|
Log-Analyse und Auswertung: Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
30.11.2015, 21:28 | #1 | |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". Hallo Leute, mein Problem ist wie dem Titel schon zu entnehmen, dass jedes mal wenn ich meinen Laptop starte, nach der Anmeldung diese Fehlermeldung bekomme: Zitat:
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015 durchgeführt von Manu (2015-11-30 20:17:17) Gestartet von C:\Users\Manu\Downloads Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled) Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled) Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled) Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal) Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant) CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games) Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games) Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts) Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.) Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.) Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting) Glary Utilities 5.39 (HKLM-x32\...\Glary Utilities 5) (Version: 5.39.0.59 - Glarysoft Ltd) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation) Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - ) Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony) Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team) NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version: - ) Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS) PlanetSide 2 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version: - Crytek) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.275 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.275 - Sony) SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims) Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) StormWatch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\StormWatch) (Version: 1.0.1.27 - StormWatch) <==== ACHTUNG System Checkup 3.5 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.5.6.8 - iolo technologies, LLC) The Witcher 3 - Wild Hunt (HKLM-x32\...\1207664643_is1) (Version: 1.0.9.0 - GOG.com) The Witcher 3: Wild Hunt - Free DLC program (16 DLC) (HKLM-x32\...\Free DLC program (16 DLC)_is1) (Version: 1.0.10.0 - GOG.com) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - Iron Lore Entertainment) Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version: - Iron Lore Entertainment) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation) UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version: - MX-3200 Mouse Driver) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ACHTUNG WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2014-07-03 20:54 - 00000867 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 d3oxij66pru1i3.cloudfront.net ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Task: C:\Windows\Tasks\Media_Play_AIR+-nova.job => Task: C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job => Task: C:\Windows\Tasks\ParetoLogic Registration3.job => Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.137.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869 FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900 FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: 3D-Videocontroller Description: 3D-Videocontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 20046 Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 20046 Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19048 Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19048 Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/30/2015 05:42:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 18049 Error: (11/30/2015 05:42:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 18049 Error: (11/30/2015 05:42:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/30/2015 05:42:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 17035 Systemfehler: ============= Error: (11/30/2015 07:48:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Update snipsmart" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/30/2015 03:20:46 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AntiVirSchedulerService erreicht. Error: (11/30/2015 05:41:51 AM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR5 gefunden. Error: (11/29/2015 00:40:40 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden. Error: (11/29/2015 09:02:37 AM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR4 gefunden. Error: (11/28/2015 07:38:40 PM) (Source: volsnap) (EventID: 36) (User: ) Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte. Error: (11/28/2015 07:19:50 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error: (11/28/2015 00:21:40 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error: (11/28/2015 03:48:33 AM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. Error: (11/26/2015 09:14:39 PM) (Source: Disk) (EventID: 11) (User: ) Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden. CodeIntegrity: =================================== Date: 2014-11-30 22:22:54.493 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:22:54.472 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.882 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.858 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Prozentuale Nutzung des RAM: 36% Installierter physikalischer RAM: 12216.36 MB Verfügbarer physikalischer RAM: 7770.16 MB Summe virtueller Speicher: 24430.93 MB Verfügbarer virtueller Speicher: 19407.53 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:503.32 GB) (Free:31.59 GB) NTFS Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2066.22 GB) NTFS ==================== MBR & Partitionstabelle ================== ==================== Ende von Addition.txt ============================ Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net Rootkit scan 2015-11-30 20:53:02 Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1 HGST_HTS541075A9E680 rev.JA2OA700 698,64GB Running: Gmer-19357.exe; Driver: C:\Users\HAUPTV~1\AppData\Local\Temp\kxldypog.sys ---- User IAT/EAT - GMER 2.1 ---- IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetModuleFileNameA] [5f00735f66746e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetModuleFileNameW] [5f66746e69727063] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetModuleHandleW] [7570635f006c5f73] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!Sleep] [747570635f007374] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetProcAddress] [616572635f007377] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WriteFile] [656c61636f6c5f65] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStdHandle] [666e616373635f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemWindowsDirectoryW] [666e616373635f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemDirectoryW] [616373635f006c5f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLongPathNameW] [73635f00735f666e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentThreadId] [6c5f735f666e6163] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsSetValue] [33656d6974635f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsGetValue] [656d6974635f0032] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DebugBreak] [74635f00735f3233] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!OutputDebugStringA] [635f003436656d69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCommandLineA] [735f3436656d6974] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CloseHandle] [5f66746e69727077] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLastError] [69727077635f0070] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ResumeThread] [6c5f705f66746e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateThread] [746e69727077635f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsFree] [61637377635f006c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetLastError] [637377635f00666e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentThread] [635f006c5f666e61] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlsAlloc] [735f666e61637377] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindNextFileA] [6e61637377635f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindFirstFileA] [645f006c5f735f66] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindClose] [746867696c7961] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindNextFileW] [5f65646f6365645f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FindFirstFileW] [7265746e696f70] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLogicalDrives] [6d6974666669645f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDiskFreeSpaceA] [6669645f00323365] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FileTimeToSystemTime] [3436656d697466] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FileTimeToLocalFileTime] [6570616d736f645f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetErrorMode] [627473645f007272] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!Beep] [7075645f00736169] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileAttributesA] [5f00327075645f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFileAttributesA] [735f766e65707564] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetEnvironmentVariableA] [5f00747663655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentDirectoryA] [5f00735f74766365] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetCurrentDirectoryA] [705f65646f636e65] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFullPathNameA] [5f007265746e696f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDriveTypeA] [5f6465646f636e65] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentProcessId] [6e655f006c6c756e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateDirectoryA] [64616572687464] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!MoveFileA] [65726874646e655f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RemoveDirectoryA] [6e655f0078656461] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DeleteFileA] [655f006e6f726976] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileAttributesW] [6e7272655f00666f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetEnvironmentVariableW] [6c636578655f006f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentDirectoryW] [656c636578655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetCurrentDirectoryW] [706c636578655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFileAttributesW] [706c636578655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFullPathNameW] [76636578655f0065] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateDirectoryW] [6576636578655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!MoveFileW] [7076636578655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RemoveDirectoryW] [7076636578655f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDriveTypeW] [746978655f0065] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DeleteFileW] [646e617078655f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetExitCodeProcess] [5f65736f6c63665f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WaitForSingleObject] [5f006b636f6c6f6e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateProcessA] [6c6165736f6c6366] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LoadLibraryA] [747663665f006c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FreeLibrary] [735f747663665f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateProcessW] [6e65706f64665f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadFile] [5f6873756c66665f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!DuplicateHandle] [5f006b636f6c6f6e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCurrentProcess] [7261686374656766] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemTimeAsFileTime] [6377746567665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetTimeZoneInformation] [6b636f6c6f6e5f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLocalTime] [686377746567665f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WideCharToMultiByte] [626c69665f007261] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFileTime] [656c69665f006675] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LocalFileTimeToFileTime] [5f006874676e656c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SystemTimeToFileTime] [676e656c656c6966] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetLocalTime] [665f003436696874] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!MultiByteToWideChar] [665f006f6e656c69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCPInfo] [65736f6c63646e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetACP] [6966646e69665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetOEMCP] [665f003233747372] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsValidCodePage] [7473726966646e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetDateFormatA] [665f003436693233] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetTimeFormatA] [7473726966646e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RaiseException] [646e69665f003436] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlPcToFileHeader] [6934367473726966] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlLookupFunctionEntry] [646e69665f003233] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlUnwindEx] [5f0032337478656e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapSetInformation] [7478656e646e6966] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapCreate] [665f003436693233] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapDestroy] [367478656e646e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapFree] [6e646e69665f0034] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapQueryInformation] [6574696e69665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapValidate] [6873756c665f0066] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapCompact] [6f6d665f006c6c61] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!HeapWalk] [6c6370665f006564] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!VirtualProtect] [6370665f00737361] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!VirtualAlloc] [665f00667373616c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetSystemInfo] [6c665f6565656970] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!VirtualQuery] [73657270665f0074] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetHandleCount] [697270665f007465] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileType] [665f006c5f66746e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStartupInfoA] [705f66746e697270] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetFileInformationByHandle] [746e697270665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!PeekNamedPipe] [665f006c5f705f66] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateFileA] [735f66746e697270] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreateFileW] [747570665f006c5f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetFilePointer] [70665f0072616863] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetConsoleCP] [6c6f6e5f63777475] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetConsoleMode] [7570665f006b636f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FlushFileBuffers] [5f00726168637774] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CreatePipe] [6f6e5f6461657266] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetStdHandle] [72665f006b636f6c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleInputA] [6f6c6f6e5f646165] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetConsoleMode] [72665f00735f6b63] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!PeekConsoleInputA] [6c61636f6c5f6565] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetNumberOfConsoleInputEvents] [61656572665f0065] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleInputW] [5f61656572665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WriteConsoleA] [66656572665f0073] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetConsoleOutputCP] [616373665f00736c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!WriteConsoleW] [73665f006c5f666e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsDBCSLeadByteEx] [6c5f735f666e6163] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleA] [5f6b656573665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!ReadConsoleW] [5f006b636f6c6f6e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetEndOfFile] [3436696b65657366] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetProcessHeap] [696b656573665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LockFile] [636f6c6f6e5f3436] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!UnlockFile] [65706f73665f006b] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!TerminateProcess] [74617473665f006e] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!UnhandledExceptionFilter] [617473665f003233] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetUnhandledExceptionFilter] [5f00343669323374] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsDebuggerPresent] [34367461747366] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlVirtualUnwind] [343674617473665f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!RtlCaptureContext] [6574665f00323369] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!SetConsoleCtrlHandler] [636f6c6f6e5f6c6c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!InitializeCriticalSectionAndSpinCount] [6c6c6574665f006b] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FreeEnvironmentStringsW] [6574665f00343669] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetEnvironmentStringsW] [6f6e5f3436696c6c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetCommandLineW] [74665f006b636f6c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!FreeEnvironmentStringsA] [665f003233656d69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetEnvironmentStrings] [735f3233656d6974] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!QueryPerformanceCounter] [36656d6974665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetTickCount] [656d6974665f0034] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStringTypeW] [75665f00735f3436] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetStringTypeA] [5f00687461706c6c] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LCMapStringA] [3233656d69747566] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LCMapStringW] [656d697475665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CompareStringA] [727077665f003436] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!CompareStringW] [5f006c5f66746e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLocaleInfoW] [66746e6972707766] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetLocaleInfoA] [727077665f00705f] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!GetUserDefaultLCID] [6c5f705f66746e69] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!EnumSystemLocalesA] [6e69727077665f00] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!IsValidLocale] [5f006c5f735f6674] IAT C:\Windows\Explorer.EXE[1372] @ C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\MSVCR90.dll[KERNEL32.dll!LoadLibraryW] [6e5f657469727766] ---- Registry - GMER 2.1 ---- Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Shares@Nightcore\xb2 CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Nightcore??Permissions=0?Remark=?ShareName=Nightcore??Type=0? Reg HKLM\SYSTEM\CurrentControlSet\services\LanmanServer\Shares@Purple Ramon\xb2 CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Purple Ramon??Permissions=0?Remark=?ShareName=Purple Ramon??Type=0? Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Shares@Nightcore\xb2 CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Nightcore??Permissions=0?Remark=?ShareName=Nightcore??Type=0? Reg HKLM\SYSTEM\ControlSet002\services\LanmanServer\Shares@Purple Ramon\xb2 CSCFlags=2048?MaxUses=4294967295?Path=F:\Manu's Muik\Purple Ramon??Permissions=0?Remark=?ShareName=Purple Ramon??Type=0? ---- EOF - GMER 2.1 ---- Ich hoffe mal ihr könnt mir weiter helfen Geändert von Trabor (30.11.2015 um 21:36 Uhr) |
30.11.2015, 22:40 | #2 |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
Hinweis: Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst. Los geht's: FRST.txt fehlt noch.
__________________ |
30.11.2015, 23:42 | #3 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". oh äh ja sorry
