Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Sind kms-r@1n.exe / kms-r@1nhook.exe gefährlich? (https://www.trojaner-board.de/173810-kms-r-1n-exe-kms-r-1nhook-exe-gefaehrlich.html)

Sm4sH 05.12.2015 18:41
Sind kms-r@1n.exe / kms-r@1nhook.exe gefährlich?
 
Hallo Leute,

wie die Überschrift schon verrät, frage ich mich, sind kms-r@1n.exe und kms-r@1nhook.exe gefährlich?

Habe zufällig im Windows Task Manager den Dienst KMS-R@1n gesehen und daher die Frage.

Beide .exe Dateien finden sich im c:\windows Ordner.

Habe Malwarebytes Anti-Malware und AdwCleaner laufen lassen. Keine Funde.
Als Antivirus benutze ich Avast Free Antivirus.

schrauber 05.12.2015 20:40
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Sm4sH 06.12.2015 14:57
Beide Logdateien in einem Beitrag werden nicht angenommen, hier Nr. 1.

Logdatei FRST:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Sandi (Administrator) auf SPC (05-12-2015 22:49:55)
Gestartet von C:\Users\Sandi\Desktop
Geladene Profile: Sandi (Verfügbare Profile: Sandi)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
() C:\Windows\KMS-R@1n.exe
() C:\ProgramData\MobileBrServ\mbbService.exe
(Tanuki Software, Ltd.) C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Oracle Corporation) C:\Program Files (x86)\PS3 Media Server\jre64\bin\java.exe
() C:\Windows\KMS-R@1nhook.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\SoundMAX\SoundMAX.exe
() C:\Program Files\Everything\Everything.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTAgent.exe
() C:\Program Files (x86)\NPowerTray-1.6.3.0\NPowerTray.exe
(TheBestWare Studio) C:\Program Files (x86)\RadioSure\RadioSure.exe
(Ritlabs, SRL) C:\Program Files\The Bat!\thebat64.exe
(F.J. Wechselberger) C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe
(Jumping Bytes) C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe
(sw4you) C:\Program Files (x86)\Hardcopy\hardcopy.exe
() C:\Program Files (x86)\EasyToolz\EasyToolz.exe
() C:\Program Files (x86)\Strato\HiDrive\HiDrive.App.exe
(Heiko Sommerfeldt) C:\Program Files (x86)\PhonerLite\PhonerLite.exe
(PS3 Media Server) C:\Program Files (x86)\PS3 Media Server\pms.exe
(Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe
() C:\Program Files (x86)\RadioSure\RadioSureHistory\RadioSure History.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(CANON INC.) C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Oracle Corporation) C:\Program Files (x86)\PS3 Media Server\jre64\bin\javaw.exe
() C:\Program Files (x86)\MyPhoneExplorer\DLL\adb.exe
() C:\Windows\KMS-R@1nhook.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_19_0_0_245.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SoundMAX] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.)
HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1441792 2014-08-06] ()
HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1310720 2009-06-05] (Analog Devices, Inc.)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft, Inc.)
HKLM-x32\...\Run: [IJNetworkScanUtility] => C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2462680 2015-06-12] (FileZilla Project)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-03] (AVAST Software)
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [] => [X]
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [4990808 2015-09-15] (Disc Soft Ltd)
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [NPowerTray] => C:\Program Files (x86)\NPowerTray-1.6.3.0\NPowerTray.exe [131584 2014-11-29] ()
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [RadioSure] => C:\Program Files (x86)\RadioSure\RadioSure.exe [2877440 2015-09-13] (TheBestWare Studio)
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [thebat_startup] => C:\Program Files\The Bat!\thebat64.exe [33632160 2015-07-31] (Ritlabs, SRL)
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [MyPhoneExplorer] => "C:\Program Files (x86)\MyPhoneExplorer\MyPhoneExplorer.exe" autorun
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Run: [PureSync] => C:\Program Files (x86)\Jumping Bytes\PureSync\PureSyncTray.exe [1025712 2015-12-01] (Jumping Bytes)
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Policies\Explorer: [NoRecentDocsHistory] 1
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Policies\Explorer: [NoRecentDocsMenu] 1
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\MountPoints2: Y - Y:\setup.exe
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\MountPoints2: {4326b179-5f1c-11e5-9fb2-005056c00008} - Y:\setup.exe
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\MountPoints2: {66dcb2b7-70ec-11e5-8259-001d60b9feb7} - Y:\setup.exe
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\MountPoints2: {983d43e0-c569-11e3-bed3-005056c00008} - H:\AutoRun.exe
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\MountPoints2: {af140168-cb16-11e4-bd0f-001d60b9feb7} - Y:\OriginSetup.exe
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Command Processor: C:\Users\Sandi\init.cmd [0 2014-03-06] () <===== ACHTUNG
IFEO\OSPPSVC.EXE: [Debugger] KMS-R@1nhook.exe
IFEO\SppSvc.exe: [Debugger] KMS-R@1nhook.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-03] (AVAST Software)
ShellIconOverlayIdentifiers: [AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2014-09-09] (Acronis)
ShellIconOverlayIdentifiers: [HiDriveOverlayIcon1] -> {dcda8604-4820-3d3b-a147-01b46438873f} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [HiDriveOverlayIcon2] -> {34a70481-a098-3c2c-aea8-5291cb468991} => C:\Windows\system32\mscoree.dll [2010-11-21] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Hardcopy.LNK [2015-11-15]
ShortcutTarget: Hardcopy.LNK -> C:\Program Files (x86)\Hardcopy\hardcopy.exe (sw4you)
Startup: C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EasyToolz.lnk [2015-10-20]
ShortcutTarget: EasyToolz.lnk -> C:\Program Files (x86)\EasyToolz\EasyToolz.exe ()
Startup: C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\HiDrive.lnk [2015-11-08]
ShortcutTarget: HiDrive.lnk -> C:\Program Files (x86)\Strato\HiDrive\HiDrive.App.exe ()
Startup: C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PhonerLite.lnk [2015-12-01]
ShortcutTarget: PhonerLite.lnk -> C:\Program Files (x86)\PhonerLite\PhonerLite.exe (Heiko Sommerfeldt)
Startup: C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PS3 Media Server.lnk [2014-02-13]
ShortcutTarget: PS3 Media Server.lnk -> C:\Program Files (x86)\PS3 Media Server\pms.exe (PS3 Media Server)
Startup: C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\RadioSure History.lnk [2015-11-15]
ShortcutTarget: RadioSure History.lnk -> C:\Program Files (x86)\RadioSure\RadioSureHistory\RadioSure History.exe ()
Startup: C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-04-30]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyScripts\User: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{0CFBCCE9-A13E-4544-8EE2-F3744348558D}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{52FCB310-9F31-41D1-A1BF-95AAC3BD6F84}: [DhcpNameServer] 7.254.254.254
Tcpip\..\Interfaces\{93826105-823F-4787-B77A-72B83828ACDA}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{C7883085-21DF-4C42-82B3-7E5E1F75F324}: [DhcpNameServer] 192.168.8.1 192.168.8.1
Tcpip\..\Interfaces\{DDC6C090-CE86-479B-9CCF-ED2515B75EBA}: [NameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-006
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.google.com/?trackid=sp-006
SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000 -> {63F86757-4071-4B56-87E0-173BDB0CB4E9} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-11-05] (AVAST Software)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2015-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-11-05] (AVAST Software)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2015-11-01] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-11] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll [2013-12-21] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll [2014-05-08] (Adobe Systems Incorporated)
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2015-11-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default
FF DefaultSearchEngine: Amazon.de
FF DefaultSearchUrl: hxxps://de.search.yahoo.com/yhs/search
FF SearchEngineOrder.1: Yahoo! (Avast)
FF SelectedSearchEngine: Yahoo! (Avast)
FF Homepage: www.google.de
FF Keyword.URL: hxxps://de.search.yahoo.com/yhs/search
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function FindProxyForURL(url, host) {if ((url.indexOf(\"proxmate=us\") != -1)) { return 'PROXY us06.sq.proxmate.me:8000; PROXY us02.sq.proxmate.me:8000; PROXY us09.sq.proxmate.me:8000; PROXY us01.sq.proxmate.me:8000; PROXY us07.sq.proxmate.me:8000; PROXY us11.sq.proxmate.me:8000; PROXY us13.sq.proxmate.me:8000; PROXY us12.sq.proxmate.me:8000; PROXY us05.sq.proxmate.me:8000; PROXY us14.sq.proxmate.me:8000; PROXY us10.sq.proxmate.me:8000; PROXY us03.sq.proxmate.me:8000; PROXY us08.sq.proxmate.me:8000' } else { return 'DIRECT'; }}"
FF NetworkProxy: "ftp", "182.253.72.68"
FF NetworkProxy: "ftp_port", 8080
FF NetworkProxy: "gopher", "182.253.72.68"
FF NetworkProxy: "gopher_port", 8080
FF NetworkProxy: "socks", "182.253.72.68"
FF NetworkProxy: "socks_port", 8080
FF NetworkProxy: "ssl", "182.253.72.68"
FF NetworkProxy: "ssl_port", 8080
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1221171.dll [2015-10-19] (Adobe Systems, Inc.)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2013-04-18] (CANON INC.)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2014-05-22] (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2015-09-02] (DivX, LLC)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files (x86)\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2015-11-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\alternatede.xml [2015-11-28]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\dhl-paketstatus.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\dudende-suche.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\ebay-kleinanzeigen.xml [2015-11-28]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\firefox-add-ons.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\google-play.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\google-translate-any--de.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\googlede-bildersuche.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\googlemaps.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\idealode.xml [2015-11-21]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\leo-eng-deu-v20.xml [2015-11-28]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\mindfactory-artikelsuche.xml [2015-11-28]
FF SearchPlugin: C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\searchplugins\youtube.xml [2015-11-21]
FF Extension: Widevine Media Optimizer - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d} [2014-07-22] [ist nicht signiert]
FF Extension: TinyURL Generator - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\extensions\tinyurl.addon@fast-chat.co.uk.xpi [2015-06-01]
FF Extension: convert2mp3.net YouTube2MP3 Converter - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\extensions\info@convert2mp3.net.xpi [2015-06-01]
FF Extension: Browser Backgrounds - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\extensions\{3e0c7f3a-3f50-4730-beb5-4a9a10e2831c} [2015-12-01]
FF Extension: Stylish - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi [2015-12-05]
FF Extension: Kein Name - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\alldebrid@alldebrid.com.xpi [2015-11-11] [ist nicht signiert]
FF Extension: Offline QR generator - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\jid1-5h9We5DytuZ14Q@jetpack.xpi [2015-11-21]
FF Extension: Kein Name - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\jid1-sirVJT0BXhkuJg@jetpack.xpi [2015-11-27] [ist nicht signiert]
FF Extension: Real-Debrid Plugin - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\real@debrid [2014-08-26] [ist nicht signiert]
FF Extension: Youtube and more - Easy Video Downloader - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\vdpure@link64.xpi [2015-11-19]
FF Extension: ProxTube - Unblock YouTube - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{2541D29A-DB9E-4c1e-949A-31EFB4AEF4E7}.xpi [2015-10-10]
FF Extension: uBlock - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{2b10c1c8-a11f-4bad-fe9c-1c11e82cac42}.xpi [2015-12-05]
FF Extension: Download Status Bar - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-29]
FF Extension: NoScript - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-11-24]
FF Extension: FT DeepDark - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66} [2015-12-05]
FF Extension: YouTube High Definition - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2015-11-20]
FF Extension: gtranslate - C:\Users\Sandi\AppData\Roaming\Mozilla\Firefox\Profiles\rsq8176k.default\Extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}.xpi [2015-10-17]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2015-10-15] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-03]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-03]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2015-09-27]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx [2015-11-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-11-05]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2009-06-05] (Andrea Electronics Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2869432 2015-11-01] (Microsoft Corporation)
R3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusService.exe [1259864 2015-09-15] (Disc Soft Ltd)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [794584 2015-06-12] (FileZilla Project)
R2 KMS-R@1n; C:\Windows\KMS-R@1n.exe [26112 2015-09-23] () [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 Mobile Broadband HL Service; C:\ProgramData\MobileBrServ\mbbservice.exe [239184 2013-01-28] ()
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 PS3 Media Server; C:\Program Files (x86)\PS3 Media Server\win32\service\wrapper.exe [384280 2012-11-27] (Tanuki Software, Ltd.)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [336824 2010-11-30] (arvato digital services llc)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6887696 2015-11-30] (TeamViewer GmbH)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [809424 2015-10-27] (Tunngle.net GmbH) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-08-17] (Microsoft Corporation)
S2 NAUpdate; "C:\Program Files (x86)\Nero\Update\NASvc.exe" [X]
S2 notifierNetDrive2; C:\Program Files\NetDrive2\nd2sp.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-03] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-03] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-03] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-03] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-03] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [450504 2015-12-03] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-03] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-03] (AVAST Software)
R1 cbfs5; C:\Windows\system32\drivers\cbfs5.sys [421056 2015-07-23] (EldoS Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-09-20] (Disc Soft Ltd)
R3 dtproscsibus; C:\Windows\System32\DRIVERS\dtproscsibus.sys [30352 2015-09-20] (Disc Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [296736 2014-09-23] (Acronis International GmbH)
S3 HTCAND64; C:\Windows\System32\Drivers\ANDROIDUSB.sys [33736 2009-11-02] (HTC, Corporation) [Datei ist nicht signiert]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-05-14] ()
R1 RegHiveRecovery; C:\Windows\system32\drivers\RegHiveRecovery.sys [48304 2014-02-20] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381608 2015-03-15] (Duplex Secure Ltd.)
S3 ssudobex; C:\Windows\System32\DRIVERS\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1328928 2014-09-23] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [248096 2014-09-23] (Acronis International GmbH)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-15] (Apple, Inc.) [Datei ist nicht signiert]
S3 usbohci; C:\Windows\system32\drivers\usbohci.sys [25600 2013-03-02] (Microsoft Corporation) [Datei ist nicht signiert]
R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation)
R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation)
S3 WIMMount; C:\Program Files (x86)\Windows Kits\8.1\Assessment and Deployment Kit\Deployment Tools\amd64\DISM\wimmount.sys [40552 2013-08-22] (Microsoft Corporation)
S3 BCMH43XX; system32\DRIVERS\bcmwlhigh664.sys [X]
S3 cpuz137; \??\C:\Users\Sandi\Desktop\pc-wizard_2014.2.13\pcwiz_x64.sys [X]
S3 FoxAwdWINFLASH64; \??\C:\Users\Sandi\AppData\Local\Temp\_2818.tmp\FoxAwdWINFLASH64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 NPF; system32\DRIVERS\npf.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-05 22:49 - 2015-12-05 22:50 - 00036454 _____ C:\Users\Sandi\Desktop\FRST.txt
2015-12-05 22:49 - 2015-12-05 22:49 - 02369024 _____ (Farbar) C:\Users\Sandi\Desktop\FRST64.exe
2015-12-05 22:49 - 2015-12-05 22:49 - 00000000 ____D C:\FRST
2015-12-05 17:33 - 2015-12-05 17:34 - 00000000 ____D C:\AdwCleaner
2015-12-05 17:32 - 2015-12-05 17:32 - 00000000 ____D C:\ProgramData\TaskManager
2015-12-05 11:26 - 2015-12-05 11:30 - 00000246 _____ C:\Windows\LSExeLock.ini
2015-12-05 11:26 - 2015-12-05 11:26 - 00000000 ____D C:\Windows\abylon APP-BLOCKER (Privatversion)
2015-12-05 11:26 - 2015-12-05 11:26 - 00000000 ____D C:\Users\Public\Documents\abylon APP-BLOCKER (Privatversion)
2015-12-05 11:26 - 2015-12-05 11:26 - 00000000 ____D C:\Program Files (x86)\abylonsoft
2015-12-04 22:49 - 2015-12-04 22:49 - 00000000 ____D C:\Users\Sandi\Desktop\S2
2015-12-04 16:19 - 2015-12-04 16:19 - 00000091 _____ C:\Users\Sandi\Desktop\Gspiel.txt
2015-12-04 15:00 - 2015-12-04 15:00 - 00000000 ____D C:\ProgramData\Jumping Bytes
2015-12-04 12:20 - 2015-12-04 12:56 - 00001666 _____ C:\Users\Sandi\Desktop\balkan.m3u
2015-12-04 12:15 - 2015-12-04 12:19 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Notepad++
2015-12-04 12:15 - 2015-12-04 12:15 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-04 12:15 - 2015-12-04 12:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-12-04 12:15 - 2015-12-04 12:15 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-12-04 11:23 - 2015-12-04 14:30 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Kodi
2015-12-04 11:23 - 2015-12-04 11:23 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2015-12-03 20:02 - 2015-12-03 20:02 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Jumping Bytes
2015-12-03 20:02 - 2015-12-03 20:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PureSync
2015-12-03 20:02 - 2015-12-03 20:02 - 00000000 ____D C:\Program Files (x86)\Jumping Bytes
2015-12-03 19:18 - 2015-12-03 19:23 - 00001053 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2015-12-03 18:35 - 2015-12-03 18:35 - 00386096 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-12-03 18:35 - 2015-12-03 18:35 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-12-03 15:00 - 2015-12-03 15:00 - 00000000 ____D C:\Windows\System32\Tasks\AVAST Software
2015-12-03 15:00 - 2015-12-03 15:00 - 00000000 ____D C:\Program Files\Common Files\AV
2015-12-03 12:28 - 2015-12-04 11:23 - 00000000 ____D C:\Program Files (x86)\Kodi
2015-12-02 11:34 - 2015-12-02 11:34 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Zoner
