|
Plagegeister aller Art und deren Bekämpfung: Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar..Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
09.01.2016, 14:51 | #16 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Addition.txt; Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:07-01-2015 durchgeführt von Jillsy (2016-01-09 14:48:02) Gestartet von C:\Users\Jillsy\Desktop Windows 8.1 (X64) (2014-11-29 00:10:02) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-933261645-1527721118-3068914036-500 - Administrator - Disabled) Gast (S-1-5-21-933261645-1527721118-3068914036-501 - Limited - Disabled) Jillsy (S-1-5-21-933261645-1527721118-3068914036-1001 - Administrator - Enabled) => C:\Users\Jillsy ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 1914 - Die Schalen des Zorns (HKLM-x32\...\{404E1E52-9302-45D2-B4F8-50D2251C391E}) (Version: 1.00.0000 - Rondomedia) 7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov) Act of Aggression (HKLM-x32\...\Steam App 318020) (Version: - Eugen Systems) Act of War: Direct Action (HKLM-x32\...\Steam App 2710) (Version: - Eugen Systems) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated) Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.6.636 - Adobe Systems, Inc.) AMD Catalyst Install Manager (HKLM\...\{F2A7CE36-57BF-5C86-952D-90DBF3746D82}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3.1 - Microsoft Corporation) Hidden Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.) Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.129 - Avira Operations GmbH & Co. KG) Avira Launcher (HKLM-x32\...\{eac7da46-2097-4dd4-80a6-8b67cbb2b23f}) (Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Avira Launcher (x32 Version: 1.1.53.13962 - Avira Operations GmbH & Co. KG) Hidden Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Battlefield 1942™ (HKLM-x32\...\{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}) (Version: 1.6.20.0 - Electronic Arts) Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.51210.80 - Microsoft Corporation) Hidden Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden BlueJ (HKLM-x32\...\{7D66971C-652B-4065-A6B1-B3EE313C254B}) (Version: 3.1.1 - BlueJ Team) Build Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Buildtools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden C&C - Zero Hour - Full Uncut Patch Final v.2.5 (HKLM-x32\...\C&C - Zero Hour - Full Uncut Patch Final v.2.5) (Version: - ) CodedUITestUAP (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Command & Conquer™ 3 Tiberium Wars and Kane's Wrath (HKLM-x32\...\{35A2FE53-CC80-4D17-941F-3A7C82824FC7}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{BA4C8F9F-D81B-4AFE-AE5A-3837830F5B89}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ and The Covert Operations™ (HKLM-x32\...\{050E298D-C9B8-4582-A332-26201268A297}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Red Alert 2 and Yuri’s Revenge (HKLM-x32\...\{F5275D1C-D133-486D-8F07-D6C571F0A8EC}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Red Alert, Counterstrike and The Aftermath (HKLM-x32\...\{B9A7CCBE-48F7-4B3E-BD20-76ADDD4DC69F}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Red Alert™ 3 and Uprising (HKLM-x32\...\{3C315BF7-4B64-4024-8102-174A197437FA}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Renegade (HKLM-x32\...\{24DFBE4C-FD7F-48F2-A7D9-D1A0929B2113}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™ Tiberian Sun™ and Firestorm™ (HKLM-x32\...\{78F60BDD-1923-4CF7-B6BD-087D06D7B5BB}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{8F0F5689-6900-425B-A8C2-0DBD10DAB694}) (Version: 1.0.0.0 - Electronic Arts, Inc.) Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve) Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version: - Valve) Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve) CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.6.3728 - CyberLink Corp.) CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.4.3202 - CyberLink Corp.) CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.3.2606 - CyberLink Corp.) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Day of Defeat (HKLM-x32\...\Steam App 30) (Version: - Valve) Day of Defeat: Source (HKLM-x32\...\Steam App 300) (Version: - Valve) Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Diablo (HKLM-x32\...\Diablo) (Version: - ) Diablo II (HKLM-x32\...\Diablo II) (Version: - ) Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden Dropbox (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) Dropbox (HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.) Energy Star (HKLM-x32\...\{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}) (Version: 1.0.9 - Hewlett-Packard Company) Entity Framework 6.1.3 Tools for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Gemeinsam genutzte Internet-Komponenten von Westwood (HKLM-x32\...\WOLAPI) (Version: - ) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden GlassFish Server Open Source Edition 4.0 (HKLM\...\nbi-glassfish-mod-4.0.0.89.0) (Version: - ) Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden GPGNet (HKLM-x32\...\{C194D333-B84A-4BB7-B35E-060732D98DC4}) (Version: 1.0.0 - Gas Powered Games) GPL Ghostscript (HKLM\...\GPL Ghostscript 9.10) (Version: 9.10 - Artifex Software Inc.) Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve) Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden HP 3D DriveGuard (HKLM\...\{AB5BCC55-18E2-46C7-9405-FF61CB888F05}) (Version: 4.2.9.1 - Hewlett-Packard Company) HP Connected Music (Meridian - installer) (HKLM-x32\...\StartHPConnectedMusic) (Version: 1.0 - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd) HP Connected Music (Meridian - player) (HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\HPConnectedMusic) (Version: 1.1 (build 112) hp - Meridian Audio Ltd) HP CoolSense (HKLM-x32\...\{0D3A6808-82B8-4BB1-BE5A-AED75B3F6C02}) (Version: 2.20.11 - Hewlett-Packard Company) HP Documentation (HKLM-x32\...\{F2481209-98FE-4943-8903-90D19E1B7062}) (Version: 1.2.0.0 - Hewlett-Packard) HP Quick Start (HKLM-x32\...\{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}) (Version: 1.0.4660.30220 - Hewlett-Packard) HP Registration Service (HKLM\...\{D1E8F2D7-7794-4245-B286-87ED86C1893C}) (Version: 1.2.6317.4309 - Hewlett-Packard) HP System Event Utility (HKLM-x32\...\{DEF23826-DB71-4654-BC00-D5D6C20802EA}) (Version: 1.1.4 - Hewlett-Packard Company) HP Utility Center (HKLM\...\{73237EBB-B26F-4628-8754-4EFE563D72E9}) (Version: 2.1.5 - Hewlett-Packard Company) HP Wireless Button Driver (HKLM-x32\...\{30B2D1D8-0A07-4B71-9553-0710C5D31E35}) (Version: 1.1.2.1 - Hewlett-Packard Company) IDE Tools for Windows 10 (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden IDE-Tools für Windows 10 - DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!) Impire (HKLM-x32\...\Steam App 202130) (Version: - Cyanide Montreal) Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation) Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.1.1000 - Intel Corporation) Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation) Intellisense Lang Pack Mobile Extension SDK 10.0.10240.0 (x32 Version: 10.0.10240.0 - Microsoft Corporation) Hidden Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle) Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation) Java SE Development Kit 7 Update 51 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170510}) (Version: 1.7.0.510 - Oracle) Kits Configuration Installer (x32 Version: 10.0.26624 - Microsoft) Hidden LinuxLive USB Creator (HKLM-x32\...\LinuxLive USB Creator) (Version: 2.9 - Thibaut Lauziere) March of War (HKLM-x32\...\Steam App 234310) (Version: - ISOTX) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\OneDriveSetup.exe) (Version: 17.3.6281.1202 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41105.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Visual Studio Express 2015 für Windows Desktop - DEU (HKLM-x32\...\{1541de02-c602-410d-9962-8f1c6cc255ff}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) MiniRA Plus 1.2 installer (HKLM-x32\...\MiniRA Plus 1.2 installer) (Version: - ) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) MSBuild/NuGet Integration 14.0 (x86) (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden NetBeans IDE 7.4 (HKLM\...\nbi-nb-base-7.4.0.0.201310111528) (Version: 7.4 - NetBeans.org) OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Ihr Firmenname) OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation) Oracle VM VirtualBox 5.0.10 (HKLM\...\{F6E922CF-068D-4AFC-8DBF-4636B84AF0A5}) (Version: 5.0.10 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation) Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations) PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden Projekt- und Elementvorlagen für Visual Studio Express 2015 für Windows 10 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden Projekt- und Elementvorlagen für Visual Studio Professional 2015 – DEU (x32 Version: 14.0.23121 - Microsoft Corporation) Hidden PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden Ralink Bluetooth Stack (HKLM\...