Sharugan | 21.08.2015 22:38 | Die FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:21-08-2015
durchgeführt von Sharugan (Administrator) auf SHARUGAN-PC (21-08-2015 21:28:50)
Gestartet von C:\Users\Sharugan\Desktop
Geladene Profile: Sharugan (Verfügbare Profile: Sharugan)
Platform: Windows 8.1 Pro (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\Program Files\EslWire\service\WireHelperSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Program Files\Zune\ZuneLauncher.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Turtle Entertainment GmbH) C:\Program Files\EslWire\wire.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
() C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
() C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\Purplizer.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.88.41.0\OverwolfHelper64.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.88.41.0\OverwolfBrowser.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452968 2012-03-13] (Realtek Semiconductor)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [Zune Launcher] => C:\Program Files\Zune\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [SL-6481 Gaming Keyboard] => C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.exe [1976832 2013-09-30] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766688 2014-07-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3780520 2015-07-31] (AVG Technologies CZ, s.r.o.)
HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [41200 2015-08-09] (Overwolf LTD)
HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\...\Run: [GoogleChromeAutoLaunch_9D6F78FD4E45D795C60BF9D0E304F850] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-08-08] (Google Inc.)
HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\...\Run: [ESL Wire] => C:\Program Files\EslWire\wire.exe [3771904 2014-12-09] (Turtle Entertainment GmbH)
Startup: C:\Users\Sharugan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2014-04-17]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BootExecute: autocheck autochk * sdnclean64.exe
GroupPolicy: Gruppenrichtline auf Chrome erkannt <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt..)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3370996478-1269169652-3549115308-1001 -> URL hxxp://search.conduit.com/Results.aspx?ctid=CT3324760&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=5&UP=SPCE3CDE5F-344B-4548-B98C-C6FBE649ECD9&q={searchTerms}&SSPV=
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre8\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre8\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-01-18] (IvoSoft)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2015-07-14] (Microsoft Corporation)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2015-07-14] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll [2015-03-02] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-01-18] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-01-18] (IvoSoft)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-03-12] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{316789B6-19A7-402F-8F0B-BF922F665433}: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre8\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre8\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2015-01-09] (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-21] ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [2014-05-26] (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll [2015-03-02] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-04-22] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-27] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-04-22] (Microsoft Corporation)
Chrome:
=======
CHR Profile: C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Steam inventory helper) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-08-21]
CHR Extension: (AdBlock) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-26]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-26]
CHR Profile: C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Docs) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-06-09]
CHR Extension: (Google Drive) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-06-09]
CHR Extension: (YouTube) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-06-09]
CHR Extension: (Google Search) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-06-09]
CHR Extension: (AdBlock) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-06-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-06-09]
CHR Extension: (Google Wallet) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-09]
CHR Extension: (Gmail) - C:\Users\Sharugan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-09]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-07-04] (Advanced Micro Devices, Inc.) [Datei ist nicht signiert]
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3633576 2015-07-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [335656 2015-07-31] (AVG Technologies CZ, s.r.o.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
R2 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [995568 2015-08-09] (Overwolf LTD)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files (x86)\Wise\Wise Care 365\BootTime.exe [580232 2014-01-21] (WiseCleaner.com) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S5 3ware; C:\Windows\System32\drivers\3ware.sys [108896 2013-08-22] (LSI)
R5 ACPI; C:\Windows\System32\drivers\ACPI.sys [533824 2014-10-07] (Microsoft Corporation)
R5 acpiex; C:\Windows\System32\Drivers\acpiex.sys [79712 2013-08-22] (Microsoft Corporation)
S5 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S5 agp440; C:\Windows\System32\drivers\agp440.sys [62304 2013-08-22] (Microsoft Corporation)
S5 amdsata; C:\Windows\System32\drivers\amdsata.sys [79200 2013-08-22] (Advanced Micro Devices)
S5 amdsbs; C:\Windows\System32\drivers\amdsbs.sys [259424 2013-08-22] (AMD Technologies Inc.)
S5 amdxata; C:\Windows\System32\drivers\amdxata.sys [25952 2013-08-22] (Advanced Micro Devices)
R5 amd_sata; C:\Windows\System32\drivers\amd_sata.sys [82048 2011-12-12] (Advanced Micro Devices)
R5 amd_xata; C:\Windows\System32\drivers\amd_xata.sys [42624 2011-12-12] (Advanced Micro Devices)
R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-20] (Advanced Micro Devices)
S5 arcsas; C:\Windows\System32\drivers\arcsas.sys [114016 2013-08-22] (PMC-Sierra, Inc.)
S5 atapi; C:\Windows\System32\drivers\atapi.sys [26464 2013-08-22] (Microsoft Corporation)
S5 Avgboota; C:\Windows\System32\DRIVERS\avgboota.sys [21152 2015-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [312752 2015-07-28] (AVG Technologies CZ, s.r.o.)
R5 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R5 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R5 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [245680 2015-07-28] (AVG Technologies CZ, s.r.o.)
R5 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\Windows\system32\DRIVERS\avgwfpa.sys [296896 2015-07-10] (AVG Technologies CZ, s.r.o.)
S5 b06bdrv; C:\Windows\System32\drivers\bxvbda.sys [531296 2013-08-22] (Broadcom Corporation)
R5 CLFS; C:\Windows\System32\drivers\CLFS.sys [377152 2015-03-04] (Microsoft Corporation)
R5 CNG; C:\Windows\System32\Drivers\cng.sys [561928 2015-03-30] (Microsoft Corporation)
R5 disk; C:\Windows\System32\drivers\disk.sys [100192 2013-08-22] (Microsoft Corporation)
S5 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S5 EhStorClass; C:\Windows\System32\drivers\EhStorClass.sys [82784 2013-08-22] (Microsoft Corporation)
S5 EhStorTcgDrv; C:\Windows\System32\drivers\EhStorTcgDrv.sys [114016 2013-08-22] (Microsoft Corporation)
R5 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [92448 2015-08-20] (<Turtle Entertainment>)
R5 FileInfo; C:\Windows\System32\drivers\fileinfo.sys [79192 2014-02-22] (Microsoft Corporation)
R5 FltMgr; C:\Windows\System32\drivers\fltmgr.sys [354112 2014-08-26] (Microsoft Corporation)
U5 Fs_Rec; C:\Windows\System32\Drivers\Fs_Rec.sys [30048 2013-08-22] (Microsoft Corporation)
R5 fvevol; C:\Windows\System32\DRIVERS\fvevol.sys [589656 2014-04-08] (Microsoft Corporation)
S5 gagp30kx; C:\Windows\System32\drivers\gagp30kx.sys [65888 2013-08-22] (Microsoft Corporation)
R3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-08-03] (LogMeIn Inc.)
S5 HpSAMD; C:\Windows\System32\drivers\HpSAMD.sys [64352 2013-08-22] (Hewlett-Packard Company)
S5 hwpolicy; C:\Windows\System32\drivers\hwpolicy.sys [24416 2013-08-22] (Microsoft Corporation)
S5 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
S5 iaStorV; C:\Windows\System32\drivers\iaStorV.sys [412000 2013-08-22] (Intel Corporation)
S5 intelide; C:\Windows\System32\drivers\intelide.sys [18272 2013-08-22] (Microsoft Corporation)
R5 intelpep; C:\Windows\System32\drivers\intelpep.sys [39744 2014-10-13] (Microsoft Corporation)
S5 isapnp; C:\Windows\System32\drivers\isapnp.sys [21856 2013-08-22] (Microsoft Corporation)
R5 KSecDD; C:\Windows\System32\Drivers\ksecdd.sys [100672 2014-10-29] (Microsoft Corporation)
R5 KSecPkg; C:\Windows\System32\Drivers\ksecpkg.sys [178008 2015-06-28] (Microsoft Corporation)
S5 LSI_SAS; C:\Windows\System32\drivers\lsi_sas.sys [109408 2013-08-22] (LSI Corporation)
S5 LSI_SAS2; C:\Windows\System32\drivers\lsi_sas2.sys [93536 2013-08-22] (LSI Corporation)
S5 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S5 LSI_SSS; C:\Windows\System32\drivers\lsi_sss.sys [82784 2013-08-22] (LSI Corporation)
S5 megasas; C:\Windows\System32\drivers\megasas.sys [56672 2013-08-22] (LSI Corporation)
S5 megasr; C:\Windows\System32\drivers\megasr.sys [575840 2013-08-22] (LSI Corporation, Inc.)
