Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   AdWare installiert sich immer wieder selber (Win8.1) (https://www.trojaner-board.de/176500-adware-installiert-immer-selber-win8-1-a.html)

Tritron 01.03.2016 14:59
AdWare installiert sich immer wieder selber (Win8.1)
 
Hi,

Ich habe ein kleines Problem mit meinem (neuen) Rechner. Seit dem ich eine Seite mit dem Namen Springfiles besucht habe und eine Datei heruntergeladen habe kommt andauernd Werbung in meinen Browsern. Außerdem druckt mein Drucker sobald er an dem PC angeschlossen ist pausenlos irgendwas über Homosexuelle. Ich will nicht wissen was der "Virus sonst noch alles gemacht hat. Mein Problem ist dass ich Chrome und Firefox garnicht mehr nutzen kann da dort nur Werbung ist, und in Internet Explorer kann ich nur Google oder dieses Forum besuchen.
Ich habe schon bestimmt 5 Anleitungen abgearbeitet bevor ich auf dieses Forum gestoßen bin, (Malwarebytes, ADWCleaner, Revo, ...). Alle haben Ad- und Malware gefunden, jedoch "installiert" sich diese Werbung (by capricornus) immer und immer wieder.) Die Ausgangsdatei habe ich selbstverständlich wieder gelöscht, doch das Problem tritt immernoch auf.
Solange ich nicht zu 100% sicher sein kann dass ich keine Viren mehr auf meinem PC habe kann ich ihn leider auch nicht mehr für PayPal oder ähnliche Dienste nutzen.

FRST Logs:

FRST.txt:
[Spoiler]
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:27-02-2016
durchgeführt von German (Administrator) auf HENDRYK (01-03-2016 14:42:19)
Gestartet von C:\Users\German\Downloads
Geladene Profile: German &  (Verfügbare Profile: admin & German & Papa)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe
(AnchorFree Inc.) C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
() C:\Windows\System32\PnkBstrA.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Gainward Co. Ltd.) C:\Program Files (x86)\EXPERTool\TBPanel.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(© 2015 Microsoft Corporation) C:\Users\German\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.21.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.92.21.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\Purplizer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.21.0\OverwolfBrowser.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.92.21.0\OverwolfBrowser.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Users\German\Downloads\adwcleaner_5.037.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-05-28] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2789248 2016-02-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15003256 2015-09-19] (Logitech Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-09-04] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170256 2015-10-16] (Apple Inc.)
HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2292912 2015-09-17] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [917112 2015-10-08] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [804168 2016-02-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [StatusAlerts] => C:\Program Files (x86)\HP\StatusAlerts\bin\HPStatusAlerts.exe [330176 2014-08-19] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2195416 2015-05-29] (Gainward Co. Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-02-02] (Electronic Arts)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [BingSvc] => C:\Users\German\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-02-11] (Overwolf LTD)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Dexpot] => G:\Dexpot\dexpot.exe [1845296 2014-09-04] (Dexpot GbR)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Run: [MurGee.com Auto Clicker] => G:\Auto Clicker\AutoClicker.exe [124072 2016-01-14] (MurGee.com)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [TBPanel] => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2195416 2015-05-29] (Gainward Co. Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3639280 2016-02-02] (Electronic Arts)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3014224 2016-02-04] (Valve Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [BingSvc] => C:\Users\German\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-11] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [60688 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [61200 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [103696 2015-10-21] (Apple Inc.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [45296 2016-02-11] (Overwolf LTD)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CyberGhost] => "C:\Program Files\CyberGhost 5\CyberGhost.exe" /autostart /min
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dexpot] => G:\Dexpot\dexpot.exe [1845296 2014-09-04] (Dexpot GbR)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50615936 2016-01-18] (Skype Technologies S.A.)
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [MurGee.com Auto Clicker] => G:\Auto Clicker\AutoClicker.exe [124072 2016-01-14] (MurGee.com)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWow64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-09-11] ()
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll [2014-05-01] ()
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} =>  Keine Datei
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWow64\CbFsMntNtf3.dll [2012-04-09] (EldoS Corporation)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7D799B41-54F3-47C6-AE88-26F3C57B6DC2}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{8718928D-CBEB-45EA-A621-800A9249001D}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{951E8EDF-B09B-4639-977F-2857679E2F0A}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{B8FD05E0-44B9-4037-AEFB-3A369EE66CC2}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{bbed3e08-0b41-11e3-8249-806e6f6e6963}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{D48B96C9-F2FC-40F4-96B8-7BC7A17A7EC9}: [NameServer] 10.0.0.1
Tcpip\..\Interfaces\{D48B96C9-F2FC-40F4-96B8-7BC7A17A7EC9}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {27B3153F-C6B6-4AC8-A300-25EA0AE6E6E1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {92EE6304-7779-4A2B-BF23-4BF4DB1AD39E} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {A2A1DE56-07DD-46DB-A2E2-FFD328CCB63E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {C736CDB4-2297-4972-B35C-3C02C11F285A} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002 -> {E688550F-FD47-4F80-A2F2-DD4AEF500166} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {27B3153F-C6B6-4AC8-A300-25EA0AE6E6E1} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {92EE6304-7779-4A2B-BF23-4BF4DB1AD39E} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A2A1DE56-07DD-46DB-A2E2-FFD328CCB63E} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C736CDB4-2297-4972-B35C-3C02C11F285A} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E688550F-FD47-4F80-A2F2-DD4AEF500166} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_71\bin\ssv.dll [2016-01-30] (Oracle Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-01-30] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-10-15] (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-15] (Oracle Corporation)
BHO-x32: Kein Name -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_306.dll [2016-02-10] ()
FF Plugin: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-01-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-01-30] (Oracle Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-09-17] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll [2016-02-10] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-10-08] ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll [2011-11-03] (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll [2013-09-16] (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-29] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-15] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-09-17] (Adobe Systems)
FF Plugin HKU\S-1-5-21-4250030646-1501493049-109087217-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\German\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\German\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS)
FF Extension: Flash and Video Download - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-01-26]
FF Extension: Greasemonkey - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2016-01-26]
FF Extension: Kein Name - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\extensions\yahooprotected@gmail.com [nicht gefunden]
FF Extension: Avira Browser Safety - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\abs@avira.com [2016-02-18]
FF Extension: MEGA - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\firefox@mega.co.nz.xpi [2016-02-18]
FF Extension: Oasis Space 1.0.1 - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\{307918f0-0f35-499c-953c-5e64815cd976}.xpi [2016-02-29] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\German\AppData\Roaming\Mozilla\Firefox\Profiles\AoEQNFUc.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-20]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.de/
CHR Profile: C:\Users\German\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-15]
CHR Extension: (Google Docs) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-15]
CHR Extension: (Google Drive) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-26]
CHR Extension: (YouTube) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-15]
CHR Extension: (Adblock Plus) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2016-02-06]
CHR Extension: (Google-Suche) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-12-19]
CHR Extension: (Google Tabellen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-15]
CHR Extension: (iCloud-Lesezeichen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkepacicchenbjecpbpbclokcabebhah [2015-10-16]
CHR Extension: (Avira Browserschutz) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2016-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-19]
CHR Extension: (Norton Identity Safe) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-10-16]
CHR Extension: (BitGo) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgeogaipkoajobchncghcojanffjfhl [2015-12-02]
CHR Extension: (Skype) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-12-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-15]
CHR Extension: (Google Mail) - C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-15]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [669872 2015-09-15] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2020056 2016-02-09] (Adobe Systems, Incorporated)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2016-02-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1417592 2016-02-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-10-07] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2014-01-28] ()
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1345056 2016-02-11] ()
S3 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437880 2015-10-08] (BlueStack Systems, Inc.)
S3 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417400 2015-10-08] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [855672 2015-10-08] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1164672 2016-02-17] (NVIDIA Corporation)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [176128 2014-06-24] (HP) [Datei ist nicht signiert]
R2 hshld; C:\Program Files (x86)\Hotspot Shield\bin\cmw_srv.exe [2048720 2015-11-13] (AnchorFree Inc.)
S3 HssTrayService; C:\Program Files (x86)\Hotspot Shield\bin\HssTrayService.EXE [96600 2015-11-13] ()
R2 HssWd; C:\Program Files (x86)\Hotspot Shield\bin\hsswd.exe [851152 2015-11-13] (AnchorFree Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-05-28] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-29] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [192120 2015-09-19] (Logitech Inc.)
S2 MBAMService; G:\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [6474112 2016-02-17] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2609024 2016-02-17] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2016-02-02] (Electronic Arts)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1009904 2016-02-11] (Overwolf LTD)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2016-01-18] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2016-01-17] ()
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [10752 2015-10-15] () [Datei ist nicht signiert]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 Gittuiu; "C:\Users\German\AppData\Roaming\AodoJamp\Feklaf.exe" -cms [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-01-28] ()
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-13] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146704 2016-02-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-13] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-13] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [146040 2015-10-08] (BlueStack Systems)
R3 cbfs3; C:\Windows\System32\drivers\cbfs3.sys [352144 2012-04-09] (EldoS Corporation)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-29] (Intel Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28032 2016-02-17] (NVIDIA Corporation)
S3 NVSWCFilter; C:\Windows\System32\drivers\nvswcfilter.sys [19616 2015-06-17] (Windows (R) Win 7 DDK provider)
R3 NVVADARM; C:\Windows\system32\drivers\nvvadarm.sys [47672 2016-02-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
S3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [3860224 2015-08-05] (Realtek Semiconductor Corporation                          )
R3 ScpVBus; C:\Windows\System32\drivers\ScpVBus.sys [39168 2015-10-27] (Scarlet.Crush Productions)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42088 2015-11-13] (Anchorfree Inc.)
R3 VBAudioVACMME; C:\Windows\system32\DRIVERS\vbaudio_cable64_win7.sys [41192 2013-07-11] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 CsrBtPort; \SystemRoot\system32\DRIVERS\CsrBtPort.sys [X]
S3 csrpan; \SystemRoot\system32\DRIVERS\csrpan.sys [X]
S3 csrserial; \SystemRoot\system32\DRIVERS\csrserial.sys [X]
S3 csrusb; \SystemRoot\System32\Drivers\csrusb.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 IntcAzAudAddService; \SystemRoot\system32\drivers\RTKVHD64.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-01 14:42 - 2016-03-01 14:42 - 00037207 _____ C:\Users\German\Downloads\FRST.txt
2016-03-01 14:41 - 2016-03-01 14:42 - 00000000 ____D C:\FRST
2016-03-01 14:41 - 2016-03-01 14:41 - 02371072 _____ (Farbar) C:\Users\German\Downloads\FRST64.exe
2016-03-01 14:34 - 2016-03-01 14:34 - 00002628 _____ C:\Windows\System32\Tasks\ParetoLogic Registration3
2016-03-01 14:34 - 2016-03-01 14:34 - 00000438 _____ C:\Windows\Tasks\ParetoLogic Registration3.job
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\Users\German\AppData\Roaming\ParetoLogic
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\Users\German\AppData\Roaming\DriverCure
2016-03-01 14:33 - 2016-03-01 14:33 - 00000000 ____D C:\ProgramData\ParetoLogic
2016-03-01 14:32 - 2016-03-01 14:32 - 05964208 _____ (ParetoLogic Inc.) C:\Users\German\Downloads\ParetoLogic PC Health Advisor.exe
2016-03-01 08:32 - 2016-03-01 08:32 - 00263142 _____ C:\Users\Papa\Downloads\Husar_OD_11563_091115_9.pdf
2016-02-29 19:30 - 2016-03-01 14:25 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-02-29 19:30 - 2016-02-29 19:30 - 22908888 _____ (Malwarebytes ) C:\Users\German\Downloads\mbam-setup-2.2.0.1024.exe
2016-02-29 19:30 - 2016-02-29 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-02-29 19:30 - 2016-02-29 19:30 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-02-29 19:30 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-02-29 19:30 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-02-29 19:30 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-02-29 19:19 - 2016-02-29 19:19 - 00000000 ____D C:\Windows\system32\lut
2016-02-29 19:13 - 2016-03-01 14:35 - 00000000 ____D C:\AdwCleaner
2016-02-29 19:13 - 2016-02-29 19:13 - 01518592 _____ C:\Users\German\Downloads\adwcleaner_5.037.exe
2016-02-29 18:42 - 2016-02-29 19:40 - 00000000 ____D C:\Users\German\AppData\LocalLow\Company
2016-02-29 18:42 - 2016-02-29 18:42 - 00003344 _____ C:\Windows\System32\Tasks\Aviel
2016-02-29 18:42 - 2016-02-29 18:42 - 00000000 ____D C:\Users\German\AppData\Local\Tempfolder
2016-02-29 18:42 - 2016-02-29 18:42 - 00000000 ____D C:\uninst
2016-02-29 18:41 - 2014-11-24 22:09 - 00020872 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2016-02-29 18:40 - 2016-02-29 18:40 - 04255744 _____ C:\Users\German\Downloads\remouse_standard_3.4_crack.iso
2016-02-29 18:28 - 2016-02-29 18:28 - 00000000 ____D C:\Users\German\Documents\AutomaticSolution Software
2016-02-29 18:28 - 2016-02-29 18:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReMouse Standard
2016-02-29 18:27 - 2016-02-29 18:27 - 01162728 _____ (AutomaticSolution Software ) C:\Users\German\Downloads\ReMouseStandard-Setup.exe
2016-02-28 15:12 - 2016-02-28 15:12 - 00000419 _____ C:\Users\German\Downloads\listen-dsl.pls
2016-02-28 11:49 - 2016-02-28 11:49 - 00093222 _____ C:\Users\German\Downloads\Husar®+Plus+(Husar®+Plus+%2b+Mero®).pdf
2016-02-28 10:43 - 2016-02-28 10:43 - 00000042 _____ C:\Windows\SysWOW64\AK083E209605E394C.lie
2016-02-28 10:42 - 2016-02-28 10:43 - 02670160 _____ (www.PerfectUninstaller.com ) C:\Users\German\Downloads\PerfectUninstaller_Setup.exe
2016-02-27 15:35 - 2016-02-27 15:35 - 00137728 _____ C:\Users\German\Downloads\ZombieHack (1).exe
2016-02-27 15:24 - 2016-02-27 15:24 - 00137728 _____ C:\Users\German\Downloads\ZombieHack.exe
2016-02-26 17:53 - 2016-02-26 17:53 - 00000257 _____ C:\Users\Papa\Desktop\Renault Top-Angebote.url
2016-02-26 12:33 - 2016-02-26 12:33 - 01855998 _____ C:\Users\Papa\Desktop\Duster.pdf
2016-02-24 21:11 - 2016-02-24 21:11 - 00030377 _____ C:\Users\German\Downloads\Leer 6.pdf
2016-02-24 17:59 - 2016-02-24 17:59 - 00128595 _____ C:\Users\German\Downloads\Leer 6.pages
2016-02-22 18:18 - 2016-02-24 14:46 - 00000000 ____D C:\Users\German\Desktop\Französisch