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015 durchgeführt von Manu (ACHTUNG: der Benutzer ist kein Administrator) auf MANUSPC (30-11-2015 20:15:52) Gestartet von C:\Users\Manu\Downloads Geladene Profile: Hauptversorgung & Manu (Verfügbare Profile: Hauptversorgung & Manu) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) konnte nicht auf den Prozess zugreifen -> smss.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> wininit.exe konnte nicht auf den Prozess zugreifen -> csrss.exe konnte nicht auf den Prozess zugreifen -> services.exe konnte nicht auf den Prozess zugreifen -> lsass.exe konnte nicht auf den Prozess zugreifen -> lsm.exe konnte nicht auf den Prozess zugreifen -> winlogon.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> spoolsv.exe konnte nicht auf den Prozess zugreifen -> sched.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> armsvc.exe konnte nicht auf den Prozess zugreifen -> avguard.exe konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe konnte nicht auf den Prozess zugreifen -> CxAudMsg64.exe konnte nicht auf den Prozess zugreifen -> dts_apo_service.exe konnte nicht auf den Prozess zugreifen -> PnkBstrA.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> TODDSrv.exe konnte nicht auf den Prozess zugreifen -> WLIDSVC.EXE konnte nicht auf den Prozess zugreifen -> Avira.ServiceHost.exe konnte nicht auf den Prozess zugreifen -> WLIDSVCM.EXE (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (Dropbox, Inc.) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Perixx) C:\Program Files (x86)\MX-3200 Mouse\DriverAP4.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (TOSHIBA) C:\Program Files (x86)\Toshiba\TOSHIBA Sleep Utility\TSleepSrv.exe (DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe (Jeroen Pelgrims) C:\Users\Manu\AppData\Local\Apps\2.0\0ABQ1AN0.GDN\P53J042M.3WC\soun..tion_0000000000000000_0002.0004_f839aedc2aa2d7a7\SoundSwitch.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyCrashService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe konnte nicht auf den Prozess zugreifen -> avshadow.exe konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe konnte nicht auf den Prozess zugreifen -> iPodService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> TosBtSrv.exe konnte nicht auf den Prozess zugreifen -> svchost.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe konnte nicht auf den Prozess zugreifen -> wmpnetwk.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe konnte nicht auf den Prozess zugreifen -> PCCService.exe konnte nicht auf den Prozess zugreifen -> svchost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe konnte nicht auf den Prozess zugreifen -> dllhost.exe konnte nicht auf den Prozess zugreifen -> svchost.exe konnte nicht auf den Prozess zugreifen -> dllhost.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe konnte nicht auf den Prozess zugreifen -> taskeng.exe konnte nicht auf den Prozess zugreifen -> WmiPrvSE.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM-x32\...\Run: [Mouse] => C:\Program Files (x86)\MX-3200 Mouse\DriverST.exe [184393 2012-08-21] () HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [mbot_de_196] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [DTS Sound] => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe [1471296 2013-05-30] (DTS, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM\...\RunOnce: [WinSat] => winsat dwm -xml results.xml Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Manu\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [UyxoTahus] => regsvr32.exe " HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [MsgCenterExe] => "C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe" -osboot HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [456576 2015-06-10] (Sony) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Amazon Music] => C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] () HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Dropbox Update] => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify Web Helper] => C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-16] (Spotify Ltd) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify] => C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-16] (Spotify Ltd) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {18ed8091-29f2-11e4-8bba-089e01edcedd} - G:\Startme.exe HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {41279464-59ea-11e5-9db0-089e01edcedd} - G:\Startme.exe HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {a032e248-300f-11e5-9529-089e01edcedd} - G:\Startme.exe HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-28] (Microsoft Corporation) ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll [2015-11-05] (Dropbox, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-10-25] ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-13] ShortcutTarget: Dropbox.lnk -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundSwitch.appref-ms [2015-11-13] () BootExecute: autocheck autochk * GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net Tcpip\Parameters: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{6C682299-B5C3-4C67-9664-DB8D9F66E50A}: [DhcpNameServer] 192.168.189.1 Tcpip\..\Interfaces\{A5FB92D2-F30F-4AD6-AA26-D990772111F5}: [DhcpNameServer] 192.168.137.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms} HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms} HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= URLSearchHook: [S-1-5-21-1029605971-2717496707-4219619431-1000] ACHTUNG => Standard URLSearchHook fehlt SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-22] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-22] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-03-01] (DVDVideoSoft Ltd.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-01] (DVDVideoSoft Ltd.) FireFox: ======== FF ProfilePath: C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default FF DefaultSearchEngine: Astromenda FF SelectedSearchEngine: Astromenda FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-18] () FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-08-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-08-22] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-18] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-08-21] (Nexon) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-10-27] FF Extension: Avira Browser Safety - C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\abs@avira.com [2015-08-09] [ist nicht signiert] FF Extension: Astrmenda Search - C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{8dc5c42e-9204-2a64-8b97-fa94ff8a241f} [2014-11-08] [ist nicht signiert] FF Extension: Astro New Tab - C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [2014-10-26] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\faststartff@gmail.com => nicht gefunden Chrome: ======= CHR HomePage: Default -> hxxp://start.androidnewtab.com/?1=1__PARAM__ CHR StartupUrls: Default -> "hxxp://pr0gramm.com/#newest/*" CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Drive) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25] CHR Extension: (YouTube) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25] CHR Extension: (Adblock Plus) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2015-11-30] CHR Extension: (Google-Suche) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-11] CHR Extension: (Google Docs Offline) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-18] CHR Extension: (Webseite Blocher (Beta)) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib [2014-06-26] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-25] CHR Extension: (Google Mail) - C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-10] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-10] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-30] () S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-19] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-14] (GOG.com) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] R2 lmhosts; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 lmhosts; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\System32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 NlaSvc; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 nsi; C:\Windows\SysWOW64\svchost.exe [20992 2009-07-14] (Microsoft Corporation) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-06] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-21] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 Update snipsmart; "C:\Program Files (x86)\snipsmart\updatesnipsmart.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-22] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-10-22] (Sony Mobile Communications) S1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-11-30] (Glarysoft Ltd) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118352 2013-01-15] (Qualcomm Atheros Co., Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-26] (Malwarebytes Corporation) R3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider) R3 subvgaproductmirr64; C:\Windows\System32\DRIVERS\subvgamirr64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider) S3 usbezdisplay64; C:\Windows\System32\drivers\usbezdisplay64.sys [31336 2009-09-26] (Windows (R) Codename Longhorn DDK provider) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 20:15 - 2015-11-30 20:16 - 00026038 _____ C:\Users\Manu\Downloads\FRST.txt 2015-11-30 20:15 - 2015-11-30 20:15 - 00000000 ____D C:\FRST 2015-11-30 20:11 - 2015-11-30 20:12 - 02350080 _____ (Farbar) C:\Users\Manu\Downloads\FRST64.exe 2015-11-30 20:01 - 2015-11-30 20:02 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5 2015-11-30 20:01 - 2015-11-30 20:01 - 15218408 _____ C:\Users\Manu\Downloads\gu5setup.exe 2015-11-30 20:01 - 2015-11-30 20:01 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2015-11-30 20:01 - 2015-11-30 20:01 - 00003332 _____ C:\Windows\System32\Tasks\GlaryInitialize 5 2015-11-30 20:01 - 2015-11-30 20:01 - 00002990 _____ C:\Windows\System32\Tasks\GU5SkipUAC 2015-11-30 20:01 - 2015-11-30 20:01 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2015-11-30 20:01 - 2015-11-30 20:01 - 00001084 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk 2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\GlarySoft 2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DiskDefrag 2015-11-30 19:56 - 2015-11-30 19:56 - 00003172 _____ C:\Windows\System32\Tasks\ParetoLogic Registration3 2015-11-30 19:56 - 2015-11-30 19:56 - 00002960 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task 2015-11-30 19:56 - 2015-11-30 19:56 - 00000488 _____ C:\Windows\Tasks\ParetoLogic Registration3.job 2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\ParetoLogic 2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DriverCure 2015-11-30 19:55 - 2015-11-30 19:59 - 00000000 ____D C:\ProgramData\ParetoLogic 2015-11-30 19:55 - 2015-11-30 19:56 - 00003296 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 2015-11-30 19:55 - 2015-11-30 19:56 - 00000514 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job 2015-11-30 19:55 - 2015-11-30 19:55 - 00000462 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job 2015-11-30 19:54 - 2015-11-30 19:54 - 05813872 _____ (ParetoLogic Inc.) C:\Users\Manu\Downloads\ParetoLogic PC Health Advisor_de.exe 2015-11-30 19:49 - 2015-11-30 19:49 - 00000000 ___HD C:\OneDriveTemp 2015-11-29 12:41 - 2015-11-29 12:41 - 00222600 _____ (TOSHIBA Europe GmbH) C:\Users\Manu\Downloads\TOSHIBA-94-detector (2).exe 2015-11-21 20:12 - 2015-11-18 20:15 - 00000030 _____ C:\AVScanner.ini 2015-11-21 16:57 - 2015-11-21 16:57 - 00000000 ____D C:\ProgramData\Ubisoft 2015-11-21 16:56 - 2015-11-21 16:56 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\Adobe 2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\ProgramData\McAfee 2015-11-13 11:55 - 2015-11-13 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test 2015-11-13 11:48 - 2015-11-24 22:48 - 00000000 ____D C:\Program Files (x86)\Diablo III Public Test 2015-11-13 10:19 - 2015-11-13 10:19 - 00002080 _____ C:\Users\Manu\Downloads\SoundSwitch.application 2015-11-13 10:19 - 2015-11-13 10:19 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeroen Pelgrims 2015-11-13 09:48 - 2015-11-13 09:48 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-12 17:52 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-10 20:43 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-10 20:43 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-10 20:43 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-10 20:43 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-10 20:43 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-11-10 20:43 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-10 20:42 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-10 20:42 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-11-10 20:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-10 20:42 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-10 20:42 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-10 20:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-10 20:42 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-10 20:42 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-10 20:42 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-10 20:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-10 20:42 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-10 20:42 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-10 20:42 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-10 20:42 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-10 20:42 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-10 20:42 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-10 20:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-10 20:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-10 20:42 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-10 20:42 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-10 20:42 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-10 20:42 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-10 20:42 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-10 20:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-10 20:42 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-10 20:42 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-10 20:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-10 20:42 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-10 20:42 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-11-10 20:42 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-10 20:42 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-11-10 20:42 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-10 20:42 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-11-10 20:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-10 20:42 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-10 20:42 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-11-10 20:42 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-10 20:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-10 20:42 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-11-10 20:42 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-10 20:42 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-10 20:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-10 20:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-10 20:42 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-10 20:42 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-10 20:42 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-10 20:42 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-10 20:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-10 20:42 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-11-10 20:42 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-10 20:42 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-10 20:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-10 20:42 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-11-10 20:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-10 20:42 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-11-10 20:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-10 20:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-10 20:42 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-10 20:42 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-11-10 20:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-10 20:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-10 20:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-10 20:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-10 20:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-10 20:42 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-10 20:42 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-10 20:42 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-10 20:42 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-10 20:42 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-10 20:42 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-11-10 20:42 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-11-10 20:42 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-10 20:42 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-10 20:42 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-10 20:42 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-11-10 20:42 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-11-10 20:42 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-11-10 20:42 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-11-10 20:42 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-11-10 20:42 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-11-10 20:42 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-10 20:42 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-10 20:42 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-10 20:42 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-11-10 20:42 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-11-10 20:42 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-10 20:42 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-10 20:42 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-10 20:42 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-10 20:42 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-10 20:42 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-10 20:41 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-10 20:41 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-10 20:41 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-10 20:41 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 20:12 - 2014-05-30 22:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-30 20:09 - 2014-05-30 22:09 - 00001498 _____ C:\Windows\Tasks\Media_Play_AIR+-nova.job 2015-11-30 20:04 - 2015-01-27 17:28 - 00003322 _____ C:\Windows\System32\Tasks\AviraSpeedup 2015-11-30 20:01 - 2014-10-26 01:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-30 20:01 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-30 20:01 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-30 19:55 - 2014-04-20 23:51 - 00078032 _____ C:\Users\Hauptversorgung\AppData\Local\GDIPFONTCACHEV1.DAT 2015-11-30 19:53 - 2015-01-27 17:36 - 00000000 ___RD C:\Users\Manu\Dropbox 2015-11-30 19:52 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Spotify 2015-11-30 19:52 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Local\Spotify 2015-11-30 19:52 - 2015-01-27 17:29 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Dropbox 2015-11-30 19:49 - 2015-01-10 16:26 - 00000000 ___RD C:\Users\Manu\OneDrive 2015-11-30 19:49 - 2014-10-18 17:58 - 00000000 ____D C:\Users\Manu\AppData\Local\Deployment 2015-11-30 19:48 - 2014-10-26 01:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-30 19:48 - 2014-05-30 22:09 - 00001568 _____ C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job 2015-11-30 19:48 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-30 19:46 - 2014-06-25 20:34 - 00002048 _____ C:\Users\Manu\AppData\Roaming\mouse.dat 2015-11-30 19:46 - 2014-06-25 20:34 - 00000256 _____ C:\Users\Manu\AppData\Roaming\setup.dat 2015-11-30 19:46 - 2014-04-21 00:09 - 00000000 ____D C:\Users\Manu\Desktop\Games 2015-11-30 19:40 - 2014-08-22 23:35 - 00000000 ____D C:\Users\Manu\AppData\Local\Battle.net 2015-11-30 19:39 - 2015-06-18 09:27 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job 2015-11-30 18:39 - 2015-06-18 09:27 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job 2015-11-30 17:27 - 2014-11-01 15:50 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-29 18:09 - 2009-07-14 18:58 - 00699342 _____ C:\Windows\system32\perfh007.dat 2015-11-29 18:09 - 2009-07-14 18:58 - 00149450 _____ C:\Windows\system32\perfc007.dat 2015-11-29 18:09 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-11-29 12:49 - 2014-04-20 23:21 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\ElevatedDiagnostics 2015-11-28 22:42 - 2014-08-07 09:33 - 00000000 ____D C:\Users\Manu\AppData\Local\CrashDumps 2015-11-28 22:38 - 2014-04-21 00:11 - 00000000 ____D C:\Users\Manu\Desktop\Bilder für langeweile 2015-11-28 18:47 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-11-28 18:46 - 2015-03-03 18:43 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-11-28 18:46 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-11-28 18:40 - 2015-02-04 16:22 - 00000000 ____D C:\Users\Hauptversorgung\Documents\My Games 2015-11-26 18:16 - 2015-07-29 15:07 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\MalwareProtectionLive 2015-11-24 21:55 - 2014-08-22 23:34 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-11-24 20:27 - 2015-05-04 18:02 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\NXEPassportClient 2015-11-24 18:20 - 2015-03-31 11:59 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-11-20 19:29 - 2014-08-29 14:22 - 00000000 ____D C:\Program Files (x86)\Diablo III 2015-11-18 21:12 - 2014-05-30 22:27 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-18 21:12 - 2014-05-30 22:27 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-18 21:12 - 2014-05-30 22:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-18 20:19 - 2014-07-09 07:53 - 00000000 ____D C:\Users\Manu\AppData\Local\Adobe 2015-11-18 20:02 - 2014-08-22 23:27 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-18 20:01 - 2014-08-22 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-13 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-11-13 12:12 - 2014-08-29 17:53 - 00000000 ____D C:\Users\Manu\Documents\Diablo III 2015-11-13 11:48 - 2014-04-20 23:13 - 00000000 ____D C:\Users\Hauptversorgung 2015-11-13 10:06 - 2009-07-14 05:45 - 00332632 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-11 20:47 - 2015-07-12 22:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-11 20:16 - 2014-05-07 14:54 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-11 20:07 - 2014-04-21 19:24 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-11 20:06 - 2014-10-26 01:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-11-11 19:59 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-10 20:20 - 2014-08-22 23:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-11-03 20:10 - 2015-01-10 16:26 - 00002176 _____ C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-11-03 18:51 - 2015-03-03 21:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieBrowserModeList 2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieUserList 2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieSiteList ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-06-25 20:34 - 2015-11-30 19:46 - 0002048 _____ () C:\Users\Manu\AppData\Roaming\mouse.dat 2014-06-25 20:34 - 2015-11-30 19:46 - 0000256 _____ () C:\Users\Manu\AppData\Roaming\setup.dat 2014-10-27 12:04 - 2015-01-18 18:42 - 0005120 _____ () C:\Users\Manu\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Manu\Combatarms_eu.exe Einige Dateien in TEMP: ==================== C:\Users\Hauptversorgung\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll C:\Users\Hauptversorgung\AppData\Local\Temp\amazonicon_v10.exe C:\Users\Hauptversorgung\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\Hauptversorgung\AppData\Local\Temp\avgnt.exe C:\Users\Hauptversorgung\AppData\Local\Temp\c33768490d71bd4b6f1456e1b4aac6b5.dll C:\Users\Hauptversorgung\AppData\Local\Temp\HaloTrialSetup.exe C:\Users\Hauptversorgung\AppData\Local\Temp\NGMDll.dll C:\Users\Hauptversorgung\AppData\Local\Temp\NGMResource.dll C:\Users\Hauptversorgung\AppData\Local\Temp\sdan.exe C:\Users\Hauptversorgung\AppData\Local\Temp\sdapk.exe C:\Users\Hauptversorgung\AppData\Local\Temp\sdaspwn.exe C:\Users\Hauptversorgung\AppData\Local\Temp\unicows.dll C:\Users\Hauptversorgung\AppData\Local\Temp\xmlUpdater.exe C:\Users\Manu\AppData\Local\Temp\aacdec.exe C:\Users\Manu\AppData\Local\Temp\avgnt.exe C:\Users\Manu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpmegiv3.dll C:\Users\Manu\AppData\Local\Temp\ffmpeg15.exe C:\Users\Manu\AppData\Local\Temp\jre-8u20-windows-au.exe C:\Users\Manu\AppData\Local\Temp\NGMSetup.exe C:\Users\Manu\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Manu\AppData\Local\Temp\tmd_34013020.exe C:\Users\Manu\AppData\Local\Temp\tmd_34018119.exe C:\Users\Manu\AppData\Local\Temp\Uninstaller-6084.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator ==================== Ende von FRST.txt ============================ |
