|
Log-Analyse und Auswertung: Windows Vista: PC hängt sich ständig aufWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
04.10.2015, 15:52 | #31 | |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig aufZitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
10.10.2015, 14:20 | #32 |
| Windows Vista: PC hängt sich ständig auf Hallo schrauber,
__________________hatte die Woche über sehr viel zu tun, daher die späte Rückmeldung. Hab ein Problem: Der Arbeitsspeicher liegt wieder bei 92% und mein Computer friert ein, nachdem der Desktop geladen wurde. Wir sind also wieder am Anfang. Was soll ich machen? EDIT: Mehr als 2000 Prozesse kommen von javaws.exe Java Web Start Launcher. Geändert von sacet (10.10.2015 um 14:56 Uhr) |
11.10.2015, 07:28 | #33 | |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf Hast Du das obige aus meinem letzten Post gemacht?
__________________Zitat:
Screenshot davon bitte.
__________________ |
12.10.2015, 22:05 | #34 |
| Windows Vista: PC hängt sich ständig auf Sry, hab vergessen zu erwähnen, dass ich keinen von deinen genannten Diensten in der Liste gefudnen habe. Muss der Prozess nicht genauso heißen oder schaue ich falsch? Das Problem mit Java ist heute nicht vorgekommen, ansonsten mache ich sofort einen Screenshot. |
13.10.2015, 18:30 | #35 |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf Das scheint irgendwie ein bekanntes Problem zu sein mittlerweile. Java bitte komplett deinstallieren, dann bitte ein frisches FRST log.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
14.10.2015, 17:17 | #36 |
| Windows Vista: PC hängt sich ständig auf FRST: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:12-10-2015 durchgeführt von BozKurT (Administrator) auf BOZKURT-PC (14-10-2015 18:12:05) Gestartet von C:\Users\BozKurT\Desktop Geladene Profile: BozKurT (Verfügbare Profile: BozKurT & UpdatusUser) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (CyberLink) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe ( ) C:\Windows\System32\dlcdcoms.exe (Egis Incorporated) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe (Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe (McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe (McAfee, Inc.) C:\Program Files\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MPF\MpfSrv.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MSK\msksrver.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NewTech InfoSystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe () C:\Program Files\Acer\Empowering Technology\SysMonitor.exe () C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe (Egis Incorporated) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSLoader.exe (Realtek Semiconductor) C:\Windows\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe (Threat Expert Ltd.) C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Egis inc.) C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe (Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe (McAfee, Inc.) C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe (McAfee, Inc.) C:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe (Microsoft Corporation) C:\Windows\System32\msiexec.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Acer Empowering Technology Monitor] => C:\Program Files\Acer\Empowering Technology\SysMonitor.exe [319488 2008-08-19] () HKLM\...\Run: [EmpoweringTechnology] => C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe [323584 2008-08-19] () HKLM\...\Run: [eDataSecurity Loader] => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe [561200 2008-07-29] (Egis Incorporated) HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6456352 2008-08-19] (Realtek Semiconductor) HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1833504 2008-08-19] (Realtek Semiconductor Corp.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.) HKLM-x32\...\Run: [mcagent_exe] => C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe [645328 2009-01-08] (McAfee, Inc.) HKLM-x32\...\Run: [PCMMediaSharing] => C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [204908 2008-05-20] () HKLM-x32\...\Run: [BkupTray] => C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe [28672 2008-04-25] () HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard) HKLM-x32\...\Run: [PCTools FGuard] => C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe [247760 2011-04-12] (Threat Expert Ltd.) HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de) HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2015-03-20] (Apple Inc.) HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2009-03-18] (Google Inc.) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\PSDProtect.dll [2008-07-29] (Egis Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll [2013-09-11] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll [2008-07-29] (Egis Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-10-31] ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: [DhcpNameServer] 192.168.178.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.) URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.) URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - Keine Datei URLSearchHook: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 - PC Tools Browser Guard - {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.) SearchScopes: HKLM -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> DefaultScope Wert fehlt SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> DefaultScope {C657300E-A21D-4D23-AD70-7D6194B2FE6F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de SearchScopes: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> {C657300E-A21D-4D23-AD70-7D6194B2FE6F} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=A011DE662&p={SearchTerms} BHO: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files (x86)\McAfee\MSK\mskapbho64.dll [2009-01-09] () BHO: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> c:\Program Files\McAfee\VirusScan\scriptsn.dll [2009-03-25] (McAfee, Inc.) BHO: ShowBarObj Class -> {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} -> C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll [2008-07-29] (Egis) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.) BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.) BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-05-21] (Hewlett-Packard Co.) BHO-x32: McAfee Phishing Filter -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> c:\Program Files (x86)\McAfee\MSK\mskapbho.dll [2009-01-09] () BHO-x32: PC Tools Browser Guard BHO -> {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} -> C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12] (Threat Expert Ltd.) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: scriptproxy -> {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -> C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll [2009-03-25] (McAfee, Inc.) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.) BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.) BHO-x32: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.) BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-05-21] (Hewlett-Packard Co.) Toolbar: HKLM - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll [2008-07-29] (Egis Incorporated.) Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.) Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.) Toolbar: HKLM-x32 - Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll [2008-07-29] (Egis Incorporated.) Toolbar: HKLM-x32 - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.) Toolbar: HKLM-x32 - PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll [2011-04-12] (Threat Expert Ltd.) Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-23] (Google Inc.) Toolbar: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-09-23] (Google Inc.) Toolbar: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000 -> PC Tools Browser Guard - {472734EA-242A-422B-ADF8-83D1E48CC825} - Keine Datei DPF: HKLM-x32 {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab DPF: HKLM-x32 {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab DPF: HKLM-x32 {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.) Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.) Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2015-09-15] (McAfee, Inc.) Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.) FireFox: ======== FF ProfilePath: C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default FF SearchEngineOrder.1: Sichere Suche FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-14] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-14] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll [2009-04-15] (DivX,Inc.) FF Plugin-x32: @divx.com/DivX Player Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll [2009-04-15] (DivX, Inc) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Program Files (x86)\TVUPlayer\npTVUAx.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-18] (Google Inc.) FF Plugin-x32: @unity3d.com/UnityPlayer -> C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll [2010-06-12] (Unity Technologies ApS) FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.0.7 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-12-09] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-06-27] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll [2013-07-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll [2013-07-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll [2013-07-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll [2013-07-11] (Apple Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll [2013-07-11] (Apple Inc.) FF Extension: YouTube Unblocker - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\youtubeunblocker@unblocker.yt [2015-08-04] FF Extension: UltraSurf Firefox Tool - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA} [2009-08-28] FF Extension: 1-Click Dailymotion Video Downloader - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\DailymotionVideoDownloader@PeterOlayev.com.xpi [2013-08-18] FF Extension: MPEG4Plugin - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{4901eb44-5cb1-4eb9-b0aa-2357bcce2942}.xpi [2014-12-04] FF Extension: Video Shield Light - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{7f640839-0d9f-4fa5-91b7-5ae9ea4d8ce5}.xpi [2014-11-30] FF Extension: Adblock Plus - C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-11-25] FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF Extension: Kein Name - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2015-09-17] FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-03-18] FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009-10-31] FF HKLM-x32\...\Firefox\Extensions: [{cb84136f-9c44-433a-9048-c5cd9df1dc16}] - C:\Program Files (x86)\PC Tools Security\BDT\Firefox FF Extension: Browser Defender Toolbar - C:\Program Files (x86)\PC Tools Security\BDT\Firefox [2011-04-17] FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi FF HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 Chrome: ======= CHR Profile: C:\Users\BozKurT\AppData\Local\Google\Chrome\User Data\Default CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2010-06-12] CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2010-06-12] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Acer HomeMedia Connect Service; C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe [269448 2008-05-20] (CyberLink) [Datei ist nicht signiert] S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-04-09] (Adobe Systems) [Datei ist nicht signiert] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) R2 Browser Defender Update Service; C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe [337872 2011-04-12] (Threat Expert Ltd.) R2 BUNAgentSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [16384 2008-03-03] (NewTech Infosystems, Inc.) [Datei ist nicht signiert] R2 dlcd_device; C:\Windows\system32\dlcdcoms.exe [566768 2007-01-17] ( ) R2 eDataSecurity Service; C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe [500784 2008-07-29] (Egis Incorporated) R2 ETService; C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [24576 2008-08-19] () [Datei ist nicht signiert] R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [Datei ist nicht signiert] S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [Datei ist nicht signiert] R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [Datei ist nicht signiert] S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [154856 2015-09-28] (McAfee, Inc.) R2 mcmscsvc; C:\Program Files (x86)\McAfee\MSC\mcmscsvc.exe [797864 2009-01-08] (McAfee, Inc.) R2 McNASvc; c:\Program Files (x86)\Common Files\McAfee\MNA\McNASvc.exe [2482848 2009-01-09] (McAfee, Inc.) S3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [696848 2009-04-01] (McAfee, Inc.) R2 McProxy; c:\Program Files (x86)\Common Files\McAfee\McProxy\McProxy.exe [359952 2009-01-09] (McAfee, Inc.) R2 McShield; C:\Program Files\McAfee\VirusScan\Mcshield.exe [153920 2009-03-25] (McAfee, Inc.) R3 McSysmon; C:\Program Files (x86)\McAfee\VirusScan\mcsysmon.exe [606736 2009-03-24] (McAfee, Inc.) R2 MpfService; C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe [884360 2009-03-19] (McAfee, Inc.) R2 MSK80Service; C:\Program Files (x86)\McAfee\MSK\MskSrver.exe [26640 2009-01-09] (McAfee, Inc.) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation) R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation) S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-08] (Microsoft Corporation) R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation) R2 NTIBackupSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [45056 2008-04-25] (NewTech InfoSystems, Inc.) [Datei ist nicht signiert] R2 NTISchedulerSvc; C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [131072 2008-04-25] () [Datei ist nicht signiert] R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [Datei ist nicht signiert] R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [241734 2008-06-13] () [Datei ist nicht signiert] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2008-01-21] (Microsoft Corporation) S1 Beep; kein ImagePath S3 camdrv42; C:\Windows\System32\DRIVERS\camdrv42.sys [1533952 2007-04-23] () S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-12-30] () [Datei ist nicht signiert] U4 Iteidelr; kein ImagePath S3 ITEIO.SYS; c:\Windows\System32\drivers\ITEIO.sys [13144 2008-02-25] (Windows (R) Codename Longhorn DDK provider) [Datei ist nicht signiert] R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [102600 2009-03-25] (McAfee, Inc.) R1 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [307400 2009-03-25] (McAfee, Inc.) S3 mferkdk; C:\Windows\System32\drivers\mferkdk.sys [40904 2009-03-25] (McAfee, Inc.) R3 mfesmfk; C:\Windows\System32\drivers\mfesmfk.sys [49480 2009-03-25] (McAfee, Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation) R1 MPFP; C:\Windows\System32\Drivers\Mpfp.sys [176144 2008-10-23] (McAfee, Inc.) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation) S3 nmwcdx64; C:\Windows\System32\drivers\ccdcmbx64.sys [18432 2008-05-02] (Nokia) R0 PCTCore; C:\Windows\System32\drivers\PCTCore64.sys [282440 2011-03-10] (PC Tools) R0 pctDS; C:\Windows\System32\drivers\pctDS64.sys [452872 2010-06-29] (PC Tools) R0 pctEFA; C:\Windows\System32\drivers\pctEFA64.sys [816016 2010-07-16] (PC Tools) R0 PSDFilter; C:\Windows\System32\DRIVERS\psdfilter.sys [22064 2008-07-29] (Egis Incorporated) R2 PSDNServ; C:\Windows\System32\DRIVERS\PSDNServ.sys [21040 2008-07-29] (Egis Incorporated) R2 psdvdisk; C:\Windows\System32\DRIVERS\PSDVdisk.sys [60976 2008-07-29] (Egis Incorporated) S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerfltx64.sys [8704 2008-05-02] (Windows (R) Codename Longhorn DDK provider) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-14 18:12 - 2015-10-14 18:12 - 00031939 _____ C:\Users\BozKurT\Desktop\FRST.txt 2015-10-13 23:57 - 2015-07-18 15:14 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00015200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00015200 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-10-13 23:57 - 2015-07-18 15:14 - 00011104 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-10-13 23:56 - 2015-07-29 02:46 - 11588096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll 2015-10-13 23:56 - 2015-07-29 02:31 - 12901888 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2015-10-13 