2016-02-22 14:45 - 2016-02-22 14:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auto Clicker
2016-02-22 14:44 - 2016-02-22 14:44 - 00855448 _____ (MurGee.com ) C:\Users\German\Downloads\setup.exe
2016-02-19 22:04 - 2016-02-29 19:40 - 00000642 _____ C:\Users\Public\Desktop\Flixster.lnk
2016-02-19 22:04 - 2016-02-29 19:40 - 00000642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flixster.lnk
2016-02-19 22:04 - 2016-02-19 22:04 - 00000000 ____D C:\Users\German\AppData\Roaming\com.wb.DC2
2016-02-19 22:04 - 2016-02-19 22:04 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-02-19 22:04 - 2016-02-19 22:04 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-02-19 21:54 - 2016-02-19 21:54 - 00000000 ____D C:\Users\German\AppData\Roaming\dvdcss
2016-02-19 19:32 - 2016-02-19 19:32 - 00000278 _____ C:\Users\German\Downloads\wspam-illuminati.zip
2016-02-19 18:45 - 2016-02-19 18:45 - 00000300 _____ C:\Users\German\Downloads\wspam-bob.zip
2016-02-19 10:37 - 2016-02-09 09:39 - 42982336 _____ C:\Windows\system32\nvcompiler.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 37616696 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 31081920 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 24916536 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 21193032 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 20733832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 17625136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 17218792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 12383288 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2016-02-19 10:37 - 2016-02-09 09:39 - 03145272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 02722872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436191.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436191.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00880576 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00878816 _____ C:\Windows\system32\nvmcumd.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00747064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00691256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00469144 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00423360 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00423080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00388560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00379448 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00175368 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00153208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00151368 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00128696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00124352 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcaparm.dll
2016-02-19 10:37 - 2016-02-09 09:39 - 00047672 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvadarm.sys
2016-02-19 10:34 - 2016-02-19 10:36 - 00000000 ____D C:\Users\German\Desktop\EndeavourPC
2016-02-19 10:31 - 2016-02-19 10:31 - 00000000 ____D C:\Users\German\AppData\Roaming\Mael
2016-02-19 10:28 - 2016-02-19 10:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor
2016-02-19 10:27 - 2016-02-19 10:31 - 00000000 ____D C:\Users\German\Desktop\uzhz78uh8uz7huh8
2016-02-19 10:27 - 2016-01-29 10:52 - 00792576 _____ (Alexander Blade) C:\Users\German\Desktop\ScriptHookV.dll.bak
2016-02-18 15:32 - 2016-02-18 15:32 - 00242312 _____ C:\Users\German\Downloads\Firefox Setup Stub 44.0.2.exe
2016-02-18 14:37 - 2016-02-18 14:37 - 00000640 _____ C:\Users\German\Desktop\asdasdasdasd.txt
2016-02-18 14:35 - 2016-02-18 14:35 - 02391038 _____ C:\Users\German\Downloads\ApocalypseBot.jar
2016-02-18 10:36 - 2016-02-18 10:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-02-17 20:10 - 2016-02-17 20:10 - 00375451 _____ C:\Users\German\Downloads\Biologie_LP_SekII.pdf
2016-02-17 20:07 - 2016-02-17 20:07 - 00326271 _____ C:\Users\German\Downloads\physik-gym-oberstufe.pdf
2016-02-17 07:58 - 2016-02-17 07:58 - 00059548 _____ C:\Users\Papa\Downloads\Konto_117581439-Auszug_2015_010.PDF
2016-02-17 07:58 - 2016-02-17 07:58 - 00059234 _____ C:\Users\Papa\Downloads\Konto_117581439-Auszug_2015_011.PDF
2016-02-15 12:24 - 2016-02-15 12:24 - 00000000 ____D C:\Users\Papa\AppData\Roaming\HpUpdate
2016-02-15 06:56 - 2016-02-15 06:56 - 00058322 _____ C:\Users\Papa\Downloads\Konto_117581439-Auszug_2016_001.PDF
2016-02-14 10:32 - 2016-02-14 10:32 - 00424544 _____ C:\Users\Papa\Downloads\mainradweg--weisser-main.gpx
2016-02-13 16:02 - 2016-02-13 16:02 - 00011510 _____ C:\Users\German\Desktop\Arma3Launcher_Exception_20160213T150213.txt
2016-02-13 16:02 - 2016-02-09 06:41 - 00530368 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-02-13 16:02 - 2016-02-09 06:41 - 00081856 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-02-13 16:01 - 2016-01-23 04:42 - 01924152 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6436175.dll
2016-02-13 16:01 - 2016-01-23 04:42 - 01573432 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6436175.dll
2016-02-13 15:05 - 2016-02-13 15:05 - 00000000 ____D C:\Users\German\Documents\Mein Garmin
2016-02-13 11:03 - 2016-02-13 15:06 - 00000000 ____D C:\Users\German\AppData\Roaming\Garmin
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\Users\German\AppData\Local\GARMIN_Corp
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\Users\German\AppData\Local\Garmin
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2016-02-13 11:03 - 2016-02-13 11:03 - 00000000 ____D C:\Program Files (x86)\Garmin
2016-02-13 11:02 - 2016-02-13 11:02 - 104822528 _____ C:\Users\German\Downloads\BaseCamp_462.exe
2016-02-13 10:03 - 2016-02-13 10:03 - 01615659 _____ C:\Users\Papa\Downloads\Expert_UV_40B.pdf
2016-02-12 01:01 - 2016-02-12 01:01 - 00963009 _____ C:\Users\German\Documents\Präsentation 3 (2).pptx
2016-02-11 10:35 - 2016-02-06 11:48 - 25839104 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-11 10:35 - 2016-02-06 11:24 - 02887680 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-11 10:35 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-02-11 10:35 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-02-11 10:35 - 2016-02-06 10:32 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-11 10:35 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-02-11 10:35 - 2016-02-06 10:09 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-11 10:35 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-02-11 10:01 - 2016-01-22 09:01 - 22365992 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-02-11 10:01 - 2016-01-22 08:11 - 19794896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-02-11 10:01 - 2016-01-22 07:40 - 00571904 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-11 10:01 - 2016-01-22 07:29 - 06052352 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-11 10:01 - 2016-01-22 07:28 - 00108544 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2016-02-11 10:01 - 2016-01-22 07:27 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-11 10:01 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-02-11 10:01 - 2016-01-22 06:55 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-02-11 10:01 - 2016-01-22 06:52 - 00099328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2016-02-11 10:01 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2016-02-11 10:01 - 2016-01-22 06:50 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-11 10:01 - 2016-01-22 06:48 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-11 10:01 - 2016-01-22 06:48 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-11 10:01 - 2016-01-22 06:47 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-11 10:01 - 2016-01-22 06:46 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-11 10:01 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-02-11 10:01 - 2016-01-22 06:31 - 02597376 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-11 10:01 - 2016-01-22 06:31 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-02-11 10:01 - 2016-01-22 06:28 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2016-02-11 10:01 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2016-02-11 10:01 - 2016-01-22 06:25 - 14467072 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-02-11 10:01 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-02-11 10:01 - 2016-01-22 06:25 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2016-02-11 10:01 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2016-02-11 10:01 - 2016-01-22 06:14 - 12879360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-02-11 10:01 - 2016-01-22 06:08 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-11 10:01 - 2016-01-22 06:07 - 02778624 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-02-11 10:01 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-02-11 10:01 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-02-11 10:01 - 2016-01-22 05:58 - 02464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-02-11 10:01 - 2016-01-19 20:14 - 07453024 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-11 10:01 - 2016-01-19 20:13 - 02175008 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2016-02-11 10:01 - 2016-01-19 20:13 - 01063464 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2016-02-11 10:01 - 2016-01-19 20:12 - 01737088 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-11 10:01 - 2016-01-19 20:12 - 01133744 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-11 10:01 - 2016-01-19 19:23 - 01564496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2016-02-11 10:01 - 2016-01-19 19:23 - 01501496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-02-11 10:01 - 2016-01-19 19:23 - 00548024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinTypes.dll
2016-02-11 10:01 - 2016-01-19 19:15 - 00246784 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-02-11 10:01 - 2016-01-19 18:30 - 00862720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2016-02-11 10:01 - 2016-01-19 17:37 - 00267776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincorlib.dll
2016-02-11 10:01 - 2016-01-15 02:42 - 00033472 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-11 10:01 - 2016-01-14 21:44 - 01362944 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 01162240 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00677376 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-11 10:01 - 2016-01-14 21:44 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-11 10:01 - 2016-01-10 20:37 - 00442720 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-11 10:01 - 2016-01-10 20:37 - 00136912 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-11 10:01 - 2016-01-10 19:39 - 00332640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-02-11 10:01 - 2016-01-10 19:15 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-11 10:01 - 2016-01-10 19:15 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-11 10:01 - 2016-01-10 18:50 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\cfgbkend.dll
2016-02-11 10:01 - 2016-01-10 18:43 - 00445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2016-02-11 10:01 - 2016-01-10 18:31 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msorcl32.dll
2016-02-11 10:01 - 2016-01-10 18:16 - 00898048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-11 10:01 - 2016-01-10 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgbkend.dll
2016-02-11 10:01 - 2016-01-10 18:12 - 00532480 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-11 10:01 - 2016-01-10 18:09 - 01442304 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-11 10:01 - 2016-01-10 18:09 - 00324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2016-02-11 10:01 - 2016-01-10 18:02 - 00987648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-11 10:01 - 2016-01-10 17:58 - 00166400 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-11 10:01 - 2016-01-10 17:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2016-02-11 10:01 - 2016-01-10 17:51 - 03707392 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-11 10:01 - 2016-01-10 17:51 - 00702976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2016-02-11 10:01 - 2016-01-10 17:49 - 00443392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2016-02-11 10:01 - 2016-01-10 17:43 - 00801792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2016-02-11 10:01 - 2016-01-10 17:40 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mtxoci.dll
2016-02-11 10:01 - 2016-01-10 17:39 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-11 10:01 - 2016-01-10 17:38 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-11 10:01 - 2016-01-10 17:36 - 00409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2016-02-11 10:01 - 2016-01-10 17:36 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-11 10:01 - 2016-01-10 17:35 - 02243584 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-11 10:01 - 2016-01-10 17:35 - 00897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-11 10:01 - 2016-01-10 17:29 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-11 10:01 - 2016-01-10 17:29 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-11 10:01 - 2016-01-10 17:27 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-11 10:01 - 2016-01-10 17:26 - 00726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-11 10:01 - 2016-01-07 19:34 - 04175872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-11 10:01 - 2016-01-06 19:25 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-11 10:01 - 2015-12-29 16:45 - 07783936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-02-11 10:01 - 2015-12-29 16:45 - 07075328 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2016-02-11 10:01 - 2015-12-29 16:43 - 05267968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2016-02-11 10:01 - 2015-12-29 16:42 - 05264384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-02-11 10:01 - 2015-12-28 22:42 - 00713216 _____ (Microsoft Corporation) C:\Windows\system32\WinSync.dll
2016-02-11 10:01 - 2015-12-28 21:31 - 00578048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSync.dll
2016-02-11 10:01 - 2015-12-17 19:29 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-11 10:01 - 2015-12-17 17:17 - 03547648 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-08 17:59 - 2016-02-08 17:59 - 00000000 ____D C:\Program Files\VB
2016-02-08 17:59 - 2013-07-11 07:57 - 00041192 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\vbaudio_cable64_win7.sys
2016-02-03 07:57 - 2016-02-03 07:57 - 00000000 ____D C:\Users\Papa\AppData\Roaming\OpenOffice
2016-02-02 12:00 - 2016-02-02 12:00 - 02945801 _____ C:\Users\Papa\Desktop\Star_C_Br2_Avant_C_Br3.pdf
2016-02-02 11:20 - 2016-02-02 11:20 - 00006144 ___SH C:\Users\Papa\Desktop\Thumbs.db
2016-02-02 10:54 - 2016-02-02 10:54 - 00741839 _____ C:\Users\Papa\Desktop\Scan.pdf
2016-02-02 00:09 - 2016-02-02 00:10 - 238347814 _____ C:\Users\German\Documents\Orca Kaput.MP4
2016-02-02 00:09 - 2016-02-02 00:09 - 00000580 _____ C:\Users\German\Documents\Orca KaputM01.xml
2016-02-01 19:25 - 2016-02-01 19:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-02-01 12:17 - 2016-02-02 10:53 - 00000000 ____D C:\Users\Papa\AppData\Local\HP
2016-01-31 20:40 - 2016-01-31 20:50 - 423791802 _____ C:\Users\German\Documents\YouTube-0964d7cfa0f7407cae02543a4af0ff93.mp4
2016-01-31 20:14 - 2016-01-31 20:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\H.264 Encoder
2016-01-31 20:14 - 2016-01-31 20:14 - 00000000 ____D C:\Program Files (x86)\H.264 Encoder
2016-01-31 20:09 - 2016-01-31 20:18 - 868391142 _____ C:\Users\German\Documents\DeutschFilmBP.MP4
2016-01-31 19:53 - 2016-01-31 20:02 - 982700592 _____ C:\Users\German\Documents\DeutschFilmBP.mxf
2016-01-31 19:52 - 2016-01-31 19:52 - 00107216 _____ C:\Users\German\Documents\DeutschFilmBP.veg
2016-01-31 18:23 - 2016-01-31 18:32 - 1212161960 _____ C:\Users\German\Documents\Deutsch Film.MP4
2016-01-31 17:54 - 2016-01-31 17:54 - 00130412 _____ C:\Users\German\Desktop\WhatsApp Web.html
2016-01-31 17:54 - 2016-01-31 17:54 - 00000000 ____D C:\Users\German\Desktop\WhatsApp Web_files
2016-01-31 16:54 - 2016-01-31 16:54 - 02839085 _____ C:\Users\German\Downloads\wasted template chroma keyer 2.mp4
2016-01-31 15:24 - 2016-01-31 15:24 - 00253996 _____ C:\Users\German\Downloads\Ding.wav
2016-01-31 11:51 - 2016-01-31 11:51 - 00003704 _____ C:\Windows\System32\Tasks\Java Update Scheduler
2016-01-31 11:51 - 2016-01-31 11:51 - 00003676 _____ C:\Windows\System32\Tasks\HP-Online-Aktualisierungsprogramm
2016-01-31 10:40 - 2016-01-31 10:40 - 00000000 ____D C:\Users\Papa\AppData\Roaming\TuneUp Software
2016-01-31 10:40 - 2016-01-31 10:40 - 00000000 ____D C:\Users\Papa\AppData\Local\TuneUp Software

