| |
| |||||||
Log-Analyse und Auswertung: Probleme beim Starten von C:/User/tatjana/appdata/local/TouchformWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.12.2015, 20:41
| #1 |
| |  Probleme beim Starten von C:/User/tatjana/appdata/local/Touchform Hallo ich habe seit paar Wochen nur Stress mit dem Rechner von meiner Mum. Ich habe schon so eine Sachen gelöscht die ich für falsch fand mit hilfe von ccleAner. trotzdem habe ich seltsame Probleme. seiten gehen von alleine auf Chrome lässt sich nicht richtig benutzen öffnet nur komische seiten. Ständig kommt eine melden wie oben in der Überschrifft. ich freu mich über eure hilfe. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Tatjana (Administrator) auf FAMONUFRIEV (04-12-2015 15:25:28)
Gestartet von C:\Users\Tatjana\Downloads
Geladene Profile: Tatjana (Verfügbare Profile: UpdatusUser & Tatjana & Oleg & Diana)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Users\Tatjana\AppData\Roaming\NetService\netservice.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(TomTom) C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
(Toshiba Corporation) C:\Program Files\Toshiba\Teco\TecoService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.28.15\GoogleCrashHandler64.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [782520 2015-11-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-10-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [rec_en_77] => [X]
HKLM-x32\...\Run: [dply_en_009030165] => "C:\Program Files (x86)\dply_en_009030165\dply_en_009030165.exe"
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\Run: [VoipCheapCom] => C:\Program Files (x86)\VoipCheapCom\VoipCheapCom.exe [23189608 2015-09-30] (VoipCheapCom)
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\Run: [TomTomHOME.exe] => C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3890768 2015-03-26] (Tonec Inc.)
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.exe [430048 2015-05-21] (CyberGhost S.R.L.)
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50143872 2015-11-17] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2014-04-21] (Tonec Inc.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-624424584-4042204696-3470667462-1007\User: Beschränkung <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-624424584-4042204696-3470667462-1005\User: Beschränkung <======= ACHTUNG
GroupPolicyUsers\S-1-5-21-624424584-4042204696-3470667462-1002\User: Beschränkung <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{062786c5-8e49-456b-8add-4533bd20ec69}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com/?fr=hp-avast&type=avastbcl
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q=
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q=
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1445628402&z=b7617a37c9826ee8e5c8fd1gcz6z5wfq2obbaz0e2o&from=amt&uid=hgstxhts541010a9e680_130602jb1000130lu5wpx&q={searchTerms}
SearchScopes: HKLM -> {30B8CCF9-0B3A-4481-BED8-CC72DDF4272F} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKLM-x32 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
SearchScopes: HKU\S-1-5-21-624424584-4042204696-3470667462-1002 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-624424584-4042204696-3470667462-1002 -> OldSearch URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1445628402&z=b7617a37c9826ee8e5c8fd1gcz6z5wfq2obbaz0e2o&from=amt&uid=hgstxhts541010a9e680_130602jb1000130lu5wpx&q={searchTerms}
SearchScopes: HKU\S-1-5-21-624424584-4042204696-3470667462-1002 -> {30B8CCF9-0B3A-4481-BED8-CC72DDF4272F} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-624424584-4042204696-3470667462-1002 -> {851C37D5-B777-4DBB-8F32-2D13C1990BDF} URL =
SearchScopes: HKU\S-1-5-21-624424584-4042204696-3470667462-1002 -> {9CB96984-43C3-4D44-90EF-01466EFCF7BB} URL = hxxps://de.search.yahoo.com/yhs/search?type=avastbcl&hspart=avast&hsimp=yhs-001&p={searchTerms}
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-02-21] (Internet Download Manager, Tonec Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-624424584-4042204696-3470667462-1002 -> hxxp://www.oursurfing.com/?type=hp&ts=1445628402&z=b7617a37c9826ee8e5c8fd1gcz6z5wfq2obbaz0e2o&from=amt&uid=hgstxhts541010a9e680_130602jb1000130lu5wpx
FireFox:
========
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-05-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-02-15] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll [Keine Datei]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll [2014-01-02] ()
FF HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Tatjana\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\Tatjana\AppData\Roaming\IDM\idmmzcc5 [2015-03-29] [ist nicht signiert]
StartMenuInternet: FIREFOX.EXE - firefox.exe
Chrome:
=======
CHR HomePage: Profile 2 -> hxxp://www.oursurfing.com/?type=hp&ts=1449147365&z=89bb9196c58c0bdc794227agfz8zbt6gewde1tdq0z&from=buzz&uid=HGSTXHTS541010A9E680_130602JB1000130LU5WPX
CHR StartupUrls: Profile 2 -> "hxxp://www.oursurfing.com/?type=hp&ts=1449147365&z=89bb9196c58c0bdc794227agfz8zbt6gewde1tdq0z&from=buzz&uid=HGSTXHTS541010A9E680_130602JB1000130LU5WPX"
CHR DefaultSearchURL: Profile 2 -> hxxp://www.oursurfing.com/web/?type=ds&ts=1449147365&z=89bb9196c58c0bdc794227agfz8zbt6gewde1tdq0z&from=buzz&uid=HGSTXHTS541010A9E680_130602JB1000130LU5WPX&q={searchTerms}
CHR DefaultSearchKeyword: Profile 2 -> oursurfing
CHR Profile: C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-02-06]
CHR Extension: (Google Docs) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-06-29]
CHR Extension: (Google Drive) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-12]
CHR Extension: (YouTube) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-02]
CHR Extension: (Adblock Plus) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-09-12]
CHR Extension: (Google Search) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-02]
CHR Extension: (See Results Hub) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhnojfhbnejlbmkgdgadnckcaokjehma [2015-11-11] [UpdateUrl: hxxp://cdn.seeresultshub.com/update] <==== ACHTUNG
CHR Extension: (avast! SafePrice) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2014-08-28]
CHR Extension: (AdBlock) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-08-28]
CHR Extension: (avast! Online Security) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-28]
CHR Extension: (mysms - Text anywhere) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnkkehjnlfplmdnallbjjdnokolhblgb [2014-09-12]
CHR Extension: (Move Your Photos) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\idiebfmmkhaffedkhjhapmagabcadjhc [2014-02-06]
CHR Extension: (Sharp Angle) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnibligecbfoablpiffglgnbdnffcge [2015-11-12] [UpdateUrl: hxxp://wwwsharpanglesys-a.akamaihd.net/update/chrome] <==== ACHTUNG
CHR Extension: (Explain and Send Screenshots) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdddabjhelpilpnpgondfmehhcplpiin [2014-09-20]
CHR Extension: (Google Mail Checker) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-02-06]
CHR Extension: (Google Wallet) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-20]
CHR Extension: (PAYBACK Internet Assistent für Google Chrome) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbfjbhoglggakhkngkbfehgghkaadeba [2014-08-28]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2014-09-08]
CHR Extension: (Chloe) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pillplnpmfjckedkedpaoembffbpklnf [2014-02-06]
CHR Extension: (Gmail) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-02]
CHR Profile: C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Präsentationen) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-26]
CHR Extension: (Google Docs) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-26]
CHR Extension: (Google Drive) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-26]
CHR Extension: (YouTube) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-26]
CHR Extension: (Google-Suche) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-26]
CHR Extension: (Google Tabellen) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-26]
CHR Extension: (Google Docs Offline) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-26]
CHR Extension: (Skype Click to Call) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-11-26]
CHR Extension: (IDM Integration Module) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2015-11-26]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-26]
CHR Extension: (Cinema_Plus-6.1cV09.11) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-11-26]
CHR Extension: (Google Mail) - C:\Users\Tatjana\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-26]
CHR Extension: (Extutil) - C:\Users\Tatjana\AppData\Local\Temp\D8ADFCCA-EE7E-442C-9999-C4D14FEF360B [2015-11-26]
CHR Extension: (Touch Form) - C:\Users\Tatjana\AppData\Local\Touch Form\Component [2015-11-27]
CHR Extension: (Managera) - C:\Users\Tatjana\AppData\Local\Temp\39fdaae5-8e0e-493c-88ec-e05c3be06e42 [2015-11-26]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-03-26]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2015-03-26]
StartMenuInternet: Google Chrome - Chrome.exe
Opera:
=======
OPR Extension: (bfipfkeoidmndggnnpobeenlamiclald) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\bfipfkeoidmndggnnpobeenlamiclald [2015-10-31]
OPR Extension: (bfipfkeoidmndggnnpobeenlamiclald) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\cgmnfnmlficgeijcalkgnnkigkefkbhd [2015-11-25]
OPR Extension: (See Results Hub) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\dhnojfhbnejlbmkgdgadnckcaokjehma [2015-11-11]
OPR Extension: (iWebar) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\hdhmofnopkgkpgnpggloijpbnaonhplc [2015-11-26]
OPR Extension: (Sharp Angle) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\idnibligecbfoablpiffglgnbdnffcge [2015-11-12]
OPR Extension: (bfipfkeoidmndggnnpobeenlamiclald) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\kfgaibfbmkjgmimhbbaikfnpkkjkpoan [2015-11-26]
OPR Extension: (bfipfkeoidmndggnnpobeenlamiclald) - C:\Users\Tatjana\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-11-11]
StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [932912 2015-11-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [461672 2015-11-27] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [461672 2015-11-27] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1147720 2015-11-27] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [243968 2015-10-14] (Avira Operations GmbH & Co. KG)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [63968 2015-05-21] (CyberGhost S.R.L)
U2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [3240208 2015-11-15] (Client Connect LTD)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [147688 2015-09-24] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-01-23] (WildTangent)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-17] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129848 2013-02-22] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [167736 2013-02-22] (Intel Corporation)
R2 NetTcpHandler; C:\Users\Tatjana\AppData\Roaming\NetService\netservice.exe [173088 2015-07-09] ()
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2099720 2015-11-18] (Electronic Arts)
R3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [116240 2013-01-04] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 BrsHelper; C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE [X]
S2 FastCompress; C:\Program Files (x86)\FastCompress-Zip\Fast_Support.exe [X]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe /medsvc [X] <==== ACHTUNG
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137800 2015-11-27] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-11-27] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-03-17] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [74440 2015-11-27] (Avira Operations GmbH & Co. KG)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [237568 2015-07-10] (Microsoft Corporation)
R3 ETDSMBus; C:\Windows\System32\drivers\ETDSMBus.sys [39504 2015-07-30] (ELAN Microelectronic Corp.)