R5 mountmgr; C:\Windows\System32\drivers\mountmgr.sys [101720 2015-07-16] (Microsoft Corporation)
R5 msisadrv; C:\Windows\System32\drivers\msisadrv.sys [17248 2013-08-22] (Microsoft Corporation)
R5 Mup; C:\Windows\System32\Drivers\mup.sys [78688 2013-08-22] (Microsoft Corporation)
S5 mvumis; C:\Windows\System32\drivers\mvumis.sys [63840 2013-08-22] (Marvell Semiconductor, Inc.)
R5 NDIS; C:\Windows\System32\drivers\ndis.sys [1113944 2015-07-14] (Microsoft Corporation)
S5 nvraid; C:\Windows\System32\drivers\nvraid.sys [150368 2013-08-22] (NVIDIA Corporation)
S5 nvstor; C:\Windows\System32\drivers\nvstor.sys [168288 2013-08-22] (NVIDIA Corporation)
S5 nv_agp; C:\Windows\System32\drivers\nv_agp.sys [124768 2013-08-22] (Microsoft Corporation)
R5 partmgr; C:\Windows\System32\drivers\partmgr.sys [88896 2014-10-15] (Microsoft Corporation)
R5 pci; C:\Windows\System32\drivers\pci.sys [280384 2014-07-24] (Microsoft Corporation)
S5 pciide; C:\Windows\System32\drivers\pciide.sys [14688 2013-08-22] (Microsoft Corporation)
S5 pcmcia; C:\Windows\System32\drivers\pcmcia.sys [114528 2013-08-22] (Microsoft Corporation)
R5 pcw; C:\Windows\System32\drivers\pcw.sys [50016 2013-08-22] (Microsoft Corporation)
R5 pdc; C:\Windows\System32\drivers\pdc.sys [86336 2014-10-13] (Microsoft Corporation)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
R5 rdyboost; C:\Windows\System32\drivers\rdyboost.sys [249688 2014-02-22] (Microsoft Corporation)
R3 SaiK0CCB; C:\Windows\system32\DRIVERS\SaiK0CCB.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\drivers\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\system32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU0CCB; C:\Windows\System32\drivers\SaiU0CCB.sys [47168 2012-09-20] (Saitek)
S5 sbp2port; C:\Windows\System32\drivers\sbp2port.sys [107872 2013-08-22] (Microsoft Corporation)
S5 SiSRaid2; C:\Windows\System32\drivers\SiSRaid2.sys [44896 2013-08-22] (Silicon Integrated Systems Corp.)
S5 SiSRaid4; C:\Windows\System32\drivers\sisraid4.sys [81760 2013-08-22] (Silicon Integrated Systems)
R5 spaceport; C:\Windows\System32\drivers\spaceport.sys [415040 2014-10-29] (Microsoft Corporation)
S5 stexstor; C:\Windows\System32\drivers\stexstor.sys [31072 2013-08-22] (Promise Technology, Inc.)
S5 storahci; C:\Windows\System32\drivers\storahci.sys [107872 2013-08-22] (Microsoft Corporation)
S5 storflt; C:\Windows\System32\drivers\vmstorfl.sys [49944 2014-10-29] (Microsoft Corporation)
S5 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-12-13] (Microsoft Corporation)
S5 storvsc; C:\Windows\System32\drivers\storvsc.sys [45888 2013-08-22] (Microsoft Corporation)
R5 Tcpip; C:\Windows\System32\drivers\tcpip.sys [2476376 2015-06-11] (Microsoft Corporation)
S5 uagp35; C:\Windows\System32\drivers\uagp35.sys [64864 2013-08-22] (Microsoft Corporation)
S5 uliagpkx; C:\Windows\System32\drivers\uliagpkx.sys [65888 2013-08-22] (Microsoft Corporation)
R5 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [37728 2013-08-22] (Microsoft Corporation)
S5 viaide; C:\Windows\System32\drivers\viaide.sys [19808 2013-08-22] (VIA Technologies, Inc.)
S5 vmbus; C:\Windows\System32\drivers\vmbus.sys [97048 2014-10-29] (Microsoft Corporation)
R5 volmgr; C:\Windows\System32\drivers\volmgr.sys [73568 2013-08-22] (Microsoft Corporation)
R5 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [377696 2013-08-22] (Microsoft Corporation)
R5 volsnap; C:\Windows\System32\drivers\volsnap.sys [310080 2014-06-19] (Microsoft Corporation)
S5 vsmraid; C:\Windows\System32\drivers\vsmraid.sys [168800 2013-08-22] (VIA Technologies Inc.,Ltd)
S5 VSTXRAID; C:\Windows\System32\drivers\vstxraid.sys [305504 2013-08-22] (VIA Corporation)
R5 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [839488 2013-08-22] (Microsoft Corporation)
R5 WFPLWFS; C:\Windows\System32\DRIVERS\wfplwfs.sys [136512 2014-10-29] (Microsoft Corporation)
R5 Wof; C:\Windows\System32\Drivers\Wof.sys [157016 2014-03-13] (Microsoft Corporation)
R3 WUDFWpdComp; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-21 21:28 - 2015-08-21 21:30 - 00028937 _____ C:\Users\Sharugan\Desktop\FRST.txt
2015-08-21 21:27 - 2015-08-21 21:29 - 00000000 ____D C:\FRST
2015-08-21 20:06 - 2015-08-21 19:55 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Sharugan\Desktop\mbam-setup-2.1.8.1057.exe
2015-08-21 19:55 - 2015-08-21 19:55 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Sharugan\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-21 19:50 - 2015-08-21 19:50 - 02173952 _____ (Farbar) C:\Users\Sharugan\Downloads\FRST64.exe
2015-08-21 19:50 - 2015-08-21 19:50 - 02173952 _____ (Farbar) C:\Users\Sharugan\Desktop\FRST64.exe
2015-08-21 19:47 - 2015-08-21 19:47 - 01677312 _____ (Farbar) C:\Users\Sharugan\Downloads\FRST.exe
2015-08-21 19:28 - 2015-08-21 19:28 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\AVG2015
2015-08-21 19:27 - 2015-08-21 19:27 - 00001001 _____ C:\Users\Public\Desktop\AVG 2015.lnk
2015-08-21 19:27 - 2015-08-21 19:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2015-08-21 19:27 - 2015-08-21 19:27 - 00000000 ____D C:\Program Files\Common Files\AV
2015-08-21 19:26 - 2015-08-21 19:27 - 00000000 ____D C:\ProgramData\AVG2015
2015-08-21 19:26 - 2015-08-21 19:26 - 00000000 ____D C:\Program Files (x86)\AVG
2015-08-21 19:24 - 2015-08-21 19:31 - 00000000 ____D C:\Users\Sharugan\AppData\Local\Avg2015
2015-08-21 19:21 - 2015-08-21 19:23 - 183106416 _____ (AVG Technologies) C:\Users\Sharugan\Downloads\avg_free_x86_all_2015_ltst_222.exe
2015-08-21 19:13 - 2015-08-21 19:13 - 01605632 _____ C:\Users\Sharugan\Downloads\adwcleaner_5.003.exe
2015-08-20 16:35 - 2015-08-20 16:35 - 00092448 _____ (<Turtle Entertainment>) C:\Windows\system32\Drivers\ESLWireACD.sys
2015-08-20 16:22 - 2015-08-21 19:19 - 00000000 ____D C:\Users\Sharugan\AppData\Local\ESL Wire Game Client
2015-08-20 16:22 - 2015-08-20 16:22 - 00000795 _____ C:\Users\Public\Desktop\ESL Wire.lnk
2015-08-20 16:22 - 2015-08-20 16:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESL Wire
2015-08-20 16:22 - 2015-08-20 16:22 - 00000000 ____D C:\ProgramData\ESL Wire
2015-08-20 16:22 - 2015-08-20 16:22 - 00000000 ____D C:\Program Files\EslWire
2015-08-20 16:21 - 2015-08-20 16:21 - 00939656 _____ (Turtle Entertainment GmbH) C:\Users\Sharugan\Downloads\ESLWireSetup-1.18.0.8101.exe
2015-08-20 13:34 - 2015-08-20 13:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-20 13:10 - 2015-08-20 13:10 - 00005056 _____ C:\Users\Sharugan\Desktop\SelfPhoto_by_Karesh.txt
2015-08-19 23:20 - 2015-08-19 23:20 - 01060466 _____ C:\Users\Sharugan\Downloads\Intro Template.c4d
2015-08-19 23:20 - 2015-08-19 23:20 - 01060466 _____ C:\Users\Sharugan\Desktop\Intro Template.c4d
2015-08-19 23:06 - 2012-01-19 19:36 - 00000000 ____D C:\Users\Sharugan\Desktop\FaZeClan Intro Template By CSR
2015-08-19 22:37 - 2015-08-19 22:38 - 20168615 _____ C:\Users\Sharugan\Downloads\FaZeClan Intro Template By CSR.rar
2015-08-19 12:43 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-19 12:43 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-17 14:44 - 2015-08-17 14:44 - 00660960 _____ (Dropbox, Inc.) C:\Users\Sharugan\Downloads\DropboxInstaller (1).exe
2015-08-17 14:32 - 2015-08-17 17:32 - 00000000 ___RD C:\Users\Sharugan\Dropbox
2015-08-17 14:29 - 2015-08-17 14:29 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\Dropbox
2015-08-17 14:28 - 2015-08-18 12:04 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-17 14:28 - 2015-08-17 17:32 - 00000000 ____D C:\Users\Sharugan\AppData\Local\Dropbox
2015-08-17 14:28 - 2015-08-17 14:28 - 00660960 _____ (Dropbox, Inc.) C:\Users\Sharugan\Downloads\DropboxInstaller.exe
2015-08-17 14:28 - 2015-08-17 14:28 - 00000000 ____D C:\ProgramData\Dropbox
2015-08-16 00:23 - 2015-08-16 00:39 - 06144000 _____ (Byte-Dev.de) C:\Users\Sharugan\Desktop\CS-GO Server Auswahl.exe
2015-08-16 00:23 - 2015-08-16 00:23 - 00344614 _____ C:\Users\Sharugan\Downloads\uCSGO 1.3.rar
2015-08-14 23:39 - 2015-08-19 23:13 - 00000000 ____D C:\Users\Sharugan\Desktop\CSGO Zeugs
2015-08-14 23:38 - 2015-08-14 23:39 - 00000000 ____D C:\Users\Sharugan\Desktop\Textdatein,Backup
2015-08-14 23:26 - 2015-08-14 23:26 - 01855815 _____ C:\Users\Sharugan\Downloads\hldj64_1.6.02.zip
2015-08-14 23:24 - 2015-08-14 23:24 - 11877448 _____ (GoldWave Inc.) C:\Users\Sharugan\Downloads\InstallGoldWave613.exe
2015-08-13 17:56 - 2015-08-13 17:56 - 00448091 _____ C:\Users\Sharugan\Downloads\Keybinder---MixIt.rar
