|
Log-Analyse und Auswertung: Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
15.07.2016, 19:51 | #1 |
| Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) Hello again! habe den Thread "Windows 7: MSE Update bleibt hängen" eröffnet. Jetzt auf dem vemeindlich sauberen Zweit-PC meiner Freundin (von welchem ich eigentlich die Rettungsaktion meines Erstpcs starten wollte) einiges per Malwarebytes gefunden. Zur besseren Übersicht habe ich einen neuen Thread eröffnet. Hoffe das ist in Ordnung so. Hier ist ein ähnliches Problem mit MSE. Das Update kommt zwar über die Update-Suche hinaus (hier setzte es beim ersten PC schon aus). Bei 90% der Update-Installation bricht das Programm aber ab, da angeblich Probleme mit der Verbindung bestehen. (bei mehreren Versuchen 3x das gleich Ergebnis) Danke für die Hilfe schonmal! mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 15.07.2016 Suchlaufzeit: 18:59:18 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.1.1043 Malware-Datenbank: v2016.07.15.05 Rootkit-Datenbank: v2016.05.27.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows Vista Service Pack 2 CPU: x64 Dateisystem: NTFS Benutzer: Sophia Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 337651 Abgelaufene Zeit: 1 Std., 39 Min., 41 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 26 Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, In Quarantäne, [460be4400298e35354375443b44e867a], Adware.1ClickDownload, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, In Quarantäne, [460be4400298e35354375443b44e867a], Adware.1ClickDownload, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C007DADD-132A-624C-088E-59EE6CF0711F}, In Quarantäne, [460be4400298e35354375443b44e867a], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{6C434537-053E-486D-B62A-160059D9D456}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\GenericAskToolbar.ToolbarWnd, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\CLASSES\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\GenericAskToolbar.ToolbarWnd.1, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], Registrierungswerte: 4 PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{D4027C7F-154A-4066-A1AD-4243D8127440}, | ÔJ f@¡*BCØ t@, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d] PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [8fc2aa7a6c2e7eb8b56bb8f4996bf30d], PUP.Optional.ASK, HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [0948160e900a68ced44c1894e1231de3], PUP.Optional.ASK, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{D4027C7F-154A-4066-A1AD-4243D8127440}, In Quarantäne, [d37e061e4c4ea492d24e6c400df7c23e], Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 33 PUP.Optional.ASK, C:\Users\Sophia\AppData\Local\Temp\APNLogs, In Quarantäne, [1938b86c158583b3065e696836cc7f81], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}, Löschen bei Neustart, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults, Löschen bei Neustart, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\AddedAppDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DefualtImages, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DetectedAppDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog, Löschen bei Neustart, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarUntrustedAppsApprovalDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAddedAppDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppApprovalDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppPendingDialog, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit, Löschen bei Neustart, [afa28a9a178314224be5b413a2609967], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts, Löschen bei Neustart, [afa28a9a178314224be5b413a2609967], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Feeds, In Quarantäne, [afa28a9a178314224be5b413a2609967], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks, In Quarantäne, [afa28a9a178314224be5b413a2609967], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Log, In Quarantäne, [afa28a9a178314224be5b413a2609967], Dateien: 80 PUP.Optional.InstallCore, C:\Users\Sophia\Downloads\Bombay_Bicycle_Club_-_Open_House_downloader.exe, In Quarantäne, [361bfa2af1a9a19584a690f605fc926e], PUP.Optional.ASK, C:\Users\Sophia\AppData\Local\Temp\APNLogs\iw.log, In Quarantäne, [1938b86c158583b3065e696836cc7f81], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome.manifest, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\install.rdf, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\chrome\icqtoolbar.jar, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\components\ITB_History.js, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\prefs.js, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\defaults\preferences\user.js, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\manifest.mf, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.rsa, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\META-INF\zigbert.sf, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.gif, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.src, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ICQToolbar, C:\Program Files (x86)\Mozilla Firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07}\search_engine\icqplugin.xml, In Quarantäne, [56fb7ba99802999de4bd6d58df23c63a], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DialogsAPI.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\excanvas.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\generalDialogStyle.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\PIE.htc, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\RoundedCorners.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\RoundedCornersIE9.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\settings.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\version.txt, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\bubble.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\bubble.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\information.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\AddedAppDialog\app-added.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\AddedAppDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DefualtImages\icon.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DetectedAppDialog\app-2go.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\DetectedAppDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\EngineFirstTimeDialog\right-click.gif, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\SearchProtector.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\SearchProtector.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images\ok-button.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images\separation-line.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\NewSearchProtectorDialog\images\warning.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\SearchProtector.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\SearchProtector.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images\info.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images\ok-on.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorDialog\Images\ok.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\SearchProtectorRetakeover.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\Icon.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\info.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\ok-on.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\SearchProtectorRetakeoverDialog\Images\ok.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\divider.