R3 NETwNe64; C:\Windows\System32\drivers\NETwew01.sys [3354384 2015-07-10] (Intel Corporation)
R1 swsedrvr_vw_1_10_0_25; C:\Windows\System32\drivers\swsedrvr_vw_1_10_0_25.sys [57720 2015-09-22] (SS)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [54424 2015-07-29] (Toshiba Corporation)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
R3 usb3Hub; C:\Windows\System32\drivers\usb3Hub.sys [48024 2013-01-29] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
R3 XHCIPort; C:\Windows\System32\drivers\XHCIPort.sys [194456 2013-01-29] (Windows (R) Win 7 DDK provider)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-04 15:25 - 2015-12-04 15:25 - 02350080 _____ (Farbar) C:\Users\Tatjana\Downloads\FRST64.exe
2015-12-04 15:25 - 2015-12-04 15:25 - 00028347 _____ C:\Users\Tatjana\Downloads\FRST.txt
2015-12-04 15:25 - 2015-12-04 15:25 - 00000000 ____D C:\FRST
2015-12-04 15:24 - 2015-12-04 15:24 - 00000000 ____D C:\Users\Tatjana\AppData\Local\SearchProtect
2015-12-04 15:24 - 2015-12-04 15:24 - 00000000 ____D C:\Program Files (x86)\SearchProtect
2015-12-04 15:21 - 2015-12-04 15:21 - 00000000 ____D C:\$SysReset
2015-12-04 15:13 - 2015-12-04 15:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DESKTOPPLAY
2015-12-04 15:13 - 2015-12-04 15:13 - 00000000 ____D C:\Users\Tatjana\AppData\Local\dply_en_009030165
2015-12-04 15:13 - 2015-12-04 15:13 - 00000000 ____D C:\Program Files (x86)\dply_en_009030165
2015-12-04 15:11 - 2015-12-04 15:11 - 00000000 ___HD C:\OneDriveTemp
2015-12-04 15:10 - 2015-12-04 15:10 - 00016148 _____ C:\WINDOWS\system32\FAMONUFRIEV_Tatjana_HistoryPrediction.bin
2015-12-03 14:06 - 2015-12-03 14:06 - 00065366 _____ C:\Users\Tatjana\Downloads\Konto_1110229840-Auszug_2015_012.PDF
2015-12-03 13:58 - 2015-12-03 13:58 - 00003256 _____ C:\WINDOWS\System32\Tasks\Web Touch2
2015-12-03 13:58 - 2015-12-03 13:58 - 00003254 _____ C:\WINDOWS\System32\Tasks\Web Touch
2015-12-03 13:58 - 2015-12-03 13:58 - 00000000 ____D C:\Users\Tatjana\AppData\Local\Web Touch
2015-12-03 13:57 - 2015-12-03 13:57 - 00000098 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
2015-11-29 11:43 - 2015-11-29 11:43 - 00000000 ____D C:\Users\Tatjana\AppData\Local\ElevatedDiagnostics
2015-11-27 01:46 - 2015-11-29 14:57 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448588787-11E3-B30C-089E01C64289
2015-11-27 01:45 - 2015-11-27 01:45 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448588739-11E3-B30C-089E01C64289
2015-11-27 01:05 - 2015-11-27 01:05 - 00000017 _____ C:\WINDOWS\SysWOW64\history.dat
2015-11-27 01:02 - 2015-11-27 01:02 - 00001222 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-11-27 01:00 - 2015-11-27 01:31 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\Avira
2015-11-27 01:00 - 2015-11-27 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-27 00:59 - 2015-11-27 01:23 - 00000000 ____D C:\ProgramData\Avira
2015-11-27 00:59 - 2015-11-27 01:21 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-11-27 00:59 - 2015-11-27 01:21 - 00137800 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-11-27 00:59 - 2015-11-27 01:21 - 00074440 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-11-27 00:59 - 2015-11-27 01:02 - 00000000 ____D C:\Program Files (x86)\Avira
2015-11-27 00:59 - 2015-03-17 13:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-11-27 00:49 - 2015-11-27 00:49 - 165283560 _____ C:\Users\Tatjana\Desktop\avira_free_antivirus259_de.exe
2015-11-27 00:47 - 2015-11-27 00:47 - 00026880 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdcsam64.sys
2015-11-27 00:09 - 2015-11-27 00:09 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\ScreenSnapshotTool
2015-11-27 00:09 - 2015-11-27 00:09 - 00000000 ____D C:\Program Files (x86)\ScreenSnapshotTool
2015-11-27 00:08 - 2015-12-04 15:17 - 00000370 ____H C:\WINDOWS\Tasks\NEORVJOBFREWSPJW.job
2015-11-27 00:08 - 2015-12-04 15:10 - 00000358 _____ C:\WINDOWS\Tasks\JYMHGKGU1.job
2015-11-27 00:08 - 2015-11-29 14:51 - 00000000 ____D C:\Program Files (x86)\Fast-Search
2015-11-27 00:08 - 2015-11-27 00:08 - 00003450 _____ C:\WINDOWS\System32\Tasks\NEORVJOBFREWSPJW
2015-11-27 00:08 - 2015-11-27 00:08 - 00003166 _____ C:\WINDOWS\System32\Tasks\gte3014
2015-11-27 00:08 - 2015-11-27 00:08 - 00002926 _____ C:\WINDOWS\System32\Tasks\JYMHGKGU1
2015-11-27 00:08 - 2015-11-27 00:08 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448582904-11E3-B30C-089E01C64289
2015-11-27 00:08 - 2015-11-27 00:08 - 00000000 ____D C:\ProgramData\Service7609
2015-11-27 00:08 - 2015-11-27 00:08 - 00000000 ____D C:\ProgramData\7c0535b143fc4671b6ebd202fbffe066
2015-11-27 00:08 - 2015-11-07 22:28 - 00045792 _____ (Abengine) C:\WINDOWS\system32\Drivers\acwfp64.sys
2015-11-27 00:07 - 2015-11-27 00:08 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448582878-11E3-B30C-089E01C64289
2015-11-27 00:07 - 2015-11-27 00:07 - 00004316 _____ C:\WINDOWS\System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update
2015-11-27 00:07 - 2015-11-27 00:07 - 00004290 _____ C:\WINDOWS\System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core
2015-11-26 23:58 - 2015-12-04 15:10 - 00005860 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-7.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00005860 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-6.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00005532 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-7.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00005532 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-6.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003814 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-13.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003486 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-13.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003472 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-7.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003472 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-6.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003470 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-14.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003152 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-7.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00003150 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-14.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00002808 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-6.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00002788 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5_user.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00002788 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00002460 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5_user.job
2015-11-26 23:58 - 2015-12-04 15:10 - 00002460 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5.job
2015-11-26 23:58 - 2015-11-26 23:58 - 00008976 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-7
2015-11-26 23:58 - 2015-11-26 23:58 - 00008976 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-6
2015-11-26 23:58 - 2015-11-26 23:58 - 00008648 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-7
2015-11-26 23:58 - 2015-11-26 23:58 - 00008648 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-6
2015-11-26 23:58 - 2015-11-26 23:58 - 00006990 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-13
2015-11-26 23:58 - 2015-11-26 23:58 - 00006662 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-13