2015-08-12 13:49 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 13:49 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 11:27 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 11:27 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 11:27 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 11:27 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 11:27 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 11:27 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-08-12 11:27 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 11:27 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 11:27 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 11:27 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 11:27 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 11:27 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 11:25 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 11:25 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 11:25 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 11:25 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 11:25 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 11:25 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 11:25 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 11:25 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 11:25 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 11:25 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 11:25 - 2015-06-09 20:27 - 00411133 _____ C:\Windows\system32\ApnDatabase.xml
2015-08-12 11:24 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 11:24 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 11:24 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 11:24 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 11:24 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2015-08-12 11:24 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 11:24 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 11:24 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 11:24 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-08-12 11:24 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 11:24 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 11:24 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-08-12 11:24 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 11:24 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 11:24 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2015-08-12 11:24 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-08-12 11:24 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 11:24 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 11:24 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 11:24 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2015-08-12 11:24 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 11:24 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 11:24 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 11:24 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 11:23 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-08-12 11:23 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\Windows\system32\netcfgx.dll
2015-08-12 11:23 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcfgx.dll
2015-08-12 11:23 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 11:23 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 11:23 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2015-08-12 11:23 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2015-08-12 11:23 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2015-08-12 11:23 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 11:23 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 11:23 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 11:23 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 11:23 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2015-08-12 11:23 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2015-08-12 11:22 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 11:22 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 11:22 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 11:22 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 11:22 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 11:22 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 11:22 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 11:22 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 11:22 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 11:22 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-08-12 11:22 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 11:22 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2015-08-12 11:22 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 11:22 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 11:22 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 11:22 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 11:22 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 11:22 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 11:22 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2015-08-12 11:22 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2015-08-12 11:22 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
2015-08-12 11:21 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 11:21 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 11:21 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 11:21 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 11:21 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 11:21 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 11:21 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 11:21 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-09 19:55 - 2015-08-09 19:55 - 00003328 _____ C:\Users\Sharugan\Downloads\autoexec.zip
2015-08-09 15:23 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_25.dll
2015-08-09 15:20 - 2015-08-09 15:20 - 00020950 _____ C:\Users\Sharugan\Downloads\csgo_bananagaming (2).txt
2015-08-09 11:37 - 2015-08-09 11:37 - 07341393 _____ C:\Users\Sharugan\Downloads\timeburner.zip
2015-08-08 22:11 - 2015-08-08 22:11 - 00020950 _____ C:\Users\Sharugan\Downloads\csgo_bananagaming (1).txt
2015-08-08 22:09 - 2015-08-08 22:09 - 00020950 _____ C:\Users\Sharugan\Downloads\csgo_bananagaming.txt
2015-08-08 21:10 - 2015-08-08 21:10 - 00005117 _____ C:\Users\Sharugan\Downloads\script (2).cfg
2015-08-08 18:14 - 2015-08-08 18:14 - 00237268 _____ C:\Users\Sharugan\Downloads\ClownfishVoiceChanger-v1.50.ts3_plugin
2015-08-08 18:13 - 2015-08-08 18:13 - 00394754 _____ C:\Users\Sharugan\Downloads\soundboard-1.0b5-win64.ts3_plugin
2015-08-08 18:13 - 2015-08-08 18:13 - 00334311 _____ C:\Users\Sharugan\Downloads\soundboard-1.0b5-win32.ts3_plugin
2015-08-04 11:23 - 2015-08-04 11:23 - 00106571 _____ C:\Users\Sharugan\Downloads\notfire final release_mpgh.net.rar
2015-08-04 11:13 - 2015-08-04 11:13 - 00051773 _____ C:\Users\Sharugan\Downloads\IONEWF___mpgh.net.zip
2015-08-03 20:01 - 2015-08-03 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2015-08-03 20:01 - 2015-08-03 20:01 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2015-08-03 12:12 - 2015-08-03 12:12 - 00045680 ____H (LogMeIn Inc.) C:\Windows\system32\Drivers\Hamdrv.sys
2015-08-03 08:52 - 2015-08-03 08:52 - 00219757 _____ C:\Users\Sharugan\Downloads\Chaos_A.D_Keybinder_2.2.rar
2015-08-02 23:05 - 2015-08-02 23:06 - 71591905 _____ C:\Users\Sharugan\Downloads\modpack.rar
2015-08-02 14:07 - 2015-08-02 14:07 - 08402658 _____ C:\Users\Sharugan\Downloads\20150622-SAMP-GTA-V-Hud.rar
2015-07-31 22:37 - 2015-07-31 22:37 - 00000450 _____ C:\Users\Sharugan\Downloads\Knife Glitch.txt
2015-07-31 22:37 - 2015-07-31 22:37 - 00000450 _____ C:\Users\Sharugan\Downloads\Knife Glitch (1).txt
2015-07-31 21:06 - 2015-07-31 21:06 - 00001102 _____ C:\Users\Sharugan\Desktop\VMProtect.lnk
2015-07-31 21:06 - 2015-07-31 21:06 - 00000000 ____D C:\ProgramData\PolyTech
2015-07-31 21:06 - 2015-07-31 21:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMProtect Ultimate
2015-07-31 21:06 - 2015-07-31 21:06 - 00000000 ____D C:\Program Files (x86)\VMProtect Ultimate
2015-07-31 21:04 - 2015-07-31 21:04 - 00011510 _____ C:\Users\Sharugan\Downloads\jme monkybisnis_mpgh.net.zip
2015-07-31 20:11 - 2015-07-31 20:13 - 14248488 _____ (VMProtect Software ) C:\Users\Sharugan\Downloads\VMProtectSetup.exe
2015-07-30 22:17 - 2015-07-30 22:17 - 00005100 _____ C:\Users\Sharugan\Downloads\bibanator config Januar 2015.rar
2015-07-30 22:08 - 2015-07-30 22:08 - 00005117 _____ C:\Users\Sharugan\Downloads\script (1).cfg
2015-07-30 21:54 - 2015-07-30 21:54 - 00001198 _____ C:\Users\Sharugan\Downloads\autoexec.cfg
2015-07-30 18:40 - 2015-05-02 07:35 - 00014336 _____ C:\Users\Sharugan\Desktop\NT037.exe