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\facebook.png, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAddedAppDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppApprovalDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppPendingDialog\main.html, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.ConduitTB.Gen, C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\aj1j2dp4.default\CT2431245\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, In Quarantäne, [e56ca1839dfd082eefe102c316ec4db3], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_825452_821260_DE.xml, In Quarantäne, [afa28a9a178314224be5b413a2609967], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\Feeds\http___alert_services_conduit_com_Alerts_AlertServices_asmx_GetHostedFeedRss_alertID=825452&alertFeedId=821260.xml, In Quarantäne, [afa28a9a178314224be5b413a2609967], PUP.Optional.Conduit, C:\Users\Sophia\AppData\LocalLow\Conduit\Community Alerts\LanguagePacks\en.xml, In Quarantäne, [afa28a9a178314224be5b413a2609967], Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) FRST Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 13-07-2016 02 durchgeführt von Sophia (Administrator) auf SOPHIA-PC (15-07-2016 21:15:08) Gestartet von C:\Users\Sophia\Desktop Geladene Profile: Sophia (Verfügbare Profile: Sophia) Platform: Windows Vista (TM) Home Premium Service Pack 2 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 9 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\stacsv64.exe (Microsoft Corporation) C:\Windows\System32\SLsvc.exe (Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe () C:\Windows\System32\WLTRYSVC.EXE (Dell Inc.) C:\Windows\System32\BCMWLTRY.EXE (Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_15f4e438\AESTSr64.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe () C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (SoftThinks SAS) C:\Program Files (x86)\Dell DataSafe Local Backup\SftService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Flux Software LLC) C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe (Dropbox, Inc.) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\conime.exe (Dropbox, Inc.) C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169744 2015-09-12] (Apple Inc.) HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1340192 2016-01-29] (Microsoft Corporation) HKLM\...\Run: [SunJavaUpdateSched] => "C:\Program Files\Java\jre1.8.0_66\bin\jusched.exe" HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [462848 2009-03-19] (IDT, Inc.) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-08-30] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [250192 2009-04-24] (Microsoft Corporation) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [596528 2015-12-22] (Oracle Corporation) HKLM-x32\...\RunOnce: [Launcher] => C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\Launcher.exe [165184 2010-07-21] (Softthinks) HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [f.lux] => C:\Users\Sophia\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Run: [Dropbox Update] => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [136048 2015-09-28] (Dropbox, Inc.) HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d8327765-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {d832776d-bbda-11de-b88f-0026b907cf2b} - F:\setup_vmc_lite.exe /checkApplicationPresence HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\MountPoints2: {e999ee64-1075-11e6-bb43-0026b907cf2b} - G:\LaunchU3.exe -a HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [840704 2009-04-11] (Microsoft Corporation) ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.) ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt.34.dll [2016-07-05] (Dropbox, Inc.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk [2009-10-04] ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation) Startup: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2016-07-13] ShortcutTarget: Dropbox.lnk -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 192.168.179.1 Tcpip\..\Interfaces\{2641EED2-5F8E-4AC2-A38E-7655BB7C2B4A}: [DhcpNameServer] 192.168.178.1 Tcpip\..\Interfaces\{EA085BBF-1A5F-492C-BE04-02E870D39C8D}: [DhcpNameServer] 192.168.179.1 Internet Explorer: ================== HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USCON/8 HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=skin URLSearchHook: HKLM-x32 -> Standard = {855F3B16-6D32-4fe6-8A56-BBB695989046} SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=DLCDF7&pc=MDDC&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> {C9C99FA8-8F23-4A82-9A91-1B400495DB37} URL = hxxp://de.search.yahoo.com/search?fr=mcafee&type=A010DE739&p={SearchTerms} BHO: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation) BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated) BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC) BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC) BHO-x32: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei BHO-x32: Citavi Picker -> {609D670F-B735-4da7-AC6D-F3BD358E325E} -> C:\Windows\system32\mscoree.dll [2009-11-08] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\ssv.dll [2016-02-02] (Oracle Corporation) BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17] (Microsoft Corporation) BHO-x32: Kein Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> Keine Datei BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\jp2ssv.dll [2016-02-02] (Oracle Corporation) Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - Keine Datei Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - Keine Datei Toolbar: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation) Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll [2008-12-03] (Microsoft Corporation) Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17] (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518 FF DefaultSearchEngine: Ecosia FF SelectedSearchEngine: Ecosia FF Homepage: hxxp://www.sueddeutsche.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-07-15] () FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-20] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-20] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-07-15] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-09-04] () FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.) FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2010-12-08] (DivX, LLC) FF Plugin-x32: @divx.com/DivX OVS Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2010-11-20] (DivX, LLC.) FF Plugin-x32: @java.com/DTPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\dtplugin\npDeployJava1.dll [2016-02-02] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.71.2 -> C:\Program Files (x86)\Java\jre1.8.0_71\bin\plugin2\npjp2.dll [2016-02-02] (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-12] ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8051.1204 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2008-12-05] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-14] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-02-16] (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2013-02-16] (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\searchplugins\ecosia.xml [2015-10-21] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml [2015-07-18] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2014-03-06] FF Extension: Ecosia — The search engine that plants trees! - C:\Users\Sophia\AppData\Roaming\Mozilla\Firefox\Profiles\d64wkzvr.default-1415343792518\Extensions\{d04b0b40-3dab-4f0b-97a6-04ec3eddbfb0}.xpi [2015-10-21] FF Extension: Yahoo! Toolbar - C:\Program Files (x86)\Mozilla Firefox\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2016-02-13] [ist nicht signiert] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2016-02-13] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-10-10] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-01-03] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-01-03] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [{8AA36F4F-6DC7-4c06-77AF-5035170634FE}] - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox FF Extension: Citavi Picker - C:\ProgramData\Swiss Academic Software\Citavi Picker\Firefox [2016-02-03] Chrome: ======= CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2010-12-08] CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2010-12-08] CHR HKLM-x32\...