\{C079427A-BB28-5168-3DB1-DC6608D226D4}) (Version: 11.0.748.2 - Mediatek) Ralink RT3290 802.11bgn Wi-Fi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 5.0.45.0 - Mediatek) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6870 - Realtek Semiconductor Corp.) Realtek PCIE Card Reader (HKLM-x32\...\{BCDA54F6-C4B6-4519-A09E-FA064A6B4098}) (Version: 1.1.9200.007 - Realtek Semiconductor Corp.) RIFT (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\RIFT) (Version: - Trion Worlds, Inc.) RIFT (HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\RIFT) (Version: - Trion Worlds, Inc.) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Samsung Kies3 (x32 Version: 3.2.15072.2 - Samsung Electronics Co., Ltd.) Hidden Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.) Scribus 1.4.3 (64bit) (HKLM\...\Scribus 1.4.3) (Version: 1.4.3 - The Scribus Team) Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - ) Starcraft (HKLM-x32\...\Starcraft) (Version: - ) StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment) Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation) Supreme Commander (HKLM-x32\...\{25A1E6A4-2DBD-4AC0-8650-8EA9A45B183D}) (Version: 1.00.0000 - Gas Powered Games) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.6.2 - Synaptics Incorporated) System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Tftpd64 Standalone Edition (remove only) (HKLM-x32\...\Tftpd64) (Version: - ) Total Annihilation (HKLM-x32\...\Total Annihilation) (Version: - ) Tropico 4 1.00 (HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Tropico 4) (Version: 1.00 - Kalypso Media) Tropico 4 1.00 (HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Tropico 4) (Version: 1.00 - Kalypso Media) TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation) Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Redistributable (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x64 (Version: 10.0.26624 - Microsoft Corporation) Hidden Universal CRT Tools x86 (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.4.7.0 - Elaborate Bytes) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WD Drive Utilities (HKLM-x32\...\{59E0381C-1047-45A3-B68A-57F586EAF3C2}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.) WD Quick View (HKLM-x32\...\{847C1E81-8A3F-49BF-8FF0-189E56634656}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.) WD SmartWare (HKLM\...\{E8DDC6BB-0080-4E70-840B-58B74FBCDE11}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.) WD SmartWare Installer (HKLM-x32\...\{979a4332-3eb0-4561-9f74-a4fb871cf2bd}) (Version: 2.4.12.1 - Western Digital Technologies, Inc.) WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat) WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline) Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) WinRT Intellisense Desktop - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - en-us (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden WinRT Intellisense Xbox Live Extension SDK - Other Languages (x32 Version: 10.0.26624 - Microsoft Corporation) Hidden ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-933261645-1527721118-3068914036-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {008C2DBE-5F21-45A5-B6E3-BEFF20F6F2BE} - System32\Tasks\{BC9DA1F7-3812-46CE-A25B-0BDE9058B05A} => pcalua.exe -a "C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour\blitzkrieg2.exe" -d "C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour" Task: {0CE604DB-7A1B-409E-B51D-3AB505A79E8D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2015-11-30] (Hewlett-Packard) Task: {2029588E-4BE7-4AB4-8BCC-C4BF6A643500} - System32\Tasks\StartMenuAutoupdate => C:\Program Files (x86)\IObit\Start Menu 8\AutoUpdate.exe Task: {2FBD74D8-D7C0-4128-A16A-06D9E528476C} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.) Task: {56E7BFE8-13F4-4D6D-A81A-E518A1C1391D} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [2015-10-27] (WiseCleaner.com) Task: {69E09619-57F7-45EA-99C4-87EC2135055E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) Task: {8664EE1D-ED66-4C58-97D8-3D388BFED8BC} - System32\Tasks\HPCeeScheduleForJillsy => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard) Task: {89E250D8-BF93-4F10-82B1-DA114BA9115C} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [2013-08-19] (Hewlett-Packard Development Company, L.P.) Task: {8F47A1B7-356E-495F-A46F-3B7A3C9CA05C} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 => C:\Users\Jillsy\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2015-12-16] (Microsoft Corporation) Task: {91167675-C6A9-4459-9C68-042FA0D6AFE1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-16] (Microsoft Corporation) Task: {A97CC0B6-588E-4DFE-B892-71FFDA363BFD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2014-06-24] (Safer-Networking Ltd.) Task: {B916F941-1A30-46FB-AF19-9D18789CFA73} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2013-08-05] (CyberLink) Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {CA11CFD3-3B00-43D5-8D5B-2CA61F0EE4CD} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2014-06-24] (Safer-Networking Ltd.) Task: {D7702F07-06C1-4849-AA86-E14094963802} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2013-03-12] (CyberLink Corp.) Task: {E10533B9-CA87-4F6E-B21C-1185D92ACB93} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated) Task: {EDAD5230-AE74-4C61-BA97-ED62D7C564C9} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.) Task: {F9DB7AA9-FBD5-4AA5-9D22-8AD8F8CEA151} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-08] (Google Inc.) Task: {FCDE6132-7403-453A-8EA6-F49A9156E762} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\HPCeeScheduleForJillsy.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe Task: C:\Windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2013-11-01 15:48 - 2013-11-01 15:48 - 00029432 _____ () C:\Windows\system32\BsTrace.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00371448 _____ () C:\Windows\system32\BsExtendFunc.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00016632 _____ () C:\Windows\system32\BsHelpCSps.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00062200 _____ () C:\Windows\system32\BlueSoleilCSps.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00029432 _____ () C:\Windows\SYSTEM32\BsTrace.dll 2013-05-24 10:22 - 2013-05-24 10:22 - 00334648 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\USB\tl_filter.dll 2011-07-05 10:53 - 2011-07-05 10:53 - 00012800 _____ () C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\Driver\AMP\IVTAMPRL.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00016632 _____ () C:\Windows\SYSTEM32\BsHelpCSps.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00062200 _____ () C:\Windows\SYSTEM32\BlueSoleilCSps.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00110952 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00253800 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00295272 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00104296 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00020328 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll 2015-08-16 14:59 - 2015-12-24 17:34 - 00044392 _____ () C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll 2015-09-21 10:21 - 2014-05-13 11:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl 2015-09-21 10:21 - 2014-05-13 11:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl 2015-09-21 10:21 - 2014-05-13 11:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl 2015-09-21 10:21 - 2012-08-23 09:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll 2015-09-21 10:21 - 2012-04-03 16:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll 2015-07-19 17:23 - 2015-08-26 17:44 - 00348960 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madExcept_.bpl 2015-07-19 17:23 - 2015-08-26 17:44 - 00183584 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madBasic_.bpl 2015-07-19 17:23 - 2015-08-26 17:44 - 00050976 _____ () C:\Program Files (x86)\IObit\Start Menu 8\madDisAsm_.bpl 2015-07-19 17:23 - 2015-08-26 17:45 - 00268920 _____ () C:\Program Files (x86)\IObit\Start Menu 8\sqlite3.dll 2015-07-19 17:23 - 2015-08-26 17:44 - 00053024 _____ () C:\Program Files (x86)\IObit\Start Menu 8\parseAuto.dll 2015-07-19 17:23 - 2015-08-26 17:44 - 00622880 _____ () C:\Program Files (x86)\IObit\Start Menu 8\ProductStatistics.dll 2014-01-25 00:48 - 2013-08-05 08:49 - 00627672 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll 2013-08-05 15:48 - 2013-08-05 15:48 - 00016856 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll 2015-07-19 17:23 - 2015-08-26 17:45 - 00041248 _____ () C:\Program Files (x86)\IObit\Start Menu 8\winkey.dll 2014-12-05 10:07 - 2014-12-05 10:07 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00080120 _____ () C:\Windows\SYSTEM32\BsProfilefunc.dll 2013-11-01 15:48 - 2013-11-01 15:48 - 00371448 _____ () C:\Windows\SYSTEM32\BsExtendFunc.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\str => ""="service" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7866 mehr Seiten. IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\123simsen.com -> www.123simsen.com Da befinden sich 7867 mehr Seiten. IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\123simsen.com -> www.123simsen.com Da befinden sich 7867 mehr Seiten. ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2012-07-26 06:26 - 2015-09-21 10:31 - 00450831 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 www.007guard.com 127.0.0.1 007guard.com 127.0.0.1 008i.com 127.0.0.1 www.008k.com 127.0.0.1 008k.com 127.0.0.1 www.00hq.com 127.0.0.1 00hq.com 127.0.0.1 010402.com 127.0.0.1 www.032439.com 127.0.0.1 032439.com 127.0.0.1 www.0scan.com 127.0.0.1 0scan.com 127.0.0.1 1000gratisproben.com 127.0.0.1 www.1000gratisproben.com 127.0.0.1 1001namen.com 127.0.0.1 www.1001namen.com 127.0.0.1 100888290cs.com 127.0.0.1 www.100888290cs.com 127.0.0.1 www.100sexlinks.com 127.0.0.1 100sexlinks.com 127.0.0.1 10sek.com 127.0.0.1 www.10sek.com 127.0.0.1 www.1-2005-search.com 127.0.0.1 1-2005-search.com 127.0.0.1 123fporn.info 127.0.0.1 www.123fporn.info 127.0.0.1 123haustiereundmehr.com 127.0.0.1 www.123haustiereundmehr.com 127.0.0.1 123moviedownload.com 127.0.0.1 www.123moviedownload.com Da befinden sich 15464 zusätzliche Einträge. ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jillsy\Pictures\Politisch_sonstiges\communist_screensaver.jpg HKU\S-1-5-21-933261645-1527721118-3068914036-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jillsy\Pictures\Politisch_sonstiges\communist_screensaver.jpg DNS Servers: 192.168.0.1 - 192.168.0.2 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\Services: Bonjour Service => 2 MSCONFIG\Services: FoxitCloudUpdateService => 2 MSCONFIG\Services: LiveUpdateSvc => 2 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: WSearch => 2 HKLM\...\StartupApproved\Run32: => "SPEEDLINK KUDOS" HKLM\...\StartupApproved\Run32: => "Raptr" HKLM\...\StartupApproved\Run32: => "KiesTrayAgent" HKLM\...\StartupApproved\Run32: => "Razer Synapse" ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [UDP Query User{77B00F4F-D287-4F4F-B225-50E11CAFCEB1}C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat FirewallRules: [TCP Query User{9A87AD92-4F7A-4CBB-9709-F5DA91DCD46C}C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat] => (Block) C:\users\jillsy\downloads\dune 2000\dune 2000\dune2000.dat FirewallRules: [{0871632F-F2C3-4B2E-88FB-DC98E2B8C52C}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe FirewallRules: [{7F1623DC-581B-4733-B6CC-237AEACF2EAC}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{DFADDF91-60AE-4D68-8923-393DB307F5B0}] => (Allow) F:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{B804410C-17D1-4F60-9BDA-9BCEBDF84D00}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\Command Conquer 3 Kanes Wrath\RetailExe\1.2\cnc3ep1.dat FirewallRules: [{7CD5BCB7-49B7-4405-9722-2387456E07F8}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe FirewallRules: [{818A33F8-BD88-490A-85F8-A2E31517E72F}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\GPGNet\GPG.Multiplayer.Client.exe FirewallRules: [{5A9683AF-E0D7-4025-BBB0-4BEE7D3428B5}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [{C6F3A2FB-73AA-45A3-A280-5AD665DC1D50}] => (Allow) C:\Program Files (x86)\THQ\Gas Powered Games\Supreme Commander\bin\SupremeCommander.exe FirewallRules: [UDP Query User{54ECFB4C-6323-4541-9224-2B781BAD0F3D}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe FirewallRules: [TCP Query User{A02FC674-045F-42EF-9F5C-6EB9F9B5DD14}C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe] => (Allow) C:\program files (x86)\spybot - search & destroy 2\sdupdate.exe FirewallRules: [UDP Query User{DF8B3425-D02C-4F0C-9597-9FE96162CD37}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe FirewallRules: [TCP Query User{3CAD24A7-B537-49E3-BDA6-2821C03AD89E}C:\program files\tftpd64\tftpd64.exe] => (Allow) C:\program files\tftpd64\tftpd64.exe FirewallRules: [{F17D43B4-E496-43F4-978D-A250C49DF401}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{0994C847-228F-4118-A1FB-F5CB9A537629}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe FirewallRules: [{7396F9DA-0ACF-4390-BFAA-A02413775D81}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{03C6DCF0-DC4E-4AB1-A0E0-382F3D3AB0C6}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2737\Agent.exe FirewallRules: [{D21D6C6B-DF37-4C13-8578-50824BBA7B0D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [{8C623108-47A3-48F5-BDDD-1F212D98A0E0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life\hl.exe FirewallRules: [UDP Query User{3479FF1F-51DA-4F67-A68A-BAD33DEDC37B}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [TCP Query User{E4B2AB9C-3799-4305-B3A4-390E374B4AFB}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [{67D10E8F-13AC-42B3-87A8-728785D99A63}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{B1BBAE92-5261-4662-B010-E6340A62029D}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert II\RA2Launcher.exe FirewallRules: [{5627B416-724E-40E2-82A4-BE78181B6F3C}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe FirewallRules: [{F2AE1BB2-C783-404A-8FA2-147D3692B79A}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\MarchOfWar\game.exe FirewallRules: [{E95530D4-4F4C-46C1-8139-6FD6FD40FC85}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{2FF03B5F-BEAA-4C26-A0D5-BAE00DEEE3B7}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{A2311008-A14D-4BAD-914C-A9E787A730A8}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{952A3631-4B4D-421C-9A34-4C17F122DC30}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{43D97D92-C722-49E9-9FDF-918EB74C13BF}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{8C71ADB1-DAF1-45F7-B144-451B1B9D9981}] => (Allow) C:\Users\Jillsy\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{4E14DED1-53CA-4E4A-B602-0B495979D819}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{347F59D6-76D7-45C7-B997-82535AF01DEE}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Source\hl2.exe FirewallRules: [{527EE3A2-4754-4127-90C9-916F633F1258}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Impire\Impire.exe FirewallRules: [{48A9A9A2-E48C-483C-8A85-6A9A875DF5C0}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\Impire\Impire.exe FirewallRules: [{9603CE39-D288-445F-9692-67E01088498F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe FirewallRules: [{A5F666EB-0ECC-4DBD-A019-3473A4D8281C}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert\RA95Launcher.exe FirewallRules: [{F47E7B9F-5665-4BE4-BB14-7A42193EBB06}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe FirewallRules: [{9B708C1C-19E7-4962-9F9B-2C8EF5E4C893}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 1942\BF1942.exe FirewallRules: [UDP Query User{30D9ADD7-96E6-4287-A2A7-EF4EE55FA562}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [TCP Query User{A3F61336-F95F-4ACB-8EF4-CA21DD7C2AFC}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [{9A9D5D9D-0966-4C66-8600-DA77AB0796B4}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe FirewallRules: [{F57658E0-4F8C-48D1-A1E4-A93659AAA2A8}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Generals.exe FirewallRules: [UDP Query User{C41D3E23-B845-4F67-9D2C-393D00387DC1}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game FirewallRules: [TCP Query User{389222E5-6CF5-4E86-9A71-3957AA90014B}C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game] => (Allow) C:\program files (x86)\origin games\command conquer 4 tiberian twilight\data\cnc4.game FirewallRules: [{A502D93B-C8BA-426F-A2C3-0752E5C014BA}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe FirewallRules: [{B78F6F36-0273-4A58-ADF3-378F58FB5811}] => (Allow) C:\Program Files (x86)\Origin Games\Renegade\RenegadeLauncher.exe FirewallRules: [{01D86C80-EE8B-49DE-B269-81D27792E0E2}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe FirewallRules: [{EA374A6A-3F18-41EF-9519-C743E9FE35C7}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Red Alert 3\RA3Launcher.exe FirewallRules: [{4C75026C-C5C5-45DA-9DE5-DED8A0CA6917}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe FirewallRules: [{A0BCD8D7-92AD-4E0D-A783-3E8E3C0E8C04}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer Tiberian Sun\TSLauncher.exe FirewallRules: [{53CC2CC3-B84C-4443-BC5F-D985CD252961}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe FirewallRules: [{C99B20CF-EB06-4BD3-BF0B-3E574EA6D27E}] => (Allow) C:\Program Files (x86)\Origin Games\CNC and The Covert Operations\CNC95Launcher.exe FirewallRules: [{815019A8-5A68-492B-936B-0FA7D4EC04DA}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe FirewallRules: [{6BFE26BC-1F34-48C6-96C8-87117738353B}] => (Allow) C:\Program Files (x86)\Origin Games\Command Conquer 4 Tiberian Twilight\CNC4.exe FirewallRules: [{F6965599-DE2C-4EB1-A914-6F55A6E5887E}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe FirewallRules: [{8EF57C2A-35EF-4ECA-A486-68E6CBB5E25C}] => (Allow) F:\Program Files (x86)\WarThunder\launcher.exe FirewallRules: [{99A06801-FE48-4F3E-A164-FAC48088DBD6}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe FirewallRules: [{28C30C02-4FF2-4BC7-8E43-5E130611811F}] => (Allow) C:\Program