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-03-01 14:41 - 2015-12-02 07:34 - 00000000 ____D C:\Users\German\AppData\Roaming\NetSpeedMonitor
2016-03-01 14:36 - 2015-10-15 14:57 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4250030646-1501493049-109087217-1002
2016-03-01 14:32 - 2015-10-16 23:40 - 00000000 ____D C:\Users\German\AppData\Local\Adobe
2016-03-01 14:32 - 2015-10-15 14:57 - 00003930 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{7B856562-478F-4AFD-8FA6-E60951A31F09}
2016-03-01 14:31 - 2016-01-30 10:20 - 00000000 ____D C:\Program Files (x86)\HP
2016-03-01 14:31 - 2014-11-21 04:35 - 01780340 _____ C:\Windows\system32\PerfStringBackup.INI
2016-03-01 14:31 - 2014-11-21 03:45 - 00765378 _____ C:\Windows\system32\perfh007.dat
2016-03-01 14:31 - 2014-11-21 03:45 - 00159696 _____ C:\Windows\system32\perfc007.dat
2016-03-01 14:31 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf
2016-03-01 14:26 - 2015-10-27 06:52 - 00000000 ____D C:\Users\German\AppData\Local\Purplizer
2016-03-01 14:25 - 2015-10-26 17:43 - 00000464 _____ C:\Windows\Tasks\Nero TuneItUp PRO (Tray).job
2016-03-01 14:25 - 2015-10-17 20:57 - 00000000 ____D C:\Users\German\AppData\Local\Overwolf
2016-03-01 14:25 - 2015-10-16 14:16 - 00000000 ___RD C:\Users\German\iCloudDrive
2016-03-01 14:25 - 2015-10-15 15:30 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-03-01 14:25 - 2015-10-15 14:54 - 00000000 ___RD C:\Users\German\OneDrive
2016-03-01 14:25 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-03-01 10:47 - 2015-10-26 13:10 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-03-01 10:45 - 2015-10-15 15:30 - 00001134 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-03-01 08:42 - 2015-10-30 10:55 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4250030646-1501493049-109087217-1005
2016-03-01 08:42 - 2015-10-30 10:51 - 00000000 ___RD C:\Users\Papa\OneDrive
2016-03-01 08:16 - 2015-12-09 14:54 - 00003922 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9275927A-58A3-40C5-8624-534B2628CDF7}
2016-03-01 08:12 - 2015-10-30 10:51 - 00000000 ____D C:\Users\Papa\AppData\Local\NVIDIA Corporation
2016-02-29 20:02 - 2016-01-21 19:00 - 00001125 _____ C:\Users\German\Desktop\nativelog.txt
2016-02-29 19:54 - 2015-10-15 17:07 - 00000000 ____D C:\Users\German\AppData\Roaming\.minecraft
2016-02-29 19:41 - 2013-08-22 15:45 - 00000000 ____D C:\Windows\Setup
2016-02-29 19:40 - 2016-01-13 18:41 - 00000417 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dying Light.lnk
2016-02-29 19:40 - 2016-01-03 21:38 - 00003065 _____ C:\Users\German\Desktop\BrokenBot.lnk
2016-02-29 19:40 - 2015-12-12 13:57 - 00001391 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2016-02-29 19:40 - 2015-11-12 22:37 - 00001387 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-02-29 19:40 - 2015-10-26 08:04 - 00001759 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-02-29 19:40 - 2015-10-17 15:47 - 00000967 _____ C:\Users\Public\Desktop\Minecraft.lnk
2016-02-29 19:40 - 2015-10-16 23:53 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-02-29 19:40 - 2015-10-16 23:43 - 00001229 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-02-29 19:40 - 2015-10-16 22:33 - 00001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-02-29 19:40 - 2015-10-16 21:37 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-02-29 19:40 - 2015-10-16 10:37 - 00001019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2016-02-29 19:40 - 2015-10-15 16:13 - 00002523 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2016-02-29 19:40 - 2015-10-15 15:30 - 00002212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-29 19:40 - 2015-10-15 15:30 - 00002189 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-29 19:40 - 2015-10-15 14:52 - 00001450 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-29 19:40 - 2015-10-15 14:51 - 00000469 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2016-02-29 19:40 - 2015-10-15 14:51 - 00000467 _____ C:\Users\German\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2016-02-29 19:40 - 2013-08-22 14:25 - 00524288 ___SH C:\Windows\system32\config\BBI
2016-02-29 19:33 - 2015-10-15 14:52 - 00000000 ____D C:\Users\German\AppData\Local\NVIDIA
2016-02-29 19:15 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-02-29 19:15 - 2015-10-14 09:05 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-02-29 18:48 - 2013-08-22 14:25 - 00000194 _____ C:\Windows\win.ini
2016-02-29 18:43 - 2015-10-17 00:14 - 00000000 ____D C:\Users\German\AppData\Local\CrashDumps
2016-02-29 18:41 - 2015-10-13 18:07 - 00000000 ____D C:\Users\admin
2016-02-29 18:39 - 2016-01-30 23:08 - 00000000 ____D C:\Users\German\Desktop\BukkitPlugin
2016-02-29 15:18 - 2015-10-15 16:33 - 00000000 ____D C:\Users\German\AppData\Roaming\Skype
2016-02-29 15:17 - 2016-01-30 19:13 - 00000000 ____D C:\Users\German\AppData\Roaming\Dexpot
2016-02-29 15:16 - 2015-10-15 16:24 - 00000000 ____D C:\Program Files (x86)\Steam
2016-02-29 15:16 - 2015-10-15 16:06 - 00000000 ____D C:\ProgramData\Origin
2016-02-29 14:21 - 2015-10-30 10:48 - 00000000 ____D C:\Users\Papa
2016-02-28 10:35 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\boost_interprocess
2016-02-28 10:33 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\NVIDIA
2016-02-27 22:09 - 2015-10-15 16:27 - 00000000 ____D C:\Users\German\AppData\Roaming\TS3Client
2016-02-27 20:48 - 2015-10-28 00:46 - 00000000 ____D C:\Users\German\AppData\Local\Arma 3
2016-02-27 20:12 - 2015-10-15 17:51 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2016-02-27 18:51 - 2013-08-22 16:20 - 00000000 ____D C:\Windows\CbsTemp
2016-02-27 18:50 - 2015-10-15 14:51 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2016-02-27 18:50 - 2015-10-15 14:51 - 00000000 ___SD C:\Windows\system32\GWX
2016-02-27 15:46 - 2015-10-15 17:51 - 00226168 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2016-02-27 15:44 - 2015-10-16 12:57 - 01355264 ___SH C:\Users\German\Desktop\Thumbs.db
2016-02-26 22:25 - 2015-10-16 10:37 - 00000000 ____D C:\Users\German\AppData\Roaming\Audacity
2016-02-26 17:55 - 2015-10-17 15:47 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-02-25 20:10 - 2015-10-26 08:22 - 00000080 _____ C:\Users\German\AppData\Local剜捯獫慴⁲慇敭屳呇⁁屖湥楴汴浥湥⹴湩潦
2016-02-25 19:35 - 2015-10-16 22:33 - 00003866 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1445031224
2016-02-25 19:35 - 2015-10-16 22:33 - 00000000 ____D C:\Program Files (x86)\Opera
2016-02-24 18:06 - 2015-10-30 16:47 - 00523776 ___SH C:\Users\German\Downloads\Thumbs.db
2016-02-22 13:43 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF
2016-02-19 22:04 - 2015-10-16 23:42 - 00000000 ____D C:\ProgramData\Adobe
2016-02-19 22:04 - 2015-10-16 23:42 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-19 22:03 - 2015-10-15 14:52 - 00000000 ____D C:\Users\German\AppData\Roaming\Adobe
2016-02-19 21:59 - 2015-11-19 16:21 - 00000000 ____D C:\Users\German\AppData\Roaming\vlc
2016-02-19 15:08 - 2016-01-19 15:17 - 00000000 ____D C:\Users\German\Downloads\[www.OldSchoolHack.me]_FORAPT2.0_packed
2016-02-19 10:39 - 2015-10-14 09:05 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-02-18 20:01 - 2015-10-16 21:37 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-02-18 15:32 - 2015-11-09 21:56 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-02-18 13:27 - 2015-10-26 19:48 - 00000000 ____D C:\Users\German\.ssh
2016-02-18 12:00 - 2015-10-28 00:45 - 00000000 ____D C:\Users\German\AppData\Local\Arma 3 Launcher
2016-02-18 11:51 - 2015-10-28 00:46 - 00000000 ____D C:\Users\German\Documents\Arma 3
2016-02-18 11:35 - 2015-12-14 21:10 - 00000000 ____D C:\Users\German\AppData\Local\fabi.me
2016-02-18 11:32 - 2015-10-17 20:57 - 00000000 ____D C:\Program Files (x86)\Overwolf
2016-02-18 10:36 - 2015-10-15 15:43 - 00146704 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-02-17 07:40 - 2015-11-19 20:39 - 00112216 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01903344 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01756424 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01571624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-02-17 07:40 - 2015-10-14 09:06 - 01316184 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-02-15 10:24 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache
2016-02-13 16:02 - 2015-10-14 09:04 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-02-13 09:17 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\AppReadiness
2016-02-11 11:43 - 2013-08-22 15:44 - 00368832 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-11 11:09 - 2013-08-22 16:36 - 00000000 ___RD C:\Windows\ToastData
2016-02-11 10:39 - 2015-10-17 01:41 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-11 10:39 - 2015-10-17 01:39 - 00000000 ____D C:\Windows\system32\MRT
2016-02-11 10:39 - 2014-11-21 04:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-11 10:36 - 2015-10-17 01:39 - 146614896 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-11 10:01 - 2015-11-11 15:22 - 00561952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-02-11 10:01 - 2015-11-11 15:22 - 00177496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-11 10:00 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-02-10 19:38 - 2016-01-30 23:10 - 00000000 ____D C:\Users\German\.eclipse
2016-02-10 19:18 - 2016-01-30 23:13 - 00000000 ____D C:\Users\German\AppData\Local\Eclipse
2016-02-10 19:18 - 2016-01-30 23:10 - 00000000 ____D C:\Users\German\.p2
2016-02-10 14:47 - 2015-10-26 13:10 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-09 09:39 - 2015-11-12 22:43 - 16995576 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2016-02-09 09:39 - 2015-11-12 22:43 - 00950328 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-02-09 09:39 - 2015-11-12 22:43 - 00502080 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-02-09 09:39 - 2015-10-15 15:34 - 14016576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2016-02-09 09:39 - 2015-10-15 15:34 - 03259688 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 18758400 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 16327896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 03684072 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 01571776 _____ (NVIDIA Corporation) C:\Windows\system32\nvmcvadgenco64.dll
2016-02-09 09:39 - 2015-10-14 09:05 - 00034905 _____ C:\Windows\system32\nvinfo.pb
2016-02-09 06:41 - 2015-10-14 09:05 - 06368824 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 02993720 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 02563128 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 01264696 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2016-02-09 06:41 - 2015-10-14 09:05 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-02-09 06:41 - 2015-10-14 09:05 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-02-08 11:29 - 2016-01-30 10:23 - 00000000 ____D C:\Users\German\AppData\Roaming\HpUpdate
2016-02-06 02:49 - 2015-10-14 09:05 - 06154909 _____ C:\Windows\system32\nvcoproc.bin
2016-02-05 20:57 - 2015-10-26 07:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TP-LINK
2016-02-05 20:57 - 2015-10-26 07:55 - 00000000 ____D C:\Program Files (x86)\TP-LINK
2016-02-05 20:57 - 2015-10-14 07:56 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-05 14:09 - 2016-01-06 17:03 - 00000000 __SHD C:\Windows\SysWOW64\AI_RecycleBin
2016-02-04 17:48 - 2015-12-01 21:33 - 00000000 ____D C:\Users\German\AppData\Roaming\Bitcoin
2016-02-02 15:40 - 2015-10-15 15:30 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-02 15:40 - 2015-10-15 15:30 - 00003870 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-02 14:40 - 2015-10-15 16:06 - 00000000 ____D C:\Program Files (x86)\Origin
2016-02-02 03:37 - 2014-11-21 12:01 - 00828920 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-02 03:37 - 2014-11-21 12:01 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-02 00:10 - 2015-12-03 18:01 - 00100352 ___SH C:\Users\German\Documents\Thumbs.db
2016-02-01 19:25 - 2015-10-15 16:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-02-01 19:25 - 2015-10-15 16:33 - 00000000 ____D C:\Users\German\AppData\Local\Skype
2016-02-01 19:25 - 2015-10-15 16:33 - 00000000 ____D C:\ProgramData\Skype
2016-01-31 20:30 - 2015-10-15 16:15 - 00000000 ____D C:\Users\German\AppData\Local\Apple Computer
2016-01-31 19:52 - 2016-01-30 23:04 - 00107216 _____ C:\Users\German\Documents\Deutsch Film.veg
2016-01-31 19:00 - 2015-10-16 23:36 - 00000000 ____D C:\Users\German\AppData\Roaming\Publish Providers
2016-01-31 18:42 - 2016-01-30 23:04 - 00107312 _____ C:\Users\German\Documents\Deutsch Film.veg.bak
2016-01-31 17:44 - 2016-01-30 17:34 - 00000000 ____D C:\Users\German\Desktop\Deutsch
2016-01-31 10:40 - 2015-10-30 10:56 - 00000000 ____D C:\Users\Papa\.oracle_jre_usage