\Chrome\Extension: [ohgndokldibnndfnjnagojmheejlengn] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77104 2015-09-02] (Apple Inc.) R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-08] (AVerMedia) [Datei ist nicht signiert] R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [389120 2009-10-09] () [Datei ist nicht signiert] R2 ClipInc001; C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe [2230024 2009-05-27] () R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-12-18] (Stardock Corporation) [Datei ist nicht signiert] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes) R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2016-01-29] (Microsoft Corporation) R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [374344 2016-01-29] (Microsoft Corporation) S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.) S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [383544 2008-01-21] (Microsoft Corporation) R2 wltrysvc; C:\Windows\System32\bcmwltry.exe [3051520 2008-12-21] (Dell Inc.) [Datei ist nicht signiert] ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AVerAF35; C:\Windows\System32\Drivers\AVerAF35.sys [511232 2009-10-19] (AVerMedia TECHNOLOGIES, Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-15] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [289120 2015-11-13] (Microsoft Corporation) R3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133816 2015-11-13] (Microsoft Corporation) S3 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.) R3 OA008Ufd; C:\Windows\System32\DRIVERS\OA008Ufd.sys [159840 2009-03-06] (Creative Technology Ltd.) R3 OA008Vid; C:\Windows\System32\DRIVERS\OA008Vid.sys [313696 2009-05-06] (Creative Technology Ltd.) R1 SLEE_16_DRIVER; C:\Windows\Sleen1664.sys [85952 2008-10-01] (Softwareentwicklung Remus - ArchiCrypt ) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2014-08-16] (Apple, Inc.) [Datei ist nicht signiert] S3 IpInIp; system32\DRIVERS\ipinip.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X] S3 PCDSRVC{1E208CE0-FB7451FF-06020101}_0; \??\c:\program files\dell support center\pcdsrvc_x64.pkms [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-15 21:15 - 2016-07-15 21:17 - 00021828 _____ C:\Users\Sophia\Desktop\FRST.txt 2016-07-15 21:14 - 2016-07-15 21:15 - 00000000 ____D C:\FRST 2016-07-15 20:46 - 2016-07-15 20:46 - 00028586 _____ C:\Users\Sophia\Desktop\mbam.txt 2016-07-15 18:54 - 2016-07-15 18:34 - 02390528 _____ (Farbar) C:\Users\Sophia\Desktop\FRST64.exe 2016-07-13 22:33 - 2016-07-13 22:33 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2016-07-11 19:48 - 2016-07-11 19:48 - 00001758 _____ C:\Users\Public\Desktop\QuickTime Player.lnk 2016-07-11 19:48 - 2016-07-11 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-07-15 21:15 - 2015-09-28 16:10 - 00001228 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job 2016-07-15 21:15 - 2008-01-21 13:10 - 01566504 _____ C:\Windows\system32\PerfStringBackup.INI 2016-07-15 21:15 - 2008-01-21 13:09 - 00674032 _____ C:\Windows\system32\perfh007.dat 2016-07-15 21:15 - 2008-01-21 13:09 - 00146012 _____ C:\Windows\system32\perfc007.dat 2016-07-15 21:15 - 2006-11-02 15:33 - 00000000 ____D C:\Windows\inf 2016-07-15 21:14 - 2015-11-18 18:59 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2016-07-15 21:12 - 2012-11-07 22:09 - 00000000 ___RD C:\Users\Sophia\Dropbox 2016-07-15 21:10 - 2013-06-08 21:49 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job 2016-07-15 21:10 - 2013-05-31 22:35 - 00000350 _____ C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job 2016-07-15 21:10 - 2012-02-03 08:40 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job 2016-07-15 21:10 - 2009-10-07 17:14 - 00000000 ____D C:\Users\Sophia\AppData\Local\SoftThinks 2016-07-15 21:07 - 2011-07-24 10:02 - 00000506 _____ C:\Windows\Tasks\SystemToolsDailyTest.job 2016-07-15 21:07 - 2006-11-02 17:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2016-07-15 21:07 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2016-07-15 21:07 - 2006-11-02 17:22 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2016-07-15 21:05 - 2015-11-29 13:38 - 00000000 __HDC C:\Windows\$NtUninstallKB2845142_WM64$ 2016-07-15 21:04 - 2006-11-02 17:42 - 00032582 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2016-07-15 20:49 - 2012-09-07 14:58 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2016-07-15 20:45 - 2011-09-12 14:35 - 00001142 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job 2016-07-15 20:45 - 2011-09-12 14:35 - 00001120 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job 2016-07-15 20:30 - 2010-02-22 22:24 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2016-07-15 19:51 - 2012-09-07 14:58 - 00003738 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2016-07-15 19:51 - 2012-04-15 09:34 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2016-07-15 19:51 - 2011-10-20 20:00 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2016-07-15 18:56 - 2015-11-18 18:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-07-15 18:56 - 2015-11-18 18:57 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-07-15 18:50 - 2011-10-09 16:55 - 00000000 ____D C:\Windows\system32\Macromed 2016-07-15 18:49 - 2009-10-04 03:50 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2016-07-15 18:26 - 2011-07-24 10:03 - 00003488 _____ C:\Windows\System32\Tasks\PCDEventLauncher 2016-07-15 18:24 - 2011-07-24 10:02 - 00003536 _____ C:\Windows\System32\Tasks\SystemToolsDailyTest 2016-07-15 18:23 - 2016-01-03 15:24 - 00003698 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{994638B0-3BDB-4090-9335-EB2F209502B8} 2016-07-13 22:33 - 2012-11-07 22:05 - 00000000 ____D C:\Users\Sophia\AppData\Roaming\Dropbox 2016-07-13 22:23 - 2016-01-10 23:37 - 00000000 ____D C:\Users\Sophia\Documents\Arbeit Norys 2016-07-11 19:48 - 2009-10-10 15:07 - 00000000 ____D C:\Program Files (x86)\QuickTime 2016-07-07 02:39 - 2011-01-03 12:29 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2016-07-04 16:15 - 2015-09-28 16:10 - 00001176 _____ C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job 2016-07-04 15:34 - 2011-07-24 10:03 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job 2016-06-29 10:54 - 2011-07-24 10:03 - 00004272 _____ C:\Windows\System32\Tasks\PCDoctorBackgroundMonitorTask 2016-06-15 18:23 - 2009-10-04 04:09 - 00000000 ____D C:\ProgramData\PCDr ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2013-06-26 14:39 - 2014-06-23 15:50 - 0003730 _____ () C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2009-10-29 23:40 - 2011-01-02 13:49 - 0019513 _____ () C:\Users\Sophia\AppData\Roaming\UserTile.png 2009-10-07 20:56 - 2010-03-16 17:46 - 0000116 _____ () C:\Users\Sophia\AppData\Roaming\wklnhst.dat 2010-07-07 16:36 - 2015-03-11 18:32 - 0006836 _____ () C:\Users\Sophia\AppData\Local\d3d9caps.dat 2009-10-23 20:08 - 2016-01-27 04:02 - 0000732 _____ () C:\Users\Sophia\AppData\Local\d3d9caps64.dat 2009-10-07 19:32 - 2016-04-24 20:45 - 0113152 _____ () C:\Users\Sophia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2016-02-02 19:00 - 2016-02-02 19:00 - 0350652 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI1974.txt 2011-01-02 15:23 - 2011-01-02 15:24 - 0422578 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI2F05.txt 2016-01-31 14:59 - 2016-01-31 14:59 - 0351580 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI452D.txt 2016-02-02 11:47 - 2016-02-02 11:47 - 0004198 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4E6E.txt 2016-02-02 11:48 - 2016-02-02 11:48 - 0345682 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI4F18.txt 2010-02-10 14:05 - 2010-02-10 14:05 - 0423844 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI738C.txt 2010-02-17 21:55 - 2010-02-17 21:56 - 0402450 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistMSI7E5E.txt 2016-02-02 19:00 - 2016-02-02 19:00 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI1974.txt 2011-01-02 15:23 - 2011-01-02 15:24 - 0011714 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI2F05.txt 2016-01-31 14:59 - 2016-01-31 14:59 - 0011146 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI452D.txt 2016-02-02 11:47 - 2016-02-02 11:47 - 0011232 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4E6E.txt 2016-02-02 11:48 - 2016-02-02 11:48 - 0011162 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI4F18.txt 2010-02-10 14:05 - 2010-02-10 14:05 - 0011370 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI738C.txt 2010-02-17 21:55 - 2010-02-17 21:56 - 0011422 _____ () C:\Users\Sophia\AppData\Local\dd_vcredistUI7E5E.txt 2016-03-22 23:39 - 2016-03-22 23:39 - 0000000 _____ () C:\Users\Sophia\AppData\Local\{5E14A3ED-25ED-44F1-8908-F37B7570D7EA} 2009-10-09 19:00 - 2009-12-21 20:50 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Einige Dateien in TEMP: ==================== C:\Users\Sophia\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwh1uui.dll C:\Users\Sophia\AppData\Local\Temp\jre-8u66-windows-au.exe C:\Users\Sophia\AppData\Local\Temp\jre-8u91-windows-au.exe C:\Users\Sophia\AppData\Local\Temp\mpam-c8247271.exe C:\Users\Sophia\AppData\Local\Temp\rarext.dll C:\Users\Sophia\AppData\Local\Temp\Risweb32.exe ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-07-15 21:26 ==================== Ende von FRST.txt ============================ Geändert von th.wm (15.07.2016 um 20:34 Uhr) Grund: Nachtrag FRST |
15.07.2016, 20:36 | #2 |
| Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) Addition
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 13-07-2016 02 durchgeführt von Sophia (2016-07-15 21:23:12) Gestartet von C:\Users\Sophia\Desktop Windows Vista (TM) Home Premium Service Pack 2 (X64) (2009-10-03 20:27:26) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-3595463166-1796683122-1627409653-500 - Administrator - Disabled) Gast (S-1-5-21-3595463166-1796683122-1627409653-501 - Limited - Disabled) Sophia (S-1-5-21-3595463166-1796683122-1627409653-1000 - Administrator - Enabled) => C:\Users\Sophia ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Microsoft Security Essentials (Enabled - Up to date) {768124D7-F5F7-6D2F-DDC2-94DFA4017C95} AS: Microsoft Security Essentials (Enabled - Up to date) {CDE0C533-D3CD-62A1-E772-AFADDF863628} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.210 - Adobe Systems Incorporated) Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated) Adobe Reader X (10.1.6) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated) Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd) Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.) Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.) Apple Mobile Device Support (HKLM\...\{FD244E19-6EFE-4A2D-948A-0D45D4C168BE}) (Version: 9.0.0.26 - Apple Inc.) Apple Software Update (HKLM-x32\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.) ATI Catalyst Control Center (HKLM-x32\...\{055EE59D-217B-43A7-ABFF-507B966405D8}) (Version: 2.008.1114.2148 - ) AVerMedia A835 USB TV Tuner 8.0.64.43 (HKLM-x32\...\AVerMedia A835 USB TV Tuner) (Version: 8.0.64.43 - AVerMedia TECHNOLOGIES, Inc.) AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.) AVerTV (x32 Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.) Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version: - ) Canon MP550 series Benutzerregistrierung (HKLM-x32\...\Canon MP550 series Benutzerregistrierung) (Version: - ) Canon MP550 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP550_series) (Version: - ) Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - ) Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - ) Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - ) ccc-core-static (x32 Version: 2008.1114.2149.39131 - ATI) Hidden Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden Cisco EAP-FAST Module (HKLM-x32\...\{415B2719-AD3A-4944-B404-C472DB6085B3}) (Version: 2.1.6 - Cisco Systems, Inc.) Cisco LEAP Module (HKLM-x32\...\{83770D14-21B9-44B3-8689-F7B523F94560}) (Version: 1.0.12 - Cisco Systems, Inc.) Cisco PEAP Module (HKLM-x32\...\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}) (Version: 1.0.13 - Cisco Systems, Inc.) Citavi 5 (HKLM-x32\...\{7EB278FB-0C3C-445E-8665-4A6CDD9B794E}) (Version: 5.2.0.8 - Swiss Academic Software) Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Dell DataSafe Local Backup - Support Software (HKLM-x32\...\{A9668246-FB70-4103-A1E3-66C9BC2EFB49}) (Version: 2.25 - Dell) Dell DataSafe Local Backup (HKLM-x32\...\{0ED7EE95-6A97-47AA-AD73-152C08A15B04}) (Version: 9.4.45 - Dell) Dell DataSafe Online (HKLM-x32\...\{13766F76-6C8C-4E57-A9F3-3212D1C6E0D1}) (Version: 1.1.0029 - Dell, Inc.) Dell Dock (HKLM\...\{E60B7350-EA5F-41E0-9D6F-E508781E36D2}) (Version: 2.0.0 - Dell) Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc) Dell Getting Started Guide (HKLM-x32\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.) Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.1.5830.12 - Dell Inc.) Dell Support Center (Version: 3.1.5830.12 - PC-Doctor, Inc.) Hidden Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 12.0.1.0 - Synaptics) Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 1.03.04 - Creative Technology Ltd) Dell Wireless WLAN Card Utility (HKLM\...\Broadcom 802.11 Application) (Version: 5.10.38.30 - Dell Inc.) DivX-Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.2.1.2 - DivX, LLC) Dropbox (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Dropbox) (Version: 6.4.14 - Dropbox, Inc.) EndNote X7 (HKLM-x32\...\{86B3F2D6-AC2B-0017-8AE1-F2F77F781B0C}) (Version: 17.5.0.9325 - Thomson Reuters) f.lux (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Flux) (Version: - ) Foto-Mosaik-Edda 5.5.0 (HKLM-x32\...\{BF962E1B-D17A-4713-A100-6531A132D83D}_is1) (Version: - Steffen Schirmer) FotoSketcher 2.00 (HKLM-x32\...\{E7C6D565-2E48-4303-A114-AFE7B2E561AF}_is1) (Version: - David THOIRON) GetFLV 9.1.2.6 (HKLM-x32\...\GetFLV_is1) (Version: - GetFLV, Inc.) Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden HiDownloadPlatinum (HKLM-x32\...\HiDownload Platinum_is1) (Version: - ) IBM SPSS Statistics 22 (HKLM\...\{104875A1-D083-4A34-BC4F-3F635B7F8EF7}) (Version: 22.0.0.0 - IBM Corp) IBM SPSS Statistics 23 (HKLM\...\{C3BA73A4-2A45-4036-8541-4F5F8146078B}) (Version: 23.0.0.2 - IBM Corp) iCloud (HKLM\...\{CE97E4D3-9F91-4D72-8A29-ED9EA90E5A15}) (Version: 2.1.3.25 - Apple Inc.) Integrated Webcam Driver (1.04.01.0601) (HKLM\...\Creative OA008) (Version: 1.04.01.0601 - Creative Technology Ltd.) iTunes (HKLM\...\{CEC7613B-E286-4A31-BEE3-3F7798488D9F}) (Version: 12.1.3.6 - Apple Inc.) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation) Java 8 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218071F0}) (Version: 8.0.710.15 - Oracle Corporation) Java(TM) 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.) Junk Mail filter update (x32 Version: 14.0.8050.1202 - Microsoft Corporation) Hidden Langenscheidt Vokabeltrainer 4.0 Demoversion (HKLM-x32\...\{AD5A6099-D163-4DE9-9485-F2A210EE09B4}) (Version: 4.0.10 - Langenscheidt) Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft .NET Framework 3.5 Language Pack SP1 - DEU (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - deu) (Version: - Microsoft Corporation) Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Default Manager (HKLM-x32\...\{095B1DCF-5E8B-47EC-9B18-481918A731DB}) (Version: 2.0.69.0 - Microsoft Corporation) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft) Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation) Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation) Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUSR) (Version: 12.0.6612.1000 - Microsoft Corporation) Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation) Microsoft Office XP Media Content (HKLM-x32\...\{90300407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2619.0 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.9.218.0 - Microsoft Corporation) Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Works (HKLM-x32\...\{39D0E034-1042-4905-BECB-5502909FCB7C}) (Version: 9.7.0621 - Microsoft Corporation) MobileMe Control Panel (HKLM\...\{6DD01FF3-63CE-436B-96DB-61363EAA4EB8}) (Version: 3.1.8.0 - Apple Inc.) Mozilla Firefox 44.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 44.0.2 (x86 de)) (Version: 44.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 44.0.2.5884 - Mozilla) Mozilla Thunderbird 31.7.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.7.0 (x86 de)) (Version: 31.7.0 - Mozilla) Mozilla Thunderbird 38.5.1 (x86 de) (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\Mozilla Thunderbird 38.5.1 (x86 de)) (Version: 38.5.1 - Mozilla) MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) Nero 9 Lite (HKLM-x32\...\{13094693-c268-47a1-832c-034b01596db5}) (Version: - Nero AG) O&O MediaRecovery (HKLM-x32\...\{53480870-02D8-48FB-BC27-72C956885168}) (Version: 4.1.1322 - O&O Software GmbH) OpenOffice.org 3.2 (HKLM-x32\...\{192A107E-C6B9-41B9-BDBF-38E3AA226054}) (Version: 3.2.9483 - OpenOffice.org) PhotoFiltre 7 (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre 7) (Version: - ) PhotoFiltre Studio X (HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\PhotoFiltre Studio X) (Version: - ) PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 8.1 - Dell) Quickset (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 9.2.13 - Dell Inc.) QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.) ResearchSoft Direct Export Helper (HKLM-x32\...\ResearchSoft Direct Export Helper) (Version: - Thomson Reuters) Roxio Creator DE (HKLM-x32\...\{09760D42-E223-42AD-8C3E-55B47D0DDAC3}) (Version: 10.1 - Roxio) Sicherheitsupdate für Windows Media Player (KB2845142) (HKLM\...\KB2845142_WM64) (Version: - Microsoft Corporation) Skins (x32 Version: 2008.1114.2149.39131 - ATI) Hidden Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.) Skype™ 7.22 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.22.109 - Skype Technologies S.A.) Steganos Safe OEM (HKLM-x32\...