2015-12-02 11:34 - 2015-12-02 11:34 - 00000000 ____D C:\Users\Sandi\AppData\Local\Zoner
2015-12-02 11:34 - 2015-12-02 11:34 - 00000000 ____D C:\ProgramData\Zoner
2015-12-01 21:13 - 2015-11-20 19:54 - 03170304 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 02609152 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00709632 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-12-01 21:13 - 2015-11-20 19:54 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-12-01 21:13 - 2015-11-20 19:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-12-01 21:13 - 2015-11-20 19:54 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-12-01 21:13 - 2015-11-20 19:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-12-01 21:13 - 2015-11-20 19:34 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-12-01 21:13 - 2015-11-20 19:34 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-12-01 21:13 - 2015-11-20 19:34 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-12-01 21:13 - 2015-11-20 19:33 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-12-01 21:13 - 2015-10-09 00:22 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\nlsbres.dll
2015-12-01 21:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZE.DLL
2015-12-01 21:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\kbdgeoqw.dll
2015-12-01 21:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZEL.DLL
2015-12-01 21:13 - 2015-10-09 00:18 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDAZE.DLL
2015-12-01 21:13 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kbdgeoqw.dll
2015-12-01 21:13 - 2015-10-09 00:18 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDAZEL.DLL
2015-12-01 21:13 - 2015-10-09 00:17 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nlsbres.dll
2015-12-01 21:13 - 2015-10-08 14:40 - 00419640 _____ C:\Windows\system32\locale.nls
2015-12-01 21:13 - 2015-10-08 14:34 - 00419640 _____ C:\Windows\SysWOW64\locale.nls
2015-12-01 12:01 - 2015-12-01 12:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2015-12-01 12:01 - 2015-12-01 12:01 - 00000000 ____D C:\Program Files\Common Files\ACD Systems
2015-12-01 12:01 - 2015-12-01 12:01 - 00000000 ____D C:\Program Files\ACD Systems
2015-11-28 17:24 - 2015-11-28 18:57 - 00000000 ____D C:\Users\Sandi\Desktop\HHHHHHHHHH
2015-11-26 19:52 - 2015-11-26 19:52 - 47429888 _____ (Samsung) C:\Users\Sandi\Desktop\SideSync_4.0.2.309.exe
2015-11-25 15:11 - 2015-11-25 16:43 - 00000000 ____D C:\Users\Sandi\Desktop\o2_2015 Vertrag
2015-11-23 22:18 - 2015-12-05 18:53 - 00559616 ___SH C:\Users\Sandi\Desktop\Thumbs.db
2015-11-23 20:09 - 2015-11-23 20:09 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-11-23 20:09 - 2015-11-23 20:09 - 00000000 ____D C:\Users\Sandi\AppData\Local\TeamSpeak 3 Client
2015-11-23 19:37 - 2015-11-23 19:49 - 00002242 ____H C:\Users\Sandi\Documents\Default.rdp
2015-11-23 16:43 - 2015-12-05 19:50 - 00000000 ____D C:\ProgramData\Tunngle
2015-11-23 16:43 - 2015-11-24 19:24 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Tunngle
2015-11-23 16:43 - 2015-11-23 16:44 - 00000000 ____D C:\Program Files (x86)\Tunngle
2015-11-23 16:43 - 2015-11-23 16:43 - 00000000 ____D C:\Users\Sandi\Documents\Tunngle
2015-11-23 16:43 - 2015-11-23 16:43 - 00000000 ____D C:\Users\Public\Documents\Tunngle
2015-11-23 16:43 - 2015-11-23 16:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2015-11-23 16:43 - 2009-09-16 07:02 - 00031232 _____ (Tunngle.net) C:\Windows\system32\Drivers\tap0901t.sys
2015-11-23 07:49 - 2015-11-23 07:49 - 00467679 _____ C:\Users\Sandi\Desktop\horizon.pdf
2015-11-22 13:35 - 2015-11-22 13:58 - 00000000 ____D C:\Users\Sandi\Desktop\!!!!!!
2015-11-22 12:08 - 2015-11-22 12:10 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\MyPhoneExplorer
2015-11-22 12:08 - 2015-11-22 12:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyPhoneExplorer
2015-11-22 12:08 - 2015-11-22 12:08 - 00000000 ____D C:\Program Files (x86)\MyPhoneExplorer
2015-11-21 20:54 - 2015-11-21 20:54 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-11-21 20:54 - 2015-11-21 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-11-20 21:24 - 2015-12-05 13:58 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\gSyncit
2015-11-20 21:24 - 2015-11-20 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gSyncit
2015-11-20 21:24 - 2015-11-20 21:24 - 00000000 ____D C:\Program Files (x86)\Fieldston Software
2015-11-20 20:51 - 2015-11-20 20:51 - 00000000 ____D C:\Users\Sandi\AppData\Local\GContactsSync
2015-11-18 18:27 - 2015-11-18 18:27 - 00000000 ____D C:\Users\Sandi\Documents\Assassin's Creed Syndicate
2015-11-17 10:52 - 2015-11-17 10:52 - 00041760 _____ C:\Users\Sandi\Desktop\Mindfactory.pdf
2015-11-16 14:22 - 2015-11-16 20:54 - 00000000 ____D C:\Users\Sandi\VirtualBox VMs
2015-11-16 14:18 - 2015-11-16 20:54 - 00000000 ____D C:\Users\Sandi\.VirtualBox
2015-11-16 14:18 - 2015-11-16 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox
2015-11-16 14:18 - 2015-11-16 14:18 - 00000000 ____D C:\Program Files\Oracle
2015-11-16 14:18 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys
2015-11-16 14:18 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys
2015-11-15 17:45 - 2015-11-15 18:17 - 00000000 ____D C:\Program Files (x86)\RadioSure
2015-11-15 17:24 - 2015-11-15 17:24 - 00000000 ____D C:\Users\Sandi\AppData\Local\RadioSure
2015-11-15 17:14 - 2015-11-03 19:01 - 03214848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-14 12:00 - 2015-11-14 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2015-11-14 00:16 - 2015-11-13 19:19 - 00000000 ____D C:\Users\Sandi\Desktop\MS Win 7 AiO x64 November 2015
2015-11-13 23:28 - 2015-11-13 23:28 - 00000000 ____D C:\Users\Sandi\AppData\Local\Samsung
2015-11-13 21:17 - 2015-05-21 07:02 - 00206080 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudmdm.sys
2015-11-13 21:17 - 2015-05-21 07:02 - 00110720 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\Windows\system32\Drivers\ssudbus.sys
2015-11-13 21:16 - 2015-11-13 21:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-11-13 21:16 - 2013-12-30 10:53 - 04659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll
2015-11-13 21:16 - 2013-12-30 10:53 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll
2015-11-12 23:12 - 2015-11-12 23:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ritlabs The Bat!
2015-11-12 23:12 - 2015-11-12 23:12 - 00000000 ____D C:\Program Files\The Bat!
2015-11-11 23:18 - 2015-11-04 03:32 - 60266272 _____ C:\Users\Sandi\Desktop\PC Games Hardware - 12 - 2015.pdf
2015-11-11 23:18 - 2015-10-07 07:41 - 51498768 _____ C:\Users\Sandi\Desktop\PC Games Hardware - 11 - 2015.pdf
2015-11-11 21:14 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-11 21:14 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-11 21:14 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-11 21:14 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-11 21:14 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-11 21:14 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-11 21:14 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-11 21:14 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-11 21:14 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-11 21:14 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-11 21:14 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-11 21:14 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-11 21:14 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-11 21:14 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-11 21:14 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-11 21:14 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-11 21:14 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-11 21:14 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-11 21:14 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-11 21:14 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-11 21:14 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-11 21:14 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-11 21:14 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-11 21:14 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-11 21:14 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-11 21:14 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-11 21:14 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-11 21:14 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-11 21:14 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-11 21:14 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-11 21:14 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-11 21:14 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-11 21:14 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-11 21:14 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-11 21:14 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-11 21:14 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-11 21:14 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-11 21:14 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-11 21:14 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-11 21:14 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-11 21:14 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-11 21:14 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-11 21:14 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-11 21:14 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-11 21:14 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-11 21:14 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-11 21:14 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-11 21:14 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-11 21:14 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-11 21:14 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-11 21:14 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-11 21:14 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-11 21:14 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-11 21:14 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-11 21:14 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-11 21:14 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-11 21:14 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-11 21:14 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-11 21:14 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-11 21:14 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-11 21:14 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-11 21:14 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-11 21:14 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-11 21:14 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-11 21:13 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-11 21:13 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-11 21:13 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-11 21:13 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-11 21:13 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-11 21:13 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-11 21:13 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-11 21:13 - 2015-10-20 02:17 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-11 21:13 - 2015-10-20 02:17 - 00706496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-11-11 21:13 - 2015-10-20 02:17 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-11 21:13 - 2015-10-20 02:17 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-11 21:13 - 2015-10-20 02:14 - 01729984 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-11 21:13 - 2015-10-20 02:14 - 00631384 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-11-11 21:13 - 2015-10-20 02:12 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-11 21:13 - 2015-10-20 02:12 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-11 21:13 - 2015-10-20 02:12 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-11 21:13 - 2015-10-20 02:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 01464832 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 01166336 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00421376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-11 21:13 - 2015-10-20 02:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-11 21:13 - 2015-10-20 02:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-11 21:13 - 2015-10-20 02:11 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-11 21:13 - 2015-10-20 02:10 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-11 21:13 - 2015-10-20 02:10 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-11-11 21:13 - 2015-10-20 02:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-11 21:13 - 2015-10-20 02:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-11 21:13 - 2015-10-20 02:10 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-11-11 21:13 - 2015-10-20 02:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-11 21:13 - 2015-10-20 02:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 02:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:54 - 03996608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-11 21:13 - 2015-10-20 01:54 - 03940800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-11 21:13 - 2015-10-20 01:50 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-11 21:13 - 2015-10-20 01:47 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-11 21:13 - 2015-10-20 01:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-11 21:13 - 2015-10-20 01:46 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-11 21:13 - 2015-10-20 01:45 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-11 21:13 - 2015-10-20 01:45 - 00665600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-11 21:13 - 2015-10-20 01:45 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-11 21:13 - 2015-10-20 01:45 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-11 21:13 - 2015-10-20 01:45 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-11 21:13 - 2015-10-20 01:41 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-11 21:13 - 2015-10-20 01:41 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:37 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 01:05 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-11-11 21:13 - 2015-10-20 00:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-11 21:13 - 2015-10-20 00:47 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-11 21:13 - 2015-10-20 00:47 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-11 21:13 - 2015-10-20 00:32 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-11 21:13 - 2015-10-20 00:32 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-11 21:13 - 2015-10-20 00:29 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 00:29 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 00:29 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-11 21:13 - 2015-10-20 00:29 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-11 21:13 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-11 21:13 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-11 21:13 - 2015-09-23 14:18 - 00459344 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-11 21:13 - 2015-09-23 14:18 - 00298192 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-11 21:13 - 2015-09-23 14:08 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-11 21:11 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-11 21:11 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-11 21:11 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-11 21:11 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 31514288 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 24199344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 22993200 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 16128576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 15293104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 14497568 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 13916600 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 13828224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 12898992 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-11-11 21:09 - 2015-10-13 20:00 - 11272048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 11209376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 04245624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 03986608 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 02823992 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 01908528 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434192.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 01556656 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434192.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 00944304 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 00907440 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 00903472 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-11-11 21:09 - 2015-10-13 20:00 - 00869040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-11-11 21:06 - 2015-11-11 21:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-11-10 20:28 - 2015-11-10 20:28 - 00000000 ____D C:\Users\Sandi\AppData\Local\Fallout4
2015-11-10 17:56 - 2015-11-10 17:56 - 00194976 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetLwf.sys
2015-11-10 17:56 - 2015-11-10 17:56 - 00117768 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxNetAdp6.sys
2015-11-08 15:27 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-11-08 15:27 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-11-08 15:27 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-11-08 15:27 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-11-08 15:27 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-11-08 15:27 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-11-08 15:27 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-11-08 15:27 - 2015-09-14 22:40 - 00634432 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2015-11-08 15:27 - 2015-08-06 19:06 - 14182912 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-11-08 15:27 - 2015-08-06 19:06 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-11-08 15:27 - 2015-08-06 18:38 - 12878848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-11-08 15:27 - 2015-08-06 18:37 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-11-07 00:55 - 2015-11-06 13:51 - 40536838 _____ C:\Users\Sandi\Desktop\P.M. Fragen & Antworten - 11-2015.pdf
2015-11-06 13:14 - 2015-11-06 13:14 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.0
2015-11-05 15:00 - 2015-12-03 18:35 - 01055560 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00450504 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00273784 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00155304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00097648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-11-05 15:00 - 2015-12-03 18:35 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-11-05 15:00 - 2015-11-05 15:00 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\AVAST Software
2015-11-05 15:00 - 2015-11-05 15:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-11-05 14:59 - 2015-11-05 14:59 - 00000000 ____D C:\Program Files\AVAST Software
2015-11-05 14:58 - 2015-11-05 14:58 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-05 00:57 - 2015-11-15 12:35 - 00000000 ____D C:\Users\Sandi\Desktop\Jose