2015-11-26 23:58 - 2015-11-26 23:58 - 00006646 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-14
2015-11-26 23:58 - 2015-11-26 23:58 - 00006592 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-7
2015-11-26 23:58 - 2015-11-26 23:58 - 00006592 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-6
2015-11-26 23:58 - 2015-11-26 23:58 - 00006326 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-14
2015-11-26 23:58 - 2015-11-26 23:58 - 00006272 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-7
2015-11-26 23:58 - 2015-11-26 23:58 - 00005972 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5_user
2015-11-26 23:58 - 2015-11-26 23:58 - 00005928 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-6
2015-11-26 23:58 - 2015-11-26 23:58 - 00005904 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5
2015-11-26 23:58 - 2015-11-26 23:58 - 00005644 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5_user
2015-11-26 23:58 - 2015-11-26 23:58 - 00005576 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5
2015-11-26 23:58 - 2015-11-26 23:58 - 00000000 ____D C:\Program Files (x86)\a7e4d8b5-ab14-440e-a923-0dfc64d4ece9
2015-11-26 23:58 - 2015-11-26 23:58 - 00000000 ____D C:\Program Files (x86)\7f5bc74f-19fe-4ad2-85d1-cb8385e756de
2015-11-26 23:57 - 2015-12-04 15:10 - 00005182 _____ C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-11.job
2015-11-26 23:57 - 2015-12-04 15:10 - 00004854 _____ C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-11.job
2015-11-26 23:57 - 2015-11-27 01:04 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader
2015-11-26 23:57 - 2015-11-27 00:08 - 00000888 _____ C:\task.vbs
2015-11-26 23:57 - 2015-11-26 23:57 - 00008300 _____ C:\WINDOWS\System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-11
2015-11-26 23:57 - 2015-11-26 23:57 - 00007972 _____ C:\WINDOWS\System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-11
2015-11-26 23:57 - 2015-11-26 23:57 - 00004416 _____ C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_3931343330383736322d574a324178345a2a376c455a
2015-11-26 23:57 - 2015-11-26 23:57 - 00004022 _____ C:\WINDOWS\System32\Tasks\YTDownloaderUpd
2015-11-26 23:57 - 2015-11-26 23:57 - 00003694 _____ C:\WINDOWS\System32\Tasks\YTDownloader
2015-11-26 23:57 - 2015-11-26 23:57 - 00003686 _____ C:\WINDOWS\System32\Tasks\ShopperProJSUpd
2015-11-26 23:56 - 2015-11-27 01:45 - 00000000 ____D C:\Users\Tatjana\AppData\LocalLow\SmartWeb
2015-11-26 23:55 - 2015-11-26 23:55 - 00003260 _____ C:\WINDOWS\System32\Tasks\Touch Form
2015-11-26 23:55 - 2015-11-26 23:55 - 00000000 ____D C:\Users\Tatjana\AppData\Local\Touch Form
2015-11-26 23:47 - 2015-11-26 23:47 - 00001297 _____ C:\Users\Tatjana\Desktop\Continue ExtraFeatures Installation.lnk
2015-11-26 23:44 - 2015-11-26 23:44 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448581458-11E3-B30C-089E01C64289
2015-11-26 23:44 - 2015-11-26 23:44 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448581454-11E3-B30C-089E01C64289
2015-11-26 23:43 - 2015-11-26 23:44 - 00000000 ____D C:\Users\Tatjana\AppData\Local\E1F9B160-1448581437-11E3-B30C-089E01C64289
2015-11-26 23:35 - 2015-11-26 23:35 - 00225904 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-11-26 23:20 - 2015-11-27 00:54 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\Enigma Software Group
2015-11-26 23:20 - 2015-11-26 23:20 - 00000000 _____ C:\autoexec.bat
2015-11-26 23:18 - 2015-12-04 15:24 - 00000000 ____D C:\Users\Tatjana\AppData\Local\bvxvhxvh
2015-11-26 23:18 - 2015-11-26 23:18 - 00003534 _____ C:\WINDOWS\System32\Tasks\bvxvhxvh
2015-11-26 23:18 - 2015-11-26 23:18 - 00000000 ____D C:\Program Files\Enigma Software Group
2015-11-26 23:17 - 2015-11-26 23:18 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\Tatjana\Downloads\SpyHunter-Installer.exe
2015-11-26 23:11 - 2015-11-26 23:11 - 1094782854 _____ C:\WINDOWS\MEMORY.DMP
2015-11-26 23:11 - 2015-11-26 23:11 - 00313072 _____ C:\WINDOWS\Minidump\112615-36703-01.dmp
2015-11-26 23:09 - 2015-11-26 23:09 - 00004326 _____ C:\WINDOWS\System32\Tasks\amiupdaterExi
2015-11-26 23:09 - 2015-11-26 23:09 - 00003488 _____ C:\WINDOWS\System32\Tasks\amiupdaterExd
2015-11-23 19:58 - 2015-11-23 19:58 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\shortCutStore
2015-11-19 21:57 - 2015-11-19 21:57 - 00016148 _____ C:\WINDOWS\system32\FAMONUFRIEV_Diana_HistoryPrediction.bin
2015-11-19 19:48 - 2015-11-19 19:48 - 00000000 ____D C:\Users\Diana\AppData\Local\CEF
2015-11-18 15:23 - 2015-11-26 23:11 - 00000000 ____D C:\WINDOWS\Minidump
2015-11-14 17:03 - 2015-11-14 17:03 - 00689064 _____ C:\Users\Diana\Downloads\google chrome.exe
2015-11-14 10:25 - 2015-11-14 10:25 - 00000000 ____D C:\Users\Diana\AppData\Roaming\Opera Software
2015-11-14 09:55 - 2015-11-14 09:55 - 00000000 ____D C:\Users\Diana\AppData\Local\gmsd_de_005010142
2015-11-12 21:19 - 2015-11-12 21:19 - 00061151 _____ C:\Users\Tatjana\Downloads\Konto_1110229840-Auszug_2015_011.PDF
2015-11-12 21:17 - 2015-11-12 21:17 - 00061594 _____ C:\Users\Tatjana\Downloads\Konto_1110229840-Auszug_2015_010 (1).PDF
2015-11-12 21:09 - 2015-11-12 21:09 - 00061191 _____ C:\Users\Tatjana\Downloads\Konto_1110229840-Auszug_2015_009 (2).PDF
2015-11-12 20:58 - 2015-11-12 20:58 - 00000000 ____D C:\Users\Tatjana\AppData\LocalLow\Temp
2015-11-12 20:54 - 2015-11-12 20:54 - 00061594 _____ C:\Users\Tatjana\Downloads\Konto_1110229840-Auszug_2015_010.PDF
2015-11-12 20:54 - 2015-11-12 20:54 - 00061191 _____ C:\Users\Tatjana\Downloads\Konto_1110229840-Auszug_2015_009 (1).PDF
2015-11-11 20:19 - 2015-12-03 13:59 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-11-11 20:13 - 2015-11-26 22:53 - 00000000 ____D C:\Users\Tatjana\AppData\Local\DailyWiki
2015-11-11 19:47 - 2015-11-11 19:47 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-11-11 19:35 - 2015-12-04 15:18 - 00000000 ____D C:\Program Files (x86)\Cinema_Plus-6.1cV09.11
2015-11-11 19:35 - 2015-12-04 15:10 - 00005548 _____ C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-7.job
2015-11-11 19:35 - 2015-12-04 15:10 - 00005548 _____ C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.job
2015-11-11 19:35 - 2015-12-04 15:10 - 00005214 _____ C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-11.job
2015-11-11 19:35 - 2015-12-04 15:10 - 00004188 _____ C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-3.job
2015-11-11 19:35 - 2015-12-04 15:10 - 00002142 _____ C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-10_user.job
2015-11-11 19:35 - 2015-11-26 23:58 - 00000000 ____D C:\Program Files (x86)\1a48ea4a-9a2a-4222-9bee-339f19cd9070
2015-11-11 19:35 - 2015-11-26 23:05 - 00000000 ____D C:\Program Files (x86)\Sharp Angle
2015-11-11 19:35 - 2015-11-11 19:36 - 00005116 _____ C:\WINDOWS\Tasks\temp_bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.job
2015-11-11 19:35 - 2015-11-11 19:35 - 00008664 _____ C:\WINDOWS\System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-7
2015-11-11 19:35 - 2015-11-11 19:35 - 00008664 _____ C:\WINDOWS\System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6
2015-11-11 19:35 - 2015-11-11 19:35 - 00008332 _____ C:\WINDOWS\System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-11
2015-11-11 19:35 - 2015-11-11 19:35 - 00007362 _____ C:\WINDOWS\System32\Tasks\temp_bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6
2015-11-11 19:35 - 2015-11-11 19:35 - 00007304 _____ C:\WINDOWS\System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-3
2015-11-11 19:35 - 2015-11-11 19:35 - 00005328 _____ C:\WINDOWS\System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-10_user