23:54 - 2015-09-28 19:21 - 01586304 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-10-13 23:54 - 2015-09-28 19:21 - 01168600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-10-13 23:54 - 2015-09-26 18:03 - 04690880 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-10-13 23:05 - 2015-10-13 23:05 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2015-10-13 23:04 - 2015-10-13 23:05 - 00000000 ____D C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 2015-10-13 23:04 - 2015-10-13 23:05 - 00000000 ____D C:\Program Files\iTunes 2015-10-13 23:04 - 2015-10-13 23:04 - 00000000 ____D C:\Program Files\iPod 2015-10-13 23:04 - 2015-10-13 23:04 - 00000000 ____D C:\Program Files (x86)\iTunes 2015-10-13 22:57 - 2015-10-13 22:57 - 00001830 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2015-10-13 22:57 - 2015-10-13 22:57 - 00000000 ____D C:\Windows\System32\Tasks\Apple 2015-10-13 22:57 - 2015-10-13 22:57 - 00000000 ____D C:\Program Files (x86)\Apple Software Update 2015-10-13 20:18 - 2015-09-11 09:59 - 17890816 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-10-13 20:18 - 2015-09-11 09:56 - 02349568 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-10-13 20:18 - 2015-09-11 09:52 - 10936832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-10-13 20:18 - 2015-09-11 09:51 - 01387520 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-10-13 20:18 - 2015-09-11 09:51 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-10-13 20:18 - 2015-09-11 09:50 - 02158080 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-10-13 20:18 - 2015-09-11 09:50 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-10-13 20:18 - 2015-09-11 09:50 - 00600576 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-10-13 20:18 - 2015-09-11 09:49 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-10-13 20:18 - 2015-09-11 09:49 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00173568 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-10-13 20:18 - 2015-09-11 09:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2015-10-13 20:18 - 2015-09-11 09:49 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2015-10-13 20:18 - 2015-09-11 09:49 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2015-10-13 20:18 - 2015-09-11 09:22 - 01814016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-10-13 20:18 - 2015-09-11 09:21 - 12388352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-10-13 20:18 - 2015-09-11 09:19 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-10-13 20:18 - 2015-09-11 09:17 - 09751552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-10-13 20:18 - 2015-09-11 09:16 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-10-13 20:18 - 2015-09-11 09:16 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-10-13 20:18 - 2015-09-11 09:15 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-10-13 20:18 - 2015-09-11 09:15 - 00422912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-10-13 20:18 - 2015-09-11 09:14 - 01804288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00718848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-10-13 20:18 - 2015-09-11 09:14 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2015-10-13 20:18 - 2015-09-11 09:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2015-10-13 20:18 - 2015-09-11 09:14 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2015-10-04 14:26 - 2015-10-04 14:26 - 00002189 _____ C:\list.txt 2015-10-04 14:26 - 2015-10-04 14:26 - 00000096 _____ C:\Users\BozKurT\Desktop\list.bat 2015-09-30 16:25 - 2015-09-30 16:25 - 04980182 ____R C:\Users\BozKurT\Desktop\MF_30.09.15.pptx 2015-09-28 14:23 - 2015-09-28 14:57 - 00000000 ____D C:\Users\BozKurT\Desktop\RECHT1 2015-09-27 14:12 - 2015-09-27 14:12 - 00000000 ____D C:\Users\BozKurT\Desktop\ProcessExplorer 2015-09-26 11:55 - 2015-09-30 13:22 - 00002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk 2015-09-26 11:55 - 2015-09-26 11:55 - 00001924 _____ C:\Users\Public\Desktop\Adobe Reader X.lnk 2015-09-26 11:21 - 2015-09-26 11:21 - 00000000 ____D C:\Users\BozKurT\.oracle_jre_usage 2015-09-26 11:19 - 2015-09-26 11:20 - 00584288 _____ (Oracle Corporation) C:\Users\BozKurT\Downloads\jxpiinstall.exe 2015-09-23 18:02 - 2015-09-23 18:02 - 00852704 _____ C:\Users\BozKurT\Desktop\SecurityCheck.exe 2015-09-23 15:22 - 2015-09-23 15:23 - 02870984 _____ (ESET) C:\Users\BozKurT\Desktop\esetsmartinstaller_deu.exe 2015-09-21 12:23 - 2015-09-21 12:23 - 00001390 _____ C:\Users\BozKurT\Desktop\JRT.txt 2015-09-21 12:15 - 2015-09-21 12:15 - 01798976 _____ (Malwarebytes) C:\Users\BozKurT\Desktop\JRT.exe 2015-09-21 12:04 - 2015-09-21 12:19 - 00000027 _____ C:\Windows\SysWOW64\MPFServiceFailureCount.txt 2015-09-21 11:57 - 2015-09-21 11:57 - 01662976 _____ C:\Users\BozKurT\Desktop\AdwCleaner_5.008.exe 2015-09-21 11:54 - 2015-09-21 11:54 - 00002354 _____ C:\Users\BozKurT\Desktop\mbam.txt 2015-09-21 11:01 - 2015-09-28 13:25 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-09-21 11:01 - 2015-09-21 11:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2015-09-21 11:01 - 2015-09-21 11:01 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-09-21 11:01 - 2015-09-21 11:01 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2015-09-21 11:01 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-09-21 11:01 - 2015-06-18 08:41 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-09-21 11:01 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-09-21 11:00 - 2015-09-21 11:00 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\BozKurT\Desktop\mbam-setup-2.1.8.1057(1).exe 2015-09-21 10:55 - 2015-09-21 10:55 - 00321848 _____ (Malwarebytes Corporation) C:\Users\BozKurT\Downloads\mbam-clean-2.1.1.1001.exe 2015-09-17 15:47 - 2015-09-17 15:47 - 00000000 ____D C:\Users\BozKurT\Searches\Documents\Eigene Scans 2015-09-17 11:31 - 2015-09-17 11:31 - 00028035 _____ C:\ComboFix.txt 2015-09-17 10:59 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe 2015-09-17 10:59 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe 2015-09-17 10:59 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2015-09-17 10:59 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2015-09-17 10:59 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2015-09-17 10:59 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe 2015-09-17 10:59 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe 2015-09-17 10:59 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe 2015-09-17 10:54 - 2015-09-17 11:32 - 00000000 ____D C:\Qoobox 2015-09-17 10:53 - 2015-09-17 11:28 - 00000000 ____D C:\Windows\erdnt 2015-09-17 10:53 - 2015-09-17 10:59 - 00000000 ____D C:\32788R22FWJFW 2015-09-17 10:46 - 2015-09-17 10:46 - 05635119 ____R (Swearware) C:\Users\BozKurT\Desktop\ComboFix.exe 2015-09-16 23:45 - 2015-10-14 18:11 - 00000000 ____D C:\Users\BozKurT\Desktop\FRST-OlderVersion 2015-09-16 00:38 - 2015-09-16 00:38 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\BozKurT\Desktop\tdsskiller.exe 2015-09-15 22:44 - 2015-09-16 00:36 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2015-09-15 22:40 - 2015-09-16 00:36 - 00000000 ____D C:\Users\BozKurT\Desktop\mbar 2015-09-15 22:35 - 2015-09-15 22:36 - 16563352 _____ (Malwarebytes Corp.) C:\Users\BozKurT\Desktop\mbar-1.09.3.1001.exe 2015-09-14 14:51 - 2015-10-14 18:11 - 02196480 _____ (Farbar) C:\Users\BozKurT\Desktop\FRST64.exe 2015-09-14 10:13 - 2015-07-10 16:31 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2015-09-14 10:13 - 2015-07-10 16:21 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2015-09-14 09:57 - 2015-08-13 16:36 - 00450560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys 2015-09-14 09:57 - 2015-08-13 16:36 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys 2015-09-14 09:54 - 2015-09-02 23:26 - 01875968 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2015-09-14 09:54 - 2015-09-02 23:26 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2015-09-14 09:54 - 2015-09-02 23:26 - 01402368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2015-09-14 09:54 - 2015-09-02 23:26 - 01253376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-10-14 18:12 - 2014-04-24 15:30 - 00000000 ____D C:\FRST 2015-10-14 18:01 - 2012-06-30 14:14 - 