\{9A4F72EE-8378-49BD-8C10-301E25907B5B}) (Version: 10.0.2 - Steganos GmbH) Tobit.Software clipinc.fx (HKLM-x32\...\Tobit ClipInc Server) (Version: - Tobit.Software) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0011-0000-0000-0000000FF1CE}_PROPLUSR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_PROPLUSR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft) Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_PROPLUSR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_PROPLUSR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_PROPLUSR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft) VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden VirtualDJ Home FREE (HKLM-x32\...\{77C2D5D4-ADC5-49F9-B36E-5992FCF35EA3}) (Version: 7.4.1 - Atomix Productions) VLC media player 1.0.2 (HKLM-x32\...\VLC media player) (Version: 1.0.2 - VideoLAN Team) Windows Live Anmelde-Assistent (HKLM-x32\...\{83E2CFA9-E0EB-4E08-9F85-43E577FF3D60}) (Version: 5.000.818.6 - Microsoft Corporation) Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live Sync (HKLM-x32\...\{8C1E2925-14F8-45AA-B999-1E2A74BF5607}) (Version: 14.0.8050.1202 - Microsoft Corporation) Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation) Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) WISO Bewerbung 2008 (HKLM-x32\...\{FD065B02-AE17-4496-8C0F-FFD3A9FD9460}) (Version: 6.1.0.56 - Buhl Data Service GmbH) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" => Keine Datei CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Sophia\AppData\Local\Dropbox\Update\1.3.27.35\DropboxUpdateOnDemand.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) CustomCLSID: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Sophia\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {09F5E393-8A48-45F3-B02C-3B6D96A89AF8} - System32\Tasks\{D4C0FD18-FF3B-4626-9B5E-64864D03C3BE} => pcalua.exe -a C:\Users\Sophia\Downloads\pf7-setup-en.exe -d "C:\Program Files (x86)\Mozilla Firefox" Task: {0ACC73E3-28B6-43B5-9C44-6B293C4BA4F0} - System32\Tasks\Launch BCM WLAN Tray => C:\Windows\system32\WLTRAY.EXE [2008-12-21] (Dell Inc.) Task: {2F87CBE3-FF14-4A3D-A2E4-FAF30E0D7CA0} - System32\Tasks\{3A4BB35E-A62F-4A40-A177-73AE358C27CD} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.) Task: {34137432-B485-4C40-A6F8-A5AD61B8A051} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {35BDA22B-7B9D-42A6-9EC3-C93DD4AC19FE} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{0A239F9D-3632-481E-B617-FED047FDB54A}.exe <==== ACHTUNG Task: {37F2978B-DB01-40AD-AE7C-BD6C4051CDA7} - System32\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {4D8C98FC-3AFE-4390-8F21-568275B30C1E} - System32\Tasks\{9B2CE4F5-B77C-400B-8B66-B0157D6B2649} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.) Task: {631680B8-6DD5-426F-AFA2-30BE533336F6} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.) Task: {74FBBDEB-15A8-4B89-8C40-36E011382C42} - System32\Tasks\{F87542B3-A960-489F-93F4-561D1D4FFCE1} => pcalua.exe -a C:\Users\Sophia\Downloads\avira_free_antivirus_de.exe -d C:\Windows\SysWOW64 Task: {9710792A-C72D-4D71-92BA-A4262BC64CE0} - System32\Tasks\{1BD7192E-0369-4267-AA15-C6F22AC16D91} => Firefox.exe hxxp://ui.skype.com/ui/0/6.21.0.104/de/go/help.faq.installer?LastError=1618 Task: {A65ABFC9-A50C-4E70-84D6-6E8116250D72} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-07-15] (Adobe Systems Incorporated) Task: {B0C91123-B9ED-47D0-AA61-4DB3769E5322} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: {B180542D-F09C-43D3-865B-75999BBDB68B} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-09-28] (Dropbox, Inc.) Task: {B2658FFD-FE10-4BD8-A025-EAC64D6E7E15} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {B470129E-5084-4614-BBA3-193E261DAFD6} - System32\Tasks\{2A6476E4-001C-4983-9886-A85283B4D035} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2016-04-08] (Skype Technologies S.A.) Task: {BD257C64-70A0-4594-B848-C20C2CE6CDA1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2015-08-27] (Apple Inc.) Task: {CBC9FB78-0B12-4FDE-99AD-2C90F412C9D3} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv => C:\Windows\TEMP\{5A0F391B-797D-47EA-A6A6-377C9728EE34}.exe <==== ACHTUNG Task: {D6E3619A-0BA8-4704-AD1E-33DB94E9E257} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-06-21] (PC-Doctor, Inc.) Task: {D8A48920-60FC-4F10-9997-11494FAF227D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.) Task: {F5FF1C6B-2113-421D-B380-763123BA6DF2} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2011-06-21] (PC-Doctor, Inc.) Task: {F9D6D4E7-C69E-4524-9CEB-189F73698348} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2011-06-21] (PC-Doctor, Inc.) Task: {FF57E1FE-9CAA-4BD0-823E-463FEFF51224} - System32\Tasks\{DDD62604-022D-46FC-9838-3A83020CEF97} => pcalua.exe -a C:\Users\Sophia\Downloads\pfsx-setup-en-10.4.1.exe -d "C:\Program Files (x86)\Mozilla Firefox" (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_HP_rmv.job => C:\Windows\TEMP\{5A0F391B-797D-47EA-A6A6-377C9728EE34}.exe <==== ACHTUNG Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{0A239F9D-3632-481E-B617-FED047FDB54A}.exe <==== ACHTUNG Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Dropbox\Update\DropboxUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000Core.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3595463166-1796683122-1627409653-1000UA.job => C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cce23eac9f2b80.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\uaclauncher.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\Online Help.lnk -> hxxp://www.virtualdj.com/wiki/ (Keine Datei) Shortcut: C:\Users\Sophia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ\www.virtualdj.com.lnk -> hxxp://www.virtualdj.com (Keine Datei) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2009-10-04 03:53 - 2008-12-21 20:35 - 00032768 _____ () C:\Windows\System32\WLTRYSVC.EXE 2009-10-04 03:53 - 2008-12-21 20:35 - 00057856 _____ () C:\Windows\System32\bcmwlrmt.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll 2015-01-20 23:35 - 2015-01-20 23:35 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll 2012-07-15 20:02 - 2009-10-09 21:11 - 00389120 ____R () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe 2009-10-11 20:31 - 2009-05-27 10:07 - 02230024 _____ () C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe 2009-10-04 05:53 - 2008-11-26 23:45 - 00119296 _____ () C:\Windows\system32\atitmm64.dll 2009-10-04 04:07 - 2010-07-21 17:36 - 00783680 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\Components\scheduler\STService.exe 2009-10-04 04:00 - 2009-10-04 04:00 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2008-09-18 17:30 - 2008-09-18 17:30 - 01186816 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Implementation\64\wbocx.ocx 2008-11-18 20:25 - 2008-11-18 20:25 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 00058688 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STCoreXml.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 00116032 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\PSTVdsDisk.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 00128320 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STLog.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 01123648 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\LibXml2.dll 2009-10-04 04:07 - 2010-07-21 17:34 - 00079168 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\zlib1.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 00234816 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STFiles.dll 2009-10-04 04:07 - 2010-07-21 17:34 - 00075072 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STRegistry.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 00111936 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STPE.dll 2009-10-04 04:07 - 2010-07-21 17:33 - 00121152 _____ () C:\Program Files (x86)\Dell DataSafe Local Backup\STNLS.dll 2016-07-13 22:33 - 2016-06-07 03:58 - 00034768 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd 2016-07-13 22:31 - 2016-06-07 03:58 - 00134088 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pyexpat.pyd 2016-07-13 22:31 - 2016-06-07 03:59 - 00019408 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\faulthandler.pyd 2016-07-13 22:31 - 2016-06-07 03:58 - 00116688 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pywintypes27.dll 2016-07-13 22:32 - 2016-06-07 03:58 - 00093640 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_ctypes.pyd 2016-07-13 22:32 - 2016-06-07 03:58 - 00018376 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\select.