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-05 22:49 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-05 22:45 - 2015-10-16 17:22 - 00000000 ____D C:\Program Files\Everything
2015-12-05 22:45 - 2015-05-12 19:44 - 00003758 _____ C:\Windows\System32\Tasks\AutoKMS
2015-12-05 22:45 - 2014-02-12 16:25 - 00000000 ____D C:\ProgramData\PMS
2015-12-05 22:45 - 2014-02-12 03:41 - 00001662 _____ C:\Users\Sandi\AppData\Roaming\EasyToolz.ini
2015-12-05 22:45 - 2014-02-09 11:15 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-05 22:45 - 2014-02-08 17:11 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\The Bat!
2015-12-05 22:43 - 2015-03-25 13:56 - 00000000 ____D C:\Users\Sandi\AppData\Local\CrashDumps
2015-12-05 22:30 - 2014-02-08 16:19 - 00000860 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-05 22:13 - 2014-02-09 11:15 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-05 20:19 - 2014-09-02 18:56 - 00000000 ____D C:\Program Files (x86)\GIGA F-Tasten
2015-12-05 19:49 - 2014-02-08 17:55 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\vlc
2015-12-05 17:44 - 2009-07-14 05:45 - 00027808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-05 17:44 - 2009-07-14 05:45 - 00027808 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-05 17:41 - 2011-04-12 08:43 - 00713660 _____ C:\Windows\system32\perfh007.dat
2015-12-05 17:41 - 2011-04-12 08:43 - 00155434 _____ C:\Windows\system32\perfc007.dat
2015-12-05 17:41 - 2009-07-14 06:13 - 01658654 _____ C:\Windows\system32\PerfStringBackup.INI
2015-12-05 17:41 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-12-05 17:37 - 2015-01-10 14:50 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-05 17:35 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-05 16:57 - 2014-02-12 16:17 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Skype
2015-12-05 14:46 - 2014-08-30 00:03 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-12-05 14:36 - 2014-11-18 12:22 - 00007612 _____ C:\Users\Sandi\AppData\Local\Resmon.ResmonCfg
2015-12-05 13:58 - 2014-02-10 20:37 - 00000000 ____D C:\Users\Sandi\Documents\Outlook-Dateien
2015-12-05 11:32 - 2014-11-20 13:38 - 00000000 __SHD C:\Users\Sandi\wc
2015-12-04 12:06 - 2014-02-11 16:13 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\Winamp
2015-12-04 01:08 - 2014-02-09 11:15 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-04 01:08 - 2014-02-09 11:15 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-03 20:16 - 2009-07-14 05:45 - 01483928 _____ C:\Windows\system32\FNTCACHE.DAT
2015-12-03 20:08 - 2014-11-07 19:34 - 00000000 ____D C:\ProgramData\UMS
2015-12-03 20:04 - 2014-02-08 14:13 - 00444112 _____ C:\Users\Sandi\AppData\Local\GDIPFONTCACHEV1.DAT
2015-12-03 19:23 - 2014-02-13 00:49 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-12-03 12:29 - 2014-02-08 16:12 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-03 01:55 - 2014-02-10 19:24 - 00000000 ____D C:\Program Files (x86)\JDownloader
2015-12-02 00:24 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-12-01 21:17 - 2014-07-11 16:54 - 00000000 ____D C:\Users\Sandi\AppData\Local\ACD Systems
2015-12-01 17:08 - 2014-05-27 11:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhonerLite
2015-12-01 17:08 - 2014-05-27 11:58 - 00000000 ____D C:\Program Files (x86)\PhonerLite
2015-12-01 15:07 - 2014-02-15 14:10 - 00000000 ____D C:\Users\Sandi\Desktop\Bewerbung
2015-12-01 12:00 - 2014-02-13 11:08 - 00000000 ____D C:\Users\Sandi\AppData\Local\Downloaded Installations
2015-12-01 11:58 - 2014-02-12 16:10 - 00000000 ____D C:\ProgramData\ACD Systems
2015-12-01 11:58 - 2009-07-14 03:34 - 00000219 _____ C:\Windows\system.ini
2015-11-28 15:37 - 2015-11-03 16:06 - 00000000 ____D C:\Users\Sandi\Desktop\saveedit_r39
2015-11-28 11:54 - 2014-02-16 16:01 - 00000000 ____D C:\ProgramData\Steam
2015-11-24 13:51 - 2014-02-12 04:01 - 00000000 ____D C:\Users\Sandi\Documents\FinePrint-Dateien
2015-11-23 22:44 - 2014-07-11 16:57 - 00018944 _____ C:\Users\Sandi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-23 19:45 - 2009-07-14 06:32 - 00000000 ____D C:\Windows\system32\FxsTmp
2015-11-23 17:46 - 2015-05-12 20:14 - 00000000 ____D C:\Users\Sandi\.fontconfig
2015-11-22 12:43 - 2014-02-12 03:54 - 00000000 ____D C:\Users\Sandi\Documents\PDF-Dateien
2015-11-21 20:54 - 2014-02-12 16:16 - 00000000 ____D C:\ProgramData\Skype
2015-11-21 01:00 - 2014-02-11 15:49 - 00000000 ____D C:\Users\Sandi\AppData\Roaming\MOBackup
2015-11-21 00:11 - 2015-10-19 22:32 - 00000000 ____D C:\Users\Sandi\.mediathek3
2015-11-20 21:00 - 2014-02-10 20:03 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-20 05:12 - 2015-09-23 21:08 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-11-20 05:11 - 2014-02-10 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-11-18 18:27 - 2014-02-14 16:50 - 00000000 ____D C:\Spiele
2015-11-17 21:35 - 2015-10-02 13:19 - 00001624 _____ C:\Users\Sandi\Desktop\o2.txt
2015-11-16 14:22 - 2014-02-08 14:12 - 00000000 ____D C:\Users\Sandi
2015-11-15 18:44 - 2015-02-13 12:05 - 00003172 _____ C:\Windows\System32\Tasks\hcdll2_ex_Win32
2015-11-15 18:44 - 2015-02-13 12:05 - 00003168 _____ C:\Windows\System32\Tasks\hcdll2_ex_x64
2015-11-15 18:44 - 2015-02-13 12:05 - 00000000 ____D C:\Program Files (x86)\Hardcopy
2015-11-14 12:00 - 2014-07-15 20:31 - 00003264 _____ C:\Windows\System32\Tasks\SamsungMagician
2015-11-14 11:59 - 2014-02-14 14:39 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-11-13 23:28 - 2014-02-14 14:40 - 00000000 ____D C:\Users\Sandi\Documents\SelfMV
2015-11-13 21:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\ModemLogs
2015-11-13 21:16 - 2014-02-14 14:40 - 00000000 ____D C:\ProgramData\Samsung
2015-11-13 21:16 - 2014-02-08 15:13 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-11-13 21:11 - 2014-02-14 16:52 - 00000000 ____D C:\Program Files\SAMSUNG
2015-11-11 21:26 - 2014-02-08 19:32 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 21:20 - 2014-02-08 19:32 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 21:15 - 2014-02-08 16:15 - 01631998 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 21:14 - 2011-04-12 08:54 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 21:10 - 2014-12-06 20:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-11-11 21:07 - 2015-09-14 15:16 - 00000000 ____D C:\Users\Sandi\.oracle_jre_usage
2015-11-11 21:06 - 2015-09-14 15:18 - 00110176 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2015-11-11 21:06 - 2014-08-25 21:56 - 00000000 ____D C:\Program Files\Java
2015-11-11 21:06 - 2014-04-23 13:35 - 00000000 ____D C:\ProgramData\Oracle
2015-11-11 21:06 - 2014-02-08 16:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-11-11 21:05 - 2014-07-17 12:57 - 00000000 ____D C:\Program Files (x86)\Java
2015-11-11 21:05 - 2014-02-08 16:19 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 21:05 - 2014-02-08 16:19 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-11 21:05 - 2014-02-08 16:19 - 00003864 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-10 20:28 - 2014-02-15 20:02 - 00000000 ____D C:\Users\Sandi\Documents\My Games
2015-11-10 09:33 - 2015-10-31 11:45 - 00000000 ____D C:\Users\Sandi\.DVDslideshowGUI
2015-11-08 15:47 - 2014-02-12 16:25 - 00000000 ____D C:\Program Files (x86)\PS3 Media Server
2015-11-08 15:36 - 2015-04-15 11:14 - 00000000 ____D C:\Windows\system32\appraiser
2015-11-08 15:36 - 2014-04-23 11:28 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-11-06 13:14 - 2015-09-14 17:33 - 00000000 ____D C:\Program Files\LibreOffice 5
2015-11-05 14:51 - 2015-05-12 15:50 - 00000000 ____D C:\ProgramData\Binarysense
2015-11-05 14:51 - 2014-06-24 15:02 - 00000000 ____D C:\ProgramData\TEMP