00003736 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-10-14 18:01 - 2012-06-30 14:14 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-10-14 18:01 - 2012-06-09 15:48 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-10-14 18:01 - 2011-08-21 13:57 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-10-14 17:52 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\rescache 2015-10-14 17:34 - 2010-02-04 20:11 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-10-14 17:34 - 2008-10-31 21:05 - 01832240 _____ C:\Users\Public\eDSMSNLoader32.log 2015-10-14 17:34 - 2008-10-31 20:50 - 00234983 _____ C:\Windows\system32\Config.MPF 2015-10-14 17:34 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2015-10-14 17:34 - 2006-11-02 17:22 - 00003216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2015-10-14 17:33 - 2009-11-16 20:16 - 00000000 ____D C:\ProgramData\TEMP 2015-10-14 17:33 - 2008-10-31 21:00 - 00000147 _____ C:\Windows\SysWOW64\agent.log 2015-10-14 17:33 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-10-14 17:33 - 2006-10-10 03:06 - 00000000 _____ C:\Windows\system32\LogConfigTemp.xml 2015-10-14 17:32 - 2008-10-31 20:20 - 00000000 ____D C:\ProgramData\NVIDIA 2015-10-14 17:30 - 2013-10-11 20:04 - 09200180 _____ C:\Windows\PFRO.log 2015-10-14 00:04 - 2008-10-31 20:35 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-10-14 00:04 - 2006-11-02 17:42 - 00032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2015-10-14 00:04 - 2006-10-10 02:59 - 01452691 _____ C:\Windows\WindowsUpdate.log 2015-10-13 23:59 - 2010-10-24 12:12 - 04100408 _____ C:\Windows\system32\Drivers\Cat.DB 2015-10-13 23:31 - 2010-02-04 20:11 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-10-13 23:18 - 2015-02-16 20:29 - 00003706 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{4D2CA3CA-A550-409B-BBD7-2167104BBC95} 2015-10-13 23:05 - 2014-10-27 23:49 - 00001666 _____ C:\Users\Public\Desktop\iTunes.lnk 2015-10-13 23:04 - 2009-04-05 13:22 - 00000000 ____D C:\Program Files\Common Files\Apple 2015-10-13 22:59 - 2009-03-18 13:54 - 00000000 ____D C:\Users\BozKurT 2015-10-02 10:44 - 2008-10-31 20:48 - 00000000 ____D C:\Program Files (x86)\McAfee 2015-10-01 21:39 - 2008-01-21 13:10 - 01758728 _____ C:\Windows\system32\PerfStringBackup.INI 2015-10-01 21:39 - 2008-01-21 13:09 - 00746138 _____ C:\Windows\system32\perfh007.dat 2015-10-01 21:39 - 2008-01-21 13:09 - 00177920 _____ C:\Windows\system32\perfc007.dat 2015-09-30 12:45 - 2009-11-23 12:44 - 00000000 ____D C:\Users\BozKurT\Desktop\Ugur 2015-09-29 20:41 - 2012-03-26 15:58 - 00000000 ____D C:\Users\BozKurT\Desktop\emine 2015-09-26 12:00 - 2015-05-25 14:15 - 00000000 ____D C:\Users\BozKurT\Desktop\drucken 2015-09-26 11:57 - 2014-06-23 13:32 - 00000000 ____D C:\Users\BozKurT\AppData\Local\Adobe 2015-09-26 11:55 - 2009-03-18 15:00 - 00000000 ____D C:\Program Files (x86)\Adobe 2015-09-26 11:55 - 2008-10-31 21:00 - 00000000 ____D C:\ProgramData\Adobe 2015-09-26 11:22 - 2014-04-27 21:33 - 00000000 ____D C:\ProgramData\Oracle 2015-09-26 11:16 - 2009-03-18 14:00 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\Adobe 2015-09-21 12:04 - 2014-04-25 20:03 - 00000000 ____D C:\AdwCleaner 2015-09-21 11:48 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\Globalization 2015-09-20 12:29 - 2009-03-29 17:03 - 00000000 ____D C:\Users\BozKurT\Desktop\Süleyman 2015-09-18 12:26 - 2010-02-04 20:11 - 00004106 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-09-18 12:26 - 2010-02-04 20:11 - 00003854 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-09-18 00:12 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\system32\spool 2015-09-17 22:32 - 2009-03-27 16:21 - 00000000 ____D C:\Users\BozKurT\AppData\Roaming\vlc 2015-09-17 11:31 - 2006-11-02 15:33 - 00000000 __RHD C:\Users\Default 2015-09-17 11:27 - 2006-11-02 14:34 - 00000215 _____ C:\Windows\system.ini 2015-09-16 23:29 - 2009-03-18 15:02 - 00000000 ____D C:\Users\BozKurT\Searches\Documents\Meine empfangenen Dateien 2015-09-14 10:19 - 2006-11-02 17:07 - 00000000 ____D C:\Program Files\Windows Journal 2015-09-14 10:18 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\PolicyDefinitions 2015-09-14 10:11 - 2013-08-14 23:51 - 00000000 ____D C:\Windows\system32\MRT ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-03-06 01:06 - 2014-03-06 01:06 - 0001181 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.1.txt 2014-03-06 01:06 - 2014-03-06 01:14 - 0000919 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.txt 2014-03-06 01:06 - 2014-03-06 01:14 - 0000000 _____ () C:\Users\BozKurT\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt 2011-01-12 21:56 - 2015-08-01 12:46 - 0001356 _____ () C:\Users\BozKurT\AppData\Local\d3d9caps.dat 2011-07-03 10:15 - 2012-07-21 23:02 - 0000732 _____ () C:\Users\BozKurT\AppData\Local\d3d9caps64.dat 2009-03-19 14:28 - 2015-07-17 01:35 - 0223232 _____ () C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2009-07-02 11:22 - 2009-07-02 11:22 - 0036172 _____ () C:\Users\BozKurT\AppData\Local\dd_depcheck_NETFX_EXP_35.txt 2013-10-09 16:29 - 2015-09-08 13:42 - 0136446 _____ () C:\Users\BozKurT\AppData\Local\dd_depcheck_VB_EXP_90.txt 2009-07-02 11:22 - 2009-07-02 11:22 - 0000002 _____ () C:\Users\BozKurT\AppData\Local\dd_dotnetfx35error_lp.txt 2009-07-02 11:22 - 2009-07-02 11:23 - 0203664 _____ () C:\Users\BozKurT\AppData\Local\dd_dotnetfx35install_lp.txt 2013-10-09 16:29 - 2013-10-09 16:29 - 0000002 _____ () C:\Users\BozKurT\AppData\Local\dd_error_vb_xcor_90.txt 2013-10-09 16:32 - 2013-10-09 16:32 - 1176452 _____ () C:\Users\BozKurT\AppData\Local\dd_ExpRemoteDbg_x64_MSI741A.txt 2013-10-09 16:29 - 2015-09-08 13:45 - 2160832 _____ () C:\Users\BozKurT\AppData\Local\dd_install_vb_xcor_90.txt 2009-07-02 11:22 - 2009-07-02 11:22 - 0811646 _____ () C:\Users\BozKurT\AppData\Local\dd_NET_Framework35_LangPack_MSI6767.txt 2013-10-09 16:37 - 2013-10-09 16:37 - 0341986 _____ () C:\Users\BozKurT\AppData\Local\dd_SQLCEToolsForVS2007_MSI77B0.txt 2013-10-09 16:37 - 2013-10-09 16:37 - 0383494 _____ () C:\Users\BozKurT\AppData\Local\dd_SSCERuntime_MSI77A0.txt 2010-10-24 12:12 - 2010-10-24 12:12 - 0422964 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistMSI3F4F.txt 2011-04-17 14:03 - 2011-04-17 14:03 - 0438398 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistMSI7D1E.txt 2010-10-24 12:12 - 2010-10-24 12:12 - 0013782 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI3F4F.txt 2010-10-24 12:12 - 2010-10-24 12:12 - 0012938 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI3F50.txt 2011-04-17 14:03 - 2011-04-17 14:03 - 0012646 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI7D1E.txt 2011-04-17 14:03 - 2011-04-17 14:03 - 0011786 _____ () C:\Users\BozKurT\AppData\Local\dd_vcredistUI7D1F.txt 2015-09-08 13:45 - 2015-09-08 13:45 - 0795720 _____ () C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI4B14.txt 2013-10-09 16:32 - 2013-10-09 16:32 - 0853224 _____ () C:\Users\BozKurT\AppData\Local\dd_VC_MinRed_MSI7400.txt 2013-10-09 16:32 - 2013-10-09 16:32 - 0255488 _____ () C:\Users\BozKurT\AppData\Local\dd_WinSDK_ExpTools_x64_MSI743E.txt 2013-10-09 16:32 - 2013-10-09 16:32 - 0204582 _____ () C:\Users\BozKurT\AppData\Local\dd_WinSDK_Win32ExpTools_x64_MSI7455.txt 2009-07-02 11:22 - 2015-09-08 13:45 - 1782730 _____ () C:\Users\BozKurT\AppData\Local\uxeventlog.txt 2015-09-08 13:42 - 2015-09-08 13:45 - 8302854 _____ () C:\Users\BozKurT\AppData\Local\VSMsiLog48F9.txt 2013-10-09 16:33 - 2013-10-09 16:37 - 11430914 _____ () C:\Users\BozKurT\AppData\Local\VSMsiLog7469.txt 2009-04-02 23:42 - 2009-04-02 23:42 - 0000011 _____ () C:\ProgramData\.tv5 2009-10-31 18:57 - 2012-05-01 21:39 - 0001723 _____ () C:\ProgramData\hpzinstall.log Einige Dateien in TEMP: ==================== C:\Users\BozKurT\AppData\Local\Temp\jre-8u60-windows-au.