2015-11-11 18:51 - 2015-11-26 23:00 - 00000000 ____D C:\Users\Tatjana\AppData\Local\Image Balance
2015-11-11 18:38 - 2015-11-05 06:15 - 08020832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-11-11 18:38 - 2015-11-05 06:15 - 00541024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2015-11-11 18:38 - 2015-11-05 06:14 - 00459104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2015-11-11 18:38 - 2015-11-05 06:13 - 00577888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2015-11-11 18:38 - 2015-11-05 06:11 - 01392480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2015-11-11 18:38 - 2015-11-05 06:06 - 03621248 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-11-11 18:38 - 2015-11-05 06:06 - 00966416 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2015-11-11 18:38 - 2015-11-05 06:01 - 00607408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2015-11-11 18:38 - 2015-11-05 05:56 - 01083072 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-11-11 18:38 - 2015-11-05 05:56 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2015-11-11 18:38 - 2015-11-05 05:56 - 00025280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-11-11 18:38 - 2015-11-05 05:30 - 00961376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2015-11-11 18:38 - 2015-11-05 05:24 - 02878512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-11-11 18:38 - 2015-11-05 05:23 - 00762888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2015-11-11 18:38 - 2015-11-05 05:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2015-11-11 18:38 - 2015-11-05 05:20 - 21873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-11-11 18:38 - 2015-11-05 05:18 - 24597504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-11-11 18:38 - 2015-11-05 05:18 - 03248128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2015-11-11 18:38 - 2015-11-05 05:18 - 00539728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2015-11-11 18:38 - 2015-11-05 05:17 - 02418688 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2015-11-11 18:38 - 2015-11-05 05:12 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2015-11-11 18:38 - 2015-11-05 05:11 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2015-11-11 18:38 - 2015-11-05 05:10 - 12504064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-11-11 18:38 - 2015-11-05 05:10 - 02987520 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2015-11-11 18:38 - 2015-11-05 05:07 - 01068032 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2015-11-11 18:38 - 2015-11-05 05:06 - 00453120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2015-11-11 18:38 - 2015-11-05 05:05 - 01602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-11-11 18:38 - 2015-11-05 05:05 - 00826880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-11-11 18:38 - 2015-11-05 05:03 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-11-11 18:38 - 2015-11-05 05:03 - 01015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2015-11-11 18:38 - 2015-11-05 05:01 - 00949760 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2015-11-11 18:38 - 2015-11-05 05:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2015-11-11 18:38 - 2015-11-05 05:01 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-11-11 18:38 - 2015-11-05 04:59 - 03587072 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-11-11 18:38 - 2015-11-05 04:59 - 02675200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2015-11-11 18:38 - 2015-11-05 04:58 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-11-11 18:38 - 2015-11-05 04:58 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2015-11-11 18:38 - 2015-11-05 04:56 - 01795072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-11-11 18:38 - 2015-11-05 04:55 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2015-11-11 18:38 - 2015-11-05 04:54 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2015-11-11 18:38 - 2015-11-05 04:47 - 19326464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-11-11 18:38 - 2015-11-05 04:42 - 02647040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2015-11-11 18:38 - 2015-11-05 04:40 - 01918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2015-11-11 18:38 - 2015-11-05 04:35 - 18803712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-11-11 18:38 - 2015-11-05 04:35 - 02639872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2015-11-11 18:38 - 2015-11-05 04:34 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2015-11-11 18:38 - 2015-11-05 04:33 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-11-11 18:38 - 2015-11-05 04:33 - 00650240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-11-11 18:38 - 2015-11-05 04:30 - 00767488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2015-11-11 18:38 - 2015-11-05 04:28 - 11262976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-11-11 18:38 - 2015-11-05 04:27 - 02049536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2015-11-11 18:38 - 2015-11-05 04:27 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2015-11-11 18:38 - 2015-11-05 04:23 - 00441344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-04 15:25 - 2015-07-10 12:04 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-04 15:25 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-04 15:25 - 2015-07-10 10:05 - 00000000 ____D C:\Windows
2015-12-04 15:13 - 2015-08-22 14:18 - 01790124 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-04 15:13 - 2015-07-10 17:34 - 00772342 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-04 15:13 - 2015-07-10 17:34 - 00154170 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-04 15:13 - 2015-07-10 12:02 - 00000000 ____D C:\WINDOWS\INF
2015-12-04 15:12 - 2014-01-02 22:20 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\Skype
2015-12-04 15:11 - 2014-03-02 17:30 - 00000000 __RDO C:\Users\Tatjana\SkyDrive
2015-12-04 15:10 - 2015-10-23 20:40 - 00003162 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-7.job
2015-12-04 15:10 - 2015-10-23 20:40 - 00003162 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-6.job
2015-12-04 15:10 - 2015-10-23 20:40 - 00003160 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-14.job
2015-12-04 15:10 - 2015-10-23 20:40 - 00003160 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-13.job
2015-12-04 15:10 - 2015-10-23 20:40 - 00002470 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-5_user.job
2015-12-04 15:10 - 2015-10-23 20:40 - 00002470 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-5.job
2015-12-04 15:10 - 2015-10-23 20:39 - 00005542 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-6.job
2015-12-04 15:10 - 2015-10-23 20:39 - 00005206 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-7.job
2015-12-04 15:10 - 2015-10-23 20:39 - 00004182 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-3.job
2015-12-04 15:10 - 2015-10-23 20:39 - 00002136 _____ C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-10_user.job
2015-12-04 15:10 - 2015-08-22 15:04 - 00000000 __SHD C:\Users\Tatjana\IntelGraphicsProfiles
2015-12-04 15:10 - 2015-08-22 13:58 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-04 15:10 - 2015-08-22 13:52 - 00017408 _____ C:\WINDOWS\system32\rpcnetp.exe
2015-12-04 15:10 - 2014-01-02 15:56 - 00001138 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-04 15:09 - 2015-08-22 13:54 - 00017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.dll
2015-12-04 15:09 - 2014-01-02 15:59 - 00069792 _____ (Absolute Software Corp.) C:\WINDOWS\SysWOW64\rpcnet.dll