Files (x86)\Origin Games\Command and Conquer 3\CNC3Launcher.exe FirewallRules: [{C1A8177D-C255-424F-841C-8752B5D33280}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{689654EF-AA3E-4EE2-A14B-3DBD226691AF}] => (Allow) F:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{E1274847-115C-4C64-8014-F03D64E6640F}] => (Allow) F:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{1C4B4D3F-06DF-493F-9E97-721BF1B380FB}] => (Allow) F:\Program Files (x86)\StarCraft II\StarCraft II.exe FirewallRules: [{D897E023-AC42-4272-88EE-F643681ED3F5}] => (Allow) F:\Programme\Battle.net\Battle.net.exe FirewallRules: [{30116663-3EA6-400E-B1EC-6F65172870F9}] => (Allow) F:\Programme\Battle.net\Battle.net.exe FirewallRules: [{AD621562-B258-4BEA-918C-72182128D320}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{04996B5E-2478-4745-8EC4-F87DA049BFFE}] => (Allow) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe FirewallRules: [{C96BF102-BF94-4AEC-B5E5-26C85089931A}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector10\PDR10.EXE FirewallRules: [{E5C2C617-4135-43B4-A81A-19D5956AB582}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [{A5471AF6-3CAA-44F8-BA4D-AC19A021BC79}] => (Allow) C:\Program Files (x86)\HPConnectedMusic\HPConnectedMusic.exe FirewallRules: [TCP Query User{E8E30EFE-FFA0-4427-A34D-BCDEC07150AA}F:\program files (x86)\warthunder\launcher.exe] => (Allow) F:\program files (x86)\warthunder\launcher.exe FirewallRules: [UDP Query User{CEC463DF-AA0D-4A32-A573-667B327F3C58}F:\program files (x86)\warthunder\launcher.exe] => (Allow) F:\program files (x86)\warthunder\launcher.exe FirewallRules: [TCP Query User{4E33AA3E-B169-4D6A-B100-2273E22610D6}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [UDP Query User{18E9FCE7-EB22-42D1-8CF3-027E5E7DBA0D}F:\program files (x86)\warthunder\aces.exe] => (Allow) F:\program files (x86)\warthunder\aces.exe FirewallRules: [{A577F4F3-9405-40FC-A966-365C88D3E4AF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{6C379C6F-2BA0-4895-ACF0-84F8A53F6C10}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8DD16FA5-3984-4F17-9AB6-DF8E7F6A3617}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe FirewallRules: [{36E11355-6223-45B8-92FD-CE4F96CF69FA}] => (Allow) LPort=2869 FirewallRules: [{C90CD4C6-C69E-433C-B1B1-5EFE35E248F5}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{1090934E-213D-4240-85FB-F808DA1538F4}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [UDP Query User{A185E50C-6A96-4498-BEED-8E3FD65139A3}C:\program files (x86)\diablo iii\diablo iii.exe] => (Allow) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{8A6EC896-1C58-45B0-9D75-0119F73D41C0}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [{BA039A47-405B-4D32-820A-CDF72A1CF9D0}] => (Block) C:\program files (x86)\diablo iii\diablo iii.exe FirewallRules: [TCP Query User{29C9480D-46C6-46D7-82E3-F66458BD0CDA}C:\program files (x86)\origin games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942.exe FirewallRules: [UDP Query User{5B2D829E-9D84-4124-AE8F-833868268401}C:\program files (x86)\origin games\battlefield 1942\bf1942.exe] => (Allow) C:\program files (x86)\origin games\battlefield 1942\bf1942.exe FirewallRules: [{8691DE5D-FD28-4B34-9108-8D9827B74659}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\WDExpress.exe FirewallRules: [{BE496921-DC8F-4B8C-B0ED-D9CCB12102A4}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [TCP Query User{0F200D13-0BE7-4157-A25E-97E184D0C21E}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [UDP Query User{2F1615C4-8BFB-4586-A3DA-6CD5DCCAAE55}F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe] => (Allow) F:\program files (x86)\steam\steamapps\common\marchofwar\marchofwar.exe FirewallRules: [{054B4AD0-B5D2-4639-9B69-5C6534AA861B}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe FirewallRules: [{0C15EEC7-6C22-46DD-8829-93E4F003549D}] => (Allow) F:\Program Files (x86)\Steam\SteamApps\common\PlagueInc\PlagueIncEvolved.exe FirewallRules: [{C84DA38C-2C8D-4EA4-9FD1-EA357A44018C}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{F5C6C20F-CBE1-48A3-AE45-A9C7565422CA}] => (Allow) C:\Windows\SysWOW64\muzapp.exe FirewallRules: [{33D285AF-E8CB-4255-8CF8-E6D70C07472D}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of Aggression\ActOfAggression.exe FirewallRules: [{6E0AD701-49A3-4363-8B13-4D1460D8841F}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of Aggression\ActOfAggression.exe FirewallRules: [{1B8F524B-F8C7-4D0C-8D89-5BDD928F06D0}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe FirewallRules: [{D40963D6-1F31-4420-B044-D9D56FFA9F17}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Act of War Direct Action\ActOfWar.exe FirewallRules: [{FE5D5EFB-63D9-41BE-A85A-4CCB03AE5913}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{9993442B-FB90-455F-9E39-3EA7B09D7622}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{C136AEAE-3562-409B-AE10-23F363B2E160}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [UDP Query User{5D514E99-A001-4E29-B445-286B2A637F0C}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [TCP Query User{ECA58A2C-2004-40DC-ACB1-68BF786041E1}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [UDP Query User{8AE29A91-7605-4168-AE9D-55B3662BB14F}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [TCP Query User{A380B121-5621-4B0A-B281-12117533A3A0}C:\program files\starcraft\starcraft.exe] => (Block) C:\program files\starcraft\starcraft.exe FirewallRules: [UDP Query User{CDB73C6F-6D55-41DE-8EC8-DCC348C5C78C}C:\program files\starcraft\starcraft.exe] => (Block) C:\program files\starcraft\starcraft.exe FirewallRules: [TCP Query User{4D3AC84D-C1C8-4447-893E-107C63C9D9D8}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [UDP Query User{C5675333-7335-4659-9EF0-E8B707BBF178}F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) F:\program files (x86)\starcraft ii\versions\base39576\sc2_x64.exe FirewallRules: [TCP Query User{4DD43A1D-33F0-416E-BAFD-27648E88E6F7}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [UDP Query User{FC1D01EE-BB68-416A-A505-8BF9D335FA8F}F:\program files (x86)\warthunder\win64\aces.exe] => (Allow) F:\program files (x86)\warthunder\win64\aces.exe FirewallRules: [{2146CE46-7A40-4B17-82D3-3BB5F2A041AB}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{072C4572-FF00-4B04-A11E-97CA54C24ED6}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Day of Defeat Source\hl2.exe FirewallRules: [{574342EA-8CA3-47FB-9864-9A69DCDF59B6}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [{8DED3EAF-DD5C-411C-BE3A-BDF935F72856}] => (Allow) C:\Games\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Launcher.exe FirewallRules: [UDP Query User{28964522-6023-4670-94AF-7A89F229A361}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{F8CB4C5C-E2F1-4B2F-B407-3AC022D220E0}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe FirewallRules: [UDP Query User{4390C718-6D50-413F-8E36-82AC51C4927E}H:\games\world_of_tanks\wotlauncher.exe] => (Allow) H:\games\world_of_tanks\wotlauncher.exe FirewallRules: [TCP Query User{9255D280-34B7-4ECC-8CEA-6A230D80C304}H:\games\world_of_tanks\worldoftanks.exe] => (Allow) H:\games\world_of_tanks\worldoftanks.exe FirewallRules: [UDP Query User{DC605707-5D02-4365-BFCF-00121ABF6B2D}H:\games\world_of_tanks\worldoftanks.exe] => (Allow) H:\games\world_of_tanks\worldoftanks.exe FirewallRules: [{D9992707-EBE4-4F08-94CD-E55067FC95CD}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service ==================== Wiederherstellungspunkte ========================= 08-01-2016 21:31:08 Geplanter Prüfpunkt ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/09/2016 02:24:07 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm update.exe, Version 1.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c24 Startzeit: 01d14ae0d401bc18 Endzeit: 0 Anwendungspfad: C:\Users\Jillsy\AppData\Local\Temp\teamspeak_temp_0\update.exe Berichts-ID: 2ca3f376-b6d4-11e5-83c4-0c84dc705658 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (01/09/2016 11:55:32 AM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm AdwCleaner_5.028.exe, Version 5.0.2.8 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: dc4 Startzeit: 01d14acb490ddf4f Endzeit: 4294967295 Anwendungspfad: H:\Informatik\Tools für RootkitundADware-Scan\AdwCleaner_5.028.exe Berichts-ID: 7fd01b03-b6bf-11e5-83c2-0c84dc705658 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (01/08/2016 06:50:24 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: BlueSoleilCS.exe, Version: 11.0.748.0, Zeitstempel: 0x52735a21 Name des fehlerhaften Moduls: tl_filter.dll, Version: 0.0.0.0, Zeitstempel: 0x519ec946 Ausnahmecode: 0xc0000094 Fehleroffset: 0x0000d53d ID des fehlerhaften Prozesses: 0x778 Startzeit der fehlerhaften Anwendung: 0xBlueSoleilCS.exe0 Pfad der fehlerhaften Anwendung: BlueSoleilCS.exe1 Pfad des fehlerhaften Moduls: BlueSoleilCS.exe2 Berichtskennung: BlueSoleilCS.exe3 Vollständiger Name des fehlerhaften Pakets: BlueSoleilCS.