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-10-14 17:37 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:12-10-2015 durchgeführt von BozKurT (2015-10-14 18:13:45) Gestartet von C:\Users\BozKurT\Desktop Windows Vista (TM) Home Premium Service Pack 2 (X64) (2006-10-10 01:01:29) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3668395413-3215351660-3596499305-500 - Administrator - Disabled) BozKurT (S-1-5-21-3668395413-3215351660-3596499305-1000 - Administrator - Enabled) => C:\Users\BozKurT Gast (S-1-5-21-3668395413-3215351660-3596499305-501 - Limited - Disabled) UpdatusUser (S-1-5-21-3668395413-3215351660-3596499305-1001 - Limited - Enabled) => C:\Users\UpdatusUser ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: McAfee VirusScan (Enabled - Out of date) {86355677-4064-3EA7-ABB3-1B136EB04637} AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A} AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: McAfee VirusScan (Enabled - Up to date) {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Personal Firewall (Enabled) {BE0ED752-0A0B-3FFF-80EC-B2269063014C} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden AAC Decoder (HKLM-x32\...\{AEF9DC35ADDF4825B049ACBFD1C6EB37}) (Version: 7.1.0 - DivX, Inc.) Acer Arcade Live Main Page (HKLM-x32\...\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}) (Version: 1.1.1819 - Acer Inc.) Acer DV Magician (HKLM-x32\...\{F6EFFB76-4A07-11DA-9D78-000129760D75}) (Version: 1.5.1730 - Acer Inc.) Acer DVDivine (HKLM-x32\...\{B145EC69-66F5-11D8-9D75-000129760D75}) (Version: 3.2.1730 - Acer Inc.) Acer eDataSecurity Management (HKLM-x32\...\{A5633652-3795-4829-BB0B-644F0279E279}) (Version: 3.0.3065 - Egis Inc.) Acer Empowering Technology (HKLM-x32\...\{8F1B6239-FEA0-450A-A950-B05276CE177C}) (Version: 3.0.3010 - Acer Incorporated) Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 3.0.3014 - Acer Incorporated) Acer eSettings Management (HKLM-x32\...\{13D85C14-2B85-419F-AC41-C7F21E68B25D}) (Version: 3.0.3007 - Acer Incorporated) Acer GameZone Console DTV 2.0.1.1 (HKLM-x32\...\Acer GameZone Console_is1) (Version: - Oberon Media, Inc.) Acer HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 1.5.0530 - Acer Inc.) Acer HomeMedia Connect (HKLM-x32\...\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}) (Version: 1.4.5330 - Acer Inc.) Acer HomeMedia Trial Creator (HKLM-x32\...\{B580C409-E16F-44FF-904D-3AE94E113BE0}) (Version: 1.5.0530 - Acer Inc.) Acer Product Registration (HKLM-x32\...\{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}) (Version: 3.0.0.8 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}) (Version: 4.01.0718 - Acer Incorporated) Acer SlideShow DVD (HKLM-x32\...\{41581EF5-45A7-11DA-9D78-000129760D75}) (Version: 1.5.1730 - Acer Inc.) Acer VideoMagician (HKLM-x32\...\{F79A208D-D929-11D9-9D77-000129760D75}) (Version: 1.4.2203 - Acer Inc.) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.207 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated) Adobe Photoshop CS (HKLM-x32\...\{EFB21DE7-8C19-4A88-BB28-A766E16493BC}) (Version: CS - Adobe Systems, Inc.) Adobe Photoshop CS2 (HKLM-x32\...\Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0407-1E257A25E34D}) (Version: 9.0 - Adobe Systems, Inc.) Adobe Reader X (10.1.15) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.15 - Adobe Systems Incorporated) Agatha Christie Death on the Nile (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}) (Version: - Oberon Media) Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version: - Oberon Media) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team) AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - ) Azada (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}) (Version: - Oberon Media) Benutzerhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Useg) (Version: - ) Big Kahuna Reef (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}) (Version: - Oberon Media) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Bricks of Egypt (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}) (Version: - Oberon Media) Browser Defender 3.0 (HKLM-x32\...\Browser Defender_is1) (Version: 3.0.0.311 - Threat Expert Ltd.) BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden C4600 (x32 Version: 130.0.425.000 - Hewlett-Packard) Hidden Cake Mania (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}) (Version: - Oberon Media) Chicken Invaders 3 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}) (Version: - Oberon Media) Chuzzle (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}) (Version: - Oberon Media) Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden Diner Dash Flo on the Go (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}) (Version: - Oberon Media) DivX Codec (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.8.5 - DivX, Inc.) DivX Converter (HKLM-x32\...\{13F3917B56CD4C25848BDC69916971BB}) (Version: 7.0.0 - DivX, Inc.) DivX Converter (HKLM-x32\...\{B13A7C41581B411290FBC0395694E2A9}) (Version: 7.0.0 - DivX, Inc.) DivX Player (HKLM-x32\...\{8ADFC4160D694100B5B8A22DE9DCABD9}) (Version: 7.1.0 - DivX, Inc.) DivX Plus DirectShow Filters (HKLM-x32\...\DivX Plus DirectShow Filters) (Version: - DivX, Inc.) DivX Version Checker (HKLM-x32\...\{3FC7CBBC4C1E11DCA1A752EA55D89593}) (Version: 7.0.0.19 - DivX, Inc.) DivX Web Player (HKLM-x32\...\{B7050CBDB2504B34BC2A9CA0A692CC29}) (Version: 1.4.3 - DivX,Inc.) Download Navigator (HKLM-x32\...\{E728441A-7820-4B1C-87C9-DE7BE37B2953}) (Version: 1.1.0 - SEIKO EPSON CORPORATION) Dropbox (HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Dropbox) (Version: 2.8.4 - Dropbox, Inc.) eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.3.000201 - esobi Inc.) eSobi v2 (x32 Version: 2.0.3.000201 - esobi Inc.) Hidden Free YouTube to MP3 Converter version 3.12.41.623 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.41.623 - DVDVideoSoft Ltd.) FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - ) Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.) Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.) H.264 Decoder (HKLM-x32\...\{A96E97134CA649888820BCDE5E300BBD}) (Version: 1.0.0 - DivX, Inc.) HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP) HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP) HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5 (HKLM\...\{44C81D1A-0520-49BB-B510-98B8DD414EA1}) (Version: 13.0 - HP) HP Print Projects 1.0 (HKLM\...\HP Print Projects) (Version: 1.0 - HP) HP Smart Web Printing 4.5 (HKLM\...\HP Smart Web Printing) (Version: 4.5 - HP) HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP) HP Update (HKLM-x32\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard) HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden hpPrintProjects (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden hpWLPGInstaller (x32 Version: 130.0.303.000 - Hewlett-Packard) Hidden iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.) Jewel Quest Solitaire (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}) (Version: - Oberon Media) Kick N Rush (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}) (Version: - Oberon Media) LAME v3.98.2 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - ) LightScribe 1.4.142.1 (x32 Version: 1.4.142.1 - hxxp://www.lightscribe.com) Hidden Mahjong Escape Ancient China (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}) (Version: - Oberon Media) Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation) MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden McAfee SecurityCenter (HKLM-x32\...\MSC) (Version: - McAfee, Inc.) McAfee SiteAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.283 - McAfee, Inc.) Messenger Plus! Live (HKLM-x32\...\Messenger Plus! Live) (Version: 4.90.0.392 - Yuna Software) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation) Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version: - Microsoft Corporation) Microsoft SQL Server Compact 3.5 Design Tools DEU (HKLM-x32\...\{E32260E7-0B10-43C7-9B77-AB9F4184676D}) (Version: 3.5.5386.0 - Microsoft Corporation) Microsoft SQL Server Compact 3.5 DEU (HKLM-x32\...\{159098AF-4EB8-4C10-B0C6-24CDA32B45F9}) (Version: 3.5.5386.0 - Microsoft Corporation) Microsoft SQL Server Native Client (HKLM\...\{7C39E0D1-E138-42B1-B083-213EC2CF7692}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft SQL Server VSS Writer (HKLM\...\{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}) (Version: 9.00.5000.00 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - DEU) (Version: - Microsoft Corporation) Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{53C900F7-0CB1-3EDE-B9F3-76EDE6F0C253}) (Version: 3.5.21022 - Microsoft) Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}) (Version: 08.05.0822 - Microsoft Corporation) MKV Splitter (HKLM-x32\...