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00019760 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00105928 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32api.pyd 2016-07-13 22:31 - 2016-06-07 03:58 - 00392144 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\pythoncom27.dll 2016-07-13 22:32 - 2016-07-05 20:00 - 00381752 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd 2016-07-13 22:32 - 2016-06-07 03:58 - 00692688 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\unicodedata.pyd 2016-07-13 22:31 - 2016-07-05 19:59 - 00020816 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd 2016-07-13 22:32 - 2016-06-07 03:59 - 00123856 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd 2016-07-13 22:31 - 2016-07-05 19:59 - 01682760 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd 2016-07-13 22:31 - 2016-07-05 19:59 - 00020808 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00021840 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_unicode_environ_win32_x8bf8e68bx9968e850.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00052024 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00038696 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\fastpath.pyd 2016-07-13 22:31 - 2016-06-07 04:00 - 00020936 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\mmapfile.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00024528 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32event.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00114640 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32security.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00124880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32file.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00021832 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_pywin_kernel32_x64d8f881xc8c369be.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00024016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32clipboard.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00175560 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32gui.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00030160 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32pipe.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00043472 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32process.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00048592 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32service.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00023872 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.kernel32._winffi_kernel32.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00026456 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00057808 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32evtlog.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00024016 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32profile.pyd 2016-07-13 22:31 - 2016-07-05 19:59 - 00246592 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00028616 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32ts.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00020800 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.iphlpapi._winffi_iphlpapi.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00019776 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.winerror._winffi_winerror.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00020800 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winffi.wininet._winffi_wininet.pyd 2016-07-13 22:32 - 2016-06-07 03:58 - 00134608 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_elementtree.pyd 2016-07-13 22:31 - 2016-06-07 03:59 - 00240584 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\jpegtran.pyd 2016-07-13 22:31 - 2016-07-05 19:59 - 00020280 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00023376 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00350152 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winxpgui.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00022352 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00024392 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd 2016-07-13 22:31 - 2016-06-07 04:01 - 00036296 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\librsync.dll 2016-07-13 22:31 - 2016-07-05 20:00 - 00084280 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.dll 2016-07-13 22:31 - 2016-07-05 20:00 - 01826096 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd 2016-07-13 22:32 - 2016-06-07 03:59 - 00083912 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\sip.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 03928880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 01971504 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00531248 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00132912 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00223544 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd 2016-07-13 22:31 - 2016-07-05 20:00 - 00207672 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd 2016-07-13 22:32 - 2016-06-07 04:00 - 00060880 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\win32print.pyd 2016-07-13 22:32 - 2016-07-05 20:00 - 00024904 _____ () C:\Users\Sophia\AppData\Roaming\Dropbox\bin\_cffi_wpad_proxy_win_x752e3d61xdcfdcc84.pyd ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) HKLM\...\cmdfile\DefaultIcon: %SystemRoot%\System32\shell32.dll,-153 <===== ACHTUNG ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com Da befinden sich 7865 mehr Seiten. IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\007guard.com -> install.007guard.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008i.com -> 008i.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\008k.com -> www.008k.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\00hq.com -> www.00hq.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\010402.com -> 010402.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\0scan.com -> www.0scan.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-2005-search.com -> www.1-2005-search.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1000gratisproben.com -> www.1000gratisproben.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\1001namen.com -> www.1001namen.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100888290cs.com -> mir.100888290cs.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\100sexlinks.com -> www.100sexlinks.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\10sek.com -> www.10sek.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-26.net -> user1.12-26.net IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\12-27.net -> user1.12-27.net IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123fporn.info -> www.123fporn.info IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123moviedownload.com -> www.123moviedownload.com IE restricted site: HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\...\123simsen.com -> www.123simsen.com Da befinden sich 7865 mehr Seiten. ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2006-11-02 14:34 - 2006-09-18 23:37 - 00000761 ____N C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost ::1 localhost ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-3595463166-1796683122-1627409653-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Sophia\AppData\Roaming\Microsoft\Windows Live Photo Gallery\Windows Live Fotogalerie-Hintergrundbild.jpg DNS Servers: 192.168.179.