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-07-10 07:16 - 2014-07-10 07:16 - 2174976 _____ (Advanced Micro Devices Inc.) C:\Program Files (x86)\Common Files\atimpenc.dll
2015-10-31 11:44 - 2015-10-31 11:45 - 5082084 _____ (The Public) C:\Users\Sandi\AppData\Roaming\Avisynth.exe
2015-10-31 11:45 - 2015-10-31 11:45 - 5243208 _____ (                                                            ) C:\Users\Sandi\AppData\Roaming\AvsP.exe
2014-12-17 15:29 - 2014-12-17 15:29 - 0038431 _____ () C:\Users\Sandi\AppData\Roaming\Durch Trennzeichen getrennte Werte.ADR
2014-02-12 03:41 - 2015-12-05 22:45 - 0001662 _____ () C:\Users\Sandi\AppData\Roaming\EasyToolz.ini
2015-10-31 11:45 - 2015-10-31 11:45 - 2169915 _____ (LIGHTNING UK!) C:\Users\Sandi\AppData\Roaming\Imgburn.exe
2015-10-31 11:45 - 2015-10-31 11:45 - 1357348 _____ () C:\Users\Sandi\AppData\Roaming\MatroskaSplitter.exe
2015-10-31 11:45 - 2015-10-31 11:45 - 7760687 _____ (Boraxsoft) C:\Users\Sandi\AppData\Roaming\SetupGFD.exe
2015-10-31 11:45 - 2015-10-31 11:45 - 0117723 _____ () C:\Users\Sandi\AppData\Roaming\yuvcodecs-1.3.exe
2014-07-11 16:57 - 2015-11-23 22:44 - 0018944 _____ () C:\Users\Sandi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-06 22:42 - 2014-12-06 22:43 - 1065984 _____ () C:\Users\Sandi\AppData\Local\file__0.localstorage
2014-02-22 21:46 - 2014-02-22 21:46 - 0133889 _____ () C:\Users\Sandi\AppData\Local\recently-used.xbel
2014-11-18 12:22 - 2015-12-05 14:36 - 0007612 _____ () C:\Users\Sandi\AppData\Local\Resmon.ResmonCfg
2014-04-30 00:10 - 2014-04-30 00:10 - 0000011 _____ () C:\ProgramData\.tv7
2014-08-29 23:59 - 2014-08-29 23:59 - 0261249 _____ () C:\ProgramData\1409352948.bdinstall.bin
2014-02-08 15:38 - 2014-03-26 13:10 - 0008050 _____ () C:\ProgramData\hpzinstall.log

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Sandi\init.cmd


Einige Dateien in TEMP:
====================
C:\Users\Sandi\AppData\Local\Temp\DivXSetup.exe
C:\Users\Sandi\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyyvnss.dll
C:\Users\Sandi\AppData\Local\Temp\jna2555402411793849268.dll
C:\Users\Sandi\AppData\Local\Temp\jna4300118089558287520.dll
C:\Users\Sandi\AppData\Local\Temp\pgpsdkw.dll
C:\Users\Sandi\AppData\Local\Temp\proxy_vole1421573135028311680.dll
C:\Users\Sandi\AppData\Local\Temp\proxy_vole1506955402004640834.dll
C:\Users\Sandi\AppData\Local\Temp\Quarantine.exe
C:\Users\Sandi\AppData\Local\Temp\Skin.dll
C:\Users\Sandi\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Sandi\AppData\Local\Temp\sonarinst.exe
C:\Users\Sandi\AppData\Local\Temp\sqlite3.dll
C:\Users\Sandi\AppData\Local\Temp\SRLDetectionLibrary1952979654397446088.dll
C:\Users\Sandi\AppData\Local\Temp\SRLDetectionLibrary2133776442814702821.dll
C:\Users\Sandi\AppData\Local\Temp\Uninstall.exe
C:\Users\Sandi\AppData\Local\Temp\xmlUpdater.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-30 07:46

==================== Ende von FRST.txt ============================

Sm4sH 06.12.2015 14:58
Hier Nr. 2.