\{AAC389499AEF40428987B3D30CFC76C9}) (Version: 1.0.0 - DivX, Inc.) Mozilla Firefox 36.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla) Mozilla Firefox 38.0.5 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 de)) (Version: 38.0.5 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Mystery Case Files - Huntsville (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}) (Version: - Oberon Media) Mystery Solitaire - Secret Island (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}) (Version: - Oberon Media) Netzwerkhandbuch EPSON BX535WD Series (HKLM-x32\...\EPSON BX535WD Series Netg) (Version: - ) Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 6.80.5.1 - ) NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.606 - NewTech Infosystems) NTI Backup Now Standard (x32 Version: 5.1.2.606 - NewTech Infosystems) Hidden NTI JewelCase Maker Hot Fix (HKLM-x32\...\InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}) (Version: 5.5.0.5202 - NewTech Infosystems) NTI JewelCase Maker Hot Fix (x32 Version: 5.5.0.5202 - NewTech Infosystems) Hidden NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.2.6329 - NewTech Infosystems) NTI Media Maker 8 (x32 Version: 8.0.2.6329 - NewTech Infosystems) Hidden NTI Photo Maker Hot Fix (HKLM-x32\...\InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}) (Version: 2.0.0.16 - NewTech Infosystems) NTI Photo Maker Hot Fix (x32 Version: 2.0.0.16 - NewTech Infosystems) Hidden NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation) NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation) NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.10.62.40 - NVIDIA Corporation) NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation) NVIDIA PhysX v8.04.25 (HKLM-x32\...\{74224F8D-4A17-4816-9EDB-7BB854DE532C}) (Version: 8.04.25 - NVIDIA Corporation) NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation) PE585QAEncoder-64 (HKLM\...\{D8B2C435-8737-431E-8784-24CD13B0B821}) (Version: 6.00.1918 - YUAN) Play65 (HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\...\Play65) (Version: Dec_14_2009_14_19_04 - LogicEmpire) PS_AIO_05_C4600_Software_Min (x32 Version: 130.0.425.000 - Hewlett-Packard) Hidden PVSonyDll (Version: 1.00.0001 - NVIDIA Corporation) Hidden QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5688 - Realtek Semiconductor Corp.) RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - ) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden Segoe UI (x32 Version: 15.4.2271.0615 - Microsoft Corp) Hidden Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP) SmartWebPrinting (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Spelling Dictionaries Support For Adobe Reader 8 (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-800000000003}) (Version: 8.0.0 - Adobe Systems) Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden Steam(TM) (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve) Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden Turbo Pizza (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}) (Version: - Oberon Media) Unity Web Player (HKLM-x32\...\UnityWebPlayer) (Version: 2.5.1f5_24931 - Unity Technologies ApS) Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) (HKLM-x32\...\{07629207-FAA0-4F1A-8092-BF5085BE511F}) (Version: 9.00.5000.00 - Microsoft Corporation) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.762 (x32 Version: 1.0.0 - DivX, Inc) Hidden VLC media player 2.1.2 (HKLM-x32\...\VLC media player) (Version: 2.1.2 - VideoLAN) WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation) Windows Live OneCare safety scanner (HKLM-x32\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation) WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - ) Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org) Yahoo! Detect (HKLM-x32\...\YTdetect) (Version: - ) Zuma Deluxe (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}) (Version: - Oberon Media) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3668395413-3215351660-3596499305-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 16-09-2015 22:03:59 Geplanter Prüfpunkt 17-09-2015 11:35:41 Windows Update 18-09-2015 19:13:50 Geplanter Prüfpunkt 20-09-2015 18:17:43 Windows Update 21-09-2015 12:17:38 JRT Pre-Junkware Removal 22-09-2015 16:23:07 Geplanter Prüfpunkt 25-09-2015 10:09:07 Windows Update 26-09-2015 14:57:52 Geplanter Prüfpunkt 28-09-2015 17:43:50 Geplanter Prüfpunkt 28-09-2015 21:06:28 Windows Update 02-10-2015 21:46:57 Windows Update 12-10-2015 22:25:49 Windows Update 13-10-2015 22:58:16 Gerätetreiber-Paketinstallation: Apple, Inc. USB-Controller 13-10-2015 23:53:33 Windows Update 14-10-2015 18:03:36 Removed Java 8 Update 60 ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 14:34 - 2015-09-17 11:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {1C714251-4752-48E7-A36B-3DEB19AB4BFB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {2C3F88A1-FA66-455A-945C-4F213B5232C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {35E96C26-28BD-402C-BD11-1517540CEFF7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated) Task: {7E23F0A2-2C53-4753-99D4-8AF461D5EA14} - \PC Performer_UPDATES -> Keine Datei <==== ACHTUNG Task: {80B1B6EA-15C5-467B-A789-7E2E830A200F} - System32\Tasks\McQcTask => c:\Program Files (x86)\McAfee\MQC\QcConsol.exe [2009-01-09] (McAfee, Inc.) Task: {919A84AC-4AB6-43A7-985A-BF54C631B58A} - \PC Performer -> Keine Datei <==== ACHTUNG Task: {9B33395B-CCC5-4BCA-A538-C263FC2E681C} - \PC Performer_DEFAULT -> Keine Datei <==== ACHTUNG Task: {B8F50931-D299-4EAA-BCD1-2BE71D64061A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {DB0B00F0-43CB-4481-96E8-AA4A3A5BE3AA} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-14] (Adobe Systems Incorporated) Task: {EBB267F3-E181-4446-AA28-A75589961DA0} - System32\Tasks\McDefragTask => c:\Program Files (x86)\McAfee\MQC\QcConsol.exe [2009-01-09] (McAfee, Inc.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\McDefragTask.job => c:\PROGRA~2\mcafee\mqc\QcConsol.exe C:\Windows\system32\defrag.exe Task: C:\Windows\Tasks\McQcTask.job => c:\PROGRA~2\mcafee\mqc\QcConsol.exe ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2011-10-04 18:37 - 2010-06-17 21:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-03-20 18:12 - 2015-03-20 18:12 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2008-10-31 20:31 - 2008-08-19 15:27 - 00024576 _____ () C:\Program Files\Acer\Empowering Technology\Service\ETService.exe 2008-10-31 20:31 - 2008-10-31 20:31 - 00032768 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.Controller\3.0.3010.0__14bcaafdb44b5951\Framework.Model.Controller.dll 2008-10-31 20:31 - 2008-10-31 20:31 - 00009216 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Model.ControllerInterface\3.0.3010.0__d842b71b4d6ed079\Framework.Model.ControllerInterface.dll 2008-10-31 20:31 - 2008-10-31 20:31 - 00061440 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Library\3.0.3010.0__3036420f80dd6947\Framework.Library.dll 2008-10-31 20:31 - 2008-10-31 20:31 - 00015360 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Host\3.0.3010.0__672b450de5a7e94a\Framework.Host.dll 2008-10-31 20:31 - 2008-10-31 20:31 - 00006144 _____ () C:\Windows\assembly\GAC_MSIL\Framework.PluginInterface\3.0.3010.0__9ecdf03bb2054f94\Framework.PluginInterface.dll 2008-10-31 20:31 - 2008-10-31 20:31 - 00036864 _____ () C:\Windows\assembly\GAC_MSIL\Framework.Utility\3.0.3010.0__4df5dcab8860d239\Framework.Utility.dll 2008-10-31 20:31 - 2008-08-19 15:27 - 00585216 _____ () C:\Windows\system32\INT15_64.dll 2006-10-10 03:08 - 2008-05-26 14:40 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.ServicePlugin.dll 2006-10-10 03:08 - 2008-05-26 14:37 - 00016384 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Logger.dll 2006-10-10 03:08 - 2008-05-26 14:39 - 00143360 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.Model.Computer.dll 2006-10-10 03:08 - 2008-05-26 14:37 - 00036864 _____ () C:\Program Files\Acer\Empowering Technology\Service\eSettings.Model.ComputerInterface.dll 2008-04-25 22:36 - 2008-04-25 22:36 - 00131072 