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-01-16 18:08 - 2016-01-16 18:08 - 0001655 _____ () C:\Users\German\AppData\Roaming\SvcTraceViewer.exe.settings
2015-10-17 07:16 - 2015-10-17 23:09 - 0000087 _____ () C:\Users\German\AppData\Local\BrokenBot.org.ini
2015-10-17 17:42 - 2015-12-14 18:11 - 0000600 _____ () C:\Users\German\AppData\Local\PUTTY.RND
2015-10-14 07:57 - 2015-10-14 07:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-11-29 16:42 - 2015-11-29 16:42 - 0010255 _____ () C:\ProgramData\regid.2011-06.com.youtubebyclick_3C521B99-9ACE-47EA-AC9F-26075467D03B.swidtag

Einige Dateien in TEMP:
====================
C:\Users\admin\AppData\Local\Temp\avgnt.exe
C:\Users\German\AppData\Local\Temp\185ff11bc1bc45f0b3adf866101289c6.exe
C:\Users\German\AppData\Local\Temp\43a5ef3.exe
C:\Users\German\AppData\Local\Temp\4a6c27b8c86440dfb3a4450952eb6209.exe
C:\Users\German\AppData\Local\Temp\avgnt.exe
C:\Users\German\AppData\Local\Temp\Bass.dll
C:\Users\German\AppData\Local\Temp\Bass.Net.dll
C:\Users\German\AppData\Local\Temp\c2768aa736f041e9a3d374d9ea0efa74.exe
C:\Users\German\AppData\Local\Temp\cpuz165.exe
C:\Users\German\AppData\Local\Temp\d9f94363b99741998ca3f265740fe17f.exe
C:\Users\German\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\German\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\German\AppData\Local\Temp\jansi-64-2477795994535661137.dll
C:\Users\German\AppData\Local\Temp\jansi-64-5142327881927093400.dll
C:\Users\German\AppData\Local\Temp\jansi-64-git-Bukkit-930a59c-1816995455672836149.dll
C:\Users\German\AppData\Local\Temp\jansi-64-git-Bukkit-930a59c-877272298836347272.dll
C:\Users\German\AppData\Local\Temp\NetBalancerSetup.exe
C:\Users\German\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\German\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\German\AppData\Local\Temp\nvStInst.exe
C:\Users\German\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\German\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\German\AppData\Local\Temp\sonarinst.exe
C:\Users\German\AppData\Local\Temp\sqlite3.dll
C:\Users\German\AppData\Local\Temp\Updater.exe
C:\Users\German\AppData\Local\Temp\WDFx7DdLYY.exe
C:\Users\Papa\AppData\Local\Temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-02-20 15:15

==================== Ende von FRST.txt ============================
[/Spoiler]

ADDITION.txt (Angehängt da zu lang)
Ich wäre suuper dankbar wenn mir jemand helfen kann :D :dankeschoen:

cosinus 01.03.2016 16:31
Hi und :hallo:

Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Tritron 02.03.2016 08:07
Alles klar! Ich werds nächstes mal beachten. Wenn ich mit Malwarebytes Anti Malware scanne findet der immer irgendwas mir C// hosts oder so und es werden immer hijacked hosts gefunden. Sobald ich sie lösche und erneut scanne findet er sie wieder

cosinus 02.03.2016 09:22
Die Logs von malwarebytes sind zu posten, ich will keine Nacherzählung.

Außerdem hilft mir das Log im Anhang nicht weiter, deswegen wurde extra ein Hinweise zu CODE-Tags und eine Bitte darüber gepostet, die Logs NICHT in Anhängen zu posten.

Tritron 02.03.2016 14:14
ADDITION LOG:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:27-02-2016
durchgeführt von German (2016-03-01 14:42:33)
Gestartet von C:\Users\German\Downloads
Windows 8.1 (X64) (2015-10-15 13:51:59)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

admin (S-1-5-21-4250030646-1501493049-109087217-1001 - Administrator - Enabled) => C:\Users\admin
Administrator (S-1-5-21-4250030646-1501493049-109087217-500 - Administrator - Disabled)
Gast (S-1-5-21-4250030646-1501493049-109087217-501 - Limited - Disabled)
German (S-1-5-21-4250030646-1501493049-109087217-1002 - Administrator - Enabled) => C:\Users\German
HomeGroupUser$ (S-1-5-21-4250030646-1501493049-109087217-1004 - Limited - Enabled)
Neu (S-1-5-21-4250030646-1501493049-109087217-1005 - Limited - Enabled) => C:\Users\Neu

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

µTorrent (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
µTorrent (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\uTorrent) (Version: 3.4.5.41372 - BitTorrent Inc.)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{588B7DD2-3480-4A89-A8F6-C6781CBFAD56}) (Version: 1.5 - Eyeo GmbH)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 20.0.0.260 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.3.0.151 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.0 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{649A1FD9-5892-46AD-8DF0-C4A43FF61CB7}) (Version: 4.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{0DE0A178-AC7B-4650-806C-CF226DE03766}) (Version: 4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{3540181E-340A-4E7A-B409-31663472B2F7}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Application Verifier x64 External Package (Version: 8.59.29722 - Microsoft) Hidden
Arma 3 (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.7.2.45672 - Electronic Arts)
Battlefield 4™ CTE (HKLM-x32\...\{551A08D1-B60E-4DED-9B67-C3B38258CCA3}) (Version: 1.0.2.45844 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitMinter Client (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\BitMinter Client) (Version:  - BitMinter.com)
BitMinter Client (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\BitMinter Client) (Version:  - BitMinter.com)
BlueStacks App Player (HKLM-x32\...\{D7E3588F-25E6-4A93-8B1C-596F7951CA38}) (Version: 0.10.7.5601 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BrokenBot (HKLM-x32\...\{B6E071D3-0D90-48F6-BC21-B3B4D2C5328E}) (Version: 3.9.12 - BrokenBot.org)
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - Treyarch)
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version:  - Treyarch)
Dexpot (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\Dexpot) (Version: 1.6.14 - Dexpot GbR)
Dexpot (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dexpot) (Version: 1.6.14 - Dexpot GbR)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FileZilla Client 3.14.1 (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
FileZilla Client 3.14.1 (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse)
Flixster (HKLM-x32\...\com.wb.DC2) (Version: 2.2.5 - Flixster)
Flixster (x32 Version: 2.2.5 - Flixster) Hidden
FlyVPN (HKLM-x32\...\FlyVPN) (Version: 3.3.0.7 - FlyVPN)
Garmin BaseCamp (HKLM-x32\...\{23A4DBD1-D847-4957-995D-8B1CC527E2E2}) (Version: 4.6.2.0 - Garmin Ltd or its subsidiaries)
GermanLetsPlay - Soundboard (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\GermanLetsPlay - Soundboard) (Version:  - )
GermanLetsPlay - Soundboard (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\GermanLetsPlay - Soundboard) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 48.0.2564.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.5 - Google Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Hotspot Shield 5.0.4 (HKLM-x32\...\HotspotShield) (Version: 5.0.4 - AnchorFree Inc.)
HP Color LaserJet Pro MFP M277 (HKLM-x32\...\{7ac49734-541c-48e7-99be-02f41e43e79d}) (Version: 14.0.14309.409 - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPCLJProM277 (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
HPDXP (x32 Version: 3.0.26.32 - HP) Hidden
HPLJUTCore (x32 Version: 014.000.0001 - HP) Hidden
HPLJUTM277 (x32 Version: 014.000.0001 - HP) Hidden
hppLaserJetService (x32 Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM277LaserJetService (x32 Version: 001.034.00686 - Hewlett-Packard) Hidden
HPScanPlugin (HKLM-x32\...\{0D118BA9-4706-49DE-8E2F-1A12317EDBF6}) (Version: 28.11.0.0 - Hewlett-Packard Co.)
hpStatusAlerts (x32 Version: 140.040.00231 - Hewlett Packard) Hidden
hpStatusAlertsM277 (x32 Version: 140.046.00129 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{B33C558F-772F-4308-A059-390FBF9BAAAE}) (Version: 5.0.2.61 - Apple Inc.)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.1.0.1058 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden
iTunes (HKLM\...\{E690A491-702F-4DEC-9977-C015D1DBB57C}) (Version: 12.3.1.23 - Apple Inc.)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418071F0}) (Version: 8.0.710.15 - Oracle Corporation)
Java SE Development Kit 8 Update 71 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180710}) (Version: 8.0.710.15 - Oracle Corporation)
Kits Configuration Installer (x32 Version: 8.59.25584 - Microsoft) Hidden
LJDXPHelperUI (x32 Version: 140.069.007 - HP) Hidden
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Gaming Software 8.74 (HKLM\...\Logitech Gaming Software) (Version: 8.74.80 - Logitech Inc.)
MacroX 3.1 (HKLM-x32\...\MacroX) (Version: 3.1 - Uhrzeit.org)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2 - Mozilla)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.6 - Notepad++ Team)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 361.91 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.10.2.40 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.10.2.40 - NVIDIA Corporation)
NVIDIA Grafiktreiber 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 361.91 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA Miracast Virtueller Ton 361.91 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 361.91 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.2 (HKLM-x32\...\{F5CAB1AF-7B1A-4CEC-B829-A3F699473AE1}) (Version: 4.12.9782 - Apache Software Foundation)
Opera Stable 35.0.2066.82 (HKLM-x32\...\Opera 35.0.2066.82) (Version: 35.0.2066.82 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.92.21.0 - Overwolf Ltd.)
ParetoLogic PC Health Advisor (HKLM-x32\...\{3CBF3EBB-235D-4c29-A68B-2BB1F428586E}) (Version: 3.1.7.0 - ParetoLogic, Inc.)
Preset Manager 2.0 (HKLM-x32\...\{FCFE3F81-C977-4D31-877B-2778BB2A02DE}) (Version: 2.0.114 - Sony)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RarZilla Free Unrar (HKLM-x32\...\RarZilla Free Unrar) (Version: 6.50 - Philipp Winterberg)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.7.2 - Rockstar Games)
SDK Debuggers (x32 Version: 8.59.29746 - Microsoft Corporation) Hidden
SHIELD Streaming (Version: 5.1.0270 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.10.2.40 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.18 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.18.109 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
TeamSpeak 3 Client (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
Unity Web Player (HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 14.0 - Ubisoft)
VBCABLE, The Virtual Audio Cable (HKLM\...\VB:VBCABLE {87459874-1236-4469}) (Version:  - VB-Audio Software)
Vegas Pro 13.0 (64-bit) (HKLM\...\{1F8D8040-0BC8-11E5-85C5-F04DA23A5C58}) (Version: 13.0.453 - Sony)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Software Development Kit (HKLM-x32\...\{363a2c1e-637f-45ce-933b-5a5463efd945}) (Version: 8.59.29750 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WPT Redistributables (x32 Version: 8.59.29750 - Microsoft) Hidden
WPTx64 (x32 Version: 8.59.29722 - Microsoft) Hidden
YouTubeByClick (HKLM-x32\...\{85F5CD36-949C-429D-98C9-292EDD8F4AE0}) (Version: 2.2.23 - YouTubeByClick.com)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-4250030646-1501493049-109087217-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2802DE00-7B49-4E0D-82EC-97B855B1DFEF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {2EDE906B-F110-41BD-BB0B-1D8A6C30DBDB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {355E2225-FCAA-4B8D-AFF7-AB2310984B8A} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {42F7FDB7-FEE2-4A17-8991-6FB302F579B4} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2016-02-11] (Microsoft Corporation)
Task: {4507A134-70B3-4A74-B892-3A6E496C19FA} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-12-22] (Oracle Corporation)
Task: {478DE075-7EF2-470F-88B1-552797F39E81} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-hendryk.linn@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-09-04] (Adobe Systems Incorporated)
Task: {4F1DE2AA-2DA4-405B-9FFE-4E19C7923269} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-02-10] (Adobe Systems Incorporated)
Task: {5F0979BF-0000-407B-91C3-4A1CBD97A9A5} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe
Task: {61FB8605-FA78-47C4-B09B-9B8ABDD64633} - System32\Tasks\EXPERTool => C:\Program Files (x86)\EXPERTool\TBPanel.exe [2015-05-29] (Gainward Co. Ltd.)
Task: {638BB2CB-4C49-4E4B-A329-D15B0726EFA1} - System32\Tasks\Nero TuneItUp PRO (Tray) => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
Task: {76B1465C-90F8-40C8-9057-F87EB1B10B18} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2016-02-11] (Overwolf LTD)
Task: {77BBCB45-C9AA-4F1A-987A-3F60601C32B3} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe
Task: {927558EE-1B9E-4C91-A3FA-4C61BC645819} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30] (Hewlett-Packard)
Task: {9FDE2EAD-D260-4278-B8C6-ACB6000A5BEE} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {AA0C5A45-C293-4786-935E-084F1285EB05} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {B3BAE35D-DE69-4929-8203-59099E9BA9BB} - System32\Tasks\Opera scheduled Autoupdate 1445031224 => C:\Program Files (x86)\Opera\launcher.exe [2016-02-22] (Opera Software)
Task: {B5D7AAA2-670F-4FFE-ADD5-0C01DC0BCFD6} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe
Task: {B931C24B-5754-4934-AB8A-7956AFE2F58F} - System32\Tasks\Remediation\AntimalwareMigrationTask => C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe [2015-07-27] (Symantec Corporation)
Task: {BFCC604E-B574-4385-BCDC-1BB323C1EE74} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.)
Task: {D3F8F305-4BFB-46D2-9A6B-FD2AD43357B4} - System32\Tasks\Aviel => C:\PROGRA~1\SHOPPE~1\Ojofmakg.bat
Task: {EBD8C1CB-0D6E-4BDB-BA64-994DAFF1E654} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {F23F5BD6-8CD4-49DB-996C-FF1DEB517DDB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-15] (Google Inc.)
Task: {F8300195-7B3E-45F7-9FC3-6BB89732239D} - System32\Tasks\Nero TuneItUp PRO => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\tuneitup.exe