2015-12-04 15:08 - 2015-08-22 13:52 - 00029336 _____ C:\WINDOWS\system32\wpbbin.exe
2015-12-04 15:08 - 2015-08-22 13:52 - 00017408 _____ C:\WINDOWS\SysWOW64\rpcnetp.exe
2015-12-04 15:08 - 2015-07-10 13:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-04 15:08 - 2015-07-10 10:05 - 00786432 ___SH C:\WINDOWS\system32\config\BBI
2015-12-04 15:03 - 2014-03-23 16:28 - 00004166 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E1A6BB57-5DDC-49AA-BE66-8FEE2BF38A71}
2015-12-04 15:02 - 2014-01-02 15:56 - 00001142 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-03 13:59 - 2015-10-23 20:44 - 00001411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-12-03 13:59 - 2015-10-23 20:44 - 00001399 _____ C:\Users\Public\Desktop\Opera.lnk
2015-11-29 14:53 - 2015-08-22 13:59 - 00000000 ____D C:\WINDOWS\system32\SRSLabs
2015-11-29 14:48 - 2015-10-23 20:26 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\RunDir
2015-11-27 20:50 - 2013-12-20 00:43 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-11-27 03:08 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\rescache
2015-11-27 02:01 - 2015-10-23 20:28 - 00000000 ____D C:\Program Files (x86)\E1F9B160-1445628500-11E3-B30C-089E01C64289
2015-11-27 01:45 - 2015-10-23 20:38 - 00000008 _____ C:\END
2015-11-27 01:14 - 2015-10-26 17:54 - 00000004 _____ C:\WINDOWS\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-11-27 01:02 - 2013-08-01 20:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-11-27 00:54 - 2015-08-22 14:03 - 00000000 ____D C:\Users\Tatjana
2015-11-26 23:46 - 2015-10-23 20:44 - 00003962 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1445629459
2015-11-26 23:46 - 2015-10-23 20:43 - 00000000 ____D C:\Program Files (x86)\Opera
2015-11-26 23:29 - 2015-10-23 20:26 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\jogotempo
2015-11-26 23:29 - 2015-10-01 08:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipConnect
2015-11-26 23:29 - 2015-09-11 11:57 - 00000000 ____D C:\WINDOWS\Panther
2015-11-26 23:29 - 2015-03-29 13:39 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\IDM
2015-11-26 23:05 - 2014-02-05 20:00 - 00000000 ____D C:\ProgramData\AVAST Software
2015-11-26 22:45 - 2015-08-22 13:59 - 00000000 ____D C:\ProgramData\Conexant
2015-11-26 22:40 - 2012-07-26 06:26 - 00000226 _____ C:\WINDOWS\win.ini
2015-11-25 21:02 - 2015-03-29 13:39 - 00000000 ____D C:\Users\Tatjana\AppData\Roaming\DMCache
2015-11-25 20:48 - 2014-01-02 20:19 - 00000000 ____D C:\ProgramData\Skype
2015-11-23 19:58 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-11-23 19:58 - 2014-12-04 14:48 - 00000000 __SHD C:\Users\Tatjana\AppData\LocalLow\EmieUserList
2015-11-23 19:58 - 2014-12-04 14:48 - 00000000 __SHD C:\Users\Tatjana\AppData\LocalLow\EmieSiteList
2015-11-23 19:58 - 2013-08-22 16:36 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2015-11-23 19:48 - 2015-08-22 14:03 - 00000000 ____D C:\Users\Diana
2015-11-23 19:45 - 2015-07-10 12:04 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-11-19 20:41 - 2014-01-12 10:31 - 00000000 ____D C:\Users\Diana\AppData\Roaming\Spotify
2015-11-19 20:37 - 2015-07-10 11:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-11-19 19:51 - 2014-01-12 10:31 - 00000000 ____D C:\Users\Diana\AppData\Local\Spotify
2015-11-19 19:40 - 2014-03-30 09:47 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9E2777F0-46AC-43BB-AF7C-EFD3A59D4D70}
2015-11-18 15:49 - 2015-10-25 02:48 - 00001358 _____ C:\Users\Public\Desktop\Die Sims 4.lnk
2015-11-18 15:42 - 2015-10-23 20:57 - 00000000 ____D C:\ProgramData\Origin
2015-11-18 15:42 - 2015-10-23 20:56 - 00000000 ____D C:\Program Files (x86)\Origin
2015-11-18 15:25 - 2015-09-14 13:42 - 00000000 __SHD C:\Users\Diana\IntelGraphicsProfiles
2015-11-14 09:55 - 2015-09-14 13:48 - 00002407 _____ C:\Users\Diana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-11-14 09:55 - 2014-05-05 14:31 - 00000000 ___RD C:\Users\Diana\OneDrive
2015-11-12 20:08 - 2014-01-02 19:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-11-12 20:04 - 2014-01-02 19:30 - 145617392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-11-11 19:47 - 2014-01-02 15:42 - 00000000 ____D C:\Users\Tatjana\AppData\Local\VirtualStore
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-03 13:57 - 2015-12-03 13:57 - 0000098 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat
Einige Dateien in TEMP:
====================
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationCore.dll
C:\Users\ADMINI~1\AppData\Local\Temp\PresentationFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\ReachFramework.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationProvider.dll
C:\Users\ADMINI~1\AppData\Local\Temp\UIAutomationTypes.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsBase.dll
C:\Users\ADMINI~1\AppData\Local\Temp\WindowsFormsIntegration.dll
C:\Users\Diana\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tatjana\AppData\Local\Temp\1449147577tmp.exe
C:\Users\Tatjana\AppData\Local\Temp\avgnt.exe
C:\Users\Tatjana\AppData\Local\Temp\KUIU.EXE
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-26 23:46
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Tatjana (2015-12-04 15:26:16)
Gestartet von C:\Users\Tatjana\Downloads
Windows 10 Home (X64) (2015-08-22 14:03:37)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-624424584-4042204696-3470667462-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-624424584-4042204696-3470667462-503 - Limited - Disabled)
Diana (S-1-5-21-624424584-4042204696-3470667462-1007 - Limited - Enabled) => C:\Users\Diana
Gast (S-1-5-21-624424584-4042204696-3470667462-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-624424584-4042204696-3470667462-1009 - Limited - Enabled)
Oleg (S-1-5-21-624424584-4042204696-3470667462-1005 - Limited - Enabled) => C:\Users\Oleg
Tatjana (S-1-5-21-624424584-4042204696-3470667462-1002 - Administrator - Enabled) => C:\Users\Tatjana
UpdatusUser (S-1-5-21-624424584-4042204696-3470667462-1001 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Aloha TriPeaks (x32 Version: 2.2.0.98 - WildTangent) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.5187 - DsNET Corp)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.13.210 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{59c4462d-a177-4d44-a95b-deda1be79844}) (Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.49.18939 - Avira Operations GmbH & Co. KG) Hidden
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version: - CyberGhost S.R.L.)
Desktop-play 000.009030165 (HKLM-x32\...\dply_en_009030165_is1) (Version: - DESKTOPPLAY) <==== ACHTUNG
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.12.118.1020 - Electronic Arts Inc.)
Die*Sims™*3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.0.631 - Electronic Arts)
Empress of the Deep - The Darkest Secret (x32 Version: 2.2.0.98 - WildTangent) Hidden
EPSON BX305 Plus Series Printer Uninstall (HKLM\...\EPSON BX305 Plus Series) (Version: - SEIKO EPSON Corporation)
FastCompress-Zip_1.0.2.1_Release (HKLM-x32\...\FastCompress-Zip) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41663) (Version: 3.8.0.41663.61 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.0.1310 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.0.4.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
Intel(R) WiDi (HKLM\...\{62E7C369-64FF-452C-8F46-6BE9B77FF097}) (Version: 4.0.18.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{c9967fbd-e3c3-4ed0-992a-5b33260f2944}) (Version: 16.1.5 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version: - Tonec Inc.)