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe 2008-10-31 20:55 - 2008-06-13 06:17 - 00241734 _____ () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe 2008-10-31 20:31 - 2008-08-19 15:28 - 00319488 _____ () C:\Program Files\Acer\Empowering Technology\SysMonitor.exe 2008-10-31 20:31 - 2008-08-19 15:28 - 00323584 _____ () C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe 2008-10-31 20:31 - 2008-08-19 15:26 - 01822720 _____ () C:\Program Files\Acer\Empowering Technology\Framework.AppBar.dll 2008-10-31 20:31 - 2008-08-19 15:27 - 00013824 _____ () C:\Program Files\Acer\Empowering Technology\Framework.Presenter.dll 2008-10-31 20:31 - 2008-08-19 15:26 - 00005120 _____ () C:\Program Files\Acer\Empowering Technology\de\Framework.AppBar.resources.dll 2006-10-10 03:08 - 2008-05-26 14:39 - 00020480 _____ () C:\Program Files\Acer\Empowering Technology\eSettings\eSettings.QuickMenu.dll 2007-12-13 04:08 - 2007-12-13 04:08 - 01401856 _____ () C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\LIBEAY32.dll 2008-07-29 18:53 - 2008-07-29 18:53 - 00382000 _____ () C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ShowErrMsg.dll 2008-04-25 22:36 - 2008-04-25 22:36 - 00028672 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe 2008-10-31 20:57 - 2008-05-20 18:50 - 00098304 _____ () C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLSchRecordMonitor.dll 2008-10-31 20:57 - 2008-05-20 18:50 - 00260096 _____ () C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\sqlite3.dll 2011-04-17 14:06 - 2011-04-12 10:44 - 00767952 _____ () C:\Windows\BDTSupport.dll 2007-06-24 20:09 - 2007-06-24 20:09 - 01024000 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACE.dll 2007-06-24 20:09 - 2007-06-24 20:09 - 00098304 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML.dll 2007-06-24 20:09 - 2007-06-24 20:09 - 00061440 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\ACEXML_Parser.dll 2008-04-28 10:49 - 2008-04-28 10:49 - 00003072 _____ () C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:430C6D84 AlternateDataStreams: C:\ProgramData\TEMP:4F636E25 AlternateDataStreams: C:\ProgramData\TEMP:DFC5A2B2 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Desktop-Hintergrund.bmp DNS Servers: 192.168.178.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{48EE1BF2-DF85-4744-8D58-80D14E9F1D58}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer Arcade Live Main Page\Acer Arcade Live.exe FirewallRules: [{76A38D04-BCE3-455F-8CF9-B812FF0A2037}] => (Allow) C:\Program Files (x86)\Common Files\Mcafee\MNA\McNaSvc.exe FirewallRules: [{E4AA1109-23EF-46A7-A23C-10A6CCF4DA8F}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer DV Magician\Acer DV Magician.exe FirewallRules: [{B59FAFDC-11B2-4F93-99BA-AA1FC1BFD2A7}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer SlideShow DVD\Acer SlideShow DVD.exe FirewallRules: [{B32263AA-EBEB-4CC4-9FD8-09608FD31B0F}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer VideoMagician\Acer VideoMagician.exe FirewallRules: [{604799C7-A6CC-4925-9534-183E1CEEAAE0}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer DVDivine\Acer DVDivine.exe FirewallRules: [{1A70900D-51D6-4CC4-943D-835296B580DE}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia\Acer HomeMedia.exe FirewallRules: [{17747848-77A9-49A4-97DC-F4D4FFE8C7B8}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Acer HomeMedia Connect.exe FirewallRules: [{B147995B-6C59-4E86-B409-C1EDFF994073}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.EXE FirewallRules: [{669BAC8A-063B-42C4-AA3F-043DFBDBEDE9}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{23D852BF-1B67-478B-9A83-669F4F2E1BB1}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe FirewallRules: [{456738B4-3BB4-4908-B2BB-61D7B15A2D86}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe FirewallRules: [{5090FD8D-754A-4310-A93E-6E3406DB76D3}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe FirewallRules: [{E06FBCE3-3A84-4651-B3D6-11086927268B}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{F49B581F-F7B0-462E-8533-690A3052A735}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe FirewallRules: [{D1A81DA6-A6F6-4BE1-BAF7-59C4EC24D296}] => (Allow) C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Trial Creator\Acer HomeMedia Trial Creator.exe FirewallRules: [{20C572AD-2A77-423A-BCE8-D65AA0621399}] => (Allow) C:\Windows\System32\dlcdcoms.exe FirewallRules: [{C1B0AB57-3966-447E-AFA5-ED1F95DF4DFD}] => (Allow) C:\Windows\System32\dlcdcoms.exe FirewallRules: [{5D0A555F-9FFA-48FA-B115-D5441A34D13F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe FirewallRules: [{6E8A63C4-29E0-45DA-85A9-C8D90E2F37F8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe FirewallRules: [{803EED67-006E-41D2-9690-47025AF8EF0D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe FirewallRules: [{7AFF19B5-35DE-492A-858A-054D63CF83C0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe FirewallRules: [{8C916A98-DF73-4374-97DF-D51C0694F474}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe FirewallRules: [{D4D460F0-37A7-49AC-ADFC-33458236B3D9}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe FirewallRules: [{553F2116-FE0A-4E3D-B9EB-7EF2ABF84454}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe FirewallRules: [{22AEAC19-7B25-4215-9DA6-4E5CB341A274}] => (Allow) C:\Program Files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe FirewallRules: [{194BF7ED-026C-4250-9A3C-EAD39F1E9AE0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe FirewallRules: [{89D8EF40-7C4B-43FD-96E9-28D2F3AA746F}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe FirewallRules: [{9C241572-98AF-49D1-BEE5-4656F0128492}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe FirewallRules: [{5E0473DD-4B16-411D-9C8D-48CD1D1D1B3D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe FirewallRules: [{7D609A58-E572-4751-B564-7886C5437416}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe FirewallRules: [{5A453006-3E0E-4BD2-A8F6-74C62E7260EA}] => (Allow) C:\Program Files (x86)\HP\digital imaging\smart web printing\smartwebprintexe.exe FirewallRules: [{18D05AC2-2FFA-4893-87BB-11B6327EE1A3}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe FirewallRules: [{6C4518BE-72C3-48CE-BF12-71D4BCCA4D31}] => (Allow) C:\Program Files (x86)\Valve\Steam\Steam.exe FirewallRules: [{9A052F3E-AF77-497C-A908-FEAF9EA66F65}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{C4E14446-3138-4F84-AAF1-47A3A762AE2D}] => (Allow) svchost.exe FirewallRules: [{241060AB-F757-49C2-8FD1-7DB6E59A05B1}] => (Allow) LPort=80 FirewallRules: [{15CA6830-7DD9-4D99-9876-1CCBDBC16477}] => (Allow) LPort=80 FirewallRules: [{D09741AF-00F4-417C-B45B-36F61CD9E343}] => (Allow) LPort=80 FirewallRules: [{8C173849-05FD-4F8E-BD8E-02CEAF9EA945}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{14015AE9-338D-4532-BAA9-5A8E066381EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{3D4FBDEB-8A99-4FBC-AF3E-E12AB24F2763}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{9A22B3A4-A801-4BE1-A2BA-98DCB057C5EC}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{C77D5E72-55FD-417C-A3C5-734919B4D6F2}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{4A101931-4909-4598-B020-66C7735B8C61}] => (Allow) LPort=2869 FirewallRules: [{A9688549-46C8-4869-9B7A-F8BB9A277EF3}] => (Allow) LPort=1900 FirewallRules: [{D062D1E6-CDAE-4430-A026-959767A65B8E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{0CF6F320-7642-41BF-A9AC-2639579B8582}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe FirewallRules: [{830A4AE7-045B-4FDB-B4AB-DAAD4C703D6C}] => (Allow) C:\Program Files (x86)\Valve\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{BC721572-4FCE-46D9-A2D3-66BDD21DE6D6}] => (Allow) C:\Program Files (x86)\Valve\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{1056CD79-71DE-4231-BAEC-2AF35C98C34A}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe FirewallRules: [{335CD16A-6FB3-4A57-B4E0-744EC20C39AB}] => (Allow) C:\Program Files (x86)\Apowersoft\Apowersoft Free Audio Recorder\Apowersoft Free Audio Recorder.exe FirewallRules: [{AD91BFDE-2C9A-421E-8468-0D0A35D54112}] => (Allow) C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{D0824923-4E77-45D3-AE9A-ED3B97F812A5}] => (Allow) C:\Users\BozKurT\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{7AD930C9-163C-4A52-B55C-C3E999359EAE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe FirewallRules: [{4957DEC8-5456-4478-BE43-BD092AEB6570}] => (Allow) C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe FirewallRules: [{24E565E9-EC28-4BBB-944E-B74FB8BB7CDA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{E2C9DF3D-6E01-4A2D-92AC-23A995B96B08}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{0F42EE40-0F0A-4131-9B5F-D1C91FB3ED1C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{80C9164B-5743-4127-8CE5-B3633D1C7BAB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{138747B8-850F-4AEA-B3D1-DB369AF78C44}] => (Allow) C:\Program Files\iTunes\iTunes.exe DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP\FlashFXP.exe] => Enabled:FlashFXP v3 StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\FlashFXP\FlashFXP.exe] => Enabled:FlashFXP v3 ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (10/14/2015 05:33:52 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/14/2015 12:00:37 AM) (Source: Windows Search Service) (EventID: 3007) (User: ) Description: Die Leistungsüberwachung für den Gatherer-Dienst kann nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Kontext: Anwendung, SystemIndex Katalog Error: (10/14/2015 12:00:37 AM) (Source: Windows Search Service) (EventID: 3006) (User: ) Description: Die Leistungsüberwachung kann für den Gatherer-Dienst nicht initialisiert werden, da die Datenquellen nicht geladen sind oder das freigegebene Speicherobjekt nicht geöffnet werden konnte. Dies beeinträchtigt lediglich die Verfügbarkeit der Leistungsindikatoren. Starten Sie den Computer erneut. Error: (10/13/2015 11:10:09 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (10/13/2015 11:00:21 PM) (Source: MsiInstaller) (EventID: 1002) (User: BozKurT-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F". Error: (10/13/2015 10:57:49 PM) (Source: MsiInstaller) (EventID: 1002) (User: BozKurT-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F". Error: (10/13/2015 10:57:37 PM) (Source: MsiInstaller) (EventID: 1002) (User: BozKurT-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F". Error: (10/13/2015 10:56:58 PM) (Source: MsiInstaller) (EventID: 1002) (User: BozKurT-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F". Error: (10/13/2015 10:56:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Fehlerhafte Anwendung AppleMobileDeviceService.exe, Version 17.344.1.10, Zeitstempel 0x543300bf, fehlerhaftes Modul AppleMobileDeviceService_main.dll, Version 17.344.1.10, Zeitstempel 0x54345fbf, Ausnahmecode 0xc0000005, Fehleroffset 0x0000baf1, Prozess-ID 0x658, Anwendungsstartzeit AppleMobileDeviceService.exe0. Error: (10/13/2015 10:55:55 PM) (Source: MsiInstaller) (EventID: 1002) (User: BozKurT-PC) Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "") für Schlüssel "HKLM\Software\Classes\Installer\Products\5DBE8E079C8785242BA00589CC0A000F". Systemfehler: ============= Error: (10/14/2015 05:43:46 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWFailureCommand%%5 Error: (10/14/2015 05:43:30 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWStart%%5 Error: (10/14/2015 05:35:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: NVIDIA Update Service Daemon%%1069 Error: (10/14/2015 05:35:59 PM) (Source: Service Control Manager) (EventID: 7038) (User: ) Description: nvUpdatusService.\UpdatusUser%%1330 Error: (10/14/2015 05:33:54 PM) (Source: Microsoft Antimalware) (EventID: 3002) (User: ) Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt Feature: %%886 Fehlercode: 0x80070005 Fehlerbeschreibung: Zugriff verweigert Grund: %%892 Error: (10/14/2015 05:33:54 PM) (Source: Service Control Manager) (EventID: 7006) (User: ) Description: ScRegSetValueExWStart%%5 Error: (10/14/2015 05:33:52 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Beep Error: (10/14/2015 12:04:22 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 Error: (10/14/2015 12:04:22 AM) (Source: Service Control Manager) (EventID: 7009) (User: ) Description: 30000Windows Search Error: (10/14/2015 12:03:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Windows Search%%1053 CodeIntegrity: =================================== Date: 2015-10-14 18:13:19.517 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:18.971 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:18.425 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:17.879 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:17.162 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:16.600 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:16.038 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:13:15.430 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:12:30.362 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2015-10-14 18:12:29.800 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM)2 Quad CPU Q8200 @ 2.33GHz Prozentuale Nutzung des RAM: 43% Installierter physikalischer RAM: 4094.32 MB Verfügbarer physikalischer RAM: 2310.34 MB Summe virtueller Speicher: 8385.86 MB Verfügbarer virtueller Speicher: 6026.84 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:456.4 GB) (Free:279.05 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (DATA) (Fixed) (Total:457.11 GB) (Free:87.39 GB) NTFS Drive e: (SÜLO) (Removable) (Total:0.94 GB) (Free:0.6 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: 8AB9C97D) Partition 1: (Not Active) - (Size=18 GB) - (Type=27) Partition 2: (Active) - (Size=456.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=457.1 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 3. ==================== Ende von Addition.txt ============================ |
15.10.2015, 13:29 | #37 |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf Java deinstalliert? Problem noch da?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
15.10.2015, 17:55 | #38 |
| Windows Vista: PC hängt sich ständig auf Java deinstalliert. Das Problem mit Java ist seit Montag nicht mehr gekommen. Arbeitsspeicher liegt immer noch bei ca. 50%. |
16.10.2015, 18:48 | #39 |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf Welcher Prozess?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
17.10.2015, 16:50 | #40 | |
| Windows Vista: PC hängt sich ständig auf Zitat: svchost.exe 616 AudioEndpointBuilder, EMDMgmt, hidserv, Netman, PcaSvc, SysMain, TabletInputService, TrkWks, UxSms, WdiSystemHost, Wlansvc, WPDBusEnum, wudfsvc Zitat:
Gruß, |
18.10.2015, 06:40 | #41 |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf Achso Nein, unter Dienste: Systemsteuerung > Verwaltung > Dienste Dienst suchen > deaktivieren wenn möglich. Beginne mit dem ersten in der Liste unter svchost, also AudioEndPointBuilder.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
18.10.2015, 19:23 | #42 |
| Windows Vista: PC hängt sich ständig auf Hallo schrauber, sry das ich immer noch auf diesen Punkt rumhake, aber auch hier finde ich keinen Dienst. Screenshot ist im Anhang. Gruß, |
19.10.2015, 19:23 | #43 |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf AudioEndpointBuilder ist der Name, den muss man unter Umständen kurz bei Google eingeben um den angezeigten Namen zu erkennen. In dem Fall Windows-Audio Endpunkt Erstellung. Siehst Du diesen Dienst?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
26.10.2015, 15:22 | #44 |
| Windows Vista: PC hängt sich ständig auf Hallo schrauber. Habe jeden einzelnen Dienst beendet, nur der letzte (wudfsvc) konnte ich nicht beenden. Speicher ist von 53% auf 49% gesunken, also nicht so viel. Vllt sind diese 50% auch normal. Wir können gerne da weiter machen, wo wir aufgehört haben. |
27.10.2015, 19:22 | #45 |
/// the machine /// TB-Ausbilder | Windows Vista: PC hängt sich ständig auf Nee, das ist viel zu viel. Ausser es würde gerade ein Update laufen. Deaktiviere Windows Updates mal komplett in den Einstellungen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows Vista: PC hängt sich ständig auf |
bestimmte, blieb, datei, dauert, einfach, fehlermeldung, garnichts, gestartet, hängt, java, java update, laden, lag, minute, pc hängt, seite, seiten, systemwiederherstellung, troja, update, versuche, vista, windows, windows vista, woran |