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Nero TuneItUp PRO (Tray).job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\ServiceProvider.exe
Task: C:\Windows\Tasks\Nero TuneItUp PRO.job => C:\Program Files (x86)\Nero AG\Nero\Nero TuneItUp\tuneitup.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-14 09:05 - 2016-02-09 06:41 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00085800 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 01328912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-14 07:55 - 2014-01-28 04:16 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2016-02-29 19:32 - 2016-02-17 07:56 - 01416064 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2015-12-18 21:53 - 2016-02-17 07:56 - 00299392 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-02-29 19:32 - 2016-02-17 07:56 - 03613056 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2015-10-15 18:11 - 2016-01-18 21:46 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2015-09-11 18:02 - 2015-09-11 18:02 - 00803488 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\Users\German\AppData\Local\MEGAsync\ShellExtX64.dll
2015-10-14 09:06 - 2016-02-17 08:01 - 00717184 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\gamecaster64.dll
2015-10-14 09:06 - 2016-02-17 08:02 - 00862592 _____ () C:\Program Files\NVIDIA Corporation\ShadowPlay\twitchsdk64.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2015-09-19 22:20 - 2015-09-19 22:20 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2015-09-19 22:20 - 2015-09-19 22:20 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2016-02-29 19:13 - 2016-02-29 19:13 - 01518592 _____ () C:\Users\German\Downloads\adwcleaner_5.037.exe
2015-10-17 00:12 - 2015-10-17 00:12 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\ErrorReporting.dll
2015-10-14 07:55 - 2016-03-01 14:25 - 00035472 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2015-10-14 07:55 - 2014-01-28 04:16 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2015-11-13 00:25 - 2015-11-13 00:25 - 00261328 _____ () C:\Program Files (x86)\Hotspot Shield\bin\CrashRpt1403.dll
2015-11-06 20:44 - 2015-11-06 20:44 - 00280143 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files (x86)\Hotspot Shield\bin\libssl32.dll
2015-12-12 13:57 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2015-12-12 13:57 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2015-12-12 13:57 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2015-12-12 13:57 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2015-12-12 13:57 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-10-14 09:05 - 2016-02-17 08:02 - 00020352 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-09-23 15:47 - 2015-09-23 15:47 - 00073512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 05:45 - 2015-10-13 05:45 - 00237328 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-10-13 05:46 - 2015-10-13 05:46 - 01040144 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 45069312 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\libcef.DLL
2016-02-11 14:41 - 2016-02-11 14:41 - 01274655 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\libxml2-2.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00028160 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\libssp-0.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00100352 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\zlib1.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00373657 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\plugins\libmsn.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00021337 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\plugins\libxmpp.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00415553 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\libjabber.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00190464 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\libsasl.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00022832 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\plugins\libyahoo.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00228908 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\libymsg.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00027811 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\plugins\ssl-nss.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00012004 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\plugins\ssl.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00140288 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\sasl2\saslDIGESTMD5.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00102912 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\sasl2\saslPLAIN.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 00425984 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\Purplizer\sqlite3.dll
2014-04-29 15:23 - 2014-04-29 15:23 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-02-11 14:41 - 2016-02-11 14:41 - 16800960 _____ () C:\Program Files (x86)\Overwolf\0.92.21.0\PepperFlash\pepflashplayer32.dll
2016-02-19 21:45 - 2016-02-18 05:14 - 01630360 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libglesv2.dll
2016-02-19 21:45 - 2016-02-18 05:14 - 00085656 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\libegl.dll
2016-02-19 21:45 - 2016-02-18 05:15 - 16808600 _____ () C:\Program Files (x86)\Google\Chrome\Application\48.0.2564.116\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\123simsen.com -> www.123simsen.com

Da befinden sich 7760 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7760 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.

IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com

Da befinden sich 7865 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2016-02-29 19:19 - 00001444 ____N C:\Windows\system32\Drivers\etc\hosts

107.178.255.88 www.google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.google-analytics.com
107.178.255.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.248.130 static.doubleclick.net
107.178.247.130 connect.facebook.net
107.178.255.88 www.google-analytics.com
107.178.255.88 www.statcounter.com
107.178.255.88 statcounter.com
107.178.255.88 ssl.google-analytics.com
107.178.255.88 partner.googleadservices.com
107.178.255.88 google-analytics.com
107.178.248.130 static.doubleclick.net
107.178.247.130 connect.facebook.net