Island Tribe (x32 Version: 2.2.0.98 - WildTangent) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Jewel Quest Solitaire 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Magic Academy (x32 Version: 2.2.0.98 - WildTangent) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
NVIDIA Grafiktreiber 327.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.65 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Opera Stable 33.0.1990.115 (HKLM-x32\...\Opera 33.0.1990.115) (Version: 33.0.1990.115 - Opera Software)
Origin (HKLM-x32\...\Origin) (Version: 9.10.1.1501 - Electronic Arts, Inc.)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.98 - WildTangent) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Setup (HKLM-x32\...\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}) (Version: - ) <==== ACHTUNG
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.14 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.14.106 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.5.1333.g822e0de8 - Spotify AB)
TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.01.02.6405 - Toshiba Corporation)
TOSHIBA Display Utility (HKLM\...\{B6619F14-F766-4000-BC8A-522D4CC4E44F}) (Version: 1.0.4.5 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.4.6405 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6629.6407 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
TOSHIBA Password Utility (HKLM-x32\...\InstallShield_{26BB68BB-CF93-4A12-BC6D-A3B6F53AC8D9}) (Version: 4.0.5.0 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.03.6400 - Toshiba Corporation)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 3.0.01.55004008 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.6.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{6499E894-43F8-458B-AE35-724F4732BCDE}) (Version: 2.5.6 - Toshiba Corporation)
TOSHIBA Split Screen Utility (HKLM\...\{E3DFC568-B11C-48B5-8533-660D8813A868}) (Version: 1.2.2.0 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0020 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0007.32003 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.9.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.7.63 - Toshiba Corporation)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.98 - WildTangent) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
VoipCheapCom (HKLM-x32\...\VoipCheapCom_is1) (Version: 4.14 build 745 - Finarea S.A. Switzerland)
Web Touch (HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\{5B7010E1-1CBC-7FF2-65AC-E618F4D3F3E3}) (Version: 1.1.3 - Web Buzz corp)
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (Toshiba Games) (x32 Version: 4.0.11.2 - WildTangent) Hidden
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-624424584-4042204696-3470667462-1002_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tatjana\AppData\Local\Microsoft\OneDrive\17.3.6201.1019\FileCoAuth.exe (Microsoft Corporation)
==================== Wiederherstellungspunkte =========================
12-11-2015 03:34:57 Windows Update
18-11-2015 15:48:38 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501
26-11-2015 22:41:40 avast! antivirus system restore point
29-11-2015 16:13:43 Removed InstallShield Restore Point
29-11-2015 16:14:11 Removed Shared C Run-time for x64
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0258EC75-4693-4570-A847-33A34E75BC3C} - System32\Tasks\CGN => C:\Program Files (x86)\Common Files\ClaraUpdater\ClaraUpdater.exe
Task: {04299FB3-3BAF-49B4-97A9-397562D580BB} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {05EEB8E5-A462-464A-A90C-644081B1B086} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-13 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-13.exe <==== ACHTUNG
Task: {09F63515-11CA-497A-AE52-24488D39B9C3} - System32\Tasks\Opera scheduled Autoupdate 1445629459 => C:\Program Files (x86)\Opera\launcher.exe [2015-11-16] (Opera Software)
Task: {0AF5D0EA-92C7-4782-9B26-60AAA3592E84} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2013-01-04] (Toshiba Europe GmbH)
Task: {0DD91D1B-A158-48F8-B4AE-8BB32387A39D} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5_user => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-5.exe <==== ACHTUNG
Task: {0EF55CDF-6DA2-4A75-A4A1-E3D9A4D6877E} - System32\Tasks\YTDownloader => C:\Program Files (x86)\YTDownloader\YTDownloader.exe <==== ACHTUNG
Task: {12472161-DFC9-49D2-920F-879FEEE4B85D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {139D6D1F-EF37-4B2E-9A13-6CCE049693F6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {14579974-2F35-443C-A8A4-EB601F5FA2A6} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2013-03-19] (TOSHIBA Corporation)
Task: {1721E1C7-71CA-4811-A0F2-0A14A2A63313} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-5_user => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-5.exe <==== ACHTUNG
Task: {197AB31A-ABDA-4998-8C26-F33CB1BFDFA5} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5.exe <==== ACHTUNG
Task: {1D916855-3609-46B4-9BB8-6D2FF10B9349} - System32\Tasks\YTDownloaderUpd => C:\Program Files (x86)\YTDownloader\updater.exe <==== ACHTUNG
Task: {269A5C0D-5878-4E93-B57A-CB4A8B49507C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2BC30665-3206-48CF-9B55-32BB0420520D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {3024875E-D921-4431-9C98-46566106F9D2} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {3527659C-C3E3-4E93-B267-EFBB1B8988EA} - System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-11 => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-11.exe <==== ACHTUNG
Task: {372F9DAC-696A-4334-AAFB-E232D370960E} - \Run_Bobby_Browser -> Keine Datei <==== ACHTUNG
Task: {3A8DBE55-D72F-4395-B31E-B7756FB514AB} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-6 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-6.exe <==== ACHTUNG
Task: {3BAF4CE2-0431-486B-9DF1-B5CC52B3D084} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-12] (Microsoft Corporation)
Task: {3C8C02ED-F487-4475-96F0-6CD40260A6B8} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5_user => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5.exe <==== ACHTUNG
Task: {41D2E9E8-9B54-4CD3-89E7-4FC4301A3799} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-11 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-11.exe <==== ACHTUNG
Task: {43A81AC5-E4BC-4A78-9C9F-22C5AF2613E5} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-6 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-6.exe <==== ACHTUNG
Task: {45BD38BC-7829-4D49-AEF6-F203AC9887DB} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-7 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-7.exe <==== ACHTUNG
Task: {467E265C-4DF4-4986-95F7-EB2A6542697B} - System32\Tasks\Web Touch2 => Rundll32.exe "C:\Users\Tatjana\AppData\Local\Web Touch\{DAB6C723-44E6-56A1-E882-306122EFF9B8}\tihhlbsg.dll",#1
Task: {4695D6B4-13C7-41B7-8425-55E9363652DC} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-13 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-13.exe <==== ACHTUNG
Task: {4AE6DD57-287B-4E22-A10E-A26FAFC543E8} - System32\Tasks\3c91fcc2-ce59-42b3-b901-f68079520898 => C:\Users\Tatjana\AppData\Local\Temp\ce98ac2e-20c0-4a93-86f6-bdb3e61caf55.exe <==== ACHTUNG
Task: {4C87FB16-E830-49B1-9BCB-D496B52B5F1D} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-6 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-6.exe <==== ACHTUNG
Task: {4EC99F77-F780-41FC-9FCE-447BF9F495BD} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-6 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-6.exe <==== ACHTUNG
Task: {4EFBF8F5-87D6-4BEC-B316-6CD947FB3D99} - System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-10_user => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-10.exe <==== ACHTUNG
Task: {4FCB9609-6B33-4E60-87B7-51DC5D51C6DC} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-14 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-14.exe <==== ACHTUNG
Task: {4FCCC128-FB0F-457A-9D7A-83834067BC37} - System32\Tasks\JYMHGKGU1 => C:\ProgramData\LolliScan\LolliScan.exe <==== ACHTUNG
Task: {52A1CEAC-AE21-4DDE-A98E-3CDFE8174B36} - System32\Tasks\SPBIW_UpdateTask_Time_3931343330383736322d574a324178345a2a376c455a => C:\WINDOWS\system32\wscript.exe [2015-07-10] (Microsoft Corporation)
Task: {53783D53-EF79-4455-8FA4-8A5163B880D5} - System32\Tasks\Touch Form => Rundll32.exe "C:\Users\Tatjana\AppData\Local\Touch Form\{DAB6C723-44E6-56A1-E882-306122EFF9B8}\TouchForm.dll",#3
Task: {5A0C66D4-67D6-453D-A552-CAB50055FCDE} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-6 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-6.exe <==== ACHTUNG
Task: {5FD97B93-D91D-4EAF-BE86-55DC9E25ABB7} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-14 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-14.exe <==== ACHTUNG
Task: {6B2E8F25-819B-45AE-BE05-653EC4DB812D} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-7 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-7.exe <==== ACHTUNG
Task: {6D6E9B56-FD8B-4DE1-868F-9F53B3A6A9C1} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {700E3477-9BD4-4ED3-A222-9AAF6C6AF5EC} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-7 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-7.exe <==== ACHTUNG
Task: {7543F489-C2C0-4293-BE4C-BCF7E96BC858} - System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6 => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.exe <==== ACHTUNG
Task: {77933F89-C705-46B0-8826-4EABA74A554D} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-13 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-13.exe <==== ACHTUNG
Task: {795E5AF4-DE01-40EF-B9CB-0A39BEA6430C} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Pending Update => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ACHTUNG
Task: {7C378340-90D2-4561-90A0-D0EC15874713} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {7D871E76-CA40-42C2-8D64-83894AF69B45} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-6 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-6.exe <==== ACHTUNG
Task: {7F1F664C-A3A3-484F-ADD8-1DCCA9180228} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {82931374-93EC-4E07-9CB0-63CBE95BDCAF} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-14 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-14.exe <==== ACHTUNG
Task: {83C1D9A8-959D-4776-B7F9-C5F541F2529A} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {92319DDD-FBD9-4340-85BB-7D4DB9EECF32} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {940C7820-9341-4E51-9E64-642B2C9711E1} - System32\Tasks\NEORVJOBFREWSPJW => C:\ProgramData\Service7609\Service7609.exe [2015-11-27] () <==== ACHTUNG
Task: {947CF959-D1DD-4807-B8E0-F08146E3CE6D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {A1862097-2F12-47A5-90CF-9A1BCD8D3BB4} - System32\Tasks\Web Touch => Rundll32.exe "C:\Users\Tatjana\AppData\Local\Web Touch\{DAB6C723-44E6-56A1-E882-306122EFF9B8}\WebTouch.dll",#1
Task: {A2639575-5770-433B-9FD6-062E509DEC4B} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-11 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-11.exe <==== ACHTUNG
Task: {A3C65B98-7BE8-481E-BBA0-736F7A63C93C} - System32\Tasks\temp_bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6 => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.exe <==== ACHTUNG
Task: {AAEC1B21-CC6A-4EFC-B3A8-B83F62AC4523} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
Task: {AD43C388-109D-4264-9CE6-312354557279} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {AE0E4A77-DCD2-40CC-B265-3A28F978C2F0} - System32\Tasks\gte3014 => C:\PROGRA~2\FAST-S~1\gte3014.exe <==== ACHTUNG
Task: {B2DB14DD-773D-4182-9029-B3C36B42AD16} - System32\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-7 => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-7.exe <==== ACHTUNG
Task: {B6735860-7D7C-4239-A1BA-27E748AD7591} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-7 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-7.exe <==== ACHTUNG
Task: {B6ACDED2-04EE-4AC8-A370-23DA8705EB04} - System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-7 => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-7.exe <==== ACHTUNG