30.11.2015, 23:50 | #4 | |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". Wichtige Online-Passwörter von einem sauberen PC oder Handy/Tablet ändern. Zitat:
Schritt 1 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
01.12.2015, 00:04 | #5 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:30-11-2015 durchgeführt von Hauptversorgung (Administrator) auf MANUSPC (01-12-2015 00:01:34) Gestartet von C:\Users\Manu\Downloads\Hilfe Geladene Profile: Hauptversorgung & Manu (Verfügbare Profile: Hauptversorgung & Manu) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe () C:\Windows\SysWOW64\PnkBstrA.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (DTS, Inc.) C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe (Dropbox, Inc.) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (Jeroen Pelgrims) C:\Users\Manu\AppData\Local\Apps\2.0\0ABQ1AN0.GDN\P53J042M.3WC\soun..tion_0000000000000000_0002.0004_f839aedc2aa2d7a7\SoundSwitch.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe (Perixx) C:\Program Files (x86)\MX-3200 Mouse\DriverAP4.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvUseMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeBtMng.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosLeSrvProvider.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\SpotifyCrashService.exe (TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Spotify Ltd) C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe (Avanquest Software) C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [894048 2013-01-11] (Conexant Systems, Inc.) HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM-x32\...\Run: [Mouse] => C:\Program Files (x86)\MX-3200 Mouse\DriverST.exe [184393 2012-08-21] () HKLM-x32\...\Run: [ITSecMng] => C:\Program Files (x86)\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [80840 2011-04-01] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [mbot_de_196] => [X] HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [788176 2015-11-10] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [DTS Sound] => C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\APO3GUI.exe [1471296 2013-05-30] (DTS, Inc.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG) HKLM\...\RunOnce: [WinSat] => winsat dwm -xml results.xml Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-11-23] (Glarysoft Ltd) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Manu\AppData\Local\Akamai\netsession_win.exe" HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [UyxoTahus] => regsvr32.exe " HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [MsgCenterExe] => "C:\Program Files (x86)\Real\RealPlayer\update\RealOneMessageCenter.exe" -osboot HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Amazon Music] => C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe [6277952 2014-12-08] () HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Dropbox Update] => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [134512 2015-06-18] (Dropbox, Inc.) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify Web Helper] => C:\Users\Manu\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2344768 2015-11-16] (Spotify Ltd) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [GalaxyClient] => [X] HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Run: [Spotify] => C:\Users\Manu\AppData\Roaming\Spotify\Spotify.exe [8281920 2015-11-16] (Spotify Ltd) HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {18ed8091-29f2-11e4-8bba-089e01edcedd} - G:\Startme.exe HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {41279464-59ea-11e5-9db0-089e01edcedd} - G:\Startme.exe HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\MountPoints2: {a032e248-300f-11e5-9529-089e01edcedd} - G:\Startme.exe HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [11264 2009-07-14] (Microsoft Corporation) HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-04-28] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2014-10-25] ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.) Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2015-11-13] ShortcutTarget: Dropbox.lnk -> C:\Users\Hauptversorgung\AppData\Roaming\Dropbox\bin\Dropbox.exe (Keine Datei) Startup: C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SoundSwitch.appref-ms [2015-11-13] () BootExecute: autocheck autochk * GroupPolicy: Beschränkung - Chrome <======= ACHTUNG CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: 127.0.0.1 d3oxij66pru1i3.cloudfront.net Tcpip\Parameters: [DhcpNameServer] 192.168.137.1 Tcpip\..\Interfaces\{6C682299-B5C3-4C67-9664-DB8D9F66E50A}: [DhcpNameServer] 192.168.189.1 Tcpip\..\Interfaces\{A5FB92D2-F30F-4AD6-AA26-D990772111F5}: [DhcpNameServer] 192.168.137.1 Internet Explorer: ================== HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms} HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms} HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms} HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3ZQQWnWLniD5Hi5TtMwpB9a8S8zUk_vcOqfL1PXZH5_TOB43gcPePFXEgQgutc1vlx8PLTyWkFtXF-TJRIbJExoZdFiIxeS-rJtwWoq-Mydx8BYVItvv79X5exqIju0iOriDxgP_0D-GcIYvvYSmIrYannwGapA,,&q={searchTerms} HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms} SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000 -> {BCDA714C-8505-4B2F-8D95-183C58730C77} URL = hxxps://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} SearchScopes: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_20\bin\ssv.dll [2014-08-22] (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_20\bin\jp2ssv.dll [2014-08-22] (Oracle Corporation) BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2015-03-01] (DVDVideoSoft Ltd.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.) BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-03-01] (DVDVideoSoft Ltd.) FireFox: ======== FF ProfilePath: C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default FF DefaultSearchEngine: Yahoo! FF SelectedSearchEngine: Yahoo! FF Keyword.URL: hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF Homepage: hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-18] () FF Plugin: @java.com/DTPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\dtplugin\npDeployJava1.dll [2014-08-22] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.20.2 -> C:\Program Files\Java\jre1.8.0_20\bin\plugin2\npjp2.dll [2014-08-22] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-18] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2015-08-21] (Nexon) FF Plugin-x32: @pages.tvunetworks.com/WebPlayer -> C:\Windows\system32\TVUAx\npTVUAx.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-16] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-1029605971-2717496707-4219619431-1000: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC) FF SearchPlugin: C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\searchplugins\yahoo_ff.xml [2015-07-29] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml [2014-10-27] FF Extension: Kein Name - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\faststartff@gmail.com [nicht gefunden] FF Extension: Amazon-Icon - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\amazon-icon@giga.de [2015-02-04] [ist nicht signiert] FF Extension: TVU Web Player - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\firefox@tvunetworks.com [2015-08-09] [ist nicht signiert] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi [2015-03-01] [ist nicht signiert] FF Extension: Astro New Tab - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [2014-10-26] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\extensions\faststartff@gmail.com => nicht gefunden Chrome: ======= CHR HomePage: Default -> hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX" CHR DefaultSearchURL: Default -> hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms} CHR DefaultSearchKeyword: Default -> webssearches CHR Profile: C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-16] CHR Extension: (Google Drive) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-30] CHR Extension: (YouTube) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-30] CHR Extension: (Google-Suche) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-30] CHR Extension: (Google Docs Offline) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-30] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-30] CHR Extension: (Google Mail) - C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-16] CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden> ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [936544 2015-11-10] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466408 2015-11-10] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1105952 2015-11-10] (Avira Operations GmbH & Co. KG) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG) R2 dts_apo_service; C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [16720 2013-05-30] () S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [238376 2015-05-19] (EasyAntiCheat Ltd) S3 GalaxyClientService; C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe [1616440 2015-10-14] (GOG.com) S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6952504 2015-10-14] (GOG.com) S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert] S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2078216 2015-10-06] (Electronic Arts) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2015-11-21] () S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) S2 Update snipsmart; "C:\Program Files (x86)\snipsmart\updatesnipsmart.exe" [X] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [163544 2015-09-22] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [141416 2015-07-25] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [74952 2015-09-22] (Avira Operations GmbH & Co. KG) S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2014-10-22] (Sony Mobile Communications) R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-11-30] (Glarysoft Ltd) R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [118352 2013-01-15] (Qualcomm Atheros Co., Ltd.) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-10-26] (Malwarebytes Corporation) R3 subvgaproduct64; C:\Windows\System32\DRIVERS\subvga64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider) R3 subvgaproductmirr64; C:\Windows\System32\DRIVERS\subvgamirr64.sys [5120 2009-12-29] (Windows (R) Win 7 DDK provider) S3 usbezdisplay64; C:\Windows\System32\drivers\usbezdisplay64.sys [31336 2009-09-26] (Windows (R) Codename Longhorn DDK provider) S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X] S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X] S3 xhunter1; \??\C:\Windows\xhunter1.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-11-30 23:38 - 2015-11-30 23:38 - 00048048 _____ C:\Users\Manu\Downloads\Addition.txt 2015-11-30 23:38 - 2015-11-30 23:38 - 00048048 _____ C:\Users\Manu\Downloads\Addition (1).txt 2015-11-30 22:22 - 2015-11-30 22:22 - 02205679 _____ C:\Users\Manu\Desktop\eab2ba2781ad4980.webm 2015-11-30 22:19 - 2015-11-30 22:19 - 00000000 ____D C:\Users\Hauptversorgung\Documents\The Witcher 3 2015-11-30 20:59 - 2015-11-30 20:59 - 00002026 _____ C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk 2015-11-30 20:56 - 2015-11-30 20:56 - 00000000 ___HD C:\OneDriveTemp 2015-11-30 20:35 - 2015-11-30 20:36 - 00152532 _____ C:\Windows\ntbtlog.txt 2015-11-30 20:23 - 2015-11-30 20:23 - 00380416 _____ C:\Users\Manu\Desktop\Gmer-19357.exe 2015-11-30 20:23 - 2015-11-30 20:23 - 00000000 _____ C:\Users\Hauptversorgung\defogger_reenable 2015-11-30 20:22 - 2015-11-30 20:22 - 00050477 _____ C:\Users\Manu\Downloads\Defogger.exe 2015-11-30 20:21 - 2015-11-30 21:30 - 00000000 ____D C:\Users\Manu\Downloads\Hilfe 2015-11-30 20:15 - 2015-12-01 00:01 - 00000000 ____D C:\FRST 2015-11-30 20:01 - 2015-11-30 20:02 - 00000000 ____D C:\Program Files (x86)\Glary Utilities 5 2015-11-30 20:01 - 2015-11-30 20:01 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys 2015-11-30 20:01 - 2015-11-30 20:01 - 00003332 _____ C:\Windows\System32\Tasks\GlaryInitialize 5 2015-11-30 20:01 - 2015-11-30 20:01 - 00002990 _____ C:\Windows\System32\Tasks\GU5SkipUAC 2015-11-30 20:01 - 2015-11-30 20:01 - 00001096 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk 2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\GlarySoft 2015-11-30 20:01 - 2015-11-30 20:01 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DiskDefrag 2015-11-30 19:56 - 2015-11-30 20:34 - 00000488 _____ C:\Windows\Tasks\ParetoLogic Registration3.job 2015-11-30 19:56 - 2015-11-30 19:56 - 00003172 _____ C:\Windows\System32\Tasks\ParetoLogic Registration3 2015-11-30 19:56 - 2015-11-30 19:56 - 00002960 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task 2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\ParetoLogic 2015-11-30 19:56 - 2015-11-30 19:56 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Roaming\DriverCure 2015-11-30 19:55 - 2015-11-30 20:55 - 00000514 _____ C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job 2015-11-30 19:55 - 2015-11-30 20:34 - 00000462 _____ C:\Windows\Tasks\ParetoLogic Update Version3.job 2015-11-30 19:55 - 2015-11-30 19:59 - 00000000 ____D C:\ProgramData\ParetoLogic 2015-11-30 19:55 - 2015-11-30 19:56 - 00003296 _____ C:\Windows\System32\Tasks\ParetoLogic Update Version3 2015-11-29 12:41 - 2015-11-29 12:41 - 00222600 _____ (TOSHIBA Europe GmbH) C:\Users\Manu\Downloads\TOSHIBA-94-detector (2).exe 2015-11-21 20:12 - 2015-11-18 20:15 - 00000030 _____ C:\AVScanner.ini 2015-11-21 16:57 - 2015-11-21 16:57 - 00000000 ____D C:\ProgramData\Ubisoft 2015-11-21 16:56 - 2015-11-21 16:56 - 00189248 _____ C:\Windows\SysWOW64\PnkBstrB.exe 2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ C:\Windows\SysWOW64\PnkBstrA.exe 2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\Adobe 2015-11-18 20:15 - 2015-11-18 20:15 - 00000000 ____D C:\ProgramData\McAfee 2015-11-13 11:55 - 2015-11-13 11:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III Public Test 2015-11-13 11:48 - 2015-11-24 22:48 - 00000000 ____D C:\Program Files (x86)\Diablo III Public Test 2015-11-13 10:19 - 2015-11-13 10:19 - 00002080 _____ C:\Users\Manu\Downloads\SoundSwitch.application 2015-11-13 10:19 - 2015-11-13 10:19 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Jeroen Pelgrims 2015-11-13 09:48 - 2015-11-13 09:48 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-11-12 17:52 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-10 20:43 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-10 20:43 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-10 20:43 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-10 20:43 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-10 20:43 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-10 20:43 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll 2015-11-10 20:43 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll 2015-11-10 20:43 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2015-11-10 20:42 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-10 20:42 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-11-10 20:42 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-10 20:42 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-10 20:42 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-10 20:42 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-10 20:42 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-10 20:42 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-10 20:42 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-10 20:42 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-10 20:42 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-10 20:42 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-10 20:42 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-10 20:42 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-10 20:42 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-10 20:42 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-10 20:42 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-10 20:42 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-10 20:42 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-10 20:42 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-10 20:42 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-10 20:42 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2015-11-10 20:42 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-10 20:42 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-11-10 20:42 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-10 20:42 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-10 20:42 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-11-10 20:42 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-10 20:42 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2015-11-10 20:42 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2015-11-10 20:42 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2015-11-10 20:42 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-10 20:42 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-11-10 20:42 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-11-10 20:42 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2015-11-10 20:42 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2015-11-10 20:42 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-11-10 20:42 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-11-10 20:42 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2015-11-10 20:42 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2015-11-10 20:42 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-10 20:42 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-10 20:42 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-10 20:42 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-10 20:42 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-10 20:42 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2015-11-10 20:42 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2015-11-10 20:42 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-10 20:42 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2015-11-10 20:42 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2015-11-10 20:42 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-11-10 20:42 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-10 20:42 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2015-11-10 20:42 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-11-10 20:42 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-11-10 20:42 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-11-10 20:42 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-11-10 20:42 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-11-10 20:42 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2015-11-10 20:42 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-10 20:42 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-10 20:42 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-11-10 20:42 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-11-10 20:42 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-11-10 20:42 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-10 20:42 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-10 20:42 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-10 20:42 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2015-11-10 20:42 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-10 20:42 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-10 20:42 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-10 20:42 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-11-10 20:42 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe 2015-11-10 20:42 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-10 20:42 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-10 20:42 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-10 20:42 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2015-11-10 20:42 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2015-11-10 20:42 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2015-11-10 20:42 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2015-11-10 20:42 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2015-11-10 20:42 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2015-11-10 20:42 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2015-11-10 20:42 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2015-11-10 20:42 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-10 20:42 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-10 20:42 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-10 20:42 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2015-11-10 20:42 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2015-11-10 20:42 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll 2015-11-10 20:42 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll 2015-11-10 20:42 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-10 20:42 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-10 20:42 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-10 20:42 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-10 20:42 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll 2015-11-10 20:41 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-10 20:41 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-10 20:41 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-10 20:41 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2015-12-01 00:01 - 2014-10-26 01:09 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-12-01 00:01 - 2009-07-14 04:20 - 00000000 ____D C:\Windows 2015-11-30 23:39 - 2015-06-18 09:27 - 00001220 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job 2015-11-30 23:30 - 2014-11-01 15:50 - 00000000 ____D C:\Program Files (x86)\Steam 2015-11-30 23:12 - 2014-05-30 22:27 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-30 23:09 - 2014-05-30 22:09 - 00001568 _____ C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job 2015-11-30 23:09 - 2014-05-30 22:09 - 00001498 _____ C:\Windows\Tasks\Media_Play_AIR+-nova.job 2015-11-30 22:19 - 2015-10-20 17:23 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com 2015-11-30 22:18 - 2009-07-14 06:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2015-11-30 22:17 - 2014-08-07 09:33 - 00000000 ____D C:\Users\Manu\AppData\Local\CrashDumps 2015-11-30 22:01 - 2014-10-26 01:09 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-30 21:05 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-30 21:05 - 2009-07-14 05:45 - 00013568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-30 21:02 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Spotify 2015-11-30 21:00 - 2015-01-27 17:36 - 00000000 ___RD C:\Users\Manu\Dropbox 2015-11-30 21:00 - 2015-01-27 17:29 - 00000000 ____D C:\Users\Manu\AppData\Roaming\Dropbox 2015-11-30 20:59 - 2014-08-22 14:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony 2015-11-30 20:58 - 2015-08-20 19:14 - 00000000 ____D C:\Users\Manu\AppData\Local\Spotify 2015-11-30 20:58 - 2014-04-20 23:48 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2015-11-30 20:57 - 2014-10-18 17:58 - 00000000 ____D C:\Users\Manu\AppData\Local\Deployment 2015-11-30 20:56 - 2015-01-10 16:26 - 00000000 ___RD C:\Users\Manu\OneDrive 2015-11-30 20:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-30 20:33 - 2014-06-25 20:34 - 00002048 _____ C:\Users\Manu\AppData\Roaming\mouse.dat 2015-11-30 20:33 - 2014-06-25 20:34 - 00000256 _____ C:\Users\Manu\AppData\Roaming\setup.dat 2015-11-30 20:30 - 2014-07-04 14:42 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\CrashDumps 2015-11-30 20:23 - 2014-04-20 23:13 - 00000000 ____D C:\Users\Hauptversorgung 2015-11-30 20:04 - 2015-01-27 17:28 - 00003322 _____ C:\Windows\System32\Tasks\AviraSpeedup 2015-11-30 19:55 - 2014-04-20 23:51 - 00078032 _____ C:\Users\Hauptversorgung\AppData\Local\GDIPFONTCACHEV1.DAT 2015-11-30 19:46 - 2014-04-21 00:09 - 00000000 ____D C:\Users\Manu\Desktop\Games 2015-11-30 19:40 - 2014-08-22 23:35 - 00000000 ____D C:\Users\Manu\AppData\Local\Battle.net 2015-11-30 18:39 - 2015-06-18 09:27 - 00001168 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job 2015-11-29 18:09 - 2009-07-14 18:58 - 00699342 _____ C:\Windows\system32\perfh007.dat 2015-11-29 18:09 - 2009-07-14 18:58 - 00149450 _____ C:\Windows\system32\perfc007.dat 2015-11-29 18:09 - 2009-07-14 06:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-29 18:09 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf 2015-11-29 12:49 - 2014-04-20 23:21 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\ElevatedDiagnostics 2015-11-28 22:38 - 2014-04-21 00:11 - 00000000 ____D C:\Users\Manu\Desktop\Bilder für langeweile 2015-11-28 18:46 - 2015-03-03 18:43 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-11-28 18:40 - 2015-02-04 16:22 - 00000000 ____D C:\Users\Hauptversorgung\Documents\My Games 2015-11-26 18:16 - 2015-07-29 15:07 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\MalwareProtectionLive 2015-11-24 21:55 - 2014-08-22 23:34 - 00000000 ____D C:\Program Files (x86)\Battle.net 2015-11-24 20:27 - 2015-05-04 18:02 - 00000000 ____D C:\Users\Hauptversorgung\AppData\Local\NXEPassportClient 2015-11-24 18:20 - 2015-03-31 11:59 - 00000000 ____D C:\Program Files (x86)\Heroes of the Storm 2015-11-20 19:29 - 2014-08-29 14:22 - 00000000 ____D C:\Program Files (x86)\Diablo III 2015-11-18 21:12 - 2014-05-30 22:27 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-11-18 21:12 - 2014-05-30 22:27 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-11-18 21:12 - 2014-05-30 22:27 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-11-18 20:19 - 2014-07-09 07:53 - 00000000 ____D C:\Users\Manu\AppData\Local\Adobe 2015-11-18 20:02 - 2014-08-22 23:27 - 00000000 ____D C:\ProgramData\Package Cache 2015-11-18 20:01 - 2014-08-22 23:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2015-11-13 19:04 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache 2015-11-13 12:12 - 2014-08-29 17:53 - 00000000 ____D C:\Users\Manu\Documents\Diablo III 2015-11-13 10:06 - 2009-07-14 05:45 - 00332632 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-11 20:47 - 2015-07-12 22:25 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-11-11 20:16 - 2014-05-07 14:54 - 00000000 ____D C:\ProgramData\Microsoft Help 2015-11-11 20:07 - 2014-04-21 19:24 - 01593564 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2015-11-11 20:06 - 2014-10-26 01:09 - 00002175 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-11-11 19:59 - 2009-07-14 19:18 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-10 20:20 - 2014-08-22 23:49 - 00000000 ____D C:\Program Files (x86)\Hearthstone 2015-11-03 20:10 - 2015-01-10 16:26 - 00002176 _____ C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2015-11-03 18:51 - 2015-03-03 21:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieBrowserModeList 2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieUserList 2015-11-03 18:51 - 2014-07-01 15:04 - 00000000 __SHD C:\Users\Manu\AppData\Local\EmieSiteList ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-07-04 16:09 - 2015-02-13 01:55 - 0002048 _____ () C:\Users\Hauptversorgung\AppData\Roaming\mouse.dat 2014-07-04 16:09 - 2015-02-13 01:55 - 0000256 _____ () C:\Users\Hauptversorgung\AppData\Roaming\setup.dat 2014-10-25 21:54 - 2014-10-25 21:54 - 0612324 _____ (CMI Limited) C:\Users\Hauptversorgung\AppData\Local\nsm606A.tmp 2014-12-08 15:42 - 2015-03-09 20:04 - 0007642 _____ () C:\Users\Hauptversorgung\AppData\Local\Resmon.ResmonCfg Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\Users\Manu\Combatarms_eu.exe Einige Dateien in TEMP: ==================== C:\Users\Hauptversorgung\AppData\Local\Temp\6a246669c4722113966d0cbd29442eb9.dll C:\Users\Hauptversorgung\AppData\Local\Temp\amazonicon_v10.exe C:\Users\Hauptversorgung\AppData\Local\Temp\amazoninstallernircmdc.exe C:\Users\Hauptversorgung\AppData\Local\Temp\avgnt.exe C:\Users\Hauptversorgung\AppData\Local\Temp\c33768490d71bd4b6f1456e1b4aac6b5.dll C:\Users\Hauptversorgung\AppData\Local\Temp\HaloTrialSetup.exe C:\Users\Hauptversorgung\AppData\Local\Temp\NGMDll.dll C:\Users\Hauptversorgung\AppData\Local\Temp\NGMResource.dll C:\Users\Hauptversorgung\AppData\Local\Temp\sdan.exe C:\Users\Hauptversorgung\AppData\Local\Temp\sdapk.exe C:\Users\Hauptversorgung\AppData\Local\Temp\sdaspwn.exe C:\Users\Hauptversorgung\AppData\Local\Temp\unicows.dll C:\Users\Hauptversorgung\AppData\Local\Temp\xmlUpdater.exe C:\Users\Manu\AppData\Local\Temp\aacdec.exe C:\Users\Manu\AppData\Local\Temp\avgnt.exe C:\Users\Manu\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpol9dkp.dll C:\Users\Manu\AppData\Local\Temp\ffmpeg15.exe C:\Users\Manu\AppData\Local\Temp\jre-8u20-windows-au.exe C:\Users\Manu\AppData\Local\Temp\NGMSetup.exe C:\Users\Manu\AppData\Local\Temp\SpotifyUninstall.exe C:\Users\Manu\AppData\Local\Temp\tmd_34013020.exe C:\Users\Manu\AppData\Local\Temp\tmd_34018119.exe C:\Users\Manu\AppData\Local\Temp\Uninstaller-6084.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2015-11-13 18:57 ==================== Ende von FRST.txt ============================ |
01.12.2015, 00:06 | #6 |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". jup, Schritt 1 Echtzeitschutz des Virenscanners abschalten. Schritt 2 Scan mit Combofix
__________________ --> Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". |
01.12.2015, 00:07 | #7 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015 durchgeführt von Hauptversorgung (2015-12-01 00:02:12) Gestartet von C:\Users\Manu\Downloads\Hilfe Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled) Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled) Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled) Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal) Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant) CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games) Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games) Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts) Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.) Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.) Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting) Glary Utilities 5.39 (HKLM-x32\...\Glary Utilities 5) (Version: 5.39.0.59 - Glarysoft Ltd) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation) Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - ) Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation) Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony) Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team) NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version: - ) Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS) PlanetSide 2 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version: - Crytek) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony) SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims) Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC) STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) StormWatch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\StormWatch) (Version: 1.0.1.27 - StormWatch) <==== ACHTUNG System Checkup 3.5 (HKLM-x32\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.5.6.8 - iolo technologies, LLC) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - Iron Lore Entertainment) Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version: - Iron Lore Entertainment) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation) UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version: - MX-3200 Mouse Driver) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WindowsMangerProtect20.0.0.1013 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.1013 - WindowsProtect LIMITED) <==== ACHTUNG WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{45C6AFA5-2C13-402f-BC5D-45CC8172EF6B}\InprocServer32 -> C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\sys\x64\TosBtExt.dll (TOSHIBA) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 28-11-2015 22:37:50 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 28-11-2015 22:39:20 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 29-11-2015 19:00:12 Windows-Sicherung ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2014-07-03 20:54 - 00000867 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 d3oxij66pru1i3.cloudfront.net ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B218BB-B0BE-40B5-880B-669D3D989018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {0813768E-6D3C-4A33-8AAF-76C7FB4D8FD8} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] () Task: {13C2E034-EA0B-47AB-A2A5-B2F03342B9A8} - System32\Tasks\iolo System Checkup => C:\ProgramData\iolo\scustask.lnk [2015-10-20] () Task: {36CC9A75-FF2F-453A-A08C-3DF6DA05C672} - System32\Tasks\{DC9E7E91-893F-4F34-8078-1E9598CD3A6A} => pcalua.exe -a "C:\Program Files (x86)\Media_Play_AIR+\Uninstall.exe" -c /fcp=1 Task: {41F2AC6B-6E34-4814-A9F1-95BCAD745482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {50E975AD-4387-477D-B251-BFE13359C3B4} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] () Task: {5614D4B7-E311-43A2-AC53-7B57D764F255} - System32\Tasks\Media_Play_AIR+-nova => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-nova.exe <==== ACHTUNG Task: {65E73BDE-6998-4EF4-B2F2-BE1C22C01D89} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe Task: {80BF3CDD-F884-4F26-AF87-90928C62F92B} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25] (Avira Operations GmbH & Co. KG) Task: {84FB224D-0E25-44C3-9193-28B6C475FFF8} - System32\Tasks\Browser Updater\Browser Updater => C:\Program Files (x86)\HomeTab\WBrowserUpdater.exe <==== ACHTUNG Task: {89F4AD92-E3AC-49CB-AE69-8C756DECBC63} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe Task: {8BFBE1DB-10C4-4689-86AA-AE3C0C18A7EF} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2015-11-23] (Glarysoft Ltd) Task: {9C074F6C-8604-4152-8DD2-2F5AA246BCEE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {A080FAC0-37E4-49E5-93D3-DF214BAE1EDB} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns Task: {A65C5FEC-9688-4B0C-BFB3-10B416D56081} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-11-23] (Glarysoft Ltd) Task: {AEBD5690-7CB0-4CF6-A0A6-8F09C7EA5158} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B351028B-8FB9-4A26-AF99-C96AEF5227D1} - System32\Tasks\Media_Play_AIR+-novainstaller => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-novainstaller.exe <==== ACHTUNG Task: {B375BCBF-15A7-44DD-94EB-F3C4B8E56AB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {B6CFCE72-B725-4A8C-9FED-D67829945A5A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B78AA8BB-2BFC-449F-A1C3-6882B976C7F6} - System32\Tasks\ProtectedSearch\Protected Search => C:\Program Files (x86)\HomeTab\WBrowserKeeper.exe <==== ACHTUNG Task: {B840759D-ECF9-4937-A52E-CA3B370031CF} - \ASP -> Keine Datei <==== ACHTUNG Task: {C213B827-FF0C-44DD-BC69-8F567D29E2D0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {E1B00C93-5703-46DE-8C3B-9C36F51FC3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-18] (Adobe Systems Incorporated) Task: {FDE43669-62CB-4041-B6BE-0F4463347814} - System32\Tasks\SystemSockets\SystemSockets => C:\Program Files (x86)\HomeTab\WBrowserProductivity.exe <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\Media_Play_AIR+-nova.job => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-nova.exe>/agentregpath='Media_Play_AIR+' /appid=58488 /srcid='001578' /subid='verticals-ads,intext,shopping,pops' /zdata='0' /bic=392AC318B77E48BDBDF766E33A4026A7IE /verifier=610bf72dd3027908fe751c6076fcfe71 /installerversion=1_34_05_29 /installerfullversion=1.34.5.29 /installationtime=1401484143 /statsdomain=hxxp:/stats.datademoserv.com /errorsdomain=hxxp:/errors.datademoserv.com /codedownloaddomain=hxxp:/js.datademoserv.com /defbro=ch /usehklm /browsername='nova' /autoupdateulr='hxxp:/update.datademoserv.com/novarun/{CAMP_ID}/update.jso Task: C:\Windows\Tasks\Media_Play_AIR+-novainstaller.job => C:\Program Files (x86)\Media_Play_AIR+\Media_Play_AIR+-novainstaller.exeX/updateapp /runfrom=task /agentregpath='Media_Play_AIR+' /appid=58488 /srcid='001578' /subid='verticals-ads,intext,shopping,pops' /zdata='0' /bic=392AC318B77E48BDBDF766E33A4026A7IE /verifier=610bf72dd3027908fe751c6076fcfe71 /installerversion=1_34_05_29 /installerfullversion=1.34.5.29 /installationtime=1401484143 /statsdomain=hxxp:/stats.datademoserv.com /errorsdomain=hxxp:/errors.datademoserv.com /codedownloaddomain=hxxp:/js.datademoserv.com /defbro=ch /usehklm /browsername='nova' /autoupdateulr='hxxp:/update.datademoserv.com/novacode/{CAMP_ID}/update.jso Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-05-30 14:32 - 2013-05-30 14:32 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe 2015-08-15 10:05 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2015-08-20 19:14 - 2015-11-16 17:08 - 50678592 _____ () C:\Users\Manu\AppData\Roaming\Spotify\libcef.dll 2015-11-30 20:57 - 2015-11-30 20:57 - 00071168 _____ () c:\users\manu\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpol9dkp.dll 2015-10-16 17:29 - 2015-09-03 01:11 - 00012800 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick.2\qtquick2plugin.dll 2015-10-16 17:29 - 2015-09-03 01:11 - 00779776 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick\Controls\qtquickcontrolsplugin.dll 2015-10-16 17:29 - 2015-09-03 01:11 - 00056320 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick\Layouts\qquicklayoutsplugin.dll 2015-10-16 17:29 - 2015-09-03 01:11 - 00012288 _____ () C:\Users\Manu\AppData\Roaming\Dropbox\bin\QtQuick\Window.2\windowplugin.dll 2012-05-07 10:55 - 2012-05-07 10:55 - 00178104 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll 2015-11-11 20:04 - 2015-11-07 05:36 - 01532744 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libglesv2.dll 2015-11-11 20:04 - 2015-11-07 05:36 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\libegl.dll 2015-08-20 19:14 - 2015-11-16 17:08 - 01880896 _____ () C:\Users\Manu\AppData\Roaming\Spotify\libglesv2.dll 2015-08-20 19:14 - 2015-11-16 17:08 - 00081216 _____ () C:\Users\Manu\AppData\Roaming\Spotify\libegl.dll 2015-08-15 10:05 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2014-08-22 14:59 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2014-08-22 14:59 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll 2014-08-22 14:59 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2015-04-10 10:26 - 2015-04-10 10:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2015-11-11 20:04 - 2015-11-07 05:36 - 16496456 _____ () C:\Program Files (x86)\Google\Chrome\Application\46.0.2490.86\PepperFlash\pepflashplayer.dll 2014-11-01 15:51 - 2015-10-05 17:18 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-02-11 15:25 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-02-11 15:25 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-02-11 15:25 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2014-11-01 15:51 - 2015-11-10 03:44 - 02541648 _____ () C:\Program Files (x86)\Steam\video.dll 2014-11-01 15:51 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2014-11-01 15:51 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2014-11-01 15:51 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2014-11-01 15:51 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2014-11-01 15:51 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2014-11-01 15:51 - 2015-11-10 03:44 - 00806992 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-07-22 00:08 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2014-11-01 15:51 - 2015-10-08 23:20 - 45010208 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-02-11 15:25 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.137.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869 FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900 FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: 3D-Videocontroller Description: 3D-Videocontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (11/30/2015 10:17:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: witcher3.exe, Version: 3.0.6.7903, Zeitstempel: 0x561eca18 Name des fehlerhaften Moduls: igdusc64.dll, Version: 9.18.10.3165, Zeitstempel: 0x5189985d Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000007ab2 ID des fehlerhaften Prozesses: 0x18c0 Startzeit der fehlerhaften Anwendung: 0xwitcher3.exe0 Pfad der fehlerhaften Anwendung: witcher3.exe1 Pfad des fehlerhaften Moduls: witcher3.exe2 Berichtskennung: witcher3.exe3 Error: (11/30/2015 08:30:36 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000011aa ID des fehlerhaften Prozesses: 0x176c Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0 Pfad der fehlerhaften Anwendung: Gmer-19357.exe1 Pfad des fehlerhaften Moduls: Gmer-19357.exe2 Berichtskennung: Gmer-19357.exe3 Error: (11/30/2015 08:29:34 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000011aa ID des fehlerhaften Prozesses: 0xb00 Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0 Pfad der fehlerhaften Anwendung: Gmer-19357.exe1 Pfad des fehlerhaften Moduls: Gmer-19357.exe2 Berichtskennung: Gmer-19357.exe3 Error: (11/30/2015 08:28:42 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000011aa ID des fehlerhaften Prozesses: 0x1e8c Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0 Pfad der fehlerhaften Anwendung: Gmer-19357.exe1 Pfad des fehlerhaften Moduls: Gmer-19357.exe2 Berichtskennung: Gmer-19357.exe3 Error: (11/30/2015 08:24:35 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Name des fehlerhaften Moduls: Gmer-19357.exe, Version: 2.1.19357.0, Zeitstempel: 0x52e7ea83 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000011aa ID des fehlerhaften Prozesses: 0xee8 Startzeit der fehlerhaften Anwendung: 0xGmer-19357.exe0 Pfad der fehlerhaften Anwendung: Gmer-19357.exe1 Pfad des fehlerhaften Moduls: Gmer-19357.exe2 Berichtskennung: Gmer-19357.exe3 Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 20046 Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 20046 Error: (11/30/2015 05:42:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 19048 Error: (11/30/2015 05:42:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 19048 Systemfehler: ============= Error: (11/30/2015 08:55:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "Update snipsmart" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (11/30/2015 08:38:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "PnP-X-IP-Busenumerator" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:33 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068 Error: (11/30/2015 08:36:32 PM) (Source: DCOM) (EventID: 10005) (User: ) Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030} CodeIntegrity: =================================== Date: 2014-11-30 22:22:54.493 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:22:54.472 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.882 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.858 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Prozentuale Nutzung des RAM: 37% Installierter physikalischer RAM: 12216.36 MB Verfügbarer physikalischer RAM: 7622.86 MB Summe virtueller Speicher: 24430.93 MB Verfügbarer virtueller Speicher: 19181.72 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:503.32 GB) (Free:66.41 GB) NTFS Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2066.22 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9E560E8A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=06) Partition 3: (Not Active) - (Size=503.3 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ==================== Ende von Addition.txt ============================ |
01.12.2015, 00:08 | #8 |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". Siehe oben...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
01.12.2015, 00:23 | #9 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". ja schon klar, aber du meintest ja ich soll nach dem scan als admin beide nochmal posten das is jetzt von combofix Code:
ATTFilter ComboFix 15-11-30.01 - Hauptversorgung 01.12.2015 0:12.1.8 - x64 Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.12216.7388 [GMT 1:00] ausgeführt von:: c:\users\Manu\Desktop\ComboFix.exe AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859} SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\ntuser.pol c:\users\Hauptversorgung\AppData\Local\nsm606A.tmp c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\de\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\en\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\es\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\fr\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\it\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\ja\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\ko\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\ko_KR\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\pt\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\pt_BR\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\sl\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\tr\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\zh\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\_locales\zh_CN\messages.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\background.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\blocked.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\blocked.css c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\form.css c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\options.css c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\popup.css c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\reset.css c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\css\style.css c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\128.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\16.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\19.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\48.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\64.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\72.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\checkbox.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\options.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\radio.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\images\select.png c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\common.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\controller.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\functions.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\init-facebook.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\injection.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-background.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-blocked.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-news.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-options.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-popup.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-share.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\page-welcome.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\utils.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\js\website-blocker.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\lib\ChromeDB.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\lib\jquery-2.0.0.min.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\lib\sha256.js c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\manifest.json c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\news.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\options.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\popup.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\share.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Extensions\hclgegipaehbigmbhdpfapmjadbaldib\0.2.6.2_0\welcome.html c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hclgegipaehbigmbhdpfapmjadbaldib_0.localstorage-journal c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hclgegipaehbigmbhdpfapmjadbaldib_0.localstorage c:\users\Manu\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\windows\IsUn0407.exe . . ((((((((((((((((((((((( Dateien erstellt von 2015-10-28 bis 2015-11-30 )))))))))))))))))))))))))))))) . . 2015-11-30 23:20 . 2015-11-30 23:20 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-11-30 23:20 . 2015-11-30 23:20 -------- d-----w- c:\users\Hauptversorgung\AppData\Local\temp 2015-11-30 19:56 . 2015-11-30 19:56 -------- d-----w- C:\OneDriveTemp 2015-11-30 19:15 . 2015-11-30 23:02 -------- d-----w- C:\FRST 2015-11-30 19:01 . 2015-11-30 19:01 20160 ----a-w- c:\windows\system32\drivers\GUBootStartup.sys 2015-11-30 19:01 . 2015-11-30 19:01 -------- d-----w- c:\users\Hauptversorgung\AppData\Roaming\DiskDefrag 2015-11-30 19:01 . 2015-11-30 19:01 -------- d-----w- c:\users\Hauptversorgung\AppData\Roaming\GlarySoft 2015-11-30 19:01 . 2015-11-30 19:02 -------- d-----w- c:\program files (x86)\Glary Utilities 5 2015-11-30 18:56 . 2015-11-30 18:56 -------- d-----w- c:\users\Hauptversorgung\AppData\Roaming\ParetoLogic 2015-11-30 18:56 . 2015-11-30 18:56 -------- d-----w- c:\users\Hauptversorgung\AppData\Roaming\DriverCure 2015-11-30 18:55 . 2015-11-30 18:55 -------- d-----w- c:\program files (x86)\Common Files\ParetoLogic 2015-11-30 18:55 . 2015-11-30 18:59 -------- d-----w- c:\programdata\ParetoLogic 2015-11-21 15:57 . 2015-11-21 15:57 -------- d-----w- c:\programdata\Ubisoft 2015-11-21 15:56 . 2015-11-21 15:56 189248 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2015-11-21 15:56 . 2015-11-21 15:56 75136 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2015-11-18 19:15 . 2015-11-18 19:15 -------- d-----w- c:\programdata\McAfee 2015-11-18 19:15 . 2015-11-18 19:15 -------- d-----w- c:\users\Hauptversorgung\AppData\Local\Adobe 2015-11-13 10:48 . 2015-11-24 21:48 -------- d-----w- c:\program files (x86)\Diablo III Public Test 2015-11-12 16:52 . 2015-11-03 17:55 3211264 ----a-w- c:\windows\system32\win32k.sys 2015-11-10 19:41 . 2015-10-13 04:57 950720 ----a-w- c:\windows\system32\drivers\ndis.sys . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-11-18 20:12 . 2014-05-30 21:27 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2015-11-18 20:12 . 2014-05-30 21:27 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2015-10-30 15:49 . 2015-10-30 15:49 668784 ----a-w- C:\SecurityScanner.dll 2015-10-20 00:45 . 2015-11-10 19:42 44032 ----a-w- c:\windows\apppatch\acwow64.dll 2015-10-13 00:29 . 2015-10-13 00:29 875720 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll 2015-10-13 00:22 . 2015-10-13 00:22 869568 ----a-w- c:\windows\system32\msvcr120_clr0400.dll 2015-10-01 18:06 . 2015-10-14 16:21 692672 ----a-w- c:\windows\system32\winload.efi 2015-10-01 18:04 . 2015-10-14 16:21 616360 ----a-w- c:\windows\system32\winresume.efi 2015-10-01 18:00 . 2015-10-14 16:21 63488 ----a-w- c:\windows\system32\setbcdlocale.dll 2015-10-01 18:00 . 2015-10-14 16:21 59392 ----a-w- c:\windows\system32\appidapi.dll 2015-10-01 18:00 . 2015-10-14 16:21 32768 ----a-w- c:\windows\system32\appidsvc.dll 2015-10-01 18:00 . 2015-10-14 16:21 17920 ----a-w- c:\windows\system32\appidcertstorecheck.exe 2015-10-01 18:00 . 2015-10-14 16:21 147456 ----a-w- c:\windows\system32\appidpolicyconverter.exe 2015-10-01 17:50 . 2015-10-14 16:21 50688 ----a-w- c:\windows\SysWow64\appidapi.dll 2015-10-01 17:00 . 2015-10-14 16:21 61440 ----a-w- c:\windows\system32\drivers\appid.sys 2015-09-22 21:36 . 2015-01-27 16:27 74952 ----a-w- c:\windows\system32\drivers\avnetflt.sys 2015-09-22 21:36 . 2015-01-27 16:27 163544 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2015-09-02 03:04 . 2015-09-12 19:29 41984 ----a-w- c:\windows\system32\lpk.dll 2015-09-02 03:04 . 2015-09-12 19:29 100864 ----a-w- c:\windows\system32\fontsub.dll 2015-09-02 03:04 . 2015-09-12 19:29 14336 ----a-w- c:\windows\system32\dciman32.dll 2015-09-02 03:04 . 2015-09-12 19:29 46080 ----a-w- c:\windows\system32\atmlib.dll 2015-09-02 02:48 . 2015-09-12 19:29 70656 ----a-w- c:\windows\SysWow64\fontsub.dll 2015-09-02 02:48 . 2015-09-12 19:29 10240 ----a-w- c:\windows\SysWow64\dciman32.dll 2015-09-02 02:48 . 2015-09-12 19:29 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2015-09-02 02:47 . 2015-09-12 19:29 25600 ----a-w- c:\windows\SysWow64\lpk.dll 2015-09-02 01:47 . 2015-09-12 19:29 372736 ----a-w- c:\windows\system32\atmfd.dll 2015-09-02 01:33 . 2015-09-12 19:29 299520 ----a-w- c:\windows\SysWow64\atmfd.dll . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2015-03-01 15:33 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "GUDelayStartup"="c:\program files (x86)\Glary Utilities 5\StartupManager.exe" [2015-11-23 37152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "DTS Sound"="c:\program files (x86)\DTS" [X] "Mouse"="c:\program files (x86)\MX-3200 Mouse\DriverST.exe" [2012-08-21 184393] "avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-11-10 788176] "Avira SystrayStartTrigger"="c:\program files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" [2015-10-14 66320] . c:\users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ SoundSwitch.appref-ms [2015-11-13 354] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ Bluetooth Manager.lnk - c:\program files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2013-5-10 2812296] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk * . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled] "TSleepSrv"="%ProgramFiles(x86)%\TOSHIBA\TOSHIBA" Sleep Utility\TSleepSrv.exe . R2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x] R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R2 Update snipsmart;Update snipsmart;c:\program files (x86)\snipsmart\updatesnipsmart.exe;c:\program files (x86)\snipsmart\updatesnipsmart.exe [x] R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x] R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x] R3 esgiguard;esgiguard;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys;c:\program files\Enigma Software Group\SpyHunter\esgiguard.sys [x] R3 GalaxyClientService;GalaxyClientService;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe;c:\program files (x86)\GalaxyClient\GalaxyClientService.exe [x] R3 GalaxyCommunication;GalaxyCommunication;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe;c:\programdata\GOG.com\Galaxy\redists\GalaxyCommunication.exe [x] R3 ggflt;SOMC USB Flash Driver Filter;c:\windows\system32\DRIVERS\ggflt.sys;c:\windows\SYSNATIVE\DRIVERS\ggflt.sys [x] R3 ggsomc;SOMC USB Flash Driver;c:\windows\system32\DRIVERS\ggsomc.sys;c:\windows\SYSNATIVE\DRIVERS\ggsomc.sys [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x] R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x] R3 usbezdisplay64;USB Projector;c:\windows\system32\drivers\usbezdisplay64.sys;c:\windows\SYSNATIVE\drivers\usbezdisplay64.sys [x] R3 X6va029;X6va029;c:\windows\SysWOW64\Drivers\X6va029;c:\windows\SysWOW64\Drivers\X6va029 [x] R3 xhunter1;xhunter1;c:\windows\xhunter1.sys;c:\windows\xhunter1.sys [x] S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x] S1 GUBootStartup;GUBootStartup;c:\windows\System32\drivers\GUBootStartup.sys;c:\windows\SYSNATIVE\drivers\GUBootStartup.sys [x] S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x] S2 Apple Mobile Device Service;Apple Mobile Device Service;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe;c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [x] S2 Avira.ServiceHost;Avira Service Host;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe;c:\program files (x86)\Avira\Launcher\Avira.ServiceHost.exe [x] S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x] S2 CxAudMsg;Conexant Audio Message Service;c:\windows\system32\CxAudMsg64.exe;c:\windows\SYSNATIVE\CxAudMsg64.exe [x] S2 dts_apo_service;DTS APO Service;c:\program files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe;c:\program files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe [x] S3 BtFilter;Bluetooth LowerFilter Class Filter Driver;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x] S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x] S3 QIOMem;Generic IO & Memory Access;c:\windows\system32\DRIVERS\QIOMem.sys;c:\windows\SYSNATIVE\DRIVERS\QIOMem.sys [x] S3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x] S3 subvgaproduct64;subvgaproduct64;c:\windows\system32\DRIVERS\subvga64.sys;c:\windows\SYSNATIVE\DRIVERS\subvga64.sys [x] S3 subvgaproductmirr64;subvgaproductmirr64;c:\windows\system32\DRIVERS\subvgamirr64.sys;c:\windows\SYSNATIVE\DRIVERS\subvgamirr64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-11-11 18:55 997704 ----a-w- c:\program files (x86)\Google\Chrome\Application\46.0.2490.86\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2015-11-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-30 20:12] . 2015-11-30 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job - c:\users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 08:27] . 2015-11-30 c:\windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job - c:\users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18 08:27] . 2015-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 10:50] . 2015-11-30 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-10-26 10:50] . 2015-11-30 c:\windows\Tasks\ParetoLogic Registration3.job - c:\windows\system32\rundll32.exe [2009-07-13 01:14] . 2015-11-30 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08 18:55] . 2015-11-30 c:\windows\Tasks\ParetoLogic Update Version3.job - c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08 18:55] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 2015-03-01 14:10 357376 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2013-05-13 165872] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-05-13 407536] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-05-13 444400] "cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2013-01-11 894048] "SmartAudio"="c:\program files\CONEXANT\SAII\SACpl.exe" [2012-06-13 1647616] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = https://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ie uDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms} mDefault_Search_URL = https://search.avira.net/#web/result?source=art&q= mDefault_Page_URL = https://search.avira.net/#web/result?source=art&q= mStart Page = https://search.avira.net/#web/result?source=art&q= mSearch Page = https://search.avira.net/#web/result?source=art&q= mSearch Bar = hxxp://www.google.com uInternet Settings,ProxyOverride = <-loopback> uSearchAssistant = hxxp://www.google.com uSearchURL,(Default) = hxxp://www.google.com IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm IE: {{c0e8ae32-0758-4c8d-ab71-23b361fe8964} - c:\users\HAUPTV~1\AppData\Local\Temp\ie_script.htm IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll Trusted Zone: clonewarsadventures.com Trusted Zone: freerealms.com Trusted Zone: soe.com Trusted Zone: sony.com TCP: DhcpNameServer = 192.168.137.1 FF - ProfilePath - c:\users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo! FF - prefs.js: keyword.URL - hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p= FF - prefs.js: browser.startup.homepage - hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff . - - - - Entfernte verwaiste Registrierungseinträge - - - - . Toolbar-10 - (no file) ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file) ShellIconOverlayIdentifiers-{5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file) ShellIconOverlayIdentifiers-{A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file) ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file) ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file) Wow6432Node-HKLM-Run-ITSecMng - %ProgramFiles(x86)%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe Wow6432Node-HKLM-Run-mbot_de_196 - (no file) Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe c:\users\Manu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - c:\users\Hauptversorgung\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-10 - (no file) ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file) ShellIconOverlayIdentifiers-{5AB7172C-9C11-405C-8DD5-AF20F3606282} - (no file) ShellIconOverlayIdentifiers-{A78ED123-AB77-406B-9962-2A5D9D2F7F30} - (no file) ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file) ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file) ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EDD-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EDE-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EDF-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll ShellIconOverlayIdentifiers-{FB314EE0-A251-47B7-93E1-CDD82E34AF8B} - c:\users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll HKLM-RunOnce-WinSat - winsat dwm -xml results.xml AddRemove-Activeris AntiMalware_is1 - c:\program files (x86)\Activeris AntiMalware\unins000.exe AddRemove-LEGO Rock Raiders - c:\windows\IsUn0407.exe AddRemove-SOE-PlanetSide 2 - c:\users\Public\Sony Online Entertainment\Installed Games\PlanetSide 2\Uninstaller.exe AddRemove-StormWatch - c:\users\Hauptversorgung\AppData\Local\StormWatch\StormWatchappuninstall.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va029] "ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va029" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.Email.1" . [HKEY_USERS\S-1-5-21-1029605971-2717496707-4219619431-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice] @Denied: (2) (LocalSystem) "Progid"="WindowsLiveMail.VCard.1" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_245_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_245_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.19" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_245.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Zeit der Fertigstellung: 2015-12-01 00:23:01 ComboFix-quarantined-files.txt 2015-11-30 23:23 . Vor Suchlauf: 16 Verzeichnis(se), 72.290.897.920 Bytes frei Nach Suchlauf: 22 Verzeichnis(se), 75.061.182.464 Bytes frei . - - End Of File - - 74F8643DC540429C667A6BEB62C28544 A36C5E4F47E84449FF07ED3517B43A31 |
01.12.2015, 09:23 | #10 |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". Hi, Schritt 1 Bitte deinstalliere folgende Programme: StormWatch WindowsMangerProtect20.0.0.1013 Versuche es bei Windows 7 zunächst über Systemsteuerung/Programme deinstallieren. Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter. Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus: Schritt 2 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 3
Schritt 4 Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen. Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
01.12.2015, 11:10 | #11 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". Es scheitert schon an schritt 1 :/ der Uninstaller findet das Programm auch nicht :/ Mit schritt 2 weiter machen? |
01.12.2015, 11:12 | #12 |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". Was steht denn oben was Du in diesem Fall machen sollst?
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
01.12.2015, 12:05 | #13 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". ok hast ja recht Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 01.12.2015 Suchlaufzeit: 11:35 Protokolldatei: mbamlog.txt Administrator: Nein Version: 2.2.0.1024 Malware-Datenbank: v2015.12.01.02 Rootkit-Datenbank: v2015.11.26.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Manu Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 302039 Abgelaufene Zeit: 13 Min., 40 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 82 PUP.Optional.HDVidCodec, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\HDvid-Codec V9.0, In Quarantäne, [d115910ec1ca91a5b4993a5047bc4fb1], PUP.Optional.HQPro, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\HQ-V-Pro-v1.8, In Quarantäne, [e204c3dc9eed72c4e144167519ea3cc4], PUP.Optional.MediaPlayerPlus, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\Media_Play_AIR+, In Quarantäne, [8c5af5aa593241f55de8c6ccb35040c0], PUP.Optional.PlusHD, HKCU\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-9.7, In Quarantäne, [17cf3867721942f4e19ddebd9f64e020], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0F212658-AC46-4DB4-A651-F2E3F5D38859}, In Quarantäne, [3caa28770c7fda5c8e6c0e71d72c8e72], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{108D8067-8643-4CF1-AD3B-101D25E768BF}, In Quarantäne, [d313831cbfcced4927d4c0bf2dd68b75], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{178E9451-E9D4-4381-971F-AD9530306779}, In Quarantäne, [578f6f302368e3539a62ed92e1228080], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{243121BC-100C-4AD0-BD27-1171FA11535A}, In Quarantäne, [28be9708701bfc3a58a47e01d72c817f], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29BBDDF8-DD97-45DD-AF9B-C79232B8E5FB}, In Quarantäne, [6482c1de0784ed49dc20b4cbfa09d729], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A50A943-F295-4327-9A13-8A6FDE603887}, In Quarantäne, [f3f3d7c874172610cc30a9d6ec177b85], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C6E88B5-E812-4915-8F98-7DEDCA968096}, In Quarantäne, [23c3a9f62b608baba8547708758e19e7], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3201F3BF-442C-44D9-941C-DED57D9E39F9}, In Quarantäne, [05e1ced1c0cb56e08b7093ec0af926da], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32079536-D419-4EC5-9595-458584C51E73}, In Quarantäne, [6284a7f8751695a1ba42acd33cc7946c], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32FF15BB-1746-4465-9D49-5BD934F0ABE6}, In Quarantäne, [16d05e415239122469920b74b64d0df3], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{347244E5-8DC2-410F-891A-CBAFFA5B9B58}, In Quarantäne, [f8eee8b7f59661d5e21ab7c8c1423ac6], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{370C4882-3678-4934-B3F8-365577ED1916}, In Quarantäne, [f9ed425d1774d660bf3ded9261a2a060], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38A03796-445B-4B91-8357-38D3F71D8A4E}, In Quarantäne, [796da9f65e2d6bcb0eeee09fe81b59a7], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CF1FF4B-591A-4D7D-9ECE-C4AA701DAEC9}, In Quarantäne, [9e48544b632833030eeeed92c93aa759], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DE2F41F-43B2-447D-8F27-94872AF29849}, In Quarantäne, [7670dbc4b8d350e6ac50b5cadb28837d], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4241BAA4-98E3-4220-AD22-8EEDCCA3A57F}, In Quarantäne, [796d801f8a017db9ed0ebfc08f74738d], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4339F59A-23EE-44A2-BDA0-2BF2F2F635AC}, In Quarantäne, [5c8a2e7119720432ea118ef1a85b23dd], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{448AC77C-BC55-4305-BA96-A1DFAD8F58E6}, In Quarantäne, [38ae3b64bad13df9817a4b347093ae52], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45B71231-D71B-49F0-91AE-8BBED0D8E54D}, In Quarantäne, [3da938672269c670f902add245be857b], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{470C2232-DF1D-42F1-AA50-4712B8B1C5BD}, In Quarantäne, [8d591e81810a7cba6497daa550b30cf4], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B605DC8-1160-4B90-BA69-D9D94681ACDA}, In Quarantäne, [ecfaffa07d0ec571b547aad5a063aa56], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4F6B9E16-DA67-4E0F-94D1-F9F7F9E7D2F6}, In Quarantäne, [21c52b74414a54e2be3e225dee1501ff], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5284F595-4519-4416-A4F4-78E1667984ED}, In