2015-07-30 18:39 - 2015-07-30 18:39 - 00006743 _____ C:\Users\Sharugan\Downloads\NT037exe.rar
2015-07-29 19:59 - 2015-07-29 20:00 - 22295605 _____ C:\Users\Sharugan\Downloads\Avex.rar
2015-07-28 11:02 - 2015-07-28 11:02 - 00312752 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
2015-07-28 11:01 - 2015-07-28 11:01 - 00245680 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
2015-07-28 06:33 - 2015-07-28 06:33 - 00000000 ____D C:\Users\Sharugan\AppData\Local\GWX
2015-07-27 07:42 - 2015-07-27 07:43 - 00005117 _____ C:\Users\Sharugan\Downloads\script.cfg
2015-07-27 07:22 - 2015-08-11 19:22 - 09284296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-07-27 03:10 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-27 03:10 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-27 03:10 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-27 03:10 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-27 03:10 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-27 03:10 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-27 03:10 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-27 03:10 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-27 03:10 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-27 03:10 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-27 03:10 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-27 03:10 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-07-27 03:10 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-27 03:10 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-27 03:10 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-27 03:10 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-07-27 03:10 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-27 03:10 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-27 03:10 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-27 03:10 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-27 03:10 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-27 03:10 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-27 03:10 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-27 03:10 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-27 03:10 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2015-07-27 03:10 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2015-07-27 03:10 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2015-07-27 03:10 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-07-27 03:10 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-07-27 03:10 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-07-27 03:10 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-07-27 03:10 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2015-07-27 03:10 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2015-07-27 03:10 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-07-27 03:10 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2015-07-27 03:09 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-27 03:09 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-27 03:09 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-27 03:09 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2015-07-27 03:09 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-27 03:09 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-27 03:09 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-27 03:09 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-27 03:09 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2015-07-27 03:09 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-27 03:09 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-27 03:09 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2015-07-27 03:09 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-27 03:09 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-07-27 03:09 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-27 03:09 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-27 03:09 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-27 03:09 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-27 03:09 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2015-07-27 03:09 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\Windows\system32\fhcpl.dll
2015-07-27 03:09 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-07-27 03:09 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-27 03:09 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2015-07-27 03:09 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2015-07-27 03:09 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2015-07-27 03:09 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2015-07-27 03:09 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2015-07-27 03:09 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\SysWOW64\locale.nls
2015-07-27 03:09 - 2015-04-28 15:13 - 00513480 _____ C:\Windows\system32\locale.nls
2015-07-27 03:09 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2015-07-27 03:09 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2015-07-27 03:09 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2015-07-27 03:09 - 2015-03-09 04:02 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storvsp.sys
2015-07-27 03:09 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdclass.sys
2015-07-27 03:09 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouclass.sys
2015-07-27 03:09 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\sermouse.sys
2015-07-27 03:09 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\i8042prt.sys
2015-07-27 03:09 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\kbdhid.sys
2015-07-27 03:09 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\mouhid.sys
2015-07-27 02:29 - 2015-07-27 02:29 - 00000000 ____D C:\Users\Sharugan\AppData\Local\CEF
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-08-21 21:22 - 2014-03-12 11:38 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-21 21:20 - 2014-02-23 21:32 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\ClassicShell
2015-08-21 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\system32\sru
2015-08-21 20:45 - 2014-02-23 22:28 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\Skype
2015-08-21 20:33 - 2014-02-23 21:17 - 00001142 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-21 20:06 - 2014-02-23 21:14 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3370996478-1269169652-3549115308-1001
2015-08-21 20:04 - 2015-05-04 13:45 - 00000000 ____D C:\Users\Sharugan\AppData\Local\Purplizer
2015-08-21 19:38 - 2014-04-17 08:13 - 02092914 _____ C:\Windows\WindowsUpdate.log
2015-08-21 19:32 - 2014-02-23 21:48 - 00000000 ____D C:\Program Files (x86)\Java
2015-08-21 19:30 - 2014-04-17 08:11 - 00000000 ____D C:\ProgramData\MFAData
2015-08-21 19:30 - 2013-08-22 15:25 - 00262144 ___SH C:\Windows\system32\config\ELAM
2015-08-21 19:28 - 2014-04-17 08:38 - 00000000 ____D C:\Users\Sharugan\AppData\Local\AVG
2015-08-21 19:27 - 2013-08-22 17:36 - 00000000 ___HD C:\Windows\ELAMBKUP
2015-08-21 19:26 - 2014-04-17 08:15 - 00000000 ___HD C:\$AVG
2015-08-21 19:24 - 2014-03-17 18:53 - 00000000 ____D C:\Users\Sharugan\AppData\Local\Paint.NET
2015-08-21 19:24 - 2014-02-23 20:35 - 01804156 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-21 19:24 - 2013-08-23 01:24 - 00774346 _____ C:\Windows\system32\perfh007.dat
2015-08-21 19:24 - 2013-08-23 01:24 - 00163568 _____ C:\Windows\system32\perfc007.dat
2015-08-21 19:21 - 2014-07-26 17:05 - 00089019 _____ C:\Windows\system32\lvcoinst.log
2015-08-21 19:20 - 2015-05-03 22:19 - 00000000 ____D C:\Users\Sharugan\AppData\Local\Overwolf
2015-08-21 19:19 - 2015-05-08 17:05 - 00000000 ____D C:\Users\Sharugan\AppData\Local\LogMeIn Hamachi
2015-08-21 19:19 - 2014-02-23 21:17 - 00001138 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-21 19:18 - 2015-06-14 20:27 - 00011096 _____ C:\Windows\setupact.log
2015-08-21 19:18 - 2014-04-14 18:39 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\Wise Care 365
2015-08-21 19:18 - 2014-03-09 11:31 - 00000000 __RDO C:\Users\Sharugan\SkyDrive
2015-08-21 19:18 - 2013-08-22 16:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-21 19:17 - 2013-08-22 15:25 - 01048576 ___SH C:\Windows\system32\config\BBI
2015-08-21 19:16 - 2015-06-14 19:10 - 00000000 ____D C:\AdwCleaner
2015-08-21 18:22 - 2014-02-23 21:11 - 00003954 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{BEE96307-3091-4C0F-81FA-CCE207A1C30F}
2015-08-21 15:47 - 2015-02-22 13:52 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\TS3Client
2015-08-20 13:34 - 2014-02-23 22:27 - 00002715 _____ C:\Users\Public\Desktop\Skype.lnk