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4250030646-1501493049-109087217-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-4250030646-1501493049-109087217-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "BlueStacks Agent"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "HP Software Update"
HKLM\...\StartupApproved\Run32: => "QuickTime Task"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\StartupApproved\Run: => "Dexpot"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002\...\StartupApproved\Run: => "MurGee.com Auto Clicker"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Dexpot"
HKU\S-1-5-21-4250030646-1501493049-109087217-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "MurGee.com Auto Clicker"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{702DDEE6-6971-4BE0-B389-DED2F4E8C8CE}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{394379F7-B535-42D1-9131-62A3B2ED5A61}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [TCP Query User{8E1D0605-7967-4194-9BA4-2A7A57AB3FE8}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [UDP Query User{5FE01A01-A93B-4313-926F-DD8CD815E962}E:\easysetupassistant\easysetupassistant.exe] => (Allow) E:\easysetupassistant\easysetupassistant.exe
FirewallRules: [TCP Query User{75022AD5-2B89-49EA-86C7-2109A9C9F07F}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [UDP Query User{36677B92-60A8-457E-AE90-5512D12179C2}E:\easysetupassistant\tssh2.exe] => (Allow) E:\easysetupassistant\tssh2.exe
FirewallRules: [TCP Query User{F3317F01-4139-41B8-9BCC-9F5DF1A48708}C:\users\german\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\german\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{132C5560-FABC-4B5C-9730-F6A380361F64}C:\users\german\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\german\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{B1D044F6-E94D-4865-B6FB-9A4216FF3B67}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{00D4310B-99D1-4124-BECC-292F4FF64698}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{A13DAFF4-4079-4EAF-BD9B-8D3F282A43DF}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D14AF58D-0D9B-4317-BD0F-4B0A7BF6B4BC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{5AAF7F45-B8F6-493E-8150-E6FA8B4EF457}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{608FE098-354D-4F7C-84E5-2A4B80C98C55}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [TCP Query User{E694B968-06DE-4947-8A69-76977E6185A3}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{655E711F-54CF-48F0-A1F4-8BA75CA0853A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{B7E3EC0D-1290-477D-8CA2-D3CAC7FC1AB1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{3058CEFE-D425-4A81-92CB-892AB6344E0E}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{DD31B46D-4388-4695-8004-399E276FCC7F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{16103F8B-2A27-4D8D-9783-A56575031416}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{C070FF1D-31B6-4152-AEA4-3536380B662A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A9596C86-3261-43EA-B364-CDA0352305C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{448CFB7F-819C-429E-BEEA-80344CBF727F}] => (Allow) C:\Users\German\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{98C5C78D-F977-4509-9ECA-9588ED6B68C7}] => (Allow) C:\Users\German\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{D47075FA-06B0-46BB-B6DB-5FEC59991B69}] => (Allow) C:\Users\German\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2B8155EA-8922-49C6-826B-E53367F8D257}] => (Allow) C:\Users\German\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{06A18578-3365-4BE4-A46E-5696A1971A5F}] => (Allow) C:\Users\German\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{12BA71D8-D7F9-43E4-A710-045F65038789}] => (Allow) C:\Users\German\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{13A9C4D5-0C36-4888-85CA-E75D1DFE217A}] => (Allow) C:\Users\German\AppData\Local\Temp\7zSCD45.tmp\SymNRT.exe
FirewallRules: [{E6632141-5175-458E-AD8C-625F04F649EA}] => (Allow) C:\Users\German\AppData\Local\Temp\7zSCD45.tmp\SymNRT.exe
FirewallRules: [TCP Query User{75EEBA7D-A266-4736-B353-26AAFE356241}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{AD60202B-196B-4443-8D04-7712BA84524E}C:\program files (x86)\origin games\battlefield 4\bf4.exe] => (Allow) C:\program files (x86)\origin games\battlefield 4\bf4.exe
FirewallRules: [TCP Query User{4C0445B7-DD0F-41C1-A263-2B689DFDF590}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{F0DC24DD-51DA-4A44-942D-C8A56039287E}C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\program files (x86)\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{7E6114C2-EA1E-4FEA-A081-0C2952E73A65}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{29067CC5-EE62-4DCC-861D-1F77ABFFDF09}] => (Allow) G:\GTA5.exe
FirewallRules: [{96DB3B68-B1F0-44B6-8946-5925E750AF29}] => (Allow) G:\GTA5.exe
FirewallRules: [{FF78D3AB-6490-4981-B6E3-4397545B5D71}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{11385946-CE5E-4F51-AC01-F30045118E75}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{C7E0D62D-63B2-466A-AA86-7500A7875D68}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96097609-5FE2-49E1-960A-F69D471906FE}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{57CAFCEE-C4D4-4609-ABE0-32EEBA4BEB98}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{57843981-C9E1-4413-A64F-893517E4971E}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{20BCA228-F14E-48F5-8CE8-0CB219ADEEAF}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{D4F93D74-9CDE-4F46-B41F-7E3C4B5C03E7}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{09915EAA-EC09-413E-82E5-10A89853E83B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [{E57BE268-0D30-41B7-97CD-E83C70755FFC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Arma 3\arma3launcher.exe
FirewallRules: [TCP Query User{F36019AD-CA85-4A4F-9A29-39165FEC90FB}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{67C8D4AD-B3BC-4745-A7C9-9C5BF3F9C6C1}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{B9F2A170-02B2-4A91-8989-AC710DA18E4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DF44AFE7-F044-4512-BB35-230B12B7CABA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AF294401-B0D0-48E1-9E3F-2C4D80F95123}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{6C22EC4E-AEE7-430E-8C72-E0EDE65136DE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{019046E4-5BE1-4B98-AF4B-C84AF9411661}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{B94D9131-6CE2-4A86-887B-1559AF5ACA61}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2DA6C25A-BEA8-4311-987E-7F59C8BD1C72}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{30847531-0D0C-4003-AB9A-32AB9E5C5EE9}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [UDP Query User{58FF1231-21B8-472D-920A-901D02B11373}C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 3\arma3.exe
FirewallRules: [{B2928B68-6057-4DC1-B091-73F98D20B58E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{60F82F52-FB32-47F9-A0D0-E29EF3A89A20}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA562413-9457-4D57-B3F7-DB332BC7C239}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{AAB9184B-5802-4CF0-810A-62F42FCFCCEA}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{2C4695C5-3378-42B5-B4D0-AE9321180D48}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A207ED05-F3C9-42D7-8E81-53F60C592F14}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{13750FC7-5C5B-4F84-840D-95ED3527A358}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEWebHelper.exe
FirewallRules: [{439F4939-3861-48D6-AC31-B9D0940D74EF}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEWebHelper.exe
FirewallRules: [{4D98EB2D-453C-4E87-9850-A1E5C8318723}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEX86WebHelper.exe
FirewallRules: [{94472F93-A2B6-44C8-AC7C-FFF3446DEEE3}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEX86WebHelper.exe
FirewallRules: [{3D5D4F7E-7252-4656-BA67-82125B91A49E}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{F7F052D3-B644-468C-9CD8-8BAD665324F7}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6sp.exe
FirewallRules: [{3DC62F37-8288-4791-B456-24E2443B2F17}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{DEC07069-E922-444E-8929-56512F5CF7F0}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6zm.exe
FirewallRules: [{5AD2B35C-E749-4B91-836E-407DECEE2820}] => (Allow) G:\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{73124D73-A94E-4C0D-94D9-7371A2BC82CC}] => (Allow) G:\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssault.exe
FirewallRules: [{54F8E10C-4C62-4BCA-A617-811D643B55DB}] => (Allow) G:\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{B5E7D136-CAC5-46DC-B230-90DB3EE7E094}] => (Allow) G:\SteamLibrary\steamapps\common\ARMA Cold War Assault\ColdWarAssaultPreferences.exe
FirewallRules: [{7604FA0F-B77B-4495-BD3B-45B13CAB52BE}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [{A46A6E3C-D3D4-4D6B-9CCA-0E3FBDB5DAF1}] => (Allow) G:\SteamLibrary\steamapps\common\Call of Duty Black Ops II\t6mp.exe
FirewallRules: [TCP Query User{56FFA173-D419-46FA-AE22-F21FFD717D9F}G:\battlefield\battlefield 4 cte\bf4cte.exe] => (Block) G:\battlefield\battlefield 4 cte\bf4cte.exe
FirewallRules: [UDP Query User{66A37408-D87A-4567-AD7F-268144987707}G:\battlefield\battlefield 4 cte\bf4cte.exe] => (Block) G:\battlefield\battlefield 4 cte\bf4cte.exe
FirewallRules: [TCP Query User{713E020D-F22E-40BE-A6E2-16F5B56D3F10}C:\program files\litecoin\litecoin-qt.exe] => (Allow) C:\program files\litecoin\litecoin-qt.exe
FirewallRules: [UDP Query User{B617BFA3-7AEB-457A-A34F-F6F4403B726F}C:\program files\litecoin\litecoin-qt.exe] => (Allow) C:\program files\litecoin\litecoin-qt.exe
FirewallRules: [TCP Query User{4BFF35A9-9EFB-4754-95DC-D57F00615C2A}C:\miners\bfgminer\bfgminer.exe] => (Allow) C:\miners\bfgminer\bfgminer.exe
FirewallRules: [UDP Query User{B6223261-7CF0-4278-9336-A6CFD416FD9F}C:\miners\bfgminer\bfgminer.exe] => (Allow) C:\miners\bfgminer\bfgminer.exe
FirewallRules: [{3D672C23-CD29-4FC8-B264-43F9BDCAC806}] => (Block) C:\miners\bfgminer\bfgminer.exe
FirewallRules: [{B6E932F7-6494-4864-92F7-ECA3C4AED411}] => (Block) C:\miners\bfgminer\bfgminer.exe
FirewallRules: [{A50D680A-7058-47FB-8215-A55ADFE2418B}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEWebHelper.exe
FirewallRules: [{5A998840-0E26-4833-8F73-EE12BAD76A3C}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEWebHelper.exe
FirewallRules: [{60E611A1-054B-46C6-82B7-896B3AD34435}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEX86WebHelper.exe
FirewallRules: [{F7D485AD-F321-4CCE-8928-5FA487FA5A00}] => (Allow) G:\Battlefield\Battlefield 4 CTE\BF4CTEX86WebHelper.exe
FirewallRules: [{60B2418E-8255-41D8-90F7-4D43B47928BB}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [{4C478ECE-144A-408C-BD02-A796DAE6C208}] => (Allow) C:\Windows\SysWOW64\muzapp.exe
FirewallRules: [TCP Query User{05CD3EA9-6C9A-4139-AE5F-B45B1BA1994C}G:\dying light\dyinglightgame.exe] => (Allow) G:\dying light\dyinglightgame.exe
FirewallRules: [UDP Query User{7449605B-D24C-4200-B6E4-29799070868D}G:\dying light\dyinglightgame.exe] => (Allow) G:\dying light\dyinglightgame.exe
FirewallRules: [{AE13F666-EC1E-47CB-A8A6-A6D55248A478}] => (Block) G:\dying light\dyinglightgame.exe
FirewallRules: [{87AFEB2E-94E9-4353-B454-7B6BC9DB8BB4}] => (Block) G:\dying light\dyinglightgame.exe
FirewallRules: [{3DF972F8-E9E8-4BC8-9F28-D5E14E357E69}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{3601012D-3B3B-48AC-9C45-08F3C31D8327}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4FFED76C-DAE2-433F-AA9A-1EC56E6470CD}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6BC26ABA-7894-4DDC-8CF7-08C0757765C8}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3A422AD8-E152-4D38-BBCB-835D24C7A65C}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{028AB9E1-FCE1-48E5-A4B2-8B99B8C6A860}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{D969CA89-A6C4-4861-A585-24F66AD7AC0D}] => (Allow) G:\Battlefield\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{ECA74866-2AC0-4CB6-8C1B-4CE74A22E6F5}] => (Allow) G:\Battlefield\Battlefield 4\BF4WebHelper.exe
FirewallRules: [{BA79AD4F-7BDE-44D7-BC40-D4DC4D59101B}] => (Allow) G:\Battlefield\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [{DDB2683C-5BAF-438E-AAAC-A371ED4BB123}] => (Allow) G:\Battlefield\Battlefield 4\BF4X86WebHelper.exe
FirewallRules: [TCP Query User{B88B6DCA-A769-4CD4-840B-3632F16C6894}G:\battlefield\battlefield 4\bf4.exe] => (Allow) G:\battlefield\battlefield 4\bf4.exe
FirewallRules: [UDP Query User{429AFA74-1624-4911-A8E8-8DF52B40FDD5}G:\battlefield\battlefield 4\bf4.exe] => (Allow) G:\battlefield\battlefield 4\bf4.exe
FirewallRules: [{8C302441-B582-4B41-81A4-E69E3C8DC56B}] => (Block) G:\battlefield\battlefield 4\bf4.exe
FirewallRules: [{22CF2DA7-FD44-4939-9D27-158B47B7BC7F}] => (Block) G:\battlefield\battlefield 4\bf4.exe
FirewallRules: [{D45AC915-2F45-41C5-885B-C8B8D8BB8008}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\SendAFax.exe
FirewallRules: [{41D0B759-B992-4E4A-B717-54039AA5A988}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\bin\FaxPrinterUtility.exe
FirewallRules: [{1AAC865A-9CA3-497C-9C72-E7BB77EE74AE}] => (Allow) C:\Program Files\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{877921EA-3EB8-4ADA-9E05-7E6A8ED3F69B}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{B739D2CF-D676-41FD-8E17-496A67B9EF70}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\DigitalWizards.exe
FirewallRules: [{3D86053E-D6A4-4B2D-8F13-6FB3803BAFAE}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\FaxApplications.exe
FirewallRules: [{8B813356-3FFB-4C21-ACAF-1B0442693706}] => (Allow) C:\Program Files (x86)\HP\HP Color LaserJet Pro MFP M277\bin\EWSProxy.exe
FirewallRules: [{84D76698-1086-48CE-B76A-3B18E4EE2EAB}] => (Allow) E:\Installer\hpbcsiInstaller.exe
FirewallRules: [{D6E707E7-5DA4-492C-944C-30C9CF7185C1}] => (Allow) E:\Installer\hpbcsiInstaller.exe
FirewallRules: [TCP Query User{9FC8CA2C-5692-4215-A2AC-5670A9525E3B}G:\gta5.exe] => (Allow) G:\gta5.exe
FirewallRules: [UDP Query User{A69A148D-810C-4974-9375-5C20C9902903}G:\gta5.exe] => (Allow) G:\gta5.exe
FirewallRules: [{E46D470D-FE15-4406-A805-0AEFD908BF4C}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{7C28320A-85F4-4961-933D-C3A085426CB2}G:\flixster\flixster\flixster.exe] => (Allow) G:\flixster\flixster\flixster.exe
FirewallRules: [UDP Query User{39A9678E-29D5-457A-AC4E-F401AE835EDC}G:\flixster\flixster\flixster.exe] => (Allow) G:\flixster\flixster\flixster.exe
FirewallRules: [{E7CE1A12-1B80-4C2A-9212-7244E9A7AFE3}] => (Block) G:\flixster\flixster\flixster.exe
FirewallRules: [{DE2A5D5C-824B-4239-8B68-BB9A501D3513}] => (Block) G:\flixster\flixster\flixster.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