Quarantäne, [07dfd6c9018a95a1ed0f94eb4db6728e], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{58897D74-1416-4284-8677-5CF215122361}, In Quarantäne, [c323d9c658332f076c8fb5cac73c50b0], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A4D0888-7C66-49BB-98EE-AB8F90668E66}, In Quarantäne, [677ffea11a717abcc23aee915da6fb05], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C8D1436-87D2-41F9-BC5E-B612F2FA569F}, In Quarantäne, [e40236696229fb3bb546ec93ae5505fb], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E6B95C4-65C3-4396-9DAE-1EB81EF3CAD5}, In Quarantäne, [8066950a99f291a588731c6362a1ff01], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ED96D22-A363-4CCE-801A-D431BAA677FE}, In Quarantäne, [63832778e5a68caa28d49de2877c10f0], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6049520A-E37D-493A-A1CB-F3CA1E53F6BC}, In Quarantäne, [42a46b34107b3df948b4ccb33bc8d32d], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6305ACDF-10FA-44FD-B790-B3A9737D46C2}, In Quarantäne, [eef8a9f6cdbe1b1b5aa183fc44bfdc24], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68DA9E74-2753-4D16-A5F2-3789ACD8C0F2}, In Quarantäne, [bc2aa9f69feccb6bdf1d8ef19d669769], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6900D7FA-7A60-44B7-84E8-2B13651799EF}, In Quarantäne, [24c29b04d2b975c1fffc3847ef148977], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F52208F-2C52-446A-919D-19B389CCFA74}, In Quarantäne, [1ccae3bca6e5d5617686ea9526dd8f71], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{71484CBA-6D1C-4D14-93D6-9E7FEC8EB217}, In Quarantäne, [cd198f1098f33afc00fb611eb05341bf], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73174BA1-463A-4E33-856C-B0A9768C7188}, In Quarantäne, [7b6b950a1279c373be3ec6b9db281ae6], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76FF8EE5-6E5A-4091-95F8-72D892EBAD3C}, In Quarantäne, [9254d7c85e2d44f29e5d7d024db69f61], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{782CE1D4-815E-4CEB-A9D0-232BBFA05820}, In Quarantäne, [697d29761279310509f2dca360a3c040], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7906FE99-9B73-45DA-802C-9E3ECF643A69}, In Quarantäne, [e7ff772896f5989ea8545a25e2219d63], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BE1335F-830A-42BC-85BC-77C31F19403D}, In Quarantäne, [984e6936711ae35300fb0a758c777888], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D692592-F455-445A-BFD7-14F23E53D31F}, In Quarantäne, [7b6b6837c8c30b2bd328d8a76c978878], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{819B9182-3E54-4952-98DD-1DF84CDFF528}, In Quarantäne, [2fb7e9b6236886b0e01b275831d24ab6], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83D3BB6C-230D-44D7-A635-28F73188E2F9}, In Quarantäne, [3ea8f6a9345769cd906b0a75ae5501ff], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89FC5209-C785-4891-A1D2-6291E24EB3B4}, In Quarantäne, [02e4bde20d7eae88e715c1be2fd4ff01], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A04DFF9F-25C6-4DC4-A9ED-F0483D4536C8}, In Quarantäne, [be28940b0a81999dcd2ed3ac4fb444bc], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB5E15E1-881C-45ED-99BE-127269A81FCB}, In Quarantäne, [05e10798117a94a26497344b4fb413ed], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2394958-C484-429A-B6D9-2120192DCC79}, In Quarantäne, [e7ff207f92f943f3cd2f96e9c340c23e], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2F7A7C3-B14A-4DAC-A3FD-70385B51DAF3}, In Quarantäne, [c71ffda2b0dbf3437f7d245bf50e1be5], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B558CA57-2A92-4F63-8B80-F3C6E0A5DEAE}, In Quarantäne, [6f77930cd0bbd0665ba16c13e71c9a66], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B95AFDF4-305B-4BE0-B92F-F6227FEABD4F}, In Quarantäne, [5e88811eee9d4aecaf4cdaa5c83b9a66], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BDA297CF-2BBB-463D-9D51-24FF29791355}, In Quarantäne, [499d900fd9b2dc5a11ebd6a960a3b24e], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0603216-89C4-4200-BEC8-E99F299E87E8}, In Quarantäne, [cc1ac8d7ed9e7abc18e4156aa55e38c8], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C08F6C81-FD88-4311-B8DA-7F5DCB5CD9AB}, In Quarantäne, [c5211689c9c2ba7c619b92edf013738d], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C1F76434-8480-44B4-974F-2C335171ECAC}, In Quarantäne, [cb1b900fb3d80f27da22b5ca36cd639d], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BA08AD-9479-42CB-B47E-9828521D9498}, In Quarantäne, [4d999a054c3f75c10af1116e1ae9c937], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5913AD0-989C-41E4-A1A8-8BAC6C777C13}, In Quarantäne, [cd19930c751633037b811a657291ee12], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7163553-28E8-44B5-B432-1832BCB6ED79}, In Quarantäne, [fde9dac51a7150e61ede532c16ed3ac6], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA614061-DC8C-45B4-9619-732AF86F522E}, In Quarantäne, [bc2ac7d88cff92a40dee83fc50b3916f], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D08752A0-F26A-4EF8-BF17-E1BC442DCDE1}, In Quarantäne, [c81e356abdce64d2ef0d95ea56adcb35], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D227944D-474C-4B1B-A9AF-CE76B4F47D6A}, In Quarantäne, [5393a4fbf8935ed8dc2086f9ac573cc4], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2A9E610-7EFF-47A2-BA87-5A9D71C29B79}, In Quarantäne, [8462d1ce4348cf6711eb37486d96f808], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCD1AEA9-4558-4D5A-B6CD-8D928B369BB0}, In Quarantäne, [7b6b18874249d95df00c3847847fd927], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCFE8F93-FA8E-42A7-8E4A-1DE8B5368CBD}, In Quarantäne, [c91d0b94127941f539c21669f3108977], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6D65DD2-C9FF-46A1-A690-BB754A2D2234}, In Quarantäne, [21c54956c3c8f6407883314e8d76db25], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7805AEC-22CA-447F-A8A6-7EC7E77070A9}, In Quarantäne, [4c9a6b347b10c6704cafadd24cb73ec2], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA617D50-E068-4C1D-AE95-F6E6AF98E524}, In Quarantäne, [bf27732c8cff79bd07f482fdeb180ef2], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE3F1BE3-9026-4411-94C0-6275F5D04962}, In Quarantäne, [39ad1a85d6b5ba7c7784dba442c1738d], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F254CE75-9F5A-4339-95D3-C425FB9D2FA3}, In Quarantäne, [76703b64f7945adc4bb037488a791ce4], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2F2CECB-4057-45D7-9099-DBA4A389EDA3}, In Quarantäne, [0adc306f3754fc3a29d3bfc0ab5820e0], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63CB3CD-DFB0-48EF-B2D7-FEE9CDB66E41}, In Quarantäne, [1bcb6837ddae56e00cf0532c63a059a7], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F88A048B-94CB-47D1-849C-D6DED33C423F}, In Quarantäne, [d313b0efdcafb18546b695eab94aab55], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9BD8476-7ED1-47C5-AC74-4D343134A95A}, In Quarantäne, [a73f4f509bf0e551e6155e212bd84fb1], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA438C90-32B9-4258-85D8-D35DBF4AC826}, In Quarantäne, [fbeb4758f7945adc6596e19ee91a34cc], PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCE608D2-31D8-4F88-8853-E471C5AE4D18}, In Quarantäne, [be28ffa04b40eb4b9e5da6d959aaf709], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F05661C7-1D8D-4DCA-9CCD-38B1D14B90C6}, Löschen bei Neustart, [cd1928775833c86e5bc2562ae122bc44], PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F508FD0F-A0B9-4FA6-9671-D508E2630CBB}, Löschen bei Neustart, [20c6900f6a213ff7fe1ddda33ac99f61], PUP.Optional.MediaPlayerPlus, HKLM\SOFTWARE\WOW6432NODE\Media_Play_AIR+, Löschen bei Neustart, [d70fddc2048755e184c9a4ee996a53ad], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F05661C7-1D8D-4DCA-9CCD-38B1D14B90C6}, Löschen bei Neustart, [64822e719cefa096a974bec27c87a759], PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F508FD0F-A0B9-4FA6-9671-D508E2630CBB}, Löschen bei Neustart, [cc1a5d42a5e6f83e48d36020de2526da], Registrierungswerte: 77 PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0f212658-ac46-4db4-a651-f2e3f5d38859}|AppName, HDvid-Codec V9.0-bg.exe, In Quarantäne, [3caa28770c7fda5c8e6c0e71d72c8e72] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{108D8067-8643-4CF1-AD3B-101D25E768BF}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [d313831cbfcced4927d4c0bf2dd68b75] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{178E9451-E9D4-4381-971F-AD9530306779}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [578f6f302368e3539a62ed92e1228080] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{243121BC-100C-4AD0-BD27-1171FA11535A}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [28be9708701bfc3a58a47e01d72c817f] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29BBDDF8-DD97-45DD-AF9B-C79232B8E5FB}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [6482c1de0784ed49dc20b4cbfa09d729] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2A50A943-F295-4327-9A13-8A6FDE603887}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [f3f3d7c874172610cc30a9d6ec177b85] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2C6E88B5-E812-4915-8F98-7DEDCA968096}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [23c3a9f62b608baba8547708758e19e7] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3201F3BF-442C-44D9-941C-DED57D9E39F9}|AppName, 0ee6de5f-3a06-4b03-90c8-26d4cf9d4b0a-2.exe-buttonutil.exe, In Quarantäne, [05e1ced1c0cb56e08b7093ec0af926da] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32079536-D419-4EC5-9595-458584C51E73}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [6284a7f8751695a1ba42acd33cc7946c] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{32FF15BB-1746-4465-9D49-5BD934F0ABE6}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [16d05e415239122469920b74b64d0df3] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{347244E5-8DC2-410F-891A-CBAFFA5B9B58}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [f8eee8b7f59661d5e21ab7c8c1423ac6] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{370C4882-3678-4934-B3F8-365577ED1916}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [f9ed425d1774d660bf3ded9261a2a060] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{38A03796-445B-4B91-8357-38D3F71D8A4E}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [796da9f65e2d6bcb0eeee09fe81b59a7] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3CF1FF4B-591A-4D7D-9ECE-C4AA701DAEC9}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [9e48544b632833030eeeed92c93aa759] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3DE2F41F-43B2-447D-8F27-94872AF29849}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [7670dbc4b8d350e6ac50b5cadb28837d] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4241BAA4-98E3-4220-AD22-8EEDCCA3A57F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [796d801f8a017db9ed0ebfc08f74738d] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4339F59A-23EE-44A2-BDA0-2BF2F2F635AC}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [5c8a2e7119720432ea118ef1a85b23dd] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{448AC77C-BC55-4305-BA96-A1DFAD8F58E6}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [38ae3b64bad13df9817a4b347093ae52] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{45B71231-D71B-49F0-91AE-8BBED0D8E54D}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [3da938672269c670f902add245be857b] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{470C2232-DF1D-42F1-AA50-4712B8B1C5BD}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [8d591e81810a7cba6497daa550b30cf4] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4B605DC8-1160-4B90-BA69-D9D94681ACDA}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [ecfaffa07d0ec571b547aad5a063aa56] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4F6B9E16-DA67-4E0F-94D1-F9F7F9E7D2F6}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [21c52b74414a54e2be3e225dee1501ff] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5284F595-4519-4416-A4F4-78E1667984ED}|AppName, 87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-2.exe-codedownloader.exe, In Quarantäne, [07dfd6c9018a95a1ed0f94eb4db6728e] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{58897D74-1416-4284-8677-5CF215122361}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [c323d9c658332f076c8fb5cac73c50b0] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A4D0888-7C66-49BB-98EE-AB8F90668E66}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [677ffea11a717abcc23aee915da6fb05] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5C8D1436-87D2-41F9-BC5E-B612F2FA569F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [e40236696229fb3bb546ec93ae5505fb] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E6B95C4-65C3-4396-9DAE-1EB81EF3CAD5}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [8066950a99f291a588731c6362a1ff01] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5ED96D22-A363-4CCE-801A-D431BAA677FE}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [63832778e5a68caa28d49de2877c10f0] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6049520A-E37D-493A-A1CB-F3CA1E53F6BC}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [42a46b34107b3df948b4ccb33bc8d32d] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6305ACDF-10FA-44FD-B790-B3A9737D46C2}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [eef8a9f6cdbe1b1b5aa183fc44bfdc24] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68DA9E74-2753-4D16-A5F2-3789ACD8C0F2}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [bc2aa9f69feccb6bdf1d8ef19d669769] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6900D7FA-7A60-44B7-84E8-2B13651799EF}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [24c29b04d2b975c1fffc3847ef148977] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6F52208F-2C52-446A-919D-19B389CCFA74}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [1ccae3bca6e5d5617686ea9526dd8f71] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{71484CBA-6D1C-4D14-93D6-9E7FEC8EB217}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [cd198f1098f33afc00fb611eb05341bf] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73174BA1-463A-4E33-856C-B0A9768C7188}|AppName, 0ee6de5f-3a06-4b03-90c8-26d4cf9d4b0a-2.exe-codedownloader.exe, In Quarantäne, [7b6b950a1279c373be3ec6b9db281ae6] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{76FF8EE5-6E5A-4091-95F8-72D892EBAD3C}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [9254d7c85e2d44f29e5d7d024db69f61] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{782CE1D4-815E-4CEB-A9D0-232BBFA05820}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [697d29761279310509f2dca360a3c040] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7906FE99-9B73-45DA-802C-9E3ECF643A69}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [e7ff772896f5989ea8545a25e2219d63] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BE1335F-830A-42BC-85BC-77C31F19403D}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [984e6936711ae35300fb0a758c777888] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7D692592-F455-445A-BFD7-14F23E53D31F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [7b6b6837c8c30b2bd328d8a76c978878] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{819B9182-3E54-4952-98DD-1DF84CDFF528}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [2fb7e9b6236886b0e01b275831d24ab6] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{83D3BB6C-230D-44D7-A635-28F73188E2F9}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [3ea8f6a9345769cd906b0a75ae5501ff] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89FC5209-C785-4891-A1D2-6291E24EB3B4}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [02e4bde20d7eae88e715c1be2fd4ff01] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A04DFF9F-25C6-4DC4-A9ED-F0483D4536C8}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [be28940b0a81999dcd2ed3ac4fb444bc] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AB5E15E1-881C-45ED-99BE-127269A81FCB}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [05e10798117a94a26497344b4fb413ed] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2394958-C484-429A-B6D9-2120192DCC79}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [e7ff207f92f943f3cd2f96e9c340c23e] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B2F7A7C3-B14A-4DAC-A3FD-70385B51DAF3}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [c71ffda2b0dbf3437f7d245bf50e1be5] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B558CA57-2A92-4F63-8B80-F3C6E0A5DEAE}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [6f77930cd0bbd0665ba16c13e71c9a66] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B95AFDF4-305B-4BE0-B92F-F6227FEABD4F}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [5e88811eee9d4aecaf4cdaa5c83b9a66] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BDA297CF-2BBB-463D-9D51-24FF29791355}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [499d900fd9b2dc5a11ebd6a960a3b24e] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C0603216-89C4-4200-BEC8-E99F299E87E8}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [cc1ac8d7ed9e7abc18e4156aa55e38c8] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C08F6C81-FD88-4311-B8DA-7F5DCB5CD9AB}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [c5211689c9c2ba7c619b92edf013738d] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{c1f76434-8480-44b4-974f-2c335171ecac}|AppName, HDvid-Codec V9.0-codedownloader.exe, In Quarantäne, [cb1b900fb3d80f27da22b5ca36cd639d] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C2BA08AD-9479-42CB-B47E-9828521D9498}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [4d999a054c3f75c10af1116e1ae9c937] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C5913AD0-989C-41E4-A1A8-8BAC6C777C13}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [cd19930c751633037b811a657291ee12] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7163553-28E8-44B5-B432-1832BCB6ED79}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [fde9dac51a7150e61ede532c16ed3ac6] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA614061-DC8C-45B4-9619-732AF86F522E}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [bc2ac7d88cff92a40dee83fc50b3916f] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D08752A0-F26A-4EF8-BF17-E1BC442DCDE1}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [c81e356abdce64d2ef0d95ea56adcb35] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D227944D-474C-4B1B-A9AF-CE76B4F47D6A}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [5393a4fbf8935ed8dc2086f9ac573cc4] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2A9E610-7EFF-47A2-BA87-5A9D71C29B79}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [8462d1ce4348cf6711eb37486d96f808] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCD1AEA9-4558-4D5A-B6CD-8D928B369BB0}|AppName, 0ee6de5f-3a06-4b03-90c8-26d4cf9d4b0a-2.exe-codedownloader.exe, In Quarantäne, [7b6b18874249d95df00c3847847fd927] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DCFE8F93-FA8E-42A7-8E4A-1DE8B5368CBD}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [c91d0b94127941f539c21669f3108977] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{e6d65dd2-c9ff-46a1-a690-bb754a2d2234}|AppName, HDvid-Codec V9.0-buttonutil.exe, In Quarantäne, [21c54956c3c8f6407883314e8d76db25] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E7805AEC-22CA-447F-A8A6-7EC7E77070A9}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [4c9a6b347b10c6704cafadd24cb73ec2] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA617D50-E068-4C1D-AE95-F6E6AF98E524}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [bf27732c8cff79bd07f482fdeb180ef2] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EE3F1BE3-9026-4411-94C0-6275F5D04962}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [39ad1a85d6b5ba7c7784dba442c1738d] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F254CE75-9F5A-4339-95D3-C425FB9D2FA3}|AppName, 87ca2a8b-2c21-40d9-9b89-2d00c43bd78c-2.exe-buttonutil.exe, In Quarantäne, [76703b64f7945adc4bb037488a791ce4] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F2F2CECB-4057-45D7-9099-DBA4A389EDA3}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [0adc306f3754fc3a29d3bfc0ab5820e0] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F63CB3CD-DFB0-48EF-B2D7-FEE9CDB66E41}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-codedownloader.exe, In Quarantäne, [1bcb6837ddae56e00cf0532c63a059a7] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F88A048B-94CB-47D1-849C-D6DED33C423F}|AppName, Media_Play_AIR+-enabler.exe-codedownloader.exe, In Quarantäne, [d313b0efdcafb18546b695eab94aab55] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9BD8476-7ED1-47C5-AC74-4D343134A95A}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [a73f4f509bf0e551e6155e212bd84fb1] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA438C90-32B9-4258-85D8-D35DBF4AC826}|AppName, 4e46404a-c7b1-4975-9527-355ea5225317-2.exe-buttonutil.exe, In Quarantäne, [fbeb4758f7945adc6596e19ee91a34cc] PUP.Optional.CrossRider, HKCU\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FCE608D2-31D8-4F88-8853-E471C5AE4D18}|AppName, Media_Play_AIR+-enabler.exe-buttonutil.exe, In Quarantäne, [be28ffa04b40eb4b9e5da6d959aaf709] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f05661c7-1d8d-4dca-9ccd-38b1d14b90c6}|AppName, Media_Play_AIR+-codedownloader.exe, Löschen bei Neustart, [cd1928775833c86e5bc2562ae122bc44] PUP.Optional.CrossRider, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f508fd0f-a0b9-4fa6-9671-d508e2630cbb}|AppName, Media_Play_AIR+-bg.exe, Löschen bei Neustart, [20c6900f6a213ff7fe1ddda33ac99f61] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f05661c7-1d8d-4dca-9ccd-38b1d14b90c6}|AppName, Media_Play_AIR+-codedownloader.exe, Löschen bei Neustart, [64822e719cefa096a974bec27c87a759] PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{f508fd0f-a0b9-4fa6-9671-d508e2630cbb}|AppName, Media_Play_AIR+-bg.exe, Löschen bei Neustart, [cc1a5d42a5e6f83e48d36020de2526da] Registrierungsdaten: 1 PUP.Optional.SimplyTech, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|newtab, %appdata%\SimplyTech\home\home.htm, Gut: (www.google.com), Schlecht: (%appdata%\SimplyTech\home\home.htm),Löschen bei Neustart,[af377e21f99281b55bda0a659c68cb35] Ordner: 1 PUP.Optional.ProtectedSearch, C:\Windows\System32\Tasks\ProtectedSearch, In Quarantäne, [aa3c86196c1fd363afc694f30df58d73], Dateien: 2 PUP.Optional.WebInstr, C:\Windows\System32\drivers\Msft_Kernel_webinstrNew_01009.Wdf, Löschen bei Neustart, [b333dcc3187376c0be1e0fa05aa91fe1], PUP.Optional.ProtectedSearch, C:\Windows\System32\Tasks\ProtectedSearch\Protected Search, In Quarantäne, [aa3c86196c1fd363afc694f30df58d73], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v5.023 - Bericht erstellt am 01/12/2015 um 11:20:31 # Aktualisiert am 30/11/2015 von Xplode # Datenbank : 2015-11-30.1 [Server] # Betriebssystem : Windows 7 Professional Service Pack 1 (x64) # Benutzername : Hauptversorgung - MANUSPC # Gestartet von : C:\Users\Manu\Downloads\AdwCleaner_5.023.