Logdatei Addition:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Sandi (2015-12-05 22:50:26)
Gestartet von C:\Users\Sandi\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2014-02-08 13:12:54)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1761784775-3932905665-4126638911-500 - Administrator - Disabled)
Gast (S-1-5-21-1761784775-3932905665-4126638911-501 - Limited - Enabled)
Sandi (S-1-5-21-1761784775-3932905665-4126638911-1000 - Administrator - Enabled) => C:\Users\Sandi

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\uTorrent) (Version: 1.8.2 - )
64 Bit HP CIO Components Installer (Version: 6.2.1 - Hewlett-Packard) Hidden
ACDSee Ultimate 9 (64-bit) (HKLM\...\{97EE2327-B39E-429C-970B-0DB6CBBEC8E1}) (Version: 9.1.0.579 - ACD Systems International Inc.)
Acronis True Image 2015 (HKLM-x32\...\{C66A0D5B-7BEA-40F2-8C3D-196595D2EE56}Visible) (Version: 18.0.5539 - Acronis)
Acronis True Image 2015 (x32 Version: 18.0.5539 - Acronis) Hidden
Acronis True Image 2015 Media Add-on (HKLM-x32\...\{16DFE22F-B923-4FA4-AA48-32EC1F7BC873}) (Version: 18.0.5539 - Acronis)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.13 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\{44CF4DB9-707A-4395-839C-573FBC206CB9}) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\{A6FB0BFC-1F3F-42E0-BEAB-FA139FB54812}) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{755DDD59-9690-4F1A-BE9C-D39BDCFA77C9}) (Version: 12.1.3.153 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.1.171 - Adobe Systems, Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.8 - Sereby Corporation)
Amnesia - A Machine For Pigs (HKLM-x32\...\GOGPACKAMNESIAAMFP_is1) (Version: 2.0.0.3 - GOG.com)
Amnesia - The Dark Descent  (HKLM-x32\...\{54B7A3C7-0940-4C16-A509-FC3C3758D22A}_is1) (Version: 1.2 - Frictional Games)
Audacity 2.1.0 (HKLM-x32\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Avanquest update (HKLM-x32\...\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}) (Version: 1.34 - Avanquest Software)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
AviSynth 2.6 (HKLM-x32\...\AviSynth) (Version: 2.6.0.2 - GPL Public release.)
AvsP (HKLM-x32\...\AvsP_is1) (Version:  - )
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.4.505 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
Borderlands The Pre-Sequel (HKLM-x32\...\Borderlands The Pre-Sequel_is1) (Version:  - )
calibre 64bit (HKLM\...\{64AF6C78-EF36-4D7F-8790-B7C8128DBEF4}) (Version: 2.39.0 - Kovid Goyal)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
Canon IJ Network Scan Utility (HKLM-x32\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version:  - )
Canon MP Navigator EX 1.1 (HKLM-x32\...\MP Navigator EX 1.1) (Version:  - )
Canon MX850 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX850_series) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
CD-LabelPrint (HKLM-x32\...\MediaNavigation.CDLabelPrint) (Version:  - )
ClassicPro© v2.00 (HKLM-x32\...\ClassicPro) (Version: 2.00 - Skin Consortium)
COMPUTER BILD-Vorlagen Paket  (HKLM-x32\...\COMPUTER BILD-Vorlagen Paket) (Version:  - )
Corel Graphics - Windows Shell Extension (HKLM\...\_{2CDF0D0A-C58C-4136-9978-F029B2723B0D}) (Version: 16.4.0.1280 - Corel Corporation)
Corel Graphics - Windows Shell Extension (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit (Version: 16.4.1280 - Corel Corporation) Hidden
Corel Website Creator X6 (HKLM-x32\...\{2A66F360-6884-4314-887E-0EFAFBCFAB58}) (Version: 12.5 - Corel)
Corel Website Creator X6 (x32 Version: 12.50.0000.5100 - NetObjects) Hidden
CorelDRAW Technical Suite X6 - Capture (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Common Apps (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Connect (x64) (Version: 16.5 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Core (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Custom Data (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - DE (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Designer (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Draw (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Filters (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - FontNav (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Content (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - IPM Lattice (x64) (Version: 16.1 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - PHOTO-PAINT (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Photozoom Plugin (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Redist (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Setup Files (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VBA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VideoBrowser (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - VSTA (x64) (Version: 16.6 - Corel Corporation) Hidden
CorelDRAW Technical Suite X6 - Writing Tools (x64) (Version: 16.6 -  Corel Corporation) Hidden
CorelDRAW Technical Suite X6 (64-Bit) (HKLM\...\_{E2FC299D-38D5-424F-BAB8-D24E07A3A58A}) (Version: 16.4.2.1282 - Corel Corporation)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 6.2.0.0496 - Disc Soft Ltd)
DivX-Setup (HKLM-x32\...\DivX Setup) (Version: 2.7.0.93 - DivX, LLC)
DVD slideshow GUI 0.9.5.4 (HKLM-x32\...\BE37E547-62DF-43C8-AE6A-D03E82BC67A2_is1) (Version: 0.9.5.4 - Tin2tin)
Everything 1.3.4.686 (x64) (HKLM\...\Everything) (Version:  - )
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.53 - FileZilla Project)
FinePrint (HKLM\...\FinePrint) (Version: 8.28 - FinePrint Software, LLC)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (x32 Version: 8.64 - Corel Corporation) Hidden
Google Earth Plug-in (HKLM-x32\...\{ADA8583A-C20B-414B-8CB7-3AA7A89F7952}) (Version: 7.1.4.1529 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
gSyncit (HKLM-x32\...\{E6383ED2-0926-4750-A208-92FA82918D33}) (Version: 4.1.50 - Fieldston Software)
GUI for dvdauthor 1.07 (HKLM-x32\...\GUI for dvdauthor) (Version: 1.07 - Boraxsoft)
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Hard Reset Extended Edition (HKLM-x32\...\Hard Reset Extended Edition_is1) (Version:  - )
Hardcopy (HKLM-x32\...\Hardcopy) (Version: 2015.11.11 - www.hardcopy.de)
Helix YUV Codecs (remove only) (HKLM-x32\...\HelixYUVCodecs) (Version:  - )
HiDrive (HKLM-x32\...\{CB5C1D1E-9B9A-4D92-8178-8F5BA386F2B4}) (Version: 3.2.1.0 - STRATO AG)
Host OpenAL (ADI) (HKLM-x32\...\Host OpenAL (ADI)) (Version:  - )
Hotfix für Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789) (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}.KB947789) (Version: 1 - Microsoft Corporation)
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.0.0 - LIGHTNING UK!)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.13 - Intel(R) Corporation) Hidden
ISO Recorder (HKLM\...\{2D7ED2A0-9553-412B-939F-D6E0AEB2ABE1}) (Version: 3.1.0 - Alex Feinman)
Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.17 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kits Configuration Installer (x32 Version: 8.100.25984 - Microsoft) Hidden
Kodi (HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Kodi) (Version:  - XBMC-Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LibreOffice 5.0.3.2 (HKLM\...\{F6536765-3E8F-4D1E-9833-0A89F4681D79}) (Version: 5.0.3.2 - The Document Foundation)
Licensing Service (03000201) (x32 Version: 03.00.02.15 - Protexis Inc.) Hidden
LogoDesignStudio (HKLM-x32\...\{7543145B-8139-474F-94E7-0A3FF524F509}) (Version: 4.0 - Ihr Firmenname)
Logon Screen (HKLM-x32\...\{1730D13B-7517-4321-A88B-64627CF67CDC}_is1) (Version:  - Daniel Rebelo)
MAGIX Fonts Package 3 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 12.10.17.3 - Marvell)
M-Explorer (HKLM-x32\...\MExplorer) (Version: 0.9.6 - www.Motorola-Tools.com)
MFC RunTime files x64 (Version: 1.0.0 - Extensoft) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{26784146-6E05-3FF9-9335-786C7C0FB5BE}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.6001.1038 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\OneDriveSetup.exe) (Version: 17.3.5951.0827 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable - Language Pack - deu (HKLM-x32\...\{B2F21D11-631B-33C2-8E1A-73EA57FDFE33}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft ReportViewer 2010 Redistributable (HKLM-x32\...\{C19B3EB6-B54C-3204-A4DF-88432E0C79F7}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 DEU (HKLM-x32\...\{0125D081-30D0-4A97-82A8-C28D444B6256}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 DEU (HKLM\...\{C3EAE456-7E7A-451F-80EF-F34C7A13C558}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Language Pack - DEU (HKLM-x32\...\{8E87B944-4815-3C5E-947F-5035C9F64362}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM-x32\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime Language Pack - DEU (HKLM-x32\...\{76DAEC83-AF7B-333C-8A53-83D7C7D39199}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 8.0 - Heiko Schröder)
Mobile Broadband HL Service (HKLM-x32\...\Mobile Broadband HL Service) (Version: 22.001.20.00.03 - Huawei Technologies Co.,Ltd)
Motorola Driver Installation 4.5.0 (HKLM\...\{9E61C67F-DFEC-466D-9478-56F3E36D1F31}) (Version: 4.5.0 - Motorola Inc.)
Motorola Phone Tools (HKLM-x32\...\{BAD8CA9C-77C0-4663-B00B-A8D3B13C341B}) (Version: 5.31a 05/13/2010 - Avanquest Software)
Motorola Phone Tools (x32 Version: 5.00 - BVRP Software) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Nero BurningROM 2015 (HKLM-x32\...\{32CEC4AD-4BEF-4EB8-833E-47DAE9382653}) (Version: 16.0.01500 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1006 - Nero AG)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.7 - Notepad++ Team)
NVIDIA Grafiktreiber 341.92 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 341.92 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6001.1038 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation)
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: 5.28 - FinePrint Software, LLC)
PhonerLite 2.31 (HKLM-x32\...\PhonerLite_is1) (Version: 2.31 - Heiko Sommerfeldt)
Prerequisite installer (x32 Version: 16.0.0004 - Nero AG) Hidden
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
PureSync (x32 Version: 4.0.0 - Jumping Bytes) Hidden
PureSync 4.0.0 (HKLM-x32\...\PureSync) (Version: 4.0.0 - Jumping Bytes)
Python 2.7.9 (HKLM-x32\...\{79F081BF-7454-43DB-BD8F-9EE596813232}) (Version: 2.7.9150 - Python Software Foundation)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2.1 r2386 - )
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.39.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.1.39.0 - Renesas Electronics Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.5.8 - Rockstar Games)
SAMSUNG Android USB Modem Software (HKLM\...\SAMSUNG Android USB Modem) (Version: V5.28.2.1 - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.9 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
SD Formatter (HKLM-x32\...\{3F9FB449-93DB-4C47-BB5B-7334C4D1736E}) (Version: 2.9.5 - SDA)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.4.8 - Shark007)
Skype™ 7.15 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.15.102 - Skype Technologies S.A.)
SoundMAX (HKLM-x32\...\{F0A37341-D692-11D4-A984-009027EC0A9C}) (Version: 6.10.2.6585 - Analog Devices)
Spotify (HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\Spotify) (Version: 1.0.6.80.g2a801a53 - Spotify AB)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{A92D0DBB-834A-4CAD-A434-F2232C692516}) (Version: 6.1.4.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.52465 - TeamViewer)
The Bat! v7.0.0 (64-bit) (HKLM\...\{D7DDB3AA-6F8F-4D44-8E9B-EEC8D69882DC}) (Version: 7.0.0 - Ritlabs, SRL)
Toolkit Documentation (x32 Version: 8.100.26866 - Microsoft) Hidden
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52 - Ghisler Software GmbH)
Tunngle (HKLM-x32\...\Tunngle_is1) (Version: 5.7 - Tunngle.net GmbH)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Assessment and Deployment Kit for Windows 8.1 (HKLM-x32\...\{e9e06304-a604-434b-b35f-d9beb94dc06d}) (Version: 8.100.26866 - Microsoft Corporation)
Windows Deployment Tools (HKLM-x32\...\{FEA31583-30A7-0951-718C-AF75DCB003B1}) (Version: 8.100.26866 - Microsoft)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows-Treiberpaket - Google, Inc. (WinUSB) AndroidUsbDeviceClass  (08/28/2014 11.0.0000.00000) (HKLM\...\092555911492C6959D2596D612F52DCA71881CA2) (Version: 08/28/2014 11.0.0000.00000 - Google, Inc.)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
x64 Components v4.4.8 (HKLM\...\Advanced x64Components_is1) (Version: 4.4.8 - Shark007)
x64Components v1.9.0 (HKLM\...\Standard x64Components_is1) (Version: 1.9.0 - Shark007)
xp-AntiSpy 3.98-2 (HKLM-x32\...\xp-AntiSpy) (Version:  - Christian Taubenheim)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sandi\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay => Keine Datei
CustomCLSID: HKU\S-1-5-21-1761784775-3932905665-4126638911-1000_Classes\CLSID\{E04C49B4-D329-4B0B-9AF9-7B8797567561}\InprocServer32 -> c:\program files (x86)\smarttools\word adressfenster-assistent\adxloader64.dll ()