11-02-2016 10:35:16 Windows Update
27-02-2016 14:10:28 Geplanter Prüfpunkt
29-02-2016 18:43:18 Revo Uninstaller's restore point - Max Driver Updater

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: AMDA00 Interface
Description: AMDA00 Interface
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ASUSTeK Computer Inc.
Service: WUDFRd
Problem: : Windows cannot start this hardware device because its configuration information (in the registry) is incomplete or damaged. (Code 19)
Resolution: A registry problem was detected.
 This can occur when more than one service is defined for a device, if there is a failure opening the service subkey, or if the driver name cannot be obtained from the service subkey. Try these options:
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Click "Uninstall", and then click "Scan for hardware changes" to load a usable driver.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/01/2016 02:30:52 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt

Error: (03/01/2016 02:30:52 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (03/01/2016 02:25:22 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
  bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (03/01/2016 11:15:44 AM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (03/01/2016 08:09:04 AM) (Source: SetupARService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
  bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/29/2016 08:08:57 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt

Error: (02/29/2016 08:08:57 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig

Error: (02/29/2016 08:02:42 PM) (Source: SetupARService) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. System.NullReferenceException: Der Objektverweis wurde nicht auf eine Objektinstanz festgelegt.
  bei SetupAfterRebootService.SetupARService.OnStart(String[] args)
  bei System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (02/29/2016 07:47:18 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Es wird bereits eine Instanz des Dienstes ausgeführt

Error: (02/29/2016 07:47:18 PM) (Source: OverwolfUpdater) (EventID: 0) (User: )
Description: Der Dienst kann nicht gestartet werden. Das Handle ist ungültig


Systemfehler:
=============
Error: (03/01/2016 02:28:29 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (03/01/2016 02:28:29 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 43. Der Windows-SChannel-Fehlerstatus lautet: 252.

Error: (03/01/2016 02:25:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gittuiu" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/01/2016 02:25:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎01.‎03.‎2016 um 12:17:11 unerwartet heruntergefahren.

Error: (03/01/2016 02:25:13 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256844718829029606144

Error: (03/01/2016 10:47:44 AM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (03/01/2016 08:09:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gittuiu" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/01/2016 08:09:01 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎29.‎02.‎2016 um 20:02:39 unerwartet heruntergefahren.

Error: (03/01/2016 08:08:55 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256844718829029606144

Error: (02/29/2016 08:02:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Gittuiu" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz
Prozentuale Nutzung des RAM: 22%
Installierter physikalischer RAM: 16325.83 MB
Verfügbarer physikalischer RAM: 12575.74 MB
Summe virtueller Speicher: 18757.83 MB
Verfügbarer virtueller Speicher: 14131.56 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:232.54 GB) (Free:76.57 GB) NTFS
Drive f: (1TB (Quelle)) (Fixed) (Total:931.51 GB) (Free:34.48 GB) NTFS
Drive g: (1Tb (Datengrab)) (Fixed) (Total:931.51 GB) (Free:668.38 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AD6BDD52)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: AD6BDD51)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 1B288906)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================





MWAM LOG:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 01.03.2016
Suchlaufzeit: 16:42
Protokolldatei: MWAM.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2016.03.01.04
Rootkit-Datenbank: v2016.02.27.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: German

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 470270
Abgelaufene Zeit: 7 Min., 25 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 7
PUP.Optional.BestPriceNinja, C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage, , [d2c620626f2abb7b04236ef68b79c937],
PUP.Optional.BestPriceNinja, C:\Users\German\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal, , [3d5b562ce3b6b08685a2e48094707987],
Hijacked.Host, C:\Windows\System32\drivers\etc\hosts, Gut: (), Schlecht: (107.178.255.88 www.statcounter.com), ,[91078002227774c2884981abf411857b]
Hijacked.Host, C:\Windows\System32\drivers\etc\hosts, Gut: (), Schlecht: (tatcounter.com
107.178.255.88), ,[ff990181edaca6909a37d7550cf927d9]
Hijacked.Host, C:\Windows\System32\drivers\etc\hosts, Gut: (), Schlecht: (ww.statcounter.com
107.178.255.88 statcounter.com
10), ,[c7d10b77fd9c61d59c359d8f22e37e82]
Hijacked.Host, C:\Windows\System32\drivers\etc\hosts, Gut: (), Schlecht: (178.255.88 statcounter.com
107.178), ,[f0a88af80a8fa98d725f161694716d93]
Hijacked.Host, C:\Windows\System32\drivers\etc\hosts, Gut: (), Schlecht: (ter.com
107.178.255.88 statcounte), ,[e6b2cfb3188174c2f1e0e6463bca56aa]

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 02.03.2016 14:35
Zitat:
C:\Users\German\Downloads\remouse_standard_3.4_crack.iso
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.

Tritron 02.03.2016 15:12
Zitat:
Zitat von cosinus (Beitrag 1566777)
Lesestoff:
Illegale Software: Cracks, Keygens und Co

Bitte lesen => http://www.trojaner-board.de/95393-c...-software.html

Es geht weiter wenn du alles Illegale entfernt hast.

Bei wiederholten Crack/Keygen Verstößen behalte ich es mir vor, den Support einzustellen, d.h. Hilfe nur noch bei der Datensicherung und Neuinstallation des Betriebssystems.
Das und viele weitere Programme haben sich mit der Datei (EasyConverter oder so) Installiert. Ich habe mal spaßeshalber geschaut was das ist, und es ist ein Programm zum aufnehmen von Tasks.
Ich hatte die ISO eigentlich schon gelöscht und weiß nicht wieso sie noch in der registery auftaucht.
Mit installierte Programme von denen ich weiß dass sie mitinstalliert wurden:
-istartpaging uninstal
-ReMouse_standart_carck.iso
-capricornus
-Cinemaplus 4 V2
-cheriemoya
-shopperz updater

cosinus 02.03.2016 15:16
Sry aber ist leichter Dünnschiss den du da erzählst ;)

Der Crack liegt nicht in der Registry sondern direkt im Filesystem in deinen Download-Ordner. Das Teil hat sich nicht von allein da hingeladen oder ist da "raufgeflogen" oder so. Du hast es selbst runtergeladen dahin.

Davon abgesehen weiß ich nun immer noch nicht, ob du alle gecrackten installierten Programme nun deinstalliert hast oder nicht.

Tritron 02.03.2016 15:17
Ich habe mir sicher keine cracks geladen.
Was soll ich mir denn noch für scans holen damit du mir das endlich glaubst ?


Achso ich war heute mal im Laden und habe mir das neuste Kasperski gekauft. Könnte dass das Problem lösen?

cosinus 02.03.2016 15:43
Diese Tatsache abzustreiten ist doch total lächerlich!

Zitat:
2016-02-29 18:40 - 2016-02-29 18:40 - 04255744 _____ C:\Users\German\Downloads\remouse_standard_3.4_crack.iso
Da halt eben nochmal. Du kannst es abstreiten soviel du willst. Aber es ändert nix an der Tatsache, dass in deinem Download Ordner ein Crack für "remouse" liegt.

Und auch nochmal: bevor es hier weitergehen kannst sollst du alle Cracks und anderen illegalen Sachen löschen.

Tritron 02.03.2016 15:58
Ich habe alles gelöscht was ich hatte

cosinus 02.03.2016 15:59
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Tritron 02.03.2016 16:55
MBAR Log
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.03.02.04
  rootkit: v2016.02.27.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18205
German :: HENDRYK [administrator]

02.03.2016 16:34:16
mbar-log-2016-03-02 (16-34-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 475124
Time elapsed: 12 minute(s), 33 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 2
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (107.178.255.88 google-analytics.com) Good: () -> Replace on reboot. [3bc18df5a5f42b0bfe2448e7966fd030]
C:\Windows\System32\drivers\etc\hosts (Hijack.Host) -> Bad: (tics.com




107.178.255.88 go) Good: () -> Replace on reboot. [50ac4240801991a5091972bd798c3fc1]

Physical Sectors Detected: 0
(No malicious items detected)

(end)
Neustart wurde übrigends nicht gefordert

cosinus 02.03.2016 18:23
Anleitung zu MBAR richtig gelesen? Wenn etwas gefunden wird,soll MBAR wiederholt werden.


Alle Zeitangaben in WEZ +1. Es ist jetzt 22:48 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131