2015-08-20 13:34 - 2014-02-23 22:27 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-20 13:34 - 2014-02-23 22:27 - 00000000 ____D C:\ProgramData\Skype
2015-08-19 23:13 - 2015-06-09 23:04 - 00000000 ___RD C:\Users\Sharugan\Desktop\WICHTIG FÜR BEWERBUNGEN UNSO
2015-08-19 12:43 - 2013-08-22 17:20 - 00000000 ____D C:\Windows\CbsTemp
2015-08-18 21:04 - 2014-02-25 22:42 - 00000432 _____ C:\Windows\Tasks\Wise Turbo Checker.job
2015-08-18 12:04 - 2014-04-17 08:13 - 00054422 _____ C:\Windows\PFRO.log
2015-08-18 00:24 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\rescache
2015-08-18 00:02 - 2014-02-24 21:29 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-08-17 14:32 - 2014-02-23 20:48 - 00000000 ____D C:\Users\Sharugan
2015-08-14 23:42 - 2015-01-07 19:04 - 00000000 ___RD C:\Users\Sharugan\Desktop\GTA SA Mods
2015-08-14 23:41 - 2015-04-09 11:21 - 00000000 ___RD C:\Users\Sharugan\Desktop\Keybinder
2015-08-14 23:36 - 2014-03-02 12:55 - 00000000 ____D C:\Users\Sharugan\AppData\Local\CrashDumps
2015-08-13 17:10 - 2015-02-22 13:19 - 00000000 ____D C:\Program Files (x86)\Overwolf
2015-08-13 08:34 - 2014-02-23 21:17 - 00002199 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-12 14:24 - 2013-08-22 16:44 - 00490496 _____ C:\Windows\system32\FNTCACHE.DAT
2015-08-12 13:49 - 2015-06-14 23:08 - 00000000 ____D C:\Windows\system32\appraiser
2015-08-12 13:49 - 2014-08-31 14:24 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-12 13:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 13:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 13:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-12 13:49 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-12 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-12 13:49 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-12 13:34 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\AppReadiness
2015-08-12 13:23 - 2014-03-03 21:49 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-08-12 13:23 - 2014-03-03 21:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-08-12 12:34 - 2014-02-24 21:34 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-08-12 12:33 - 2014-03-03 21:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-08-12 12:32 - 2014-02-23 21:45 - 00000000 ____D C:\Windows\system32\MRT
2015-08-12 12:27 - 2014-02-23 21:45 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-12 12:25 - 2013-08-22 15:25 - 00000167 _____ C:\Windows\win.ini
2015-08-09 15:24 - 2014-06-01 13:44 - 00113306 _____ C:\Windows\DirectX.log
2015-08-08 15:55 - 2015-06-14 20:28 - 00794088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2015-06-14 20:28 - 00179688 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-08 15:33 - 2014-07-26 17:05 - 00000000 ____D C:\Program Files\Common Files\logishrd
2015-08-03 20:02 - 2015-05-08 17:04 - 00000942 _____ C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2015-08-01 10:58 - 2015-07-03 20:50 - 00000000 ____D C:\Users\Sharugan\AppData\Roaming\PlayClaw5
2015-07-31 18:44 - 2015-06-14 23:07 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-29 07:06 - 2015-06-14 23:07 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-28 06:32 - 2014-05-18 12:36 - 00000000 ___RD C:\Users\Sharugan\Podcasts
2015-07-27 21:00 - 2013-08-22 17:36 - 00000000 ___RD C:\Windows\ToastData
2015-07-27 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\WinStore
2015-07-27 21:00 - 2013-08-22 17:36 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-27 02:27 - 2014-02-23 21:17 - 00004114 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-27 02:27 - 2014-02-23 21:17 - 00003878 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-05-16 10:25 - 2015-05-16 10:25 - 0437645 _____ () C:\Program Files\SnippingToolPlusv3-4-1-0.zip
2014-03-16 20:14 - 2014-03-16 20:14 - 0000045 _____ () C:\Users\Sharugan\AppData\Roaming\WB.CFG
2015-03-17 13:52 - 2015-03-17 19:14 - 0004608 _____ () C:\Users\Sharugan\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-13 11:17 - 2014-07-13 11:17 - 0000096 _____ () C:\Users\Sharugan\AppData\Local\fusioncache.dat
2015-06-13 13:45 - 2015-06-13 13:45 - 0613255 _____ (CMI Limited) C:\Users\Sharugan\AppData\Local\nsq568D.tmp
2015-05-18 16:54 - 2015-05-18 16:54 - 0000859 _____ () C:\Users\Sharugan\AppData\Local\recently-used.xbel
2014-02-25 22:23 - 2004-03-16 11:13 - 0041984 _____ () C:\ProgramData\dbx.v12
2014-03-01 23:39 - 2014-03-01 23:39 - 0001534 _____ () C:\ProgramData\ss.ini
Einige Dateien in TEMP:
====================
C:\Users\Sharugan\AppData\Local\Temp\d048e6791b0b450ebf36f349e7816059357543.exe
C:\Users\Sharugan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpectxve.dll
C:\Users\Sharugan\AppData\Local\Temp\EslWireSetup-1.18.0.8101-x64.exe
C:\Users\Sharugan\AppData\Local\Temp\gwunstal.exe
C:\Users\Sharugan\AppData\Local\Temp\iv_uninstall.exe
C:\Users\Sharugan\AppData\Local\Temp\Quarantine.exe
C:\Users\Sharugan\AppData\Local\Temp\sqlite3.dll
C:\Users\Sharugan\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Sharugan\AppData\Local\Temp\_is3E38.exe
C:\Users\Sharugan\AppData\Local\Temp\_is3F5.exe
C:\Users\Sharugan\AppData\Local\Temp\_is845E.exe
C:\Users\Sharugan\AppData\Local\Temp\_is9E6.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-08-07 00:17
==================== Ende von Ergebnis ============================
Die Addition.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:21-08-2015
durchgeführt von Sharugan (2015-08-21 21:32:29)
Gestartet von C:\Users\Sharugan\Desktop
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3370996478-1269169652-3549115308-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3370996478-1269169652-3549115308-1005 - Limited - Enabled)
Gast (S-1-5-21-3370996478-1269169652-3549115308-501 - Limited - Disabled)
Sharugan (S-1-5-21-3370996478-1269169652-3549115308-1001 - Administrator - Enabled) => C:\Users\Sharugan
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{7E33E883-0D17-4397-A461-B576605E34B1}) (Version: 12.1.6.156 - Adobe Systems, Inc)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
AMD Catalyst Install Manager (HKLM\...\{F11C146C-580C-7594-B7BB-4F610202E7C3}) (Version: 3.0.864.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6125 - AVG Technologies)
AVG 2015 (Version: 15.0.4392 - AVG Technologies) Hidden
AVG 2015 (Version: 15.0.6125 - AVG Technologies) Hidden
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BitTorrent (HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\...\BitTorrent) (Version: 7.9.2.37755 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
Cinema 4D version R12 (HKLM-x32\...\{7D9D8134-9FA3-4FFF-ADA1-BF609F29997A}_is1) (Version: R12 - Salat Production) <==== ACHTUNG
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
CLEO 4.3 (HKLM-x32\...\{A8F37EB0-C741-41D7-8CAB-5B40ECEEF094}_is1) (Version: 4.3 - Seemann, Deji, Alien)
Counter-Strike Nexon: Zombies (HKLM-x32\...\Steam App 273110) (Version: - Nexon)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
ESL Wire 1.18.0 (HKLM\...\ESL Wire_is1) (Version: - Turtle Entertainment GmbH)
Folderico 4.0 RC12 (HKLM-x32\...\Folderico) (Version: 4.0 RC12 - Shedko ( www.softq.org ))
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.33.000 - Runtime Software)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.155 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
GTA San Andreas (HKLM-x32\...\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}) (Version: 1.00.00001 - Rockstar Games)
Horizon v2.7.8.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.8.0 - Daring Development Inc.)
IdleMaster (HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\...\1d85483b1c982d8c) (Version: 0.9.0.0 - IdleMaster)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Iso2God v1.3.6 (HKLM-x32\...\{AB95979D-85EF-484A-9805-EB28E676E201}_is1) (Version: - Team 360h)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Java 8 Update 5 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418005FF}) (Version: 8.0.50 - Oracle Corporation)
KaloMa 4.77 (HKLM-x32\...\KaloMa_is1) (Version: - Frank Böpple)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden
mathbuch7 (HKLM-x32\...\mathbuch7) (Version: 1.0.0.0 - © 2005-2008 Klett und Balmer / schulverlag blmv)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUSR) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60830 (HKLM-x32\...\{c7ed0d4c-89c5-47fc-9e89-1088affe63f3}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60830 (HKLM-x32\...\{9dba0447-b749-41ea-90bc-2aa19a9eb580}) (Version: 11.0.60830.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.88.41.0 - Overwolf Ltd.)
Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 1.00.0026 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6591 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
San Andreas Mod Installer (HKLM-x32\...\San Andreas Mod Installer1.0) (Version: - )
Sanny Builder 3.2.2 (HKLM-x32\...\Sanny Builder 3_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{91150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUSR_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (Version: - Microsoft) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{C9193CBB-C31A-412A-A074-AD08F0F2CF3D}) (Version: 7.0.27.13 - Mad Catz)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Update for Skype for Business 2015 (KB2889853) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUSR_{CBCC2FD8-7DFE-4752-95B5-2E447C226F45}) (Version: - Microsoft)
Vegas Pro 13.0 (64-bit) (HKLM\...\{386F5740-091D-11E4-B13E-F04DA23A5C58}) (Version: 13.0.373 - Sony)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes)
VIRTUIS ADVANCED Gaming Keyboard Driver (HKLM-x32\...\{B3CDED64-7DC2-429D-A325-BBC3CF793AA6}) (Version: 1.0 - SPEEDLINK)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VMProtect Ultimate v 2.13 (HKLM-x32\...\VMProtect Ultimate_is1) (Version: 2.13 - VMProtect Software)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Wise Care 365 2.96 (HKLM-x32\...\Wise Care 365_is1) (Version: 2.96 - WiseCleaner.com, Inc.)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
01-08-2015 10:47:57 Revo Uninstaller's restore point - PlayClaw 5
09-08-2015 15:21:26 DirectX wurde installiert
17-08-2015 23:57:51 Windows Update
21-08-2015 19:25:34 Installed AVG 2015
21-08-2015 19:26:19 Installed AVG 2015
21-08-2015 19:31:20 Removed Java 7 Update 51
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {009D66B7-314F-4A33-8EAF-98B57D07EE21} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-23] (Google Inc.)
Task: {01CAE035-4F1A-4596-8BFE-D9085CD81AFB} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {0440B91F-AF6C-456C-B27E-A8EED58DCA2D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {2065AD24-6F9A-4C23-AC62-47BC54A0CAC5} - System32\Tasks\{EFA7EE35-B591-4623-8618-AEEB93E02F5A} => pcalua.exe -a C:\ProgramData\MovieMode\uninstall.exe -c /kb=y /ic=1
Task: {292A1846-DBDE-4A4A-AC34-30FDA8F12EF5} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2015-08-09] (Overwolf LTD)
Task: {42AD34FE-323E-44F0-A7D9-E892DBE02817} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {6D95C42E-EB27-4EF0-ABF0-B6E2C0CC82B9} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-08-12] (Microsoft Corporation)
Task: {6ECA45F5-40F6-4657-BB68-3C161452BE6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-23] (Google Inc.)
Task: {7BB14F76-AA4A-49AC-967A-1660CB57948E} - System32\Tasks\Wise Turbo Checker => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe [2014-01-21] (WiseCleaner.COM)
Task: {C2D1678C-2B68-4143-B96E-551C0A001606} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {E424679D-0E34-4B2E-8D10-6923D6C0ED04} - System32\Tasks\GenericSettingsHandler\Windows-Credentials\RetrySyncTask_for_S-1-5-21-3370996478-1269169652-3549115308-1001
Task: {EAC5371E-8DA3-49EB-876C-471EBE7EC35D} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-12-17] (Oracle Corporation)
Task: {EDE4283D-5E83-47E7-A25E-5F9CD3A07BD4} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {FCC575D3-5036-4DF2-9085-8D9D795C32CE} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Wise Turbo Checker.job => C:\Program Files (x86)\Wise\Wise Care 365\WiseTurbo.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-07-04 21:33 - 2014-07-04 21:33 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2015-08-20 16:23 - 2014-01-28 11:40 - 00663056 _____ () C:\Program Files\EslWire\service\WireHelperSvc.exe
2015-08-20 16:23 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\service\NocIPC64.dll
2015-08-20 16:22 - 2014-12-09 11:24 - 08871424 _____ () C:\Program Files\EslWire\WireCore.dll
2015-08-20 16:22 - 2014-10-09 15:22 - 00214016 _____ () C:\Program Files\EslWire\NocIPC64.dll
2015-08-20 16:22 - 2014-12-09 11:22 - 00454656 _____ () C:\Program Files\EslWire\Linesman.dll
2015-08-20 16:22 - 2014-10-09 15:23 - 00310272 _____ () C:\Program Files\EslWire\laginspect\laginspect.dll
2015-03-24 15:28 - 2015-03-24 15:28 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-03-24 15:28 - 2015-03-24 15:28 - 00775872 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2015-03-24 15:27 - 2015-03-24 15:27 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2015-03-24 15:27 - 2015-03-24 15:27 - 00058368 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2015-03-24 15:27 - 2015-03-24 15:27 - 00026112 _____ () C:\Program Files\Rainmeter\Plugins\QuotePlugin.dll
2014-04-26 19:33 - 2013-09-30 17:24 - 01976832 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Monitor.EXE
2014-04-26 19:33 - 2013-07-11 09:38 - 00169984 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\OSD.exe
2014-07-04 21:33 - 2014-07-04 21:33 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 40555008 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\libcef.DLL
2015-08-09 14:06 - 2015-08-09 14:06 - 00152816 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\OWGameEventsConsumer.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00025600 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\CoreAudioApi.dll
2014-04-26 19:33 - 2013-08-17 14:13 - 00036864 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\Lang\Lang_EN.dll
2014-04-26 19:33 - 2012-11-05 08:37 - 00061440 _____ () C:\Program Files (x86)\SPEEDLINK\VIRTUIS Advanced Gaming Keyboard\hiddriver.dll
2014-03-12 11:43 - 2015-07-03 18:12 - 00778240 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-02-27 16:18 - 2015-07-03 18:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2014-06-28 17:11 - 2015-08-19 22:39 - 02413248 _____ () C:\Program Files (x86)\Steam\video.dll
2015-02-27 16:18 - 2015-07-03 18:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-02-27 16:18 - 2015-07-03 18:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2014-12-20 20:30 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-12-20 20:30 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-12-20 20:30 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-12-20 20:30 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-12-20 20:30 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-03-12 11:43 - 2015-08-19 22:39 - 00704192 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-07-27 02:28 - 2015-07-27 03:13 - 00171008 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-08-13 08:33 - 2015-08-08 02:13 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libglesv2.dll
2015-08-13 08:33 - 2015-08-08 02:13 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.155\libegl.dll
2014-03-12 11:43 - 2015-07-03 18:12 - 39553928 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 01274655 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\libxml2-2.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00028160 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\libssp-0.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00100352 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\zlib1.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00373657 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\plugins\libmsn.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00021337 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\plugins\libxmpp.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00415553 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\libjabber.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00190464 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\libsasl.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00022832 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\plugins\libyahoo.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00228908 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\libymsg.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00027811 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\plugins\ssl-nss.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00012004 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\plugins\ssl.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00140288 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\sasl2\saslDIGESTMD5.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00102912 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\sasl2\saslPLAIN.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00425984 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\Purplizer\sqlite3.dll
2015-08-09 14:05 - 2015-08-09 14:05 - 00985088 _____ () C:\Program Files (x86)\Overwolf\0.88.41.0\ffmpegsumo.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Sharugan\SkyDrive:ms-properties
AlternateDataStreams: C:\Users\Sharugan\SkyDrive.old:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Sharugan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\wallpaper.bmp