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2015-09-20 13:04 - 00002110 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.nero.com
127.0.0.1 www.nero.com/rus/index.html
127.0.0.1 www.nero.com/rus/support.html
127.0.0.1 www.nero.com/rus/support-customer-service-product-registration.html
127.0.0.1 www.nero.com/rus/store-upgrade-center.html
127.0.0.1 www.nero.com/rus/store-volume-licensing.html
127.0.0.1 www.nero.com/eng/support.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/store-upgrade-center.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/support-customer-service-product-registration.html?NeroSID=392cba06859c3dcd87b47525e97a3b80
127.0.0.1 www.nero.com/eng/index.html
127.0.0.1 www.nero.com/eng/store-upgrade-center.html&sa=X&oi=smap&resnum=1&ct=result&cd=6&usg=AFQjCNFRzc_q0umeKlIj7pPYNNBYCFbXkg
127.0.0.1 www.nero.com/enu/support-nero8.html
127.0.0.1 my.nero.com
127.0.0.1 secure.nero.com/us/secure.asp
127.0.0.1 activation@nero.com
127.0.0.1 registernero.com
127.0.0.1 www.registernero.com
127.0.0.1 nero.com
127.0.0.1 www.nero.com/eng/privacy.html.
127.0.0.1 legal@nero.com
127.0.0.1 support.nero.com
127.0.0.1 lmlicenses.wip4.adobe.com
127.0.0.1 lm.licenses.adobe.com
127.0.0.1 www.twonky.com
127.0.0.1 www.twonkymedia.com
127.0.0.1 activation.acronis.com
127.0.0.1 activate.southrivertech.com

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {018DEBB6-3E3E-47CD-AB46-F3547B83A9D3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {0494B13D-E949-458C-A5CA-EC17EC272948} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {0803C686-2313-4B1C-A490-276F56D7197E} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2015-11-06] (Samsung Electronics.)
Task: {365A7CD5-998E-4A42-8B12-C8CA5F833937} - System32\Tasks\R@1n-KMS\Office365Standard => wmic
Task: {38B58A4F-6B62-480E-87CB-B95B987FC4BD} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {4EFB219B-4DA3-4F7B-81F3-35EA5A3FECA5} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2012-11-08] ()
Task: {5A89F5DE-15F7-44F2-891E-65580021F0E3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
Task: {7A059190-DB8B-4C52-9FE2-7A12AFDA24A1} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {7E47B255-801C-4744-B106-3E3CDC45CE84} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\pcwFlashUpdater.exe [2015-06-11] (IDG Tech Media GmbH)
Task: {97474503-DE2D-4B6E-AF2F-105B42DCEA7F} - System32\Tasks\pcwFlashUpdater => C:\Program Files (x86)\pcwFlashUpdater\pcwFlashUpdater.exe [2014-04-07] (IDG Tech Media GmbH)
Task: {9B37B825-FF59-4750-A1B9-9116DA331796} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-01-21] (Piriform Ltd)
Task: {A5CDD16D-09A1-41A2-889C-7B3ECDB1EE20} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-05-12] ()
Task: {C3D30E6F-C012-4173-B38D-1958A8607BAE} - System32\Tasks\Driver Booster SkipUAC (Sandi) => C:\Program Files (x86)\Driver Booster\DriverBooster.exe
Task: {C742C9D0-0F5B-426E-92E6-BAF0A33CFEBA} - System32\Tasks\{4A0F6DE6-948B-40BD-800C-F61312A80249} => pcalua.exe -a "C:\Users\Sandi\Desktop\Acronis True Image 2014 Premium v17 Build 6673 All In One\Acronis_AIO-DE\Aktivator by nova-s\ActivationAcronisTIH.exe" -d "C:\Users\Sandi\Desktop\Acronis True Image 2014 Premium v17 Build 6673 All In One\Acronis_AIO-DE\Aktivator by nova-s"
Task: {CAAD595A-03EC-48A8-802A-29386AAC63E5} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2013-07-17] ()
Task: {CE4547FD-E582-4175-B081-3BBBF2583AB7} - System32\Tasks\AutoPico Daily Restart => C:\Users\Sandi\Desktop\KMSpico
Task: {D252444B-0E37-4973-ABDD-FE8D7E676C1A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-03] (AVAST Software)
Task: {D325AB69-2C22-40B1-AC7C-7C46DA769E68} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-14] (Google Inc.)
Task: {D32FACEC-A200-4EC6-8E50-3D140C1AC5B0} - System32\Tasks\R@1n-KMS\Office365ProPlus => wmic
Task: {D61A0F32-EB50-47D3-8E27-C05DA0B3E835} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2015-11-01] (Microsoft Corporation)
Task: {E998635B-E17E-42E3-8441-6F6FC9CEFCC0} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-03] (AVAST Software)
Task: {EDC5EDD7-FABE-4747-B194-84D555AD4618} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2015-11-01] (Microsoft Corporation)
Task: {F35C42F4-C21F-4F9B-8AE2-B44987DE4982} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2014-12-11] (Nero AG)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\pcwFlashUpdater.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-09-23 21:06 - 2015-11-01 02:11 - 00161448 _____ () C:\Program Files\Common Files\Microsoft Shared\ClickToRun\ApiClient.dll
2015-09-23 21:20 - 2015-09-23 21:20 - 00026112 _____ () C:\Windows\KMS-R@1n.exe
2014-04-22 07:13 - 2013-01-28 03:49 - 00239184 _____ () C:\ProgramData\MobileBrServ\mbbservice.exe
2015-09-23 21:20 - 2015-09-23 21:20 - 00004608 _____ () C:\Windows\KMS-R@1nhook.exe
2015-01-15 18:01 - 2015-10-13 18:26 - 00125616 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-10-16 16:13 - 2015-03-20 07:24 - 00155616 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_45_x64.dll
2015-08-12 12:22 - 2015-08-12 12:22 - 00019968 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDriveShareFileExtensionEdit.dll
2015-08-12 12:22 - 2015-08-12 12:22 - 00009728 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDrive.WCFClient.dll
2015-08-12 12:22 - 2015-08-12 12:22 - 00009216 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDrive.TextLogger.dll
2015-08-12 12:22 - 2015-08-12 12:22 - 00022528 _____ () C:\Program Files (x86)\Strato\HiDrive\ShellExt\HiDriveShareFileExtensionCreate.dll
2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2015-11-15 18:43 - 2012-11-08 07:38 - 00044608 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
2015-11-15 18:43 - 2013-07-17 16:03 - 00037880 _____ () C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
2015-10-16 17:22 - 2014-08-06 02:04 - 01441792 _____ () C:\Program Files\Everything\Everything.exe
2014-08-20 20:43 - 2014-08-20 20:43 - 00040960 _____ () C:\Program Files (x86)\MyPhoneExplorer\DLL\mpe_gadget_connector_net.dll
2015-10-19 22:30 - 2014-11-29 04:47 - 00131584 _____ () C:\Program Files (x86)\NPowerTray-1.6.3.0\NPowerTray.exe
2015-10-19 22:30 - 2014-11-29 04:47 - 00005632 _____ () C:\Program Files (x86)\NPowerTray-1.6.3.0\de\NPowerTray.resources.dll
2014-02-12 03:37 - 2014-02-12 03:37 - 01391616 _____ () C:\Program Files (x86)\EasyToolz\EasyToolz.exe
2015-08-12 12:22 - 2015-08-12 12:22 - 09157632 _____ () C:\Program Files (x86)\Strato\HiDrive\HiDrive.App.exe
2015-11-15 18:17 - 2015-06-20 17:11 - 00772608 _____ () C:\Program Files (x86)\RadioSure\RadioSureHistory\RadioSure History.exe
2015-03-24 14:28 - 2015-03-24 14:28 - 00036544 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2015-03-24 14:28 - 2015-03-24 14:28 - 00775872 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-12-09 23:17 - 2014-12-09 23:17 - 01009664 _____ () C:\Program Files (x86)\MyPhoneExplorer\DLL\adb.exe
2015-12-03 18:35 - 2015-12-03 18:35 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-03 18:35 - 2015-12-03 18:35 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-05 14:46 - 2015-12-05 14:46 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120500\algo.dll
2015-12-03 18:35 - 2015-12-03 18:35 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-05 21:36 - 2015-12-05 21:36 - 02803200 _____ () C:\Program Files\AVAST Software\Avast\defs\15120504\algo.dll
2014-09-15 20:07 - 2014-09-15 20:07 - 00034624 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\thread_pool.dll
2014-09-15 20:11 - 2014-09-15 20:11 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-09-15 20:08 - 2014-09-15 20:08 - 00129344 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\EXPAT.dll
2015-11-15 18:43 - 2012-07-05 14:56 - 00052800 _____ () C:\Program Files (x86)\Hardcopy\hardcopy_05.dll
2015-10-16 16:13 - 2015-03-20 07:24 - 00141792 _____ () C:\Program Files (x86)\Hardcopy\HcDLL2_45_Win32.dll
2011-02-19 01:10 - 2011-02-19 01:10 - 01789952 _____ () C:\Program Files (x86)\MyPhoneExplorer\IconLib.dll
2015-11-15 18:43 - 2015-11-11 09:17 - 03653088 _____ () C:\Program Files (x86)\Hardcopy\HcDllS.dll
2014-10-22 16:10 - 2014-10-22 16:10 - 00320000 _____ () C:\Program Files (x86)\Strato\HiDrive\CefSharp.dll
2014-10-22 16:10 - 2014-10-22 16:10 - 24977920 _____ () C:\Program Files (x86)\Strato\HiDrive\libcef.dll
2015-12-05 22:45 - 2015-12-05 22:45 - 00011264 _____ () C:\Users\Sandi\AppData\Local\Temp\nspC326.tmp\System.dll
2015-12-03 18:35 - 2015-12-03 18:35 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-11-14 11:59 - 2015-11-06 11:59 - 00021600 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-11-10 09:30 - 2015-11-11 21:05 - 17604296 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll
2014-09-09 12:00 - 2014-09-09 12:00 - 00023576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy_stub.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\TEMP:4FC01C57
AlternateDataStreams: C:\ProgramData\TEMP:D8999815