Task: {B7144025-663C-40AA-B388-07CABE4F7E1A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {BAE6AD2E-124A-4812-B1EB-421B436A8983} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-7 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-7.exe <==== ACHTUNG
Task: {BB25DD98-B095-4C27-9ED3-E784FD52BB49} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-10_user => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-10.exe <==== ACHTUNG
Task: {BE6E3371-C01C-4726-A7A9-B92C1504A977} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {C2418486-6BA1-498D-BC6E-AF6EFF6C21B0} - \crash_service -> Keine Datei <==== ACHTUNG
Task: {C4557DA5-AA93-418A-9BAF-EEAF9375A914} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {C7907EA6-55E9-4A10-9B69-480AF125B71A} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ACHTUNG
Task: {CF4A69C3-F15A-4444-BED6-03AB4A148690} - System32\Tasks\UMonitor Task => C:\windows\system32\UMonit64.exe
Task: {D9C1AE60-AB3F-43B5-A9D4-AFB3E44EC328} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {DD42E13A-5C5B-464D-AF93-F3D228961510} - System32\Tasks\SwiftSearch Auto Updater 1.10.0.25 Core => C:\Program Files (x86)\SwiftSearch_1.10.0.25\Update\SwiftSearchAutoUpdateClient.exe <==== ACHTUNG
Task: {DFCCC14A-6959-4146-8AB8-3AFF2B354D8E} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-5 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-5.exe <==== ACHTUNG
Task: {E1955F9A-B941-4F46-A102-FEA5159D2E09} - System32\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-3 => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-3.exe <==== ACHTUNG
Task: {E4D814D4-0752-4240-B2A3-573DB3B1BC89} - System32\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5 => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-5.exe <==== ACHTUNG
Task: {ECD04AC6-12C2-42FA-93FE-BD5D8B21CC83} - System32\Tasks\bvxvhxvh => C:\Users\Tatjana\AppData\Local\bvxvhxvh\bvxvhxvh.exe [2015-11-15] () <==== ACHTUNG
Task: {F42EA137-C1B5-4088-A8CC-6C2EB3A8476C} - System32\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-3 => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-3.exe <==== ACHTUNG
Task: {FDCC69E8-B8CD-4D56-9AD6-1E722D96AA1D} - \SmartWeb Upgrade Trigger Task -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-6.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-7.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-11.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-11.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-13.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-13.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-14.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-14.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-5_user.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-6.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\97517cee-6c0c-44d1-b0ad-2f72c325843e-7.job => C:\Program Files (x86)\Object Browser\97517cee-6c0c-44d1-b0ad-2f72c325843e-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-6.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-7.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-10_user.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-13.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-13.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-14.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-14.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-3.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-3.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-5.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-5_user.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-6.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\9e88d907-ff90-43c7-b262-58f6dd9b6899-7.job => C:\Program Files (x86)\CinePlus-1.44V23.10\9e88d907-ff90-43c7-b262-58f6dd9b6899-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-10_user.job => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-10.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-11.job => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-11.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-3.job => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-3.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.job => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-7.job => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-6.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-7.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-1-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-11.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-11.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-13.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-13.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-14.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-14.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5_user.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-5.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-6.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-6.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-7.job => C:\Program Files (x86)\iWebar\ebfb2b44-02ff-4b76-97d9-ff80b8ea24e0-7.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\JYMHGKGU1.job => C:\ProgramData\LolliScan\LolliScan.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\NEORVJOBFREWSPJW.job => C:\ProgramData\Service7609\Service7609.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\temp_bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.job => C:\Program Files (x86)\Cinema_Plus-6.1cV09.11\bbd06e6f-b071-4d5f-a3fc-69e3c9d06dce-6.exe <==== ACHTUNG
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
ShortcutWithArgument: C:\Users\Tatjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Tatjana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Internet Explorer.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Tatjana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk -> C:\Program Files (x86)\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Tatjana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Tatjana\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9501e18d7c2ab92e\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
ShortcutWithArgument: C:\Users\Public\Desktop\Opera.lnk -> C:\Program Files (x86)\Opera\launcher.exe (Opera Software) -> hxxp://www.piesearch.com/?type=llsc&uid=0af9a801-3ed0-4410-876a-3d8b190986c2&ts=1449147593&pid=bpma&m=1 <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-22 14:45 - 2015-08-22 14:45 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-08-22 13:59 - 2015-07-13 18:37 - 00116552 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-22 17:57 - 2015-08-11 10:14 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-23 20:26 - 2015-07-09 02:26 - 00173088 _____ () C:\Users\Tatjana\AppData\Roaming\NetService\netservice.exe
2015-10-02 15:11 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-02 15:11 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-07-17 23:35 - 2015-07-17 23:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe
2015-10-02 15:10 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-07-10 11:59 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-10-02 15:11 - 2015-09-17 06:44 - 06569472 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-10-02 15:10 - 2015-09-17 06:42 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-02 15:10 - 2015-09-17 06:42 - 01808384 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-02 15:11 - 2015-09-17 06:43 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-07-10 17:45 - 00210432 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-12-03 13:58 - 2015-12-03 13:58 - 00025600 _____ () C:\Users\Tatjana\AppData\Local\Web Touch\{DAB6C723-44E6-56A1-E882-306122EFF9B8}\WebTouch.dll
2015-12-03 13:58 - 2015-12-03 13:58 - 00012288 _____ () C:\Users\Tatjana\AppData\Local\Web Touch\{DAB6C723-44E6-56A1-E882-306122EFF9B8}\tihhlbsg.dll
2015-12-03 13:58 - 2015-12-03 13:58 - 00010752 _____ () C:\Users\Tatjana\AppData\Local\Web Touch\{DAB6C723-44E6-56A1-E882-306122EFF9B8}\{E86A167E-C4C6-30C7-9B49-46DB2382EB48}.dat
2013-08-01 20:19 - 2013-02-15 15:17 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acengine => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acwfp => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Tatjana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\StartupApproved\Run: => "VoipCheapCom"
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\StartupApproved\Run: => "VoipConnect"
HKU\S-1-5-21-624424584-4042204696-3470667462-1002\...\StartupApproved\Run: => "CyberGhost"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{386A837B-5F32-423A-BA53-43376504CD91}C:\users\tatjana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tatjana\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{C429E25A-0C4A-4865-BC98-05B0E53EE68F}C:\users\tatjana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\tatjana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{1201CFBF-52D6-498B-B176-6846EF418600}C:\users\diana\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\diana\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{325ACCC1-AB70-4F08-9112-8175DA730013}C:\users\diana\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Block) C:\users\diana\downloads\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{6D5A38E1-D3AD-43D0-94A8-71ED657F422A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{AC756DB6-F3DA-44AB-844B-65136F15C449}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{4D4B6F6B-24E5-4D3B-8800-8B28A034ADEA}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{41C9F1BB-7173-4218-8580-D6B56F5CD268}] => (Allow) C:\Program Files (x86)\Spotify\spotify.exe
FirewallRules: [{67252C24-07F3-4F49-A86B-83516B3AF9AA}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{E6DADA72-FBAD-4B12-BC94-4F261B9D3DD3}] => (Allow) C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
FirewallRules: [{DB8DAC54-0883-44B5-8C86-A3E9473E2BB3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{935038C6-C111-412F-B7B5-6619261C634A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{4748B711-EEA0-4F7C-B76C-71DE0CB12314}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DC9E2B22-1B25-4916-9D6A-B9125B642380}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BEA66A0E-4D1F-4D29-83C6-232F900C5137}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{08D1A837-3E0A-4EAC-831A-5CA80B7AD0D7}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{30A27E9F-A0C6-4E84-9BB8-2EB038D864B6}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{E0D073AC-0A5E-49BF-81EC-53A589537FFA}] => (Allow) C:\Program Files (x86)\VoipCheapCom\VoipCheapCom.exe
FirewallRules: [{73BD7076-D7CC-4615-B51A-D37A0D4F4C09}] => (Allow) C:\Program Files (x86)\VoipCheapCom\VoipCheapCom.exe
FirewallRules: [{D20739C3-3AD5-480B-B90B-0D21B4C427E9}] => (Allow) C:\Program Files (x86)\VoipCheapCom\VoipCheapCom.exe
FirewallRules: [{494998E3-CD59-423D-97BA-9C1698B63DF9}] => (Allow) C:\Program Files (x86)\VoipCheapCom\VoipCheapCom.exe
FirewallRules: [{39C9C699-7765-426B-A5DC-C089CB226FEA}] => (Allow) C:\Users\Tatjana\AppData\Local\BoBrowser\Application\bobrowser.exe
FirewallRules: [{32350151-51FD-4EE0-B040-9B95C638A5F3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{C18B1DEC-A626-4D3F-A78C-7AAFDC1D2221}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [TCP Query User{8C00CEE4-4645-470B-81C9-757DCAC88C53}C:\users\diana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\diana\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{D1A779B8-7AA9-4A97-B5B4-DBA93AC27D27}C:\users\diana\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\diana\appdata\roaming\spotify\spotify.exe
FirewallRules: [{B5E2475D-152B-450C-9FD4-EA19C3AEB3BE}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
FirewallRules: [{FAB00FEC-4C63-493D-92F0-9E405C4889ED}] => (Allow) C:\Program Files (x86)\Origin Games\The Sims 4\Game\Bin\TS4.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/03/2015 02:31:30 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FAMONUFRIEV)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/03/2015 01:56:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FAMONUFRIEV)
Description: Die App „Microsoft.Windows.Cortana_1.4.8.176_neutral_neutral_cw5n1h2txyewy+CortanaUI“ wurde nicht innerhalb der vorgesehenen Zeit gestartet.