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dell Dock.lnk => C:\Windows\pss\Dell Dock.lnk.Startup MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk.Startup MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\Windows\pss\OpenOffice.org 3.2.lnk.Startup MSCONFIG\startupfolder: C:^Users^Sophia^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WISO Bewerbung-Reminder.lnk => C:\Windows\pss\WISO Bewerbung-Reminder.lnk.Startup MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" MSCONFIG\startupreg: Broadcom Wireless Manager UI => C:\Windows\system32\WLTRAY.exe MSCONFIG\startupreg: CanonMyPrinter => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon MSCONFIG\startupreg: CanonSolutionMenu => "C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" /logon MSCONFIG\startupreg: ClipIncSrvTray => "C:\Program Files (x86)\Tobit ClipInc\Player\ClipIncTray.exe" MSCONFIG\startupreg: Dell DataSafe Online => "C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe" /m MSCONFIG\startupreg: DellSupportCenter => "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter MSCONFIG\startupreg: DivX Download Manager => "C:\Program Files (x86)\DivX\DivX Plus Web Player\DDmService.exe" start MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW MSCONFIG\startupreg: Facebook Update => "C:\Users\Sophia\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver MSCONFIG\startupreg: ICQ => "C:\Program Files (x86)\ICQ6.5\ICQ.exe" silent MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe" MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background MSCONFIG\startupreg: Ocs_SM => C:\Users\Sophia\AppData\Roaming\OCS\SM\SearchAnonymizer.exe MSCONFIG\startupreg: PDVDDXSrv => "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime MSCONFIG\startupreg: SAFEOEM HotKeys => "C:\Program Files (x86)\Steganos Safe OEM\SteganosHotKeyService.exe" MSCONFIG\startupreg: SDTray => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Spybot-S&D Cleaning => "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe" MSCONFIG\startupreg: XtraRichi => C:\Program Files (x86)\Richi\Richi_Skype_Com.exe /OnStartUp MSCONFIG\startupreg: YourFile DownloaderInstaller Starter => "C:\Users\Sophia\AppData\Local\Temp\install45508463.exe" -startup ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe FirewallRules: [{B05C359F-71EE-42AE-9E20-70C802415C21}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe FirewallRules: [{E4FB67BF-283F-4F22-99D6-426605F7487A}] => (Allow) C:\Program Files (x86)\Dell Video Chat\DellVideoChat.exe FirewallRules: [{9DFDC5A6-0B44-4945-A712-364D25CBE1A2}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PowerDVD.exe FirewallRules: [{5E557084-86C0-48D2-89D7-70983E758FD5}] => (Allow) C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe FirewallRules: [{7F7FF538-71D1-4B50-8FB1-FEA4BBCB039C}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\wlcsdk.exe FirewallRules: [{98F87DBC-9E3F-4705-8820-1B26E524BAF3}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe FirewallRules: [{60500BB9-48BC-444B-B228-554AD8747730}] => (Allow) svchost.exe FirewallRules: [{27571AE7-C787-41A4-8670-6E36DE1E2210}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe FirewallRules: [{9C531F82-F6F6-4CF0-AF2E-2CD5964F9982}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{DD831551-621A-4813-8858-8778D6F571B5}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe FirewallRules: [{47284108-2AC5-4C27-8295-9A0D607BE5FC}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Server\ClipInc-Server.exe FirewallRules: [{F7DE9E6A-C636-467F-922F-C6A16D0249D3}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe FirewallRules: [{CEC333DB-793D-42D1-A95A-0AF7EF0F830F}] => (Allow) C:\Program Files (x86)\Tobit ClipInc\Player\ClipInc-Player.exe FirewallRules: [TCP Query User{8E9E6E56-3D36-4596-8246-B4F1C2751383}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{8EA3B2CF-F7F6-49D8-AB9F-E9D5CC48151D}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [TCP Query User{E3F968D7-D5D6-4D1A-AF2F-7A9A82405BE4}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe FirewallRules: [UDP Query User{D17BD124-E17B-428F-BFEC-73DCDA202780}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe FirewallRules: [TCP Query User{B7B1E433-960A-4EE5-A95E-DF094CB0FD79}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe FirewallRules: [UDP Query User{78EE60B1-C735-420E-9427-C1486C24A225}C:\program files (x86)\dell video chat\dellvideochat.exe] => (Block) C:\program files (x86)\dell video chat\dellvideochat.exe FirewallRules: [{107333F1-502C-4016-9751-21D93564D454}] => (Allow) LPort=80 FirewallRules: [{B603BC84-F1D2-40F9-B53F-15D719A33F32}] => (Allow) LPort=80 FirewallRules: [{E58D0311-4E9D-497D-8F1B-8FA5B3954FBE}] => (Allow) LPort=80 FirewallRules: [TCP Query User{8A71DD60-7C11-42D3-A1C9-5447355584A7}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe FirewallRules: [UDP Query User{0A76124C-9AC8-4E2D-B1F9-B52A4D74AD8F}C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe] => (Allow) C:\users\sophia\desktop\jdownloader_portableapps\commonfiles\java\bin\javaw.exe FirewallRules: [{6C49B0EE-506D-4E18-86AC-330F956CB11B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{4427B135-E7E2-4622-8E1B-E2807EB63CB1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{6D13F511-0764-438A-8D23-AF0D1B09E1E9}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [{B5C569E7-1F5B-4A3F-B01E-4E49CB7DE03F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe FirewallRules: [TCP Query User{46482690-7E4A-45B4-AA5E-53CC243CAB77}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{E21F7EBF-B745-44C5-9BE8-FE0542E4B042}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [TCP Query User{86C4CC7D-8D13-424D-98FC-4C0BE7AEC30A}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [UDP Query User{19D6F1D3-BD01-4BF7-8B5C-6550D1B0031D}C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\sophia\appdata\roaming\dropbox\bin\dropbox.exe FirewallRules: [{A52470D0-B432-4AAB-8F9D-C40CAA1604A5}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [{AE252CFF-5D6E-49F5-9128-FE2FEABE6BA9}] => (Allow) C:\Users\Sophia\AppData\Roaming\Dropbox\bin\Dropbox.exe FirewallRules: [TCP Query User{45DA9764-7D77-46FA-8F45-EFF957766547}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [UDP Query User{675F5B2B-9E25-47AB-9663-ACA3C29AFB40}C:\program files (x86)\mozilla firefox\plugin-container.exe] => (Block) C:\program files (x86)\mozilla firefox\plugin-container.exe FirewallRules: [{1F51600D-A8A5-440C-99CE-3B2ACA83E2D7}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe FirewallRules: [{20E66476-D490-4251-B31B-33267E089B1F}] => (Allow) C:\Program Files (x86)\TubeDigger\TubeDigger.exe FirewallRules: [{EF373577-A6FA-4E87-9720-E8AA4E2CF2F2}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe FirewallRules: [{9F0D1EAE-BD42-44E9-8118-817382C89904}] => (Allow) C:\Users\Sophia\Downloads\The_Grand_Budapest_Hotel_downloader.exe FirewallRules: [TCP Query User{04E991F5-FCC4-4DA2-8B1B-65E2404E60BC}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe FirewallRules: [UDP Query User{065F4778-F241-40A7-927E-5E81FD07179D}C:\program files (x86)\icq6.5\icq.exe] => (Block) C:\program files (x86)\icq6.5\icq.exe FirewallRules: [{4A2CF61B-7D60-4797-B1BB-3F0BAA3D6673}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E008055F-1FDC-4A5E-ABD2-3980FB0C455C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{419AADDE-5FAD-4025-9A15-D89764983593}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [UDP Query User{8449250A-0EB1-4A33-BFAE-FA7254F05A1F}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe FirewallRules: [{BFD9FA37-14FA-4CE7-83BD-EE45A18E5A48}] => (Allow) C:\Program Files\iTunes\iTunes.exe FirewallRules: [{9717B5EE-6F18-436A-BB86-673FFA9FA911}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{E5AB7E4A-4E3C-4152-BE2C-CF74D3F0715E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{819C8916-180E-43C6-B5F9-968081A7DF12}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com FirewallRules: [{4F150475-EA94-4124-A6D5-19869C50A359}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe FirewallRules: [{F37D3743-72E5-4C28-8046-D1CBD65FDC69}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.com FirewallRules: [{BCDDBCDF-5AC8-4BBA-BB57-4B3D11D1D150}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe FirewallRules: [{0921CDB0-AE39-44D7-B8F8-F84E48B7A715}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\stats.exe FirewallRules: [{B5368453-8460-4B59-9A38-4CE66BADA7D0}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\23\WinWrapIDE.exe FirewallRules: [{C3576CC2-8B96-4081-A7C9-AB47FC72C72D}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe FirewallRules: [{E35E8A9C-C8FC-4B53-B538-874FD89F7573}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com FirewallRules: [{FE5EA5F8-5814-4B99-B598-3059C7DA305B}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\WinWrapIDE.exe FirewallRules: [{E1423783-A600-4F45-AE85-1C467CC07EB3}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.com FirewallRules: [{A3F2F8F5-BDE3-4B62-A00F-8A6556BEFA10}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe FirewallRules: [{98104441-A692-4FB6-A591-61A9DF32328E}] => (Allow) C:\Program Files\IBM\SPSS\Statistics\22\stats.exe FirewallRules: [TCP Query User{A228C6F7-56A2-43D9-807B-C84BB7964554}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe FirewallRules: [UDP Query User{D7EBEB6E-6D1E-469E-AA61-FBCC107267AB}C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe] => (Allow) C:\program files\ibm\spss\statistics\22\jre\bin\javaw.exe ==================== Wiederherstellungspunkte ========================= 12-06-2016 18:23:06 Geplanter Prüfpunkt 13-06-2016 17:15:28 Windows Update 16-06-2016 08:44:48 Windows Update 17-06-2016 16:12:46 Geplanter Prüfpunkt 18-06-2016 12:42:49 Geplanter Prüfpunkt 05-07-2016 14:44:29 Windows Update 15-07-2016 18:10:25 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Creative Live! Camera Description: Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Creative Technology Ltd. Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Creative Live! Camera Description: Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Creative Technology Ltd. Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. Name: Videokamera Description: Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f} Manufacturer: Creative Technology Ltd. Service: Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (07/15/2016 09:08:06 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/15/2016 06:53:55 PM) (Source: Windows Search Service) (EventID: 3013) (User: ) Description: Eintrag <C:\USERS\SOPHIA\APPDATA\LOCAL\MOZILLA\FIREFOX\PROFILES\D64WKZVR.DEFAULT-1415343792518\SAFEBROWSING-TO_DELETE> in der Hash-Zuordnung kann nicht aktualisiert werden. Kontext: Anwendung, SystemIndex Katalog Details: Ein an das System angeschlossenes Gerät funktioniert nicht. (0x8007001f) Error: (07/15/2016 06:11:36 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: PNRPsvcC:\Windows\system32\pnrpperf.dll8 Error: (07/15/2016 06:11:19 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: EmdCacheC:\Windows\system32\emdmgmt.dll8 Error: (07/15/2016 06:08:03 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/13/2016 10:36:51 PM) (Source: EventSystem) (EventID: 4621) (User: ) Description: 80070005EventSystem.EventSubscription{AA44355E-6911-4447-BA5D-6720480579AF}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000} Error: (07/13/2016 10:18:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/11/2016 07:31:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledSPRetry 4391787 Error: (07/11/2016 07:31:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: m->NextScheduledEvent 4391787 Error: (07/11/2016 07:31:01 PM) (Source: Bonjour Service) (EventID: 100) (User: ) Description: Task Scheduling Error: Continuously busy for more than a second Systemfehler: ============= Error: (03/24/2013 10:46:41 PM) (Source: EventLog) (EventID: 6008) (User: ) Description: Das System wurde zuvor am 24.03.2013 um 21:43:33 unerwartet heruntergefahren. Error: (03/24/2013 10:13:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103 Error: (03/24/2013 10:04:48 PM) (Source: HTTP) (EventID: 15016) (User: ) Description: \Device\Http\ReqQueueKerberos Error: (03/22/2013 03:36:28 PM) (Source: ACPI) (EventID: 13) (User: ) Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft. Error: (03/22/2013 08:04:58 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103 Error: (03/22/2013 07:58:01 AM) (Source: HTTP) (EventID: 15016) (User: ) Description: \Device\Http\ReqQueueKerberos Error: (03/21/2013 10:08:36 PM) (Source: ACPI) (EventID: 13) (User: ) Description: : Der eingebettete Controller (EC) hat nicht innerhalb des angegebenen Zeitlimits reagiert. Dies deutet auf einen Fehler in der EC-Hardware oder -Firmware hin bzw. darauf, dass das BIOS auf falsche Art auf den EC zugreift. Fragen Sie den Computerhersteller nach einem aktualisierten BIOS. Dieser Fehler kann in einigen Situationen zur Folge haben, dass der Computer fehlerhaft läuft. Error: (03/21/2013 08:35:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT) Description: 0x80070103Creative Technology Ltd. - Streaming Media and Broadcast - Creative Live! Camera{2E512539-115D-475F-B411-9906FE7CC425}103 Error: (03/21/2013 08:26:41 PM) (Source: HTTP) (EventID: 15016) (User: ) Description: \Device\Http\ReqQueueKerberos Error: (03/20/2013 08:10:14 PM) (Source: Service Control Manager) (EventID: 7011) (User: ) Description: 30000SftService CodeIntegrity: =================================== Date: 2016-07-15 21:14:20.082 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:14:18.958 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:14:17.614 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:08:29.510 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:08:28.683 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:08:27.841 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:08:27.014 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 21:08:26.187 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mwac.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 19:53:44.123 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. Date: 2016-07-15 19:53:42.609 Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume3\Windows\System32\drivers\mbamchameleon.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde. ==================== Speicherinformationen =========================== Prozessor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz Prozentuale Nutzung des RAM: 82% Installierter physikalischer RAM: 3066.06 MB Verfügbarer physikalischer RAM: 533.21 MB Summe virtueller Speicher: 6352.41 MB Verfügbarer virtueller Speicher: 3172.07 MB ==================== Laufwerke ================================ Drive c: (OS) (Fixed) (Total:218.2 GB) (Free:77.58 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (RECOVERY) (Fixed) (Total:14.65 GB) (Free:5.16 GB) NTFS Drive f: () (Removable) (Total:7.87 GB) (Free:7.87 GB) FAT32 ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (Size: 232.9 GB) (Disk ID: 855CF293) Partition 1: (Not Active) - (Size=39 MB) - (Type=DE) Partition 2: (Not Active) - (Size=14.6 GB) - (Type=07 NTFS) Partition 3: (Active) - (Size=218.2 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (Size: 7.9 GB) (Disk ID: 0278977B) Partition 1: (Active) - (Size=7.9 GB) - (Type=0B) ==================== Ende von Addition.txt ============================ |
27.07.2016, 14:14 | #3 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) Hi, nix mit Windows 7:
__________________Zitat:
Ich würde euch raten diesen Rechner mit einem aktuellen Windows neu zu installieren oder wenn man nicht auf Windows angewiesen ist, diesen mit Ubuntu MATE komplett neu einzurichten. Denn Vista ist eigentlich keine vernünftige Option mehr, liegt im Sterbebett.
__________________ |
28.07.2016, 20:15 | #4 |
| Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) Oh leck, das ist mir schon fast peinlich das übersehen zu haben. Wäre ein Update auf Windows 10 sinnvoll? Die Hardware würde es anscheinend hergeben. Oder soll ich mit diesem PC lieber auf Win 7 bzw 8.1 umsteigen? Mein anderer Pc läuft aktuell mit Windows 7. Wenn ich mich erinnere (aus anderen Threads die ich mitgelesen habe) würdest du hier einen Wechsel auf Win 10 für wahrscheinlich sinnvoll erachten (Bzw noch besser wäre der Wechsel auf Linus) Richtig? Hoffe die Frage nervt nicht, da ja das Update anscheinend morgen "ausläuft" und das bestimmt gerade der Dauerbrenner ist.. Linux natürlich, nicht Linus |
28.07.2016, 22:12 | #5 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) Ein Vista kannst du nicht kostenlos auf W10 heben. Zumal du eh nur noch wenige Stunden Zeit dafür hättest. Der 28. Juli 2016 soll der letzte Tag sein, vllt geht es morgen auch noch aber man muss mindestens W7 oder W8.1 haben oder eben nur den Key (bzw bei einem W8-UEFI-PC reicht die im UEFI installierte Windows-Lizenz) Bei deiner älteren CPU macht ein modernes Windows auch nur begrenzt Sinn, ich hab durchaus einige Rechner so anno 2008/2009 gesehen die ganz schön rumzicken bei W10. Also ja, ersetz das angestaubte Vista durch Linux, ich empfehle immer Ubuntu MATE. Aber lies mal den Einsteiger-Artikel erstmal durch:
__________________ Logfiles bitte immer in CODE-Tags posten |
18.08.2016, 12:15 | #6 |
| Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) Umstieg wird vollzogen! Vielen vielen Dank! |
Themen zu Windows 7: MSE Update hängt + Funde Malewarebytes (zweiter PC) |
browser, email, ergebnis, explorer, firefox, helper, hängt, internet, internet explorer, löschen, malwarebytes, microsoft, mozilla, neustart, problem, probleme, programm, software, temp, update, verbindung, vista, websites, windows, windows vista |