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1761784775-3932905665-4126638911-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sandi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BstHdAndroidSvc => 2
MSCONFIG\Services: BstHdLogRotatorSvc => 2
MSCONFIG\Services: BstHdUpdaterSvc => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: ndsvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Twonky Server.lnk => C:\Windows\pss\Twonky Server.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Sandi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sandi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Sandi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Samsung Magician.lnk => C:\Windows\pss\Samsung Magician.lnk.Startup
MSCONFIG\startupreg: ACDSeeCommanderUltimate9 => C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\ACDSeeCommanderUltimate9.exe
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Acronis Scheduler2 Service => "C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTibMounterMonitor => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
MSCONFIG\startupreg: ACUW09DE => "C:\Program Files\ACD Systems\ACDSee Ultimate\9.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: HP Software Update =>
MSCONFIG\startupreg: InstallerLauncher => "C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\setuplauncher.exe" /run:"C:\Program Files\Common Files\Bitdefender\SetupInformation\{6F57816A-791A-4159-A75F-CFD0C7EA4FBF}\Installer.exe"
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: NetDrive2 =>
MSCONFIG\startupreg: NoSleepHD =>
MSCONFIG\startupreg: OODefragTray => C:\Program Files\OO Software\Defrag\oodtray.exe
MSCONFIG\startupreg: SamsungRapidApp => C:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Sandi\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TrueImageMonitor.exe => "C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files (x86)\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: Windows Mobile Device Center => %windir%\WindowsMobile\wmdc.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{FC6DD6D7-72A2-4C5B-AC49-7333B1D3F84C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{C1A0B9C3-FD69-4FDC-899B-DB68A7905CF4}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{773A180C-643A-48C0-A739-4726C77C781D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{19A422E4-8A72-4206-8C53-8FEB8F5E224A}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{79EC29AD-209C-4707-AFC3-D63947A2BF7D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{90424549-50F1-4456-8E8F-8354C3E237E6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{5D14B938-32A0-4635-90E2-F3A96A9AC640}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{DD9C9DF0-B564-4A1E-A8A8-33F717A080C7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DD6927B8-DD63-414C-9236-39B165686C06}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{33E348DF-D86B-430C-91DC-B26624557B92}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{20E0E3AA-1B2B-405C-8898-06C92AF3AC3A}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{31ED554D-FBA6-4F0B-A092-653465E54B68}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{FD83E9CE-5597-4BE5-AD36-3917EDD7EA8C}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{E0A550A0-A468-4908-9FFC-60CC8045B12F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{257B191C-FC5C-42F9-B0B8-40FF7E4B55E5}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{FEFE5ABF-F835-41DA-8218-429AF65F970F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{37425618-343C-42FC-807B-44AE82B3FFBD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{759BB088-11E7-4E78-9521-D10D39F21CC6}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{3EC716C4-13E6-44B6-8845-875A4508AD13}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{75088173-8809-4743-9329-464581EAB0CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{D994B29E-1B37-4E64-8D11-07698A4C599D}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{0E7F227D-4278-4F12-BEF1-6F90C70BAA01}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{967FF243-560C-4D57-B56B-8E1C601CB7B8}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [UDP Query User{CA94C46D-9A65-4C0E-BADC-0A0727DA0A98}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe
FirewallRules: [{F32289BC-5363-4558-B719-2C93AC718193}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\KMSpico\kmsserver
FirewallRules: [{75395B62-9462-40BA-906C-D55A821790A8}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{F08BF8B2-6324-4571-BB1A-4F4780387FFA}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe
FirewallRules: [{F9BEAD72-98C6-47E0-8A14-549BF35BE0B9}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{FCF74708-6915-4554-A4A6-BF2727BA632E}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{0B137490-45BD-499A-B8B4-4E7A4FD8263F}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{98E6361E-1088-483F-B0EE-7755CA01BB32}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{467E1269-9DC8-4A8E-9236-E14565109415}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{8A408814-4A06-409B-9A23-E801C8852ADB}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{8B1EF66A-FB88-4F8F-8026-E8B37E167EB2}] => (Block) %SystemDrive%\Spiele\Assassins Creed IV Black Flag Digital Deluxe Edition\AC4BFMP.exe
FirewallRules: [{59016783-DFA5-48F3-A8F3-69D1176A0398}] => (Block) %SystemDrive%\Spiele\Assassins Creed IV Black Flag Digital Deluxe Edition\AC4BFSP.exe
FirewallRules: [{1696CA79-E746-47F6-A758-8146DA4E5EE1}] => (Block) %SystemDrive%\Spiele\Assassins Creed IV Black Flag Digital Deluxe Edition\AC4BFMP.exe
FirewallRules: [{F5F035B1-AC3D-475B-819C-8130CA41314C}] => (Block) %SystemDrive%\Spiele\Assassins Creed IV Black Flag Digital Deluxe Edition\AC4BFSP.exe
FirewallRules: [{259FB380-A310-451F-AA18-F6E2FE144576}] => (Block) %SystemDrive%\Spiele\The Elder Scrolls V Skyrim orig\TESV.exe
FirewallRules: [{31F00A96-FCF7-45A8-84E2-A60443B99254}] => (Block) %SystemDrive%\Spiele\The Elder Scrolls V Skyrim orig\SkyrimLauncher.exe
FirewallRules: [{A690FA17-9D88-474A-B3FF-20B086C50AFB}] => (Block) %SystemDrive%\Spiele\The Elder Scrolls V Skyrim orig\TESV.exe
FirewallRules: [{8C4DDE02-1213-4E4F-9727-D966DC78CB76}] => (Block) %SystemDrive%\Spiele\The Elder Scrolls V Skyrim orig\SkyrimLauncher.exe
FirewallRules: [{5529091A-99B8-4C38-947B-655627305B10}] => (Block) %SystemDrive%\Spiele\Bejeweled 3 Deutsch portable\Bejeweled 3.exe
FirewallRules: [{93708238-C61B-4DE5-A127-BAA2209731FC}] => (Block) %SystemDrive%\Spiele\Bejeweled 3 Deutsch portable\Bejeweled 3.exe
FirewallRules: [{0B10FF3C-FF56-4AC8-A081-57925A7F78EC}] => (Block) %SystemDrive%\Spiele\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [{A6124F55-073D-430C-B443-AA024BA216BD}] => (Block) %SystemDrive%\Spiele\Batman Arkham Origins\SinglePlayer\Binaries\Win32\BatmanOrigins.exe
FirewallRules: [TCP Query User{A0992D80-8446-49E9-BB4A-2C342758EB18}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [UDP Query User{A75FDC03-B4C0-4008-B0F0-A35D42A14A6D}C:\program files (x86)\utorrent\utorrent.exe] => (Allow) C:\program files (x86)\utorrent\utorrent.exe
FirewallRules: [TCP Query User{F0984087-1D44-4237-9021-9F01D7BE6DA8}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [UDP Query User{B8A2C2EA-DE35-48F6-8380-E7EC4B64A716}C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe] => (Allow) C:\program files (x86)\ps3 media server\jre64\bin\javaw.exe
FirewallRules: [{015F51D1-9958-4FCE-91DB-361E03490942}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{7420D7E8-6330-4965-8A59-9BB8DC0B37DA}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe
FirewallRules: [{707F3141-EA1C-4E54-856F-C254E7060E8C}] => (Allow) LPort=21
FirewallRules: [TCP Query User{A910A1EE-0E8F-4EF9-A428-407576B466A6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{E4A23AB3-6CCF-4908-818B-E1D18E404C97}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{D9434A4E-B5EB-4E8E-A993-C0928BC86BF0}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{608415C6-EFCB-436A-92DA-EFBD24BB401C}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\lync.exe
FirewallRules: [{456F553C-7935-41A5-8841-939A6C553DA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{CC7F42B1-933F-4688-B84F-1FCD80F39E24}] => (Allow) C:\Program Files (x86)\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{7D693782-E346-451B-8E3F-17016CA3A8D4}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{C1DC471F-E6D5-48DE-BF39-93DE8FF30796}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe
FirewallRules: [{B90904AF-E641-4EC8-ADF0-8633A1F29DB7}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{5C435B2D-5EF4-4B8E-B775-0992AAC5B72F}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkystarter.exe
FirewallRules: [{334C54A5-955E-43BA-8A71-3EEBBF9943FF}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{A838789E-6A69-406A-8370-23330B77F602}] => (Allow) C:\Program Files (x86)\Twonky\TwonkyServer\twonkyserver.exe
FirewallRules: [{61A1920F-63FD-4FC4-A984-FF646366C31E}] => (Allow) C:\Program Files\NetDrive2\nd2client.exe
FirewallRules: [{C6BDCB2C-C068-47FD-9944-072A7E311774}] => (Allow) C:\Program Files\NetDrive2\NetDrive2.exe
FirewallRules: [{9C6FAC98-094D-4342-AF04-92CDE53BDEBF}] => (Allow) C:\Program Files\NetDrive2\nd2cmd.exe
FirewallRules: [{91C87904-5206-4915-B69C-9EF5AB3B5211}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{A0311BBF-75D2-4A02-9421-D2C6EBCE6B87}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{F83702A3-D3C2-41B2-A73E-D06F9A6C246D}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [{0714D531-9DCE-45B1-A441-2B2EA87B004B}] => (Allow) C:\Program Files\NetDrive\ndsvc.exe
FirewallRules: [TCP Query User{7806A563-5BF3-4F30-9296-382C620E3978}C:\spiele\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\spiele\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [UDP Query User{FA5D244A-F399-40D3-A7FF-200A104454B6}C:\spiele\wolfenstein the new order\wolfneworder_x64.exe] => (Block) C:\spiele\wolfenstein the new order\wolfneworder_x64.exe
FirewallRules: [{06C48007-70AF-4D03-894F-7D5F13D5D8C6}] => (Allow) C:\Spiele\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{E6394C31-6E90-4345-B35A-C4B37D10D8FE}] => (Allow) C:\Spiele\WATCH_DOGS\bin\Watch_Dogs.exe
FirewallRules: [{4615D67D-703C-466E-AD21-97880E01C733}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{2F7867BB-08E3-4E9F-A56E-BA0E297E2498}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C930D0E2-9698-4C71-97BA-8827282B91F7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{C04C80F7-3F74-4C81-9A37-DC3AEA4984E2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{F1E61DB2-DFFA-42CF-9676-DD4438A958BB}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{4FE6F4C0-6ABE-45E6-B6F2-7EC4474FEFA7}] => (Allow) C:\Program Files (x86)\Nero\Nero Blu-ray Player\Blu-rayPlayer.exe
FirewallRules: [{DB4E03D9-B52B-41C8-A5C7-798EBA6248FE}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{D6BA3EB4-300D-499E-989A-95B4B204ED9D}] => (Allow) C:\Program Files\KMSpico\Service_KMS.exe
FirewallRules: [{AAD6FC86-7AB6-4567-8DD3-FF2049440AE1}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{110A2FBE-B2A4-4996-9474-43EF6BFDC3A7}] => (Allow) C:\Program Files\KMSpico\AutoPico.exe
FirewallRules: [{0D71725C-D534-46B5-90B4-FDC5856E1C46}] => (Allow) C:\Users\Sandi\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{C32B587E-2E2C-4046-BADE-28CAA6F3AFC3}] => (Allow) C:\Users\Sandi\AppData\Roaming\Spotify\spotify.exe
FirewallRules: [{41FAC29A-AD9B-4AD4-A97A-A296A95CB6A5}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\IXP000.TMP\crsc.exe
FirewallRules: [{4B53085A-553D-424A-B93D-AEF8C16A0254}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\IXP000.TMP\crsc.exe
FirewallRules: [{DC3BCFE9-0A9A-4695-AFF2-D1D8EBA49740}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\crcss.exe
FirewallRules: [{4AB709D6-C207-4445-8230-89E1FC74CB96}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\crcss.exe
FirewallRules: [{99EE322A-6F40-44BD-81EF-3140E9710C70}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\crcss.exe
FirewallRules: [{42CABC61-0F08-41C0-B4B9-837F70A8D81C}] => (Allow) C:\Users\Sandi\AppData\Local\Temp\crcss.exe
FirewallRules: [{9CE8912E-6194-49E8-B4C2-E8D5512AEBA0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{239E7C67-15B9-4D42-BE98-E09979FC2997}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D7546ECE-669E-4D71-846C-736190C1039C}] => (Allow) C:\Spiele\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{00A5CC94-D2B7-406D-853B-CFA893DC2B97}] => (Allow) C:\Spiele\Assassin's Creed Rogue\ACC.exe
FirewallRules: [{CFBF265A-F8E4-4A8E-AE27-9B926C42BFE3}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\StartNBR.exe
FirewallRules: [{2C6F87DF-D054-4F39-98CC-FB889E612EEB}] => (Allow) C:\Program Files (x86)\Nero\Nero 2015\Nero Burning ROM\nero.exe
FirewallRules: [{A2C85FDA-AAC3-4B7D-AF16-1301A1B77BFE}] => (Block) %ProgramFiles% (x86)\VMware\VMware Workstation\vmware.exe
FirewallRules: [{8FFD5DA6-943A-4560-A48D-3F0FE6EAF596}] => (Block) %ProgramFiles% (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{43314B8A-79A9-46F0-B977-ED49EEAD5459}] => (Allow) %ProgramFiles% (x86)\FileZilla Server\FileZilla Server.exe
FirewallRules: [{00746ED0-0957-4523-BC75-BCEB5AD2A7B1}] => (Allow) C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{906CD530-68BA-449E-BB2B-33609E9B743C}] => (Allow) C:\Program Files\WebDrive\WebDrive.exe
FirewallRules: [{CC9243A0-5A3C-41EA-87C9-DCD872E5534C}] => (Allow) C:\Program Files\WebDrive\wdService.exe
FirewallRules: [{6EFBC0D5-B0E5-4283-AB7B-20A2BBDA3CEB}] => (Allow) C:\Program Files\WebDrive\wdService.exe
FirewallRules: [TCP Query User{5277435D-B710-4EBB-9B32-A83B48D6BBD8}C:\spiele\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Block) C:\spiele\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [UDP Query User{14F15F86-40DF-46BF-B753-A72FEB36C58E}C:\spiele\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe] => (Block) C:\spiele\the vanishing of ethan carter redux\ethancarter\binaries\win64\ethancarter-win64-shipping.exe
FirewallRules: [{AB9F609C-E986-4473-92A3-61295505CEBE}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{784ACBF1-6FE9-4E45-A91E-50F430C310FB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A83FA982-BF2A-4F15-99E2-8E11F0535F9D}] => (Allow) C:\Users\Sandi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [{A164D62A-53F3-4CAF-AEE6-05A4E3749C12}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{8F21C87B-827C-450B-8F3A-8056B0719689}] => (Allow) C:\Windows\KMS-R@1n.exe
FirewallRules: [{5ACB75E1-BB17-4262-AD39-4ABBC31EF1B5}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F2CAD770-FE89-448D-9A56-EA00CECD203D}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{24F5A8D7-AF8D-4227-BB8B-72DF3BE8F81C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{34DE28FF-8C06-4863-9877-576768955D33}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4F084731-C657-49F8-A26C-C25093207FC1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{793C1D71-79F0-4F1E-B721-1AE9F0B4E63D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{67A184E4-7935-4207-B42A-E6112AA92785}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{7E557592-CCC1-4AAD-B070-450CFFF6A5FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{88CC641A-EFBC-4345-8F12-BB7B5C9D567D}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{05CFA6CD-0709-4CEC-94F2-5282C8D7A2AD}] => (Allow) C:\Program Files (x86)\Tunngle\TnglCtrl.exe
FirewallRules: [{76DF2499-7D89-4E92-A900-DDC14226A685}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{0B25ED44-93BF-4DC4-9904-316B6B1DBCF3}] => (Allow) C:\Program Files (x86)\Tunngle\Tunngle.exe
FirewallRules: [{1A130FBA-6EF1-4607-99AF-1D51099A24A5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C0D533F7-CE89-4681-ADBB-14863B3D2FD5}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E927BBDE-4D70-4A13-8359-6E6695C95EFE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{970709EF-B431-4E76-A0E4-EF1432897638}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\Ace Translator\AceTrans.exe] => Enabled:Ace Translator
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Ace Translator\AceTrans.exe] => Enabled:Ace Translator