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: BlueSoleilCS.exe5 Error: (01/07/2016 11:12:17 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/07/2016 07:22:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: procexp64.exe, Version: 15.40.0.0, Zeitstempel: 0x51f7e32c Name des fehlerhaften Moduls: ntdll.dll, Version: 6.3.9600.18146, Zeitstempel: 0x5650b9bb Ausnahmecode: 0xc0000374 Fehleroffset: 0x00000000000f12e0 ID des fehlerhaften Prozesses: 0x167c Startzeit der fehlerhaften Anwendung: 0xprocexp64.exe0 Pfad der fehlerhaften Anwendung: procexp64.exe1 Pfad des fehlerhaften Moduls: procexp64.exe2 Berichtskennung: procexp64.exe3 Vollständiger Name des fehlerhaften Pakets: procexp64.exe4 Anwendungs-ID, die relativ zum fehlerhaften Paket ist: procexp64.exe5 Error: (01/07/2016 07:12:59 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: .NETFrameworkC:\Windows\system32\mscoree.dll8 Error: (01/04/2016 12:09:50 AM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/03/2016 04:19:57 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm generals.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: c8 Startzeit: 01d146345b00e36a Endzeit: 4294967295 Anwendungspfad: C:\Program Files (x86)\Origin Games\Command and Conquer Generals Zero Hour\Command and Conquer Generals Zero Hour\generals.exe Berichts-ID: 71f8ac04-b22d-11e5-83b1-0c84dc705658 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Error: (01/02/2016 07:05:06 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll8 Error: (01/02/2016 12:34:19 AM) (Source: System Restore) (EventID: 8193) (User: ) Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe" ; Beschreibung = Created by Wise Registry Cleaner; Fehler = 0x80070422). Systemfehler: ============= Error: (01/09/2016 12:15:22 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT) Description: {DDCFD26B-FEED-44CD-B71D-79487D2E5E5A} Error: (01/09/2016 12:13:37 PM) (Source: BugCheck) (EventID: 1001) (User: ) Description: 0x0000003b (0x00000000c0000005, 0xfffff801496c0374, 0xffffd000255e7860, 0x0000000000000000)C:\Windows\MEMORY.DMP010916-31328-01 Error: (01/09/2016 12:12:52 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 09.01.2016 um 12:09:06 unerwartet heruntergefahren. Error: (01/09/2016 12:04:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/09/2016 12:04:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) ME Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/09/2016 12:04:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/09/2016 12:04:34 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "HP Support Assistant Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/09/2016 12:04:34 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "HP Software Framework Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. Error: (01/09/2016 12:04:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/09/2016 12:04:33 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "BsHelpCS" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i7-3632QM CPU @ 2.20GHz Prozentuale Nutzung des RAM: 21% Installierter physikalischer RAM: 8084.27 MB Verfügbarer physikalischer RAM: 6370.86 MB Summe virtueller Speicher: 16276.27 MB Verfügbarer virtueller Speicher: 13735.98 MB ==================== Laufwerke ================================ Drive c: (Windows) (Fixed) (Total:712.88 GB) (Free:356.75 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive d: () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS Drive f: (Daten) (Fixed) (Total:97.68 GB) (Free:11.29 GB) NTFS Drive h: (Daten) (Fixed) (Total:100 GB) (Free:3.71 GB) NTFS Drive i: (RECOVERY) (Fixed) (Total:19.74 GB) (Free:1.95 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)] Drive j: () (Removable) (Total:14.83 GB) (Free:9.92 GB) FAT32 Drive k: (U-Boot-Simulator) (CDROM) (Total:0.91 GB) (Free:0 GB) CDFS Drive l: (My Book) (Fixed) (Total:1862.98 GB) (Free:1309.75 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 931.5 GB) (Disk ID: D2E2694D) Partition: GPT. ======================================================== Disk: 1 (Size: 14.8 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 2 (Size: 1863 GB) (Disk ID: 9371220B) Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
09.01.2016, 15:02 | #17 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. ^^ ...
__________________Geändert von jillsy2k (09.01.2016 um 15:50 Uhr) |
09.01.2016, 16:52 | #18 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Sorry hatte die Addition.txt wohl doppelt gepostet
__________________Oh mist, habe gerade gesehen, dass ich die alten Log files (zumindest bei der FRST.txt gepostet hab. Poste nochmals die Log-Dateien. Sorry... frst.txt; Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:07-01-2015 durchgeführt von Jillsy (Administrator) auf JILLSY-PC (09-01-2016 16:45:39) Gestartet von C:\Users\Jillsy\Desktop Geladene Profile: Jillsy (Verfügbare Profile: Jillsy) Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Chrome) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe (Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Digital Wave Ltd.) C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\StartMenu_Hook.exe (CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (IObit) C:\Program Files (x86)\IObit\Start Menu 8\InstallServices.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe (Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\MOM.exe (Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe (ATI Technologies Inc.) C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\CCC.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7165000 2014-01-24] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2771184 2014-12-05] (Synaptics Incorporated) HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe [387832 2013-11-01] (IVT Corporation) HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG) HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-07-20] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [475448 2014-03-26] (Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [1852264 2014-05-23] (Western Digital Technologies, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.) HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\kies 2\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66320 2015-12-08] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-03] (Avira Operations GmbH & Co. KG) Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X] HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.) HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {3d668a6f-8552-11e3-be7c-0c84dc705658} - "G:\SETUP.EXE" HKU\S-1-5-21-933261645-1527721118-3068914036-1001\...\MountPoints2: {9d99a095-270e-11e4-80ba-806e6f6e6963} - "K:\WD Drive Unlock.exe" autoplay=true ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => Keine Datei ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => Keine Datei BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{36D0A91B-153F-40A1-99EB-E82C452784FD}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Tcpip\..\Interfaces\{D3C34DF9-E5D6-442B-9AA5-E7CD700D047C}: [DhcpNameServer] 192.168.0.1 192.168.0.2 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxps://search.avira.net/#web/result?source=art&q= HKU\S-1-5-21-933261645-1527721118-3068914036-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxps://search.avira.net/#web/result?source=art&q= SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKLM-x32 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = hxxp://rover.ebay.com/rover/1/5222-29882-11896-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms} SearchScopes: HKU\S-1-5-21-933261645-1527721118-3068914036-1001 -> {FA5FDC4B-C9F6-44BB-88BB-34D10693246E} URL = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2014-01-26] (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2014-01-26] (Oracle Corporation) BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation) BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard) DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com/bin/srldetect_intel_4.5.22.0.cab Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei FireFox: ======== FF ProfilePath: C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default FF Homepage: hxxp://www.google.ch/ FF Session Restore: -> ist aktiviert. FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] () FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-01-26] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2014-01-26] (Oracle Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] () FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll [2012-08-08] (Adobe Systems, Inc.) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2014-11-18] (Foxit Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-12-05] (Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2016-01-08] (Google Inc.) FF Extension: PDF Download - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi [2015-05-31] FF Extension: Download Statusbar Fixed - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{4204c864-50bf-467a-95b3-0912b7f15869}.xpi [2016-01-06] FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\artur.dubovoy@gmail.com [2016-01-06] FF Extension: Personas Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\personas@christopher.beard.xpi [2016-01-08] FF Extension: Show MyIP - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\extensions\{6D1D11DB-3C6C-4db8-96E4-20F4A1088AAC}.xpi [2016-01-08] FF Extension: Ghostery - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\firefox@ghostery.com.xpi [2016-01-02] FF Extension: Kein Name - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\jid1-nGMZvOxL2PYSxg@jetpack.xpi [2015-05-31] [ist nicht signiert] FF Extension: Download Status Bar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2015-05-31] FF Extension: NoScript - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-01-08] FF Extension: Video DownloadHelper - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-01-08] FF Extension: Adblock Plus - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-12-16] FF Extension: Download Statusbar - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{D4DD63FA-01E4-46a7-B6B1-EDAB7D6AD389}.xpi [2015-05-31] FF Extension: Clean Video - C:\Users\Jillsy\AppData\Roaming\Mozilla\Firefox\Profiles\v9i8s174.default\Extensions\{d62bb6fa-7192-47fd-b640-ad8855c444f3}.xpi [2015-05-31] Chrome: ======= CHR Session Restore: Default -> ist aktiviert. CHR Profile: C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-15] CHR Extension: (Google Drive) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-26] CHR Extension: (Google-Suche) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-26] CHR Extension: (Donna Karan) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijgnliiiplghalknhobbcngpcngaoji [2014-04-27] CHR Extension: (Google Docs Offline) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-24] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-16] CHR Extension: (Google Mail) - C:\Users\Jillsy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-09] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-03] (Avira Operations GmbH & Co. KG) S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-03] (Avira Operations GmbH & Co. KG) R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [251160 2015-12-08] (Avira Operations GmbH & Co. KG) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1706744 2013-11-01] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [145656 2013-11-01] (IVT Corporation) R2 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [388968 2015-12-24] (Digital Wave Ltd.) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [Datei ist nicht signiert] S3 HPWMISVC; c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [469304 2014-03-26] (Hewlett-Packard Development Company, L.P.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-22] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-12-05] (Intel Corporation) R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21744 2015-07-09] (Microsoft Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-12-05] (Intel Corporation) S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit) S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2104840 2015-12-17] (Electronic Arts) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [239176 2013-02-20] (Realtek Semiconductor) R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.) R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.) R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.) R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.) R2 StartMenuService; C:\Program Files (x86)\IObit\Start Menu 8\StartMenuServices.exe [1055008 2015-08-26] (IObit) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [134656 2015-07-09] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-06] (Microsoft Corporation) R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [306552 2015-07-20] (Western Digital Technologies, Inc.) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation) ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [135880 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146696 2015-12-03] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-03] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [73032 2015-12-03] (Avira Operations GmbH & Co. KG) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) U4 BthHFSrv; C:\Windows\System32\svchost.exe [38792 2014-10-29] (Microsoft Corporation) U4 BthHFSrv; C:\Windows\SysWOW64\svchost.exe [33088 2014-10-29] (Microsoft Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [54064 2013-04-26] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49584 2013-03-25] (Ralink Corporation) R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91712 2013-03-05] (CyberLink) S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-12-05] (Intel Corporation) R0 pwdrvio; C:\Windows\System32\pwdrvio.sys [19152 2013-09-30] () S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] () R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [288328 2013-01-24] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\drivers\rtbth.sys [1204424 2013-12-02] (Ralink Technology, Corp.) S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [448072 2013-02-02] (RTS Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [27440 2015-10-16] () [Datei ist nicht signiert] R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [28400 2013-02-06] (Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2014-12-05] (Synaptics Incorporated) R1 VBoxNetAdp; C:\Windows\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-11-10] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\system32\DRIVERS\VBoxNetLwf.sys [194976 2015-11-10] (Oracle Corporation) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2012-08-31] (Hewlett-Packard Development Company, L.P.) S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-09 16:45 - 2016-01-09 16:45 - 00028275 _____ C:\Users\Jillsy\Desktop\FRST.txt 2016-01-09 16:40 - 2016-01-08 19:39 - 02370560 _____ (Farbar) C:\Users\Jillsy\Desktop\FRST64.exe 2016-01-09 14:20 - 2016-01-09 14:20 - 00001589 _____ C:\Users\Jillsy\Desktop\CD USB ISO MAKER.lnk 2016-01-09 14:20 - 2016-01-09 14:20 - 00000000 ____D C:\Program Files (x86)\Unetbootin 2016-01-09 14:02 - 2016-01-09 14:02 - 00000735 _____ C:\protection-mbm2.txt 2016-01-09 14:01 - 2016-01-09 14:01 - 00001198 _____ C:\mbm1.txt 2016-01-09 13:28 - 2016-01-09 13:28 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-09 12:12 - 2016-01-09 12:13 - 00285512 _____ C:\Windows\Minidump\010916-31328-01.dmp 2016-01-09 12:09 - 2016-01-09 12:09 - 00285512 _____ C:\Windows\Minidump\010916-25796-01.dmp 2016-01-09 11:50 - 2016-01-09 12:04 - 00000000 ____D C:\AdwCleaner 2016-01-08 20:06 - 2016-01-08 20:09 - 00251318 _____ C:\TDSSKiller.3.1.0.9_08.01.2016_20.06.08_log.txt 2016-01-08 20:05 - 2016-01-08 20:34 - 00000000 ____D C:\TDSSKILLER 2016-01-08 19:39 - 2016-01-09 16:45 - 00000000 ____D C:\FRST 2016-01-08 18:54 - 2016-01-08 18:54 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (6).exe 2016-01-08 18:53 - 2016-01-08 18:53 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Avira 2016-01-08 18:52 - 2015-12-03 15:24 - 00146696 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00135880 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00073032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys 2016-01-08 18:52 - 2015-12-03 15:24 - 00035488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2016-01-08 18:49 - 2016-01-08 20:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2016-01-08 18:49 - 2016-01-08 18:49 - 00001233 _____ C:\Users\Public\Desktop\Avira Launcher.lnk 2016-01-08 12:00 - 2016-01-09 16:05 - 00001130 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-08 12:00 - 2016-01-09 14:56 - 00001126 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-08 12:00 - 2016-01-08 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2016-01-08 11:59 - 2016-01-08 11:59 - 00927824 _____ (Google Inc.) C:\Users\Jillsy\Downloads\ChromeSetup.exe 2016-01-08 10:36 - 2016-01-08 10:36 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_568efddb9c96e__ws.exe 2016-01-08 00:51 - 2016-01-08 10:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-08 00:47 - 2016-01-08 00:47 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (5).