\Roaming\productdata (Folder) Successfully deleted: C:\WINDOWS\System32\Tasks\bandicam_start (Task) Successfully deleted: C:\WINDOWS\System32\Tasks\YTDownloader (Task) Successfully deleted: C:\WINDOWS\System32\Tasks\YTDownloaderUpd (Task) Successfully deleted: C:\Program Files\GUTFAD7.tmp (File) Successfully deleted: C:\Program Files\mpc cleaner (Folder) Successfully deleted: C:\WINDOWS\prefetch\DRIVERQUERY.EXE-2A25F8AA.pf (File) Successfully deleted: C:\WINDOWS\prefetch\FREEMAKEERRORREPORTER.EXE-7CA8C7FD.pf (File) Successfully deleted: C:\WINDOWS\prefetch\FREEMAKEVC.EXE-0BAA293A.pf (File) Deleted the following from C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\myq207lf.default\prefs.js user_pref(browser.search.order.1, Ask.com); user_pref(extensions.ich@maltegoetz.de.tr_web_session, {\id\:\HeWMXuEwvoI0mZrsAgU9lQDEBmzOgcOx\,\ts\:\1462964340858\,\prev\:\hxxp%3A%2F%2Fwww.iobit.com%2Fde%2Fin Registry: 3 Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\sbmntr (Registry Key) Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\vToolbarUpdater40.2.9 (Registry Key) Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} (Registry Key) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 11.05.2016 at 13:04:05,18 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Habe noch einige weitere Durchläufe mit verschieden Spyware-Entfernern gestartet. Problem mit dem CMD Fenster erstmal gelöst. Melde mich wieder, sollte es erneut auftreten. Dankeschön. |
|
18.05.2016, 09:50
| #3 | |
| /// TB-Ausbilder   | Windows 10 Cmd Fenster öffnet ständig und schliesst sich wiederZitat:
Ich beende das Thema, da du ja kein Interesse mehr an einer Bereinigung hast. Nur zur Info: Da ist noch Schadsoftware auf deinem Rechner.  |
|
18.05.2016, 10:09
| #4 |
| | Windows 10 Cmd Fenster öffnet ständig und schliesst sich wieder Sorry, habe nicht gesagt, dass ich mich sicher fühle. Nur das das Problem mit dem cmd Fenster nicht mehr auftritt. Das noch Schadsoftware auf dem Rechner ist, kann ich ja mit meinem Halbwissen nicht ausschliessen. Nur das aktuell keine sichtbaren Probleme mehr auftreten. Danke für den Hinweis. |
|
18.05.2016, 10:11
| #5 |
| /// TB-Ausbilder | Windows 10 Cmd Fenster öffnet ständig und schliesst sich wieder Gut, dann wäre das ja geklärt.  |
|
18.05.2016, 11:18
| #6 |
| | Windows 10 Cmd Fenster öffnet ständig und schliesst sich wieder Naja, ich sags mal mit den Worten von Arnie: "I will be back", spätestens wenn wieder Probleme auftreten. |
|
18.05.2016, 15:10
| #7 | |
| /// TB-Ausbilder | Windows 10 Cmd Fenster öffnet ständig und schliesst sich wiederZitat:
 Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
|
| Themen zu Windows 10 Cmd Fenster öffnet ständig und schliesst sich wieder |
| abständen, browser, ccsetup, cmd, dankbar, entferne, entfernen, etliche, fenster, hilfe, poste, posten, rechner, sache, safer networking, schliesst, sekunden, windows, windows 10, xcode, öffnet |
Linear-Darstellung