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/05/2015 10:43:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BorderlandsPreSequel.exe, Version: 1.0.50.51527, Zeitstempel: 0x55e90741
Name des fehlerhaften Moduls: ddraw.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4a5bd9b8
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5fbaa5e0
ID des fehlerhaften Prozesses: 0x9dc
Startzeit der fehlerhaften Anwendung: 0xBorderlandsPreSequel.exe0
Pfad der fehlerhaften Anwendung: BorderlandsPreSequel.exe1
Pfad des fehlerhaften Moduls: BorderlandsPreSequel.exe2
Berichtskennung: BorderlandsPreSequel.exe3

Error: (12/05/2015 05:36:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2015 02:46:09 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/05/2015 11:32:12 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2015 11:40:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/04/2015 11:40:57 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"1". Fehler in Manifest- oder Richtliniendatei "UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"2" in Zeile  UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0"3.
Die im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente überein.
Verweis: UccApi,processorArchitecture="AMD64",type="win32",version="16.0.0.0".
Definition: UccApi,processorArchitecture="x86",type="win32",version="16.0.0.0".
Verwenden Sie das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error: (12/04/2015 01:56:26 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BorderlandsPreSequel.exe, Version: 1.0.50.51527, Zeitstempel: 0x55e90741
Name des fehlerhaften Moduls: XAudio2_7.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x4c0641e5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x5be4a5e0
ID des fehlerhaften Prozesses: 0x1dbc
Startzeit der fehlerhaften Anwendung: 0xBorderlandsPreSequel.exe0
Pfad der fehlerhaften Anwendung: BorderlandsPreSequel.exe1
Pfad des fehlerhaften Moduls: BorderlandsPreSequel.exe2
Berichtskennung: BorderlandsPreSequel.exe3

Error: (12/03/2015 08:17:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 06:48:34 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/03/2015 12:40:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


Systemfehler:
=============
Error: (12/05/2015 05:38:16 PM) (Source: WMPNetworkSvc) (EventID: 14319) (User: )
Description: WMPNetworkSvc

Error: (12/05/2015 05:35:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NetDrive2 Notifier" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/05/2015 05:34:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%109

Error: (12/05/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Acronis Sync Agent Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Erkennung interaktiver Dienste" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/05/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/05/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Disc Soft Pro Bus Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/05/2015 05:34:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Office Software Protection Platform" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/05/2015 05:34:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SAMSUNG Mobile Connectivity Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2015-11-29 18:47:09.961
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\bdmpega64.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-29 18:47:09.822
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\ac3acm.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-29 18:47:09.685
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aacacm.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-29 18:47:09.547
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codecp.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-29 18:47:09.408
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\ac3filter.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-29 18:47:09.247
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codeca.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-27 13:45:53.304
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\bdmpega64.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-27 13:45:53.187
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\ac3acm.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-27 13:45:53.073
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\aacacm.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2015-11-27 13:45:52.953
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume1\Windows\System32\l3codecp.acm" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz
Prozentuale Nutzung des RAM: 35%
Installierter physikalischer RAM: 8191.11 MB
Verfügbarer physikalischer RAM: 5277.76 MB
Summe virtueller Speicher: 9213.3 MB
Verfügbarer virtueller Speicher: 5689.22 MB

==================== Laufwerke ================================

Drive c: (System) (Fixed) (Total:232.88 GB) (Free:105.74 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: (Serien) (Fixed) (Total:1863.01 GB) (Free:50.17 GB) NTFS
Drive e: (Daten) (Fixed) (Total:1863.01 GB) (Free:4.29 GB) NTFS
Drive f: (Daten2) (Fixed) (Total:232.82 GB) (Free:53.81 GB) NTFS
Drive g: (Minimi) (Fixed) (Total:931.51 GB) (Free:1.98 GB) NTFS
Drive h: (32GB) (Removable) (Total:29.42 GB) (Free:9.78 GB) NTFS
Drive s: (HiDrive) (Fixed) (Total:20 GB) (Free:19.94 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: BD8B054B)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (Size: 232.8 GB) (Disk ID: 00000081)
Partition 1: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 072F034F)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: 072F034E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 74061040)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 5 (MBR Code: Windows 7 or 8) (Size: 29.4 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=29.4 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

Sm4sH 07.12.2015 17:02
Liste der Anhänge anzeigen (Anzahl: 1)
Habe eben bemerkt das meine CPU-Auslastung bei plus minus 30 % liegt. Mal höher mal niederiger. Siehe Screen vom Ressourcenmonitor.

Was hat es denn mit der Winlogon.exe aufsich, ist mal einmal mal mehrmals vorhanden?

Kurze Zeit später war wieder Ruhe...

Sm4sH 07.12.2015 20:26
Liste der Anhänge anzeigen (Anzahl: 1)
Sorry das ich nochmal schreibe, aber jetzt ist es extrem. Selbst die Maus beim Bewegen ruckelt.
CPU-Auslastung hoch und die Winlogon.exe Prozesse stimmen mich nachdenklich.
Ist doch nicht normal so viele oder? Nochmal nen Screener angehängt.

schrauber 08.12.2015 20:28
ProcessExplorer als Ersatz für den Windows Taskmanager installieren

Lade Dir den Process Explorer als Ersatz für den Taskmanager herunter und installiere ihn, hier findest Du eine Anleitung. Das ist ein wesentlich leistungsfähigerer Ersatz für den Windows-Taskmanager. Im Menü unter "Options" kannst Du den ProcessExplorer dauerhaft als Ersatz für den Taskmanager einrichten (Replace Taskmanager). Das ist sehr empfehlenswert, weil der ProcessExplorer erheblich mehr Funktionen als der Taskmanager hat. Wenn Du diese Einstellung gemacht hast, öffnet sich mit der Tastenkombination STRG + ALT + Entf. nicht mehr der Taskmanager, sondern der ProcessExplorer. Das kann jederzeit durch Abhaken dieser Einstellung wieder rückgängig gemacht werden.

Was wir jetzt konkret brauchen: In jeder Zeile steht ein Prozess, ein paar der Zeilen sind keine richtigen Prozesse, sondern nur Pseudoprozesse für die Tätigkeit des Windos-Kernels. Im Menü View => Select Columns wird ein Dialog geöffnet, in dem Du auswählen kannst, welche Spalten mit Informationen zu den Prozessen angezeigt werden sollen. In dem gehe in das Register "Process Performance" und stelle sicher, dass dort "CPU Usage" angehakt ist, "CPU History" wäre ebenfalls sinnvoll. Unter "CPU Usage" wird der aktuelle Wert der Prozessorauslastung für jeden Prozess angezeigt (im Tabellentitel steht nur kurz "CPU"), "CPU History" blendet für jeden Prozess ein Diagramm ein, das eine Kurve mit der Prozessorauslastung für die letzte Zeit anzeigt.

Damit sollte es Dir möglich sein, zu identifizieren, welcher Prozess Deine CPU in Trab hält. Mache einen Doppelklick auf den Prozess. Du kannst von dem ganzen auch einen Screenshot machen und ihn als Anhang mit Deiner Antwort hochladen (auf "Erweitert" unter dem Textfeld klicken und über "Anhänge verwalten" auf Deinem Rechner suchen lassen und über "Hochladen" anhängen).


Alle Zeitangaben in WEZ +1. Es ist jetzt 02:54 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22