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppextcomobj.exe
FirewallRules: [TCP Query User{67EB7C8E-9F20-46A5-8D8B-76DD5792C65A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{3F0F53E3-4FB3-44D1-AA82-D9885990F81E}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{5C99A052-F595-4E11-ABF5-ECB4CEF059C6}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{17F55C55-996D-47A1-95C3-222275E43BAD}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{CF1879F3-34BC-4D77-97B1-7131FB643584}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{4EB7A99E-1937-4EB1-AC66-BD36011A412F}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{2D2970E5-4003-40B7-866E-9CAC7242F153}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{AC40CDE1-2E33-4A91-B073-56A6A8E5865C}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [TCP Query User{BABE05A4-910F-4AC3-A2F3-1A3B8BD09DC7}C:\users\sharugan\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\sharugan\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [UDP Query User{187E2932-143B-476D-9C46-CB1F81F4567C}C:\users\sharugan\appdata\roaming\bittorrent\bittorrent.exe] => (Allow) C:\users\sharugan\appdata\roaming\bittorrent\bittorrent.exe
FirewallRules: [{02C6F0AD-9E4B-440F-8A3A-2F400CE97AC5}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{46E479D5-6DF4-4784-914C-AB32FFC9DD0F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{2452827A-6103-41FD-96A2-54397460DE72}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{8ED09C0C-ABD1-4B50-91A8-2CB186E3A4C5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{EEEE6F95-2A72-402E-962D-A35BC7558553}] => (Allow) C:\Users\Sharugan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [{9E873865-2BA3-4F71-AB8C-10A4FC73117A}] => (Allow) C:\Users\Sharugan\AppData\Roaming\BitTorrent\BitTorrent.exe
FirewallRules: [TCP Query User{2CBB3592-6E7E-4B7D-89AD-676AD4347F4F}C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [UDP Query User{E7B42392-8CF8-4FE1-8CF9-3819A5B426AC}C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe] => (Allow) C:\program files (x86)\goat simulator\binaries\win32\goatgame-win32-shipping.exe
FirewallRules: [{8DB3CFEB-4E65-42AA-A472-4EE606671AF0}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{52CCAFFA-31B0-4696-8C89-34A504A40FD4}] => (Allow) C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
FirewallRules: [{DBFA6F69-52AE-453A-9C7F-00368FEDF814}] => (Allow) %ProgramFiles%\Zune\Zune.exe
FirewallRules: [{DFFC6520-F751-43DC-8A61-E840F1775452}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D08D3A1A-4CF8-47B3-8ABB-F375FCF207B9}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{B8225E0F-6F32-4949-9E35-CF3CC08EFFBF}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{0ECD6DB4-6CC7-474F-BC6A-5FDAEF465691}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{7894F6BA-3E03-40D5-B1B6-253E120321BC}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{A845A976-0AEA-4DF9-81C5-333206EFC65C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{E4EACA1D-5676-48CF-BC61-32F1241D54E2}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{8D3618FF-966E-4CD3-856F-92B6D5A9E26C}] => (Allow) %ProgramFiles%\Zune\ZuneNSS.exe
FirewallRules: [{D0FB044F-B0A1-4F5A-85DB-11A21474DC38}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{0EA9D38E-5E04-4816-B449-BAA2299A7A6C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{51D60721-056B-432C-8D30-4E527E7DF001}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{B5338DF1-E02B-4D10-8307-1D7693B61974}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{A339F049-DF6B-4598-9A95-37280DC75DD5}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{2F155904-9E91-4FD9-AFEF-83379074C909}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3E5FA1D8-300C-4ED6-8709-971C1C200A3F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BFAD1BB1-9C02-47BD-8494-A9436B9C10A4}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{4C7292A5-7EF1-4775-BC5F-B16C515DAB30}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{8EC76D61-7443-4F19-A5FC-465E7DDBC6D0}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{26739A1B-23E8-404E-9509-6BFCFA8F1624}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{E1B06EB7-8C1D-421C-9320-4DB0B590A18D}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [UDP Query User{9DF96185-DBBF-4648-BDAE-49C01E381D93}C:\program files\java\jre8\bin\javaw.exe] => (Allow) C:\program files\java\jre8\bin\javaw.exe
FirewallRules: [{79C4565D-E0B7-47E0-8A5A-70C9B55C48B0}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{437ECD9A-9B2F-4F6B-BA45-685AF6AC0948}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{088E5572-5482-4958-8515-2242D180C887}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3BF1AE04-36D6-4CB4-A855-72E92B1DFC1F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3F30509A-87AA-42D5-BABD-6C766A5A72C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{A4DB3482-EA45-42DB-8295-290BFAF9D35D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6C55B9B6-006D-4384-8F35-964A7F70F2AE}C:\users\sharugan\desktop\dayz standalone v0.49 client\dayz.exe] => (Allow) C:\users\sharugan\desktop\dayz standalone v0.49 client\dayz.exe
FirewallRules: [UDP Query User{B6EA116A-09F7-4674-B171-F2680A18535D}C:\users\sharugan\desktop\dayz standalone v0.49 client\dayz.exe] => (Allow) C:\users\sharugan\desktop\dayz standalone v0.49 client\dayz.exe
FirewallRules: [TCP Query User{D2DBF697-A640-419C-B87F-05B534D9D64D}C:\users\sharugan\desktop\dayz standalone v0.49 client\dayzserver.exe] => (Allow) C:\users\sharugan\desktop\dayz standalone v0.49 client\dayzserver.exe
FirewallRules: [UDP Query User{C239B26D-B22B-43B1-AC00-303BD6DBE10E}C:\users\sharugan\desktop\dayz standalone v0.49 client\dayzserver.exe] => (Allow) C:\users\sharugan\desktop\dayz standalone v0.49 client\dayzserver.exe
FirewallRules: [{1F04619A-25BB-46CC-B6D8-D947582F67DC}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{3C37749B-6118-468F-B94F-DFCDB0B4F41C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{DAF8EFFB-6725-468B-B0F6-5A45342EFE43}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8B10ADF7-EB4F-48CD-B0F6-15E9D9A5055D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{B1CDEE46-D7E6-4A8E-84EA-90978E4C1BA2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\CSNZ\Bin\cstrike-online.exe
FirewallRules: [{374A71F4-54A7-43F2-AFAD-AC7EA36EE28E}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{72241617-0157-4424-99F7-07CC02D8B0F8}] => (Allow) C:\Program Files\EslWire\wire.exe
FirewallRules: [{98AB5191-2549-4130-90EE-16D12A3CEDDB}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{87428F2F-9346-4182-A94B-802CACEBB805}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
FirewallRules: [{6F64B71A-BD46-494C-A7D4-83626268A07A}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{9993B417-70D4-46F5-9094-2032C7EE86CE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe
FirewallRules: [{6D5A4615-D083-4D9C-80C9-E9628988A278}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{0CABE52C-7D50-4F60-9455-4F0D1308C7B2}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe
FirewallRules: [{405A0CC0-6E53-4F66-9215-406E7EFEA790}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
FirewallRules: [{A42B00BB-A040-4B16-B1B2-9909E6F6054D}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Programmable Root Enumerator
Description: Programming Support
Class Guid: {678dcf40-e2e6-11d5-8cd5-e960089ea00a}
Manufacturer: Mad Catz
Service: SaiNtBus
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (08/21/2015 09:22:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: Fehler bei der Lizenzaktivierung (slui.exe). Fehlercode:
hr=0xC004F074
Befehlszeilenargumente:
RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (08/21/2015 08:48:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHARUGAN-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/21/2015 08:33:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHARUGAN-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/21/2015 08:23:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1b98
Startzeit: 01d0dc3dbddcb09a
Endzeit: 4294967295
Anwendungspfad: C:\Windows\syswow64\wwahost.exe
Berichts-ID: b35a4717-4831-11e5-8354-8c89a5e3f208
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (08/21/2015 08:23:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 18a8
Startzeit: 01d0dc3dbe520967
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: b257f298-4831-11e5-8354-8c89a5e3f208
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (08/21/2015 08:03:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHARUGAN-PC)
Description: Bei der Aktivierung der App „Microsoft.SkypeApp_kzf8qxf38zg5c!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (08/21/2015 07:38:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm wwahost.exe, Version 6.3.9600.17415 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 14ec
Startzeit: 01d0dc377395bfa9
Endzeit: 4294967295