Error: (12/03/2015 01:54:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Name des fehlerhaften Moduls: netservice.exe, Version: 0.0.0.0, Zeitstempel: 0x557e7cf3
Ausnahmecode: 0xc0000409
Fehleroffset: 0x00013174
ID des fehlerhaften Prozesses: 0x9c8
Startzeit der fehlerhaften Anwendung: 0xnetservice.exe0
Pfad der fehlerhaften Anwendung: netservice.exe1
Pfad des fehlerhaften Moduls: netservice.exe2
Berichtskennung: netservice.exe3
Vollständiger Name des fehlerhaften Pakets: netservice.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: netservice.exe5
Error: (11/30/2015 09:24:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15078
Error: (11/30/2015 09:24:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15078
Error: (11/30/2015 09:24:13 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/30/2015 09:21:12 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FAMONUFRIEV)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (11/30/2015 09:20:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-06T08:20:56Z. Fehlercode: 0x80040154.
Error: (11/30/2015 09:20:26 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-06T08:20:26Z. Fehlercode: 0x80040154.
Error: (11/30/2015 09:19:56 AM) (Source: Software Protection Platform Service) (EventID: 16385) (User: )
Description: Fehler beim Planen des Softwareschutzdiensts für den erneuten Start bei 2115-11-06T08:19:56Z. Fehlercode: 0x80040154.
Systemfehler:
=============
Error: (12/04/2015 03:17:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:24 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:21 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (12/04/2015 03:17:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
CodeIntegrity:
===================================
Date: 2015-11-26 23:49:40.149
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-10-23 21:51:35.278
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:51:34.359
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:51:16.522
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:51:08.848
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:51:03.121
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:50:58.538
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:50:53.845
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:50:29.585
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
Date: 2015-10-23 21:50:23.908
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\SpaceSoundPro\SpaceSoundPro.dll because the set of per-page image hashes could not be found on the system.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 16%
Installierter physikalischer RAM: 16308.27 MB
Verfügbarer physikalischer RAM: 13642.91 MB
Summe virtueller Speicher: 18740.27 MB
Verfügbarer virtueller Speicher: 14968.35 MB
==================== Laufwerke ================================
Drive c: (TI31107200A) (Fixed) (Total:917.56 GB) (Free:661.17 GB) NTFS
Drive d: (Sims4_1) (CDROM) (Total:7.81 GB) (Free:0 GB) UDF
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
05.12.2015, 21:15
| #2 |
| /// the machine /// TB-Ausbilder    | Probleme beim Starten von C:/User/tatjana/appdata/local/Touchform hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
06.12.2015, 01:23
| #3 |
| | Probleme beim Starten von C:/User/tatjana/appdata/local/Touchform Mbar 1
__________________Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.05.05
rootkit: v2015.11.26.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16590
Tatjana :: FAMONUFRIEV [administrator]
05.12.2015 20:55:40
mbar-log-2015-12-05 (20-55-40).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 516248
Time elapsed: 58 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
C:\Users\Tatjana\AppData\Roaming\RunDir\temp (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
Files Detected: 21
C:\WINDOWS\SYSTEM32\drivers\acwfp64.sys (PUP.Optional.FastSearch) -> Delete on reboot. [739c2e040c77d7774d16b89e876a7bee]
C:\WINDOWS\SYSTEM32\drivers\swsedrvr_vw_1_10_0_25.sys (PUP.Optional.SwiftSearch) -> Delete on reboot. [5599862c76e1e889e5da8820e9756e6e]
C:\Users\Tatjana\AppData\Local\Temp\Install_32505\ins_cr.exe (Trojan.Dropper) -> Delete on reboot. [b8c1227ff4971620cae4f3f7bb45ac54]
C:\Users\Tatjana\AppData\Local\Temp\Install_32505\ins_iwebar.exe (Trojan.Dropper) -> Delete on reboot. [83f6544d77143303b7f739b1cf3122de]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\ntserver.ini (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\anbd.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\autoupdate.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\cert.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\certtr.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\execute.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\ntservertemp.ini (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\prtinst.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\wrg.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\anbd.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\autoupdate.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\cert.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\certtr.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\execute.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\ntserver.ini (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\prtinst.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
C:\Users\Tatjana\AppData\Roaming\RunDir\wrg.exe (Trojan.StartPage) -> Delete on reboot. [3b3e524f90fbf93d559c71732bd88779]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.12.05.05
rootkit: v2015.11.26.01
Windows 10 x64 NTFS
Internet Explorer 11.0.10240.16590
Tatjana :: FAMONUFRIEV [administrator]
05.12.2015 22:14:22
mbar-log-2015-12-05 (22-14-22).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 512319
Time elapsed: 56 minute(s), 15 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 2
C:\Users\Tatjana\AppData\Roaming\RunDir\temp (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
Files Detected: 13
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\ntserver.ini (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\anbd.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\autoupdate.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\execute.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\ntservertemp.ini (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\prtinst.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\temp\wrg.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\anbd.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\autoupdate.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\execute.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\ntserver.ini (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\prtinst.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
C:\Users\Tatjana\AppData\Roaming\RunDir\wrg.exe (Trojan.StartPage) -> Delete on reboot. [2c4daaf7c6c586b0ee03c420c3406799]
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Ich habe den TDSSKiller laufen lassen und wenn ich dann oben auf Report gehe den kopiere und hier einfügen will geht das nicht weil der 24000 zeichen oder so hat. Mach ich da was falsch ? Weil ich den log von TDSS nirgendswo finden kann. Mittlerweile kommen bei mir 2 Fehlermeldung wenn der Windows startet. wie oben in der überschrifft. |
|
06.12.2015, 22:38
| #4 |
| /// the machine /// TB-Ausbilder | Probleme beim Starten von C:/User/tatjana/appdata/local/Touchform Log einfach aufteilen und mehrere Posts benutzen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Probleme beim Starten von C:/User/tatjana/appdata/local/Touchform |
| antivir, antivirus, askbar, avira, bonjour, cpu, cyberghost, desktop, dnsapi.dll, google, home, homepage, iexplore.exe, mozilla, object, onedrive, prozesse, registry, rundll, scan, security, services.exe, software, starten, svchost.exe, system, udp, usb, viren befall, windows, windows 10 |
Linear-Darstellung