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : Update snipsmart ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\ParetoLogic [-] Ordner Gelöscht : C:\ProgramData\ParetoLogic [-] Ordner Gelöscht : C:\ProgramData\ytd video downloader [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader [-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Local\MalwareProtectionLive [-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\DriverCure [-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\ParetoLogic [-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Systweak [-] Ordner Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér [!] Ordner Nicht Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér [-] Ordner Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\astrmndant [-] Ordner Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{8dc5c42e-9204-2a64-8b97-fa94ff8a241f} [-] Ordner Gelöscht : C:\Windows\SysNative\Tasks\Browser Updater [-] Ordner Gelöscht : C:\Windows\SysNative\Tasks\SystemSockets ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml [-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk [-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\Extensions\{b64d9b05-48e1-4ceb-bf58-e0643994e900}.xpi [-] Datei Gelöscht : C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\searchplugins\yahoo_ff.xml [-] Datei Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi [-] Datei Gelöscht : C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\Extensions\{f2548724-373f-45fe-be6a-3a85e87b7711}.xpi ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** [-] Aufgabenplanung Gelöscht : ASP [-] Aufgabenplanung Gelöscht : paretologic registration3 [-] Aufgabenplanung Gelöscht : paretologic update version3 [-] Aufgabenplanung Gelöscht : ParetoLogic Update Version3 Startup Task ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\uus3url-pl [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9} [-] Schlüssel Gelöscht : HKLM\System\CurrentControlSet\Services\Eventlog\Application\Update snipsmart [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [C:\Program Files (x86)\Plus-HD-9.7\Plus-HD-9.7-nova.exe] [-] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6EC77D09-02CB-4E1F-E3C4-FB141B2610B3} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} [-] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\ParetoLogic [-] Schlüssel Gelöscht : HKCU\Software\StormWatchApp [-] Schlüssel Gelöscht : HKCU\Software\StormWatch [-] Schlüssel Gelöscht : HKCU\Software\snipsmart [-] Schlüssel Gelöscht : HKCU\Software\OB [-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean [!] Schlüssel Nicht Gelöscht : HKCU\Software\Mozilla\Extends [-] Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\re-markit [-] Schlüssel Gelöscht : HKLM\SOFTWARE\ParetoLogic [-] Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Taronja [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WindowsMangerProtect [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Activeris AntiMalware_is1 [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05} [-] Schlüssel Gelöscht : HKU\.DEFAULT\Software\AppDataLow\Software\Supra Savings [-] Schlüssel Gelöscht : HKU\S-1-5-19\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} [-] Schlüssel Gelöscht : HKU\S-1-5-20\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} [-] Schlüssel Gelöscht : HKU\S-1-5-20\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B} [-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\InstalledBrowserExtensions [-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Softonic [-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\suprasavings [-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\AppDataLow\Software\Supra Savings [-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\AppDataLow\Software\suprasavings [-] Schlüssel Gelöscht : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\AppDataLow\Software\re-markit [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Bar] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Default_Search_URL] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Bar] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\Search [Search Page] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchURI [] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL] [-] Daten Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchURI [] [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURI [] [-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main [Search Page] [-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Main [Search Bar] [-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] [-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\Search [SearchAssistant] [-] Daten Wiederhergestellt : HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Software\Microsoft\Internet Explorer\SearchUrl [Default] [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BCDA714C-8505-4B2F-8D95-183C58730C77} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\astromenda.com ***** [ Internetbrowser ] ***** [-] [C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\prefs.js] [Preference] Gelöscht : user_pref("keyword.URL", "hxxps://de.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=937811&p="); [-] [C:\Users\Hauptversorgung\AppData\Roaming\Mozilla\Firefox\Profiles\4uoldsn5.default\prefs.js] [Preference] Gelöscht : user_pref("browser.startup.homepage", "hxxps://de.search.yahoo.com/?type=937811&fr=spigot-yhp-ff"); [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.defaultenginename", "Astromenda"); [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "Astromenda"); [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBzz0B0EyEyE0CtD0E0BtN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzytDy[...] [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBzz0B0EyEyE0CtD0E0BtN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBzyt[...] [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda"); [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda"); [-] [C:\Users\Manu\AppData\Roaming\Mozilla\Firefox\Profiles\QVb22NAK.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_cmi_14_43_ch&cd=2XzuyEtN2Y1L1Qzu0AyE0D0BtAtDyBzz0B0EyEyE0CtD0E0BtN0D0Tzu0StCtDtBzytN1L2XzutAtFyDtFtCtFyEtN1L1CzutCyEtBz[...] [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : astromenda.com [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snapdo.com [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : default-search.net [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : istart.webssearches.com [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : webssearches [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Gelöscht : hxxp://istart.webssearches.com/web/?type=ds&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX&q={searchTerms} [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : ibnjmihbbanannlbobkbmnmckjnmdnom [-] [C:\Users\Hauptversorgung\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://istart.webssearches.com/?type=hp&ts=1414402244&from=cvs2&uid=HGSTXHTS541075A9E680_130913JA13021H0B0YVKX [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Gelöscht : feed.snapdo.com [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : booedmolknjekdopkepjjeckmjkdpfgl [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : flpcjncodpafbgdpnkljologafpionhb [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : ibnjmihbbanannlbobkbmnmckjnmdnom [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : kfgaibfbmkjgmimhbbaikfnpkkjkpoan [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : nhjnmokdaalmckkikjklibeakholpham [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Gelöscht : pfkfdlcdbajamklbneflfbcmfgddmpae [-] [C:\Users\Manu\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://search.conduit.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=MCD9BAB08-7ABA-4542-874F-FC143CF15558&SearchSource=55&CUI=&UM=5&UP=SPA12563DE-28B5-4BD1-8429-E6959CE85A73&SSPV= ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Internet Explorer Richtlinien gelöscht :: Chrome Richtlinien gelöscht ########## EOF - \AdwCleaner\AdwCleaner[C2].txt - [15481 Bytes] ########## |
01.12.2015, 12:06 | #14 |
| Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"".Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015 durchgeführt von Hauptversorgung (2015-12-01 12:01:32) Gestartet von C:\Users\Manu\Downloads\Hilfe Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled) Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled) Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled) Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal) Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant) CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games) Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games) Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts) Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.) Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.) Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation) Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - ) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony) Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team) NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version: - ) Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version: - Crytek) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony) SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims) Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - Iron Lore Entertainment) Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version: - Iron Lore Entertainment) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation) UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version: - MX-3200 Mouse Driver) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 01-12-2015 11:11:40 Revo Uninstaller's restore point - System Checkup 3.5 ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2015-12-01 00:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B218BB-B0BE-40B5-880B-669D3D989018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {36CC9A75-FF2F-453A-A08C-3DF6DA05C672} - System32\Tasks\{DC9E7E91-893F-4F34-8078-1E9598CD3A6A} => pcalua.exe -a "C:\Program Files (x86)\Media_Play_AIR+\Uninstall.exe" -c /fcp=1 Task: {41F2AC6B-6E34-4814-A9F1-95BCAD745482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {65E73BDE-6998-4EF4-B2F2-BE1C22C01D89} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe Task: {80BF3CDD-F884-4F26-AF87-90928C62F92B} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25] (Avira Operations GmbH & Co. KG) Task: {84FB224D-0E25-44C3-9193-28B6C475FFF8} - \Browser Updater\Browser Updater -> Keine Datei <==== ACHTUNG Task: {89F4AD92-E3AC-49CB-AE69-8C756DECBC63} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe Task: {9C074F6C-8604-4152-8DD2-2F5AA246BCEE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {AEBD5690-7CB0-4CF6-A0A6-8F09C7EA5158} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B375BCBF-15A7-44DD-94EB-F3C4B8E56AB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {B6CFCE72-B725-4A8C-9FED-D67829945A5A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B78AA8BB-2BFC-449F-A1C3-6882B976C7F6} - \ProtectedSearch\Protected Search -> Keine Datei <==== ACHTUNG Task: {C213B827-FF0C-44DD-BC69-8F567D29E2D0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {E1B00C93-5703-46DE-8C3B-9C36F51FC3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-18] (Adobe Systems Incorporated) Task: {FDE43669-62CB-4041-B6BE-0F4463347814} - \SystemSockets\SystemSockets -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-05-30 14:32 - 2013-05-30 14:32 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe 2015-08-15 10:05 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2015-08-15 10:05 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2014-08-22 14:59 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2014-08-22 14:59 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll 2014-08-22 14:59 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2015-04-10 10:26 - 2015-04-10 10:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2013-06-11 08:31 - 2013-06-11 08:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll 2012-04-04 13:33 - 2012-04-04 13:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll 2013-01-08 16:02 - 2013-01-08 16:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll 2012-07-26 10:51 - 2012-07-26 10:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll 2012-05-07 10:55 - 2012-05-07 10:55 - 00178104 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869 FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900 FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [TCP Query User{4ECE19A5-0346-49ED-9A23-1B1944DA5A9C}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B650DFB5-09BD-4A88-ADBF-8CB6A828E18B}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [{8BD15219-0F0E-4756-B9E6-6FF735F8E49B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe FirewallRules: [{6D719EC0-A7BE-44B8-BCE1-57DC879FF14F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: 3D-Videocontroller Description: 3D-Videocontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6240 Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6240 Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5241 Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5241 Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4243 Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4243 Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/01/2015 07:39:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3229 Systemfehler: ============= Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1070 Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Avira Email-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1070 Error: (12/01/2015 11:24:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet. Error: (12/01/2015 11:21:00 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "TOSHIBA Bluetooth Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2015-12-01 00:19:50.079 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-12-01 00:19:50.044 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:22:54.493 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:22:54.472 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.882 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.858 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Prozentuale Nutzung des RAM: 21% Installierter physikalischer RAM: 12216.36 MB Verfügbarer physikalischer RAM: 9543.68 MB Summe virtueller Speicher: 24430.93 MB Verfügbarer virtueller Speicher: 21695.37 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:503.32 GB) (Free:64.78 GB) NTFS Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2068.82 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9E560E8A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=06) Partition 3: (Not Active) - (Size=503.3 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ==================== Ende von Addition.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:30-11-2015 durchgeführt von Hauptversorgung (2015-12-01 12:01:32) Gestartet von C:\Users\Manu\Downloads\Hilfe Windows 7 Professional Service Pack 1 (X64) (2014-04-20 22:13:51) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-1029605971-2717496707-4219619431-500 - Administrator - Disabled) Gast (S-1-5-21-1029605971-2717496707-4219619431-501 - Limited - Disabled) Hauptversorgung (S-1-5-21-1029605971-2717496707-4219619431-1000 - Administrator - Enabled) => C:\Users\Hauptversorgung HomeGroupUser$ (S-1-5-21-1029605971-2717496707-4219619431-1003 - Limited - Enabled) Manu (S-1-5-21-1029605971-2717496707-4219619431-1001 - Limited - Enabled) => C:\Users\Manu ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated) Amazon Music (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Amazon Amazon Music) (Version: 3.7.1.698 - Amazon Services LLC) Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.) ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Assassin's Creed Brotherhood (HKLM-x32\...\Steam App 48190) (Version: - Ubisoft Montreal) Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 2.0.0.9 - Qualcomm Atheros) Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Atheros) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.14.259 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 1.6.11.1440 - Avira Operations GmbH & Co. KG) Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v9.10.11(T) - TOSHIBA CORPORATION) Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Combat Arms EU (HKLM-x32\...\Combat Arms EU) (Version: - ) Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.64.52.52 - Conexant) CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Darksiders (HKLM-x32\...\Steam App 50620) (Version: - Vigil Games) Darksiders II (HKLM-x32\...\Steam App 50650) (Version: - Vigil Games) Debut Videorekorder (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Debut) (Version: 1.95 - NCH Software) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Diablo III Public Test (HKLM-x32\...\Diablo III Public Test) (Version: - Blizzard Entertainment) Dragon Age™: Inquisition (HKLM-x32\...\{DC4C36DC-4E5B-4262-B0C7-157DF534B969}) (Version: 1.0.0.11 - Electronic Arts) Dropbox (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Dropbox) (Version: 3.10.11 - Dropbox, Inc.) DTS Sound (HKLM-x32\...\{791692AD-63B2-4A87-A097-4E8DD3CE4BC9}) (Version: 1.00.0078 - DTS, Inc.) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Free Audio Dub version 1.7.9.908 (HKLM-x32\...\Free Audio Dub_is1) (Version: 1.7.9.908 - DVDVideoSoft Ltd.) Free Studio version 6.5.0.301 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.301 - DVDVideoSoft Ltd.) Free WEBM Player (HKLM-x32\...\Free WEBM Player_is1) (Version: 1.0 - Free Converting) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: - GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.18.10.3165 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.) Java 8 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418020F0}) (Version: 8.0.200 - Oracle Corporation) Java SE Development Kit 8 Update 5 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180050}) (Version: 8.0.50 - Oracle Corporation) Junk Mail filter update (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios) League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games ) League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden LEGO Rock Raiders (HKLM-x32\...\LEGO Rock Raiders) (Version: - ) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Media Go (HKLM-x32\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony) Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony) Media Go Video Playback Engine 2.16.102.12020 (HKLM-x32\...\{571E58E4-608E-B7A6-50FF-4B531B424F5B}) (Version: 2.16.102.12020 - Sony) Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation) Microsoft .NET Framework 4.5 DEU Language Pack (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50709 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\OneDriveSetup.exe) (Version: 17.3.6201.1019 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation) Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 33.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.1 (x86 de)) (Version: 33.0.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.7.9 - Notepad++ Team) NVIDIA PhysX v8.09.04 (HKLM-x32\...\{A7E07C2B-2220-4415-87E3-784D5814BC93}) (Version: 8.09.04 - NVIDIA Corporation) OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation) Origin (HKLM-x32\...\Origin) (Version: 9.4.23.2817 - Electronic Arts, Inc.) Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games) PhotoFiltre 7 (HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\PhotoFiltre 7) (Version: - ) Picopix Viewer 2 (HKLM-x32\...\{6022800B-A1E1-4CA9-9B74-6E4F599AC42C}) (Version: 1.0.0.7 - PHILIPS) Portal 2 (HKLM-x32\...\Steam App 620) (Version: - Valve) PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.) Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Ryse: Son of Rome (HKLM-x32\...\Steam App 302510) (Version: - Crytek) Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.) Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.14.14.201410081526 - Sony Mobile Communications AB) Sony PC Companion 2.10.297 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.297 - Sony) SoundSwitch (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\5e9d4b807286f8d3) (Version: 2.4.1.4 - Jeroen Pelgrims) Spotify (HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\Spotify) (Version: 1.0.18.60.g5fe0413d - Spotify AB) STAR WARS™ Knights of the Old Republic™ II: The Sith Lords™ (HKLM-x32\...\Steam App 208580) (Version: - Obsidian Entertainment) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) The Witcher 3: Wild Hunt (HKLM-x32\...\Steam App 292030) (Version: - CD PROJEKT RED) Titan Quest (HKLM-x32\...\Steam App 4540) (Version: - Iron Lore Entertainment) Titan Quest: Immortal Throne (HKLM-x32\...\Steam App 4550) (Version: - Iron Lore Entertainment) Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.10.1 - Electronic Arts) TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.12 for x64 - TOSHIBA Corporation) TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}) (Version: 5.00.04.00 - TOSHIBA) TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.27.3201 - Toshiba Corporation) UninstallMX-3200 Mouse (HKLM-x32\...\{41CC9883-5B20-4F62-98CB-034D10240708}}_is1) (Version: - MX-3200 Mouse Driver) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Uplay (HKLM-x32\...