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 26352816 _____ (DVDVideoSoft Ltd. ) C:\Users\Jillsy\Downloads\FreeAudioConverter (1).exe 2016-01-08 00:46 - 2016-01-08 00:46 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (4).exe 2016-01-08 00:41 - 2016-01-08 00:41 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (3).exe 2016-01-08 00:34 - 2016-01-08 00:34 - 04638208 _____ (Avira Operations GmbH & Co. KG) C:\Users\Jillsy\Downloads\avira_de_av_5679606978__ws (2).exe 2016-01-06 23:27 - 2016-01-06 23:27 - 00000702 _____ C:\Users\Public\Desktop\World of Tanks.lnk 2016-01-06 23:27 - 2016-01-06 23:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks 2016-01-06 23:26 - 2016-01-06 23:26 - 05124704 _____ (Wargaming.net ) C:\Users\Jillsy\Downloads\WoT_internet_install_eu.exe 2016-01-06 16:54 - 2016-01-06 16:54 - 00098304 _____ (Hewlett-Packard Company) C:\Users\Jillsy\Downloads\28790_HPUSBFW_v2.2.3.exe 2016-01-05 23:49 - 2016-01-05 23:49 - 00000345 _____ C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows Update.lnk 2016-01-05 23:47 - 2016-01-05 23:47 - 30073472 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-cross-i386-win32-win64.exe 2016-01-05 23:47 - 2016-01-05 23:47 - 00001859 _____ C:\Users\Jillsy\Downloads\README.txt 2016-01-05 23:46 - 2016-01-05 23:47 - 113126489 _____ (Lazarus Team ) C:\Users\Jillsy\Downloads\lazarus-1.4.4-fpc-2.6.4-win32.exe 2016-01-05 23:05 - 2016-01-05 23:05 - 00001027 _____ C:\Users\Jillsy\Desktop\Videos.lnk 2016-01-04 23:07 - 2016-01-04 23:07 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Microsoft_Corporation 2016-01-04 23:00 - 2016-01-09 16:41 - 00000174 _____ C:\Users\Jillsy\Desktop\Neues Textdokument (2).txt 2016-01-01 22:43 - 2016-01-07 23:32 - 00000000 ____D C:\Program Files (x86)\Battle.net 2016-01-01 22:43 - 2016-01-01 22:43 - 00001137 _____ C:\Users\Public\Desktop\Battle.net.lnk 2016-01-01 22:12 - 2016-01-01 22:13 - 00285624 _____ C:\Windows\Minidump\010116-25250-01.dmp 2016-01-01 13:50 - 2016-01-01 13:51 - 00285568 _____ C:\Windows\Minidump\010116-33593-01.dmp 2015-12-30 23:01 - 2015-12-30 23:02 - 06160320 _____ (LinuxLive USB Creator) C:\Users\Jillsy\Downloads\LinuxLive USB Creator 2.9.4.exe 2015-12-29 18:00 - 2015-12-29 18:00 - 00285568 _____ C:\Windows\Minidump\122915-38406-01.dmp 2015-12-22 13:59 - 2015-12-22 14:03 - 00069632 _____ (Blizzard Entertainment) C:\Windows\ScUnin.exe 2015-12-22 13:59 - 2015-12-22 14:03 - 00033209 _____ C:\Windows\scunin.dat 2015-12-22 13:59 - 2015-12-22 14:03 - 00000967 _____ C:\Windows\ScUnin.pif 2015-12-22 13:59 - 2015-12-22 14:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Starcraft 2015-12-22 13:56 - 1999-03-19 18:40 - 598221809 _____ (Blizzard Entertainment) C:\Users\Jillsy\Desktop\BroodWar.mpq 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Oracle VM VirtualBox 2015-12-21 01:13 - 2015-12-21 01:13 - 00000000 ____D C:\Program Files\Oracle 2015-12-21 01:13 - 2015-11-10 17:56 - 00964928 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxDrv.sys 2015-12-21 01:13 - 2015-11-10 17:56 - 00138904 _____ (Oracle Corporation) C:\Windows\system32\Drivers\VBoxUSBMon.sys 2015-12-21 01:07 - 2015-12-21 01:08 - 116982472 _____ (Oracle Corporation) C:\Users\Jillsy\Downloads\VirtualBox-5.0.10-104061-Win.exe 2015-12-16 13:37 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-12-16 13:37 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2015-12-16 13:37 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll 2015-12-16 13:37 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2015-12-16 13:37 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-12-16 13:37 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2015-12-16 13:37 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2015-12-16 13:37 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2015-12-16 13:37 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2015-12-16 13:37 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2015-12-16 13:37 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2015-12-16 13:37 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll 2015-12-16 13:37 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2015-12-16 13:37 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2015-12-16 13:37 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2015-12-16 13:37 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll 2015-12-16 13:37 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2015-12-16 13:37 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2015-12-16 13:37 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-12-16 13:37 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-12-16 13:37 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-12-16 13:37 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-12-16 13:37 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-12-16 13:37 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll 2015-12-16 13:37 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll 2015-12-16 13:37 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-12-16 13:37 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-12-16 13:37 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-12-16 13:37 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-12-16 13:37 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-12-16 13:37 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll 2015-12-16 13:37 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-12-16 13:37 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-12-16 13:37 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-12-16 13:37 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rmcast.sys 2015-12-16 13:30 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-12-16 13:30 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe 2015-12-16 13:30 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi 2015-12-16 13:30 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe 2015-12-16 13:30 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2015-12-16 13:30 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2015-12-16 13:30 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll 2015-12-16 13:30 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll 2015-12-16 13:30 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll 2015-12-16 13:30 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll 2015-12-16 13:30 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-12-16 13:30 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-12-16 13:30 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-12-16 13:30 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll 2015-12-16 13:30 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2015-12-16 13:30 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll 2015-12-16 13:30 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2015-12-16 13:30 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll 2015-12-16 13:30 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll 2015-12-10 19:38 - 2015-12-13 23:36 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Zero Hour Data ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-09 16:44 - 2013-08-22 14:36 - 00000000 ____D C:\Windows 2016-01-09 16:41 - 2014-05-15 17:57 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-01-09 16:32 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Battle.net 2016-01-09 16:06 - 2014-01-24 00:24 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-933261645-1527721118-3068914036-1001 2016-01-09 15:52 - 2014-01-24 23:28 - 00000000 ____D C:\Program Files (x86)\Diablo III 2016-01-09 14:57 - 2014-01-24 09:45 - 00003620 _____ C:\Windows\SysWOW64\LOCALSERVICE.INI 2016-01-09 14:56 - 2014-11-29 01:10 - 00000000 __SHD C:\Users\Jillsy\IntelGraphicsProfiles 2016-01-09 14:56 - 2013-11-20 10:44 - 00001060 _____ C:\Windows\SysWOW64\bscs.ini 2016-01-09 14:55 - 2014-01-24 09:45 - 00000043 _____ C:\Windows\SysWOW64\LOCALDEVICE.INI 2016-01-09 14:55 - 2013-08-22 15:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-01-09 14:22 - 2014-02-08 21:10 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\TS3Client 2016-01-09 14:22 - 2014-02-08 21:10 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2016-01-09 14:06 - 2014-09-15 03:00 - 00000000 ____D C:\Users\Jillsy\Downloads\Everything-1.3.4.686.x86 2016-01-09 13:38 - 2014-01-25 13:29 - 00000000 ___RD C:\Users\Jillsy\Documents\Codes 2016-01-09 12:12 - 2014-12-01 21:18 - 00000000 ____D C:\Windows\Minidump 2016-01-09 12:12 - 2014-05-29 23:41 - 639352797 _____ C:\Windows\MEMORY.DMP 2016-01-09 12:09 - 2013-08-22 14:36 - 00000000 ____D C:\Windows\Inf 2016-01-09 11:53 - 2014-11-29 01:26 - 00003938 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{9BD55254-7A97-4A43-AE4A-A69447C0F3FC} 2016-01-08 23:18 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Origin 2016-01-08 19:10 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\system32\NDF 2016-01-08 18:52 - 2014-08-15 19:08 - 00000000 ____D C:\ProgramData\Avira 2016-01-08 18:52 - 2014-01-23 06:52 - 00000000 ____D C:\Program Files (x86)\Avira 2016-01-08 18:48 - 2014-01-25 01:59 - 00000000 ____D C:\ProgramData\Package Cache 2016-01-08 18:45 - 2013-08-22 14:25 - 00262144 ___SH C:\Windows\system32\config\BBI 2016-01-08 18:40 - 2015-07-12 13:31 - 00000000 ____D C:\ProgramData\ProductData 2016-01-08 12:00 - 2014-01-24 00:25 - 00004102 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2016-01-08 12:00 - 2014-01-24 00:25 - 00003866 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2016-01-08 12:00 - 2014-01-24 00:25 - 00000000 ____D C:\Program Files (x86)\Google 2016-01-08 10:26 - 2014-09-24 07:17 - 01984420 _____ C:\Windows\system32\PerfStringBackup.INI 2016-01-08 10:26 - 2014-09-24 06:43 - 00843606 _____ C:\Windows\system32\perfh007.dat 2016-01-08 10:26 - 2014-09-24 06:43 - 00192300 _____ C:\Windows\system32\perfc007.dat 2016-01-08 10:10 - 2014-01-25 00:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-08 00:48 - 2015-08-16 14:59 - 00001264 _____ C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft 2016-01-08 00:48 - 2014-03-30 04:27 - 00000000 ____D C:\Program Files (x86)\DVDVideoSoft 2016-01-07 23:32 - 2014-02-26 16:50 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BlueJ 2016-01-07 23:32 - 2014-01-24 23:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net 2016-01-07 22:04 - 2014-11-29 00:44 - 00000000 ____D C:\Users\Jillsy 2016-01-06 23:27 - 2014-04-20 12:11 - 00000000 ____D C:\Games 2016-01-06 22:27 - 2014-01-25 15:05 - 00000000 ____D C:\Users\Jillsy\.VirtualBox 2016-01-06 20:53 - 2015-07-19 14:41 - 00000000 ____D C:\Users\Jillsy\AppData\Local\lazarus 2016-01-05 23:58 - 2015-07-25 16:26 - 00000000 ____D C:\lazarus 2016-01-05 23:56 - 2015-07-25 16:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lazarus 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Glyph 2016-01-04 19:27 - 2014-07-03 12:47 - 00000000 ____D C:\Program Files (x86)\Glyph 2016-01-03 23:56 - 2014-07-03 12:47 - 00000000 ____D C:\ProgramData\Glyph 2016-01-02 13:26 - 2014-06-05 15:42 - 00000000 ____D C:\Diablo II 2016-01-02 09:39 - 2015-08-22 12:18 - 00000000 ____D C:\Users\Jillsy\VirtualBox VMs 2016-01-02 00:30 - 2014-01-25 11:14 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam 2016-01-01 23:17 - 2012-07-26 08:59 - 00000000 ____D C:\Windows\CbsTemp 2016-01-01 23:16 - 2014-08-18 18:06 - 00000000 ____D C:\Program Files (x86)\Western Digital 2016-01-01 22:42 - 2014-01-25 02:20 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Tropico 4 2016-01-01 22:41 - 2014-01-25 04:21 - 00001345 _____ C:\Users\Jillsy\Desktop\Tropico 4.lnk 2015-12-30 23:01 - 2014-11-03 11:48 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LinuxLive USB Creator 2015-12-30 18:01 - 2015-11-24 20:20 - 00000000 ____D C:\Program Files\Cloud Imperium Games 2015-12-30 18:00 - 2015-04-15 19:33 - 00000000 ____D C:\ProgramData\Skype 2015-12-30 18:00 - 2014-07-09 12:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live 2015-12-29 14:41 - 2014-05-15 17:57 - 00003772 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-12-26 09:48 - 2014-09-24 08:46 - 00826872 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-12-26 09:48 - 2014-09-24 08:46 - 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-22 19:05 - 2015-11-30 00:06 - 00000000 ____D C:\Program Files\Starcraft 2015-12-21 22:36 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\rescache 2015-12-21 01:13 - 2015-07-19 14:46 - 00001099 _____ C:\Users\Public\Desktop\Oracle VM VirtualBox.lnk 2015-12-17 22:39 - 2015-12-06 23:45 - 00000000 ____D C:\Users\Jillsy\Documents\Command and Conquer Generals Data 2015-12-17 15:44 - 2014-01-25 01:59 - 00000000 ____D C:\Program Files (x86)\Origin 2015-12-16 21:20 - 2015-10-15 14:17 - 00003172 _____ C:\Windows\System32\Tasks\HPCeeScheduleForJillsy 2015-12-16 21:20 - 2015-10-15 14:17 - 00000356 _____ C:\Windows\Tasks\HPCeeScheduleForJillsy.job 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files\Microsoft Silverlight 2015-12-16 19:08 - 2015-08-08 15:08 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2015-12-16 14:02 - 2015-08-08 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-12-16 13:57 - 2013-08-22 15:44 - 00391440 _____ C:\Windows\system32\FNTCACHE.DAT 2015-12-16 13:54 - 2014-01-23 09:04 - 00000000 ____D C:\Windows\system32\MRT 2015-12-16 13:48 - 2014-01-25 02:01 - 00000000 ____D C:\Program Files (x86)\Origin Games 2015-12-16 13:45 - 2014-02-01 00:30 - 00000000 ____D C:\Program Files (x86)\SPEEDLINK 2015-12-16 13:41 - 2015-11-12 19:22 - 00000000 ____D C:\Users\Jillsy\AppData\Local\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\ProgramData\Razer 2015-12-16 13:41 - 2015-11-12 19:18 - 00000000 ____D C:\Program Files (x86)\Razer 2015-12-16 13:38 - 2014-01-23 09:04 - 140158008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-12-16 13:21 - 2015-05-14 13:29 - 00000000 ___RD C:\Users\Jillsy\OneDrive 2015-12-16 13:21 - 2015-02-14 19:02 - 00003100 _____ C:\Windows\System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-933261645-1527721118-3068914036-1001 2015-12-16 13:21 - 2014-02-07 13:42 - 00000000 ____D C:\Program Files (x86)\Zenimax Online 2015-12-16 13:09 - 2015-07-12 13:33 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\ProductData 2015-12-16 13:09 - 2014-05-04 01:42 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\SleepTimerUltimate 2015-12-16 13:09 - 2014-01-25 00:09 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Wise Registry Cleaner 2015-12-16 13:09 - 2014-01-24 23:25 - 00000000 ____D C:\Users\Jillsy\AppData\Roaming\Battle.net 2015-12-16 13:09 - 2014-01-24 19:17 - 00000000 ____D C:\Users\Jillsy\AppData\Local\bluesoleil 2015-12-16 13:06 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps 2015-12-16 12:58 - 2013-08-22 16:36 - 00000000 ____D C:\Windows\registration ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2014-05-05 20:39 - 2014-10-13 00:00 - 0002181 _____ () C:\Users\Jillsy\AppData\Roaming\FoxitReaderUpdateInfo.txt 2014-10-01 18:36 - 2014-10-01 18:36 - 0000859 _____ () C:\Users\Jillsy\AppData\Local\recently-used.xbel Einige Dateien in TEMP: ==================== C:\Users\Jillsy\AppData\Local\Temp\avgnt.exe C:\Users\Jillsy\AppData\Local\Temp\sp64126.exe C:\Users\Jillsy\AppData\Local\Temp\sqlite3.dll C:\Users\Jillsy\AppData\Local\Temp\Uninst.exe C:\Users\Jillsy\AppData\Local\Temp\UninstallHPSA.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-09 16:06 ==================== Ende von FRST.txt ============================ Geändert von jillsy2k (09.01.2016 um 15:49 Uhr) |
09.01.2016, 16:54 | #19 | ||||||||
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, aufgrund vieler Themen (> 500) die ich hier pro Jahr bearbeite, halte ich Malwarebytes' Anti-Malware (=MBAM) deutlich besser als Spybot. Wenn es um die Entfernung von Adware oder unerwünschter Software geht, sind AdwCleaner und MBAM die besten Tools. Von RegistryCleanern halten wir allgemein nicht sehr viel (wir hatten hier schon Leute, die sich wegen solcher Tools buchstäblich das Windows "zerschossen" haben): Hinweis: Registry Cleaner Ich sehe, dass du sogenannte Registry Cleaner installiert hast. In deinem Fall Wise Registry Cleaner. Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab. Der Grund ist ganz einfach: Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler. Zerstörst du die Registry, zerstörst du Windows. Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich. Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über Start --> Systemsteuerung --> Software (bei Windows XP)zu deinstallieren. Selbst Microsoft unterstützt diese Cleaner nicht: https://support.microsoft.com/en-us/kb/2563254 Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern. Cleanup: Alle Logs gepostet? Dann lade Dir bitte DelFix herunter.
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst. Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen. Absicherung: Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen: Browser Java Flash-Player PDF-Reader Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren. Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen. Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig. Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank: Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen. Optional: Adblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren. NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen. Malwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen. Lade Software von einem sauberen Portal wie . Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen. Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner . Abschließend noch ein paar grundsätzliche Bemerkungen:
Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...und/oder das Forum mit einer kleinen Spende unterstützen. Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann. |
09.01.2016, 16:54 | #20 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Okay, danke dir Matthias |
09.01.2016, 16:56 | #21 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Servus, habe dir gerade vorhin geantwortet. |
09.01.2016, 17:00 | #22 |
| Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Ja habs grade gesehen ^^ Danke nochmals. Ist schön zu wissen ein ADware / Virenfreies System zu haben |
09.01.2016, 17:16 | #23 |
/// TB-Ausbilder | Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. Ich bin froh, dass wir helfen konnten In diesem Forum kannst du eine kurze Rückmeldung zur Bereinigung abgeben, sofern du das möchtest: Lob, Kritik und Wünsche Klicke dazu auf den Button "NEUES THEMA" und poste ein kleines Feedback. Vielen Dank! Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Solltest Du das Thema erneut brauchen, schicke mir bitte eine PM. Jeder andere bitte hier klicken und einen eigenen Thread erstellen. |
Themen zu Antivir Meldet "Ihr PC ist unsicher", Echtzeitscanner läuft jedoch scheinbar.. |
antivir, avira, betriebssystem, bild, button, fehler, folge, free, hallo zusammen, laptop, neuinstallation, notebook, problem, scan, schutz, screenshot, spyware, stick, tan, tool, trojaner, viren, virenschutz, windows, öffnen |