Anwendungspfad: C:\Windows\syswow64\wwahost.exe
Berichts-ID: 67102e0f-482b-11e5-8354-8c89a5e3f208
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App
Error: (08/21/2015 07:38:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: cac
Startzeit: 01d0dc37739f4907
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 66f3a4e3-482b-11e5-8354-8c89a5e3f208
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (08/21/2015 07:25:04 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (08/21/2015 07:25:04 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
Systemfehler:
=============
Error: (08/21/2015 08:33:18 PM) (Source: DCOM) (EventID: 10010) (User: SHARUGAN-PC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa
Error: (08/21/2015 08:03:32 PM) (Source: DCOM) (EventID: 10010) (User: SHARUGAN-PC)
Description: App.AppX54xz6wnkhmw763c2y8tb018n7d71dtx7.wwa
Error: (08/21/2015 07:17:06 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (08/21/2015 07:16:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/21/2015 07:16:58 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/21/2015 07:16:58 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "ESL Wire Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/21/2015 07:16:47 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (08/21/2015 07:16:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "LogMeIn Hamachi Tunneling Engine" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/21/2015 07:16:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Skype Click to Call PNR Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (08/21/2015 07:16:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Skype Click to Call Updater" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Microsoft Office:
=========================
Error: (08/21/2015 09:22:22 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=TimerEvent
Error: (08/21/2015 08:48:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHARUGAN-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2147023170
Error: (08/21/2015 08:33:18 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHARUGAN-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141
Error: (08/21/2015 08:23:35 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.174151b9801d0dc3dbddcb09a4294967295C:\Windows\syswow64\wwahost.exeb35a4717-4831-11e5-8354-8c89a5e3f208Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp
Error: (08/21/2015 08:23:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.2091118a801d0dc3dbe5209674294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exeb257f298-4831-11e5-8354-8c89a5e3f208microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (08/21/2015 08:03:33 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SHARUGAN-PC)
Description: Microsoft.SkypeApp_kzf8qxf38zg5c!App-2144927141
Error: (08/21/2015 07:38:21 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: wwahost.exe6.3.9600.1741514ec01d0dc377395bfa94294967295C:\Windows\syswow64\wwahost.exe67102e0f-482b-11e5-8354-8c89a5e3f208Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5cApp
Error: (08/21/2015 07:38:19 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: LiveComm.exe17.5.9600.20911cac01d0dc37739f49074294967295C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe66f3a4e3-482b-11e5-8354-8c89a5e3f208microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbweppleae38af2e007f4358a809ac99a64a67c1
Error: (08/21/2015 07:25:04 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt
Error: (08/21/2015 07:25:04 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig
CodeIntegrity:
===================================
Date: 2015-08-21 19:16:08.550
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-21 19:16:08.275
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-20 15:15:29.787
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-20 15:15:29.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-20 15:15:29.245
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-20 15:15:26.981
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-20 15:15:25.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-19 12:45:26.670
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-18 19:08:38.083
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-08-13 01:47:23.281
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Processor: AMD A8-5500 APU with Radeon(tm) HD Graphics
Prozentuale Nutzung des RAM: 95%
Installierter physikalischer RAM: 3561.07 MB
Verfügbarer physikalischer RAM: 152.84 MB
Summe virtueller Speicher: 6377.07 MB
Verfügbarer virtueller Speicher: 2626.04 MB
==================== Laufwerke ================================
Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:323.94 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:26.96 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: DAD0363C)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== Ende von Ergebnis ============================ #EDI
Avast hat 338 Bedrohungen gefunden.
Und allte beseitigt(hoffe ich mal)
Die FRST hab ich nachdem Avast Scan gemacht.
#EDIT 2
Ich könnte mein System zurück zum 17.08 wiederherstellen.
Sollte ich das machen und dann alles nochmal durchecken und passwort ändern ?
#EDIT 3
Malwarebytes Log. Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlaufdatum: 21.08.2015
Suchlaufzeit: 23:02
Protokolldatei: malwarebytes.txt
Administrator: Ja
Version: 2.1.8.1057
Malware-Datenbank: v2015.08.21.09
Rootkit-Datenbank: v2015.08.16.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Sharugan
Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 386158
Abgelaufene Zeit: 30 Min., 24 Sek.
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(keine bösartigen Elemente erkannt)
Module: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 4
PUP.Optional.SaveSense.A, HKU\S-1-5-21-3370996478-1269169652-3549115308-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{71e129ff-6c2a-4984-818c-7e2c998b8d99}, , [ceafa66529625dd95106d7c60ef4748c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1146AC44-2F03-4431-B4FD-889BC837521F}{53a1c4d9}, , [5e1f38d34b40f442658c08a039cbd729],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-19\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [225b94779cefb28461c6c5e7a95b58a8],
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-20\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, , [d5a8a566d7b4cb6b97903379c63e3cc4],
Registrierungswerte: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Ordner: 7
PUP.Optional.MultiPlug.Gen, C:\Users\Sharugan\AppData\Roaming\00000000-1433856629-0000-0000-8C89A5E3F208, , [0f6efd0eb0dbdf5770d6881a36ce16ea],
PUP.Optional.OptimizerPro.A, C:\Users\Sharugan\Documents\Optimizer Pro, , [fa8361aaa5e682b4a860d8d2b84cb749],
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2, , [18654ebd206b51e52c22fa1cbc47817f],
PUP.Optional.OptimizerPro.A, C:\Users\Sharugan\AppData\Roaming\Optimizer Pro, , [fe7fb15ab8d32d09a2be95810bf8d32d],
PUP.Optional.OptimizerPro.A, C:\Users\Sharugan\AppData\Roaming\Optimizer Pro\Backup, , [fe7fb15ab8d32d09a2be95810bf8d32d],
PUP.Optional.OptimizerPro.A, C:\Users\Sharugan\AppData\Roaming\Optimizer Pro\Log, , [fe7fb15ab8d32d09a2be95810bf8d32d],
PUP.Optional.OptimizerPro.A, C:\Users\Sharugan\AppData\Roaming\Optimizer Pro\Undo, , [fe7fb15ab8d32d09a2be95810bf8d32d],
Dateien: 13
PUP.Optional.Bundle, C:\Program Files (x86)\VMProtect Ultimate\VMProtect.exe, , [6e0f51ba870461d5dd8a701c65a0ff01],
PUP.Optional.Bundle, C:\Program Files (x86)\VMProtect Ultimate\VMProtect_Con.exe, , [205dd338b8d3072f72f5a8e439cc0ff1],
Adware.ConvertAd, C:\Users\Sharugan\AppData\Local\Temp\nsm910C.tmp, , [532ab754860563d30060b2d8e61c5da3],
PUP.Optional.Bundle, C:\Users\Sharugan\Downloads\VMProtectSetup.exe, , [9be29e6de7a493a3f572fb9115f0de22],
PUP.Optional.AnyProtect, C:\Users\Sharugan\AppData\Local\nsq568D.tmp, , [007d907b7a11ca6cc8453255659dec14],
PUP.Optional.MultiPlug.Gen, C:\Users\Sharugan\AppData\Roaming\00000000-1433856629-0000-0000-8C89A5E3F208\vnsj242D.tmp, , [0f6efd0eb0dbdf5770d6881a36ce16ea],
PUP.Optional.MultiPlug.Gen, C:\Users\Sharugan\AppData\Roaming\00000000-1433856629-0000-0000-8C89A5E3F208\Uninstall.exe, , [0f6efd0eb0dbdf5770d6881a36ce16ea],
PUP.Optional.OptimizerPro.A, C:\Users\Sharugan\Documents\Optimizer Pro\CookiesException.txt, , [fa8361aaa5e682b4a860d8d2b84cb749],
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Hilfe.lnk, , [18654ebd206b51e52c22fa1cbc47817f],
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Nach Updates suchen.lnk, , [18654ebd206b51e52c22fa1cbc47817f],
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro entfernen.lnk, , [18654ebd206b51e52c22fa1cbc47817f],
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro im Internet.lnk, , [18654ebd206b51e52c22fa1cbc47817f],
PUP.Optional.OptimizerPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2\Optimizer Pro.lnk, , [18654ebd206b51e52c22fa1cbc47817f],
Physische Sektoren: 0
(keine bösartigen Elemente erkannt)
(end) |