\Uplay) (Version: 4.8 - Ubisoft) VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll => Keine Datei CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\amd64\FileCoAuthLib64.dll () CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Manu\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Manu\AppData\Roaming\Dropbox\bin\DropboxExt64.28.dll (Dropbox, Inc.) ==================== Wiederherstellungspunkte ========================= 01-12-2015 11:11:40 Revo Uninstaller's restore point - System Checkup 3.5 ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2015-12-01 00:20 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {02B218BB-B0BE-40B5-880B-669D3D989018} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {36CC9A75-FF2F-453A-A08C-3DF6DA05C672} - System32\Tasks\{DC9E7E91-893F-4F34-8078-1E9598CD3A6A} => pcalua.exe -a "C:\Program Files (x86)\Media_Play_AIR+\Uninstall.exe" -c /fcp=1 Task: {41F2AC6B-6E34-4814-A9F1-95BCAD745482} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {65E73BDE-6998-4EF4-B2F2-BE1C22C01D89} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe Task: {80BF3CDD-F884-4F26-AF87-90928C62F92B} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2015-08-25] (Avira Operations GmbH & Co. KG) Task: {84FB224D-0E25-44C3-9193-28B6C475FFF8} - \Browser Updater\Browser Updater -> Keine Datei <==== ACHTUNG Task: {89F4AD92-E3AC-49CB-AE69-8C756DECBC63} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe Task: {9C074F6C-8604-4152-8DD2-2F5AA246BCEE} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {AEBD5690-7CB0-4CF6-A0A6-8F09C7EA5158} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B375BCBF-15A7-44DD-94EB-F3C4B8E56AB7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.) Task: {B6CFCE72-B725-4A8C-9FED-D67829945A5A} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-18] (Dropbox, Inc.) Task: {B78AA8BB-2BFC-449F-A1C3-6882B976C7F6} - \ProtectedSearch\Protected Search -> Keine Datei <==== ACHTUNG Task: {C213B827-FF0C-44DD-BC69-8F567D29E2D0} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-1029605971-2717496707-4219619431-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe Task: {E1B00C93-5703-46DE-8C3B-9C36F51FC3B7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-18] (Adobe Systems Incorporated) Task: {FDE43669-62CB-4041-B6BE-0F4463347814} - \SystemSockets\SystemSockets -> Keine Datei <==== ACHTUNG (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001Core.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-1029605971-2717496707-4219619431-1001UA.job => C:\Users\Manu\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-02-13 03:20 - 2015-02-13 03:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-02-13 03:20 - 2015-02-13 03:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2013-05-30 14:32 - 2013-05-30 14:32 - 00016720 _____ () C:\Program Files (x86)\DTS, Inc\DTS Studio Sound\dts_apo_service.exe 2015-11-21 16:56 - 2015-11-21 16:56 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2014-12-18 15:30 - 2014-12-08 07:27 - 06277952 _____ () C:\Users\Manu\AppData\Local\Amazon Music\Amazon Music Helper.exe 2015-08-15 10:05 - 2015-06-10 10:13 - 00113024 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe 2015-08-15 10:05 - 2012-04-30 10:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll 2014-08-22 14:59 - 2015-10-20 17:44 - 00242176 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll 2011-07-07 13:54 - 2011-07-07 13:54 - 00233984 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\Report.dll 2014-08-22 14:59 - 2013-05-20 11:58 - 00620718 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\sqlite3.dll 2015-03-23 18:19 - 2015-03-23 18:19 - 02620416 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\libxt.dll 2014-08-22 14:59 - 2015-04-21 12:22 - 00053248 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VObject.dll 2015-04-10 10:26 - 2015-04-10 10:26 - 00669696 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PhoneUpdate.dll 2013-06-11 08:31 - 2013-06-11 08:31 - 00090112 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CalEngine.dll 2012-04-04 13:33 - 2012-04-04 13:33 - 00139776 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdLNotes.dll 2013-01-08 16:02 - 2013-01-08 16:02 - 00163840 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\CAgdOutlook.dll 2012-07-26 10:51 - 2012-07-26 10:51 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\VistaCalendar.dll 2012-05-07 10:55 - 2012-05-07 10:55 - 00178104 _____ () C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosGatt.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\...\sony.com -> sony.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\clonewarsadventures.com -> clonewarsadventures.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\freerealms.com -> freerealms.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\soe.com -> soe.com IE trusted site: HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\...\sony.com -> sony.com ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-1029605971-2717496707-4219619431-1000\Control Panel\Desktop\\Wallpaper -> HKU\S-1-5-21-1029605971-2717496707-4219619431-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Manu\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: Datenträger ist nicht mit dem Internet verbunden. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist deaktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{695E765D-1888-4123-A8A0-77C1063C4600}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{7334B691-407C-4F7A-B1CD-649227889648}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe FirewallRules: [{E7E0FB69-5014-4EDF-9346-E3CE354F890F}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5B4215D7-629E-4CD1-8A9F-7AFD98D92516}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [TCP Query User{FD221C7B-2323-43AA-87F2-FA60B3CDAEA1}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [UDP Query User{5F9E9BCD-E65A-458B-AB31-90F74F32492F}C:\program files\java\jdk1.8.0_05\bin\jmc.exe] => (Allow) C:\program files\java\jdk1.8.0_05\bin\jmc.exe FirewallRules: [{150BEBFA-06AC-446C-88AE-DC455F13C92E}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{3399C967-52AC-436B-AAA4-B0B033265B07}] => (Allow) C:\Nexon\Combat Arms EU\NMService.exe FirewallRules: [{5FDAC454-596C-4093-9C44-386654845929}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{FEEA1814-0AA6-446C-9AD6-58158DCB8366}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe FirewallRules: [{77BA2580-97DA-42E3-A7C9-1F538BF6303F}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{ED613459-72D8-489D-A965-6CA4C593548B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe FirewallRules: [{2A4B1D99-1D5D-4E69-83C2-3F4F14468DDC}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{BE5FB37C-92A8-4E65-AFCD-64328F901131}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe FirewallRules: [{704239C9-60B8-4CEF-8368-FFCD03FB8C52}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{5C0AF49E-EDDB-4910-883A-243E86BE809E}] => (Allow) C:\Program Files (x86)\Sony Mobile\Update Engine\Sony Mobile Update Engine.exe FirewallRules: [{3F5AAD94-95FA-4D8C-A604-CEBE0D5B08EA}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{5DC7C6FB-C9AC-4FC7-8B78-ACCB784808B9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{69570EC4-3BA9-42AE-8B38-A551373CD101}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [UDP Query User{2D222F44-2F5E-4A05-AA89-969DA903E654}C:\programdata\battle.net\agent\agent.3634\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3634\agent.exe FirewallRules: [{15121F45-5065-4408-99AC-2987AE1F5E06}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{22715FA6-D188-4B64-B47F-9F17BC93A0A1}] => (Allow) LPort=2869 FirewallRules: [{761C75ED-7C81-436D-9038-00175947154E}] => (Allow) LPort=1900 FirewallRules: [{46FCDBBA-0F5D-402A-8D61-93295691B05B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [TCP Query User{02A45172-C4DC-4C66-9133-20D4402B1DE0}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{08C48F49-058C-47BC-BC2D-E62AA9A6075D}C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{AFA97030-0BDF-4923-AF83-25BD945A08DB}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3D3B09D3-A583-4625-BF68-11B0D1A88119}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{840649AA-4555-4A11-B44E-4941DFC38C88}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{0B9FD96F-1A10-447B-BCFE-16A13A05EE85}] => (Allow) C:\Users\Manu\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{A415C068-196E-4E51-9D69-D23BB7851B93}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [UDP Query User{EF96EDDE-B1D2-494D-BA50-4AB950322CE2}C:\programdata\battle.net\agent\agent.3689\agent.exe] => (Block) C:\programdata\battle.net\agent\agent.3689\agent.exe FirewallRules: [TCP Query User{E4410D65-CD93-4D6B-9DDB-4C6D4740CD18}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{CE3168AC-A80B-41EA-9CA1-91147D7CF6B6}C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\manu\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [TCP Query User{414CE259-0899-45A2-A87C-2781BE7F02E1}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [UDP Query User{44979A6C-3837-4A68-BB24-6B09A7301BFB}C:\program files (x86)\microsoft games\halo trial\halo.exe] => (Allow) C:\program files (x86)\microsoft games\halo trial\halo.exe FirewallRules: [{BE758AE4-C60D-45DB-A9FA-6FBD285A667D}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{D995E6C6-683C-4C6B-AC70-D0725B7E0A77}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3715\Agent.exe FirewallRules: [{5F307FEF-1FF6-4DCA-B0FA-97A5FAE437F5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{76B7ADE8-DACE-488D-970F-AD727A24E894}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{93B38BA5-37F1-48A0-AE0C-83C315B45BEA}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{57697E62-A9AB-4CE8-B1EA-6386C3870037}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders 2\Darksiders2.exe FirewallRules: [{B7713B6E-B5B4-4911-A3A2-567180FB102C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{912EE4F4-E9A8-49AE-AAA1-8FF0CC88BE3D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Darksiders\DarksidersPC.exe FirewallRules: [{576CC5FE-A1BA-46B2-AC3B-D4D2C16C4E43}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{7293FCF4-1A73-4502-B6BB-AE16B30B6A8C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest Immortal Throne\Tqit.exe FirewallRules: [{11AB4B45-A653-49B8-B7EB-C71728E81216}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{6BFA2B02-35C6-4D26-8982-C6AD7F2AA929}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Titan Quest\Titan Quest.exe FirewallRules: [{50C1150E-8695-472D-B1D7-E8415E876784}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{A36BF8F6-70A8-43B9-9C8A-202BB09D3CAF}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.exe FirewallRules: [{ADD2C6A6-D26B-438F-B6B8-E7CFE514D766}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{FE84DAB2-AD69-4C7C-8133-5110540C7E70}] => (Allow) C:\Program Files (x86)\webcam 7\webcam7.Service.exe FirewallRules: [{42B8BE23-325D-4373-9F18-7A1586E3866D}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [{DA58110C-A453-4FA7-B3DB-452E2FF21E07}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe FirewallRules: [TCP Query User{A290E011-B1D3-4675-B8F0-5FBBBCD69709}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{03FB4EEC-A900-45DB-A1F8-8FF8B632F1C2}C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34659\heroesofthestorm_x64.exe FirewallRules: [{14A24841-2449-4206-A1CD-52AF3D61ADCB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{65E9204B-24D1-4616-9A10-8DEADD1D67CB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6BCE2702-E6E8-49B9-B3B6-94DD8EB038B0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{885CC5DF-D215-47FD-860F-4A0947C1A479}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{AD749031-A1F6-43ED-9745-C0C26A72B9A6}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{61C6A1A6-E6A9-4AA6-BA3C-E4610C04530F}C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base34846\heroesofthestorm_x64.exe FirewallRules: [{DA2525F1-DEB7-49F1-87A5-E61C7C38C59A}] => (Allow) C:\Users\Hauptversorgung\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{06C9F0A8-346F-4C0C-9B55-E653DF945D1D}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [TCP Query User{5EC3F0A6-9028-4498-9532-48EB0D0BE5E5}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [UDP Query User{759BB140-F194-4985-9DDD-51A587D41EFE}C:\program files (x86)\orbitdownloader\orbitnet.exe] => (Allow) C:\program files (x86)\orbitdownloader\orbitnet.exe FirewallRules: [TCP Query User{3293E2EB-2B90-461B-B2F5-ED2F77688E29}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{0C6B17EA-CC2D-4EB4-87CB-846DF40EA8D9}C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base35360\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{E6867034-8D86-4988-B6BE-5BDEC70F0D46}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{3B7CBB1B-3F82-4E3C-8B68-EDEA086B2524}C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\manu\desktop\games\minecraft\spiel\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{C7E6BF53-0DA0-45AF-87AF-20579A896855}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [UDP Query User{23324BB8-18D3-4304-B06C-A6718AB5EBB2}C:\nexon\combat arms eu\engine.exe] => (Allow) C:\nexon\combat arms eu\engine.exe FirewallRules: [TCP Query User{89CD0DE0-F2BF-430A-8A2C-2C452D71EBDF}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{727384BD-E278-4DFD-B9EA-1311169FCAB9}C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base36144\heroesofthestorm_x64.exe FirewallRules: [{D28DA4D8-870A-4874-9A0A-07F998B654BD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{9FA4D48B-86A8-4ECB-9297-F3ECDCE18FB9}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Path of Exile\PathOfExileSteam.exe FirewallRules: [{1721AEB4-BA9D-4560-B96C-7EE39595B642}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [{38E0F69F-9AC7-484C-9A66-23EFA9468806}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe FirewallRules: [TCP Query User{365A8F52-5F7C-4D87-86E7-80471F9A22F2}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{A9F2616C-8D6A-465D-803B-87412F96BE39}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Allow) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{B85217BD-BF90-42FC-AC38-7E5329156401}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [UDP Query User{E1286947-A9B0-44BC-84FF-68C2BB8D86EB}C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe] => (Allow) C:\users\manu\appdata\roaming\deep silver\sacred 2 - fallen angel\system\s2gs.exe FirewallRules: [{A34A4B2C-606F-4038-AA6E-BB2B980968F4}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{A5DBA105-740F-4B0D-87E7-B712BC30A2C0}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{BD0440F7-5665-4B79-B226-1B3B86011CE8}C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37117\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{3D01D709-80EE-4CFF-B5AD-40033A43DADA}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{93877362-D359-4E3D-A3B9-EDC17E18EF50}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [{502EBF67-EDE6-4D14-98AE-860EB5C0D972}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [{EE0D5ABB-6FE7-4C6F-84A1-1C966530FA22}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Ryse Son of Rome\Bin64\Ryse.exe FirewallRules: [TCP Query User{A88E8258-F561-44ED-9219-315BF1367CE0}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{EF807ECB-443B-431A-92EF-AE5620078C33}C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37351\heroesofthestorm_x64.exe FirewallRules: [{E1ACAAB5-BF44-4C1D-827C-28743106A93E}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{511EA237-B5C6-4CD6-BBB6-1E18C6A3E827}] => (Allow) C:\Program Files (x86)\Origin Games\Titanfall\Titanfall.exe FirewallRules: [{E01C9A8D-F268-4334-8811-FB33F15CF691}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [{47CA75A6-CF9A-4B52-8D13-395D6CE50ECA}] => (Allow) C:\Program Files (x86)\Origin Games\Dragon Age Inquisition\DragonAgeInquisition.exe FirewallRules: [TCP Query User{1E9E3768-7706-461F-BCCD-D45B7B429FC6}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{4A92A064-0E08-424B-B185-77F82C728675}C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe] => (Block) C:\program files (x86)\heroes of the storm\versions\base37569\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{86226233-512F-4C66-AD95-004871ADEC8D}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{75CF4D54-4682-4D94-899F-FC1267F2B1E8}C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base37795\heroesofthestorm_x64.exe FirewallRules: [TCP Query User{A599D2BC-B153-43AD-9A54-0B3454E92695}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [UDP Query User{C9F7AB7D-CA57-4D28-9554-9B4A1FD6287D}C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe] => (Allow) C:\program files (x86)\heroes of the storm\versions\base38236\heroesofthestorm_x64.exe FirewallRules: [{46C43241-26E4-43C9-A5D1-CA513B7CF971}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [TCP Query User{4D434C33-EA00-404E-A6E3-DE4D4B3BD158}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [UDP Query User{C108A8C9-73CE-425C-AF89-B2A6A9030AF8}C:\program files (x86)\diablo iii public test\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii public test\diablo iii.exe FirewallRules: [{C313866D-3332-4B60-82CB-8657E7806570}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{325C35F4-85F1-4F48-A0C0-BCB9415E0234}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassins Creed Brotherhood\ACBSP.exe FirewallRules: [{04511432-AE04-49EC-A4FA-CB5D5D8454BE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{5A9125A0-77C9-46D5-B6AB-53C7B1B8FBCA}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe FirewallRules: [{D1516845-6E21-4850-8D47-03BBA9BE16EE}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{74EE8792-45C4-4D90-94C6-0C7D1B86868E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe FirewallRules: [{DF066418-9661-412A-9365-1349110E6823}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{F1525B84-1D69-42B3-9C34-88CC394EC190}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Portal 2\portal2.exe FirewallRules: [{063B437B-D699-484F-BEA0-920D3B769F09}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{4BB81FE2-D083-4AF1-8B61-1BF0E3C141E1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Knights of the Old Republic II\swkotor2.exe FirewallRules: [{BF07CEF3-AECC-4D06-BE76-9F33F3E57C84}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{2B02CD39-DBA6-4AE6-8BCA-6CB6638BD9B7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Borderlands 2\Binaries\Win32\Launcher.exe FirewallRules: [{C85F2749-3ED8-414E-83E0-4C1BBCEECB25}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [{AAF532D2-C9F1-4534-BB2B-62537D62DBD6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\The Witcher 3\bin\x64\witcher3.exe FirewallRules: [TCP Query User{4ECE19A5-0346-49ED-9A23-1B1944DA5A9C}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B650DFB5-09BD-4A88-ADBF-8CB6A828E18B}C:\users\manu\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\manu\appdata\roaming\spotify\spotify.exe FirewallRules: [{8BD15219-0F0E-4756-B9E6-6FF735F8E49B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe FirewallRules: [{6D719EC0-A7BE-44B8-BCE1-57DC879FF14F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Just Cause 3\JustCause3.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\CombatArms.exe] => :*Enabled:CombatArms.exe StandardProfile\AuthorizedApplications: [C:\Nexon\Combat Arms EU\Engine.exe] => :*Enabled:Engine.exe ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: USB (Universal Serial Bus)-Controller Description: USB (Universal Serial Bus)-Controller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: 3D-Videocontroller Description: 3D-Videocontroller Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Teredo Tunneling Pseudo-Interface Description: Microsoft-Teredo-Tunneling-Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 6240 Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 6240 Error: (12/01/2015 07:39:04 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 5241 Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 5241 Error: (12/01/2015 07:39:03 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4243 Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4243 Error: (12/01/2015 07:39:02 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Error: (12/01/2015 07:39:01 AM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 3229 Systemfehler: ============= Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Avira Browser-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1070 Error: (12/01/2015 11:25:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "Avira Email-Schutz" ist vom Dienst "Avira Echtzeit-Scanner" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1070 Error: (12/01/2015 11:24:44 AM) (Source: Service Control Manager) (EventID: 7022) (User: ) Description: Der Dienst "Avira Echtzeit-Scanner" wurde nicht richtig gestartet. Error: (12/01/2015 11:21:00 AM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMScheduler" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "MBAMService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:31 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts. Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "TOSHIBA Bluetooth Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (12/01/2015 11:20:30 AM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Avira Service Host" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2015-12-01 00:19:50.079 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2015-12-01 00:19:50.044 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:22:54.493 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:22:54.472 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.882 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. Date: 2014-11-30 22:21:01.858 Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\sfvfs02.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz Prozentuale Nutzung des RAM: 21% Installierter physikalischer RAM: 12216.36 MB Verfügbarer physikalischer RAM: 9543.68 MB Summe virtueller Speicher: 24430.93 MB Verfügbarer virtueller Speicher: 21695.37 MB ==================== Laufwerke ================================ Drive c: () (Fixed) (Total:503.32 GB) (Free:64.78 GB) NTFS Drive f: (FreeAgent GoFlex Drive) (Fixed) (Total:2794.51 GB) (Free:2068.82 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 9E560E8A) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=195.2 GB) - (Type=06) Partition 3: (Not Active) - (Size=503.3 GB) - (Type=07 NTFS) Attempted reading MBR returned 0 bytes. Could not read MBR for disk 1. ==================== Ende von Addition.txt ===================================================== |
01.12.2015, 18:13 | #15 |
/// TB-Ausbilder /// Anleitungs-Guru | Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". FRST.txt fehlt. Dafür ist die Addition.txt zweimal da...
__________________ Gruß deeprybka Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
Themen zu Fehlermeldung: RegSvr32 Fehler beim laden des Moduls"". |
antivirus, avira, converter, cpu, defender, desktop, downloader, explorer, failed, fehlermeldung, firefox, firewall, flash player, helper, installation, internet, internet explorer, modul, onedrive, problem, registry, regsvr32, scan, server, software, temp, teredo, udp, usb |