![]() |
|
Log-Analyse und Auswertung: JS/SecurityDisabler.BWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #14 |
![]() ![]() ![]() | ![]() JS/SecurityDisabler.BCode:
ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ======== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) * 2016-10-28 00:39 - 2016-01-22 15:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-10-27 23:17 - 2016-06-12 14:03 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Factorio 2016-10-27 23:11 - 2016-08-03 19:45 - 00000000 ____D C:\Program Files (x86)\Steam 2016-10-27 23:11 - 2016-08-03 16:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy 2016-10-27 21:55 - 2016-04-08 12:42 - 00000000 ___DC C:\Users\Tygan\Documents\GTA San Andreas User Files 2016-10-27 19:16 - 2016-04-04 23:51 - 00005758 __RSH C:\ProgramData\ntuser.pol 2016-10-27 18:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-10-27 18:10 - 2016-05-29 23:28 - 00000000 ____D C:\Users\Tygan\AppData\Local\ElevatedDiagnostics 2016-10-27 17:42 - 2016-08-03 17:08 - 00000000 ____D C:\Users\Tygan 2016-10-27 16:08 - 2016-04-16 17:34 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\vlc 2016-10-27 15:54 - 2016-04-04 23:35 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Skype 2016-10-26 13:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps 2016-10-25 20:07 - 2016-08-03 17:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-10-25 20:07 - 2016-08-03 16:56 - 00638600 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-10-25 20:07 - 2016-07-22 12:30 - 00000000 ____D C:\ProgramData\VMware 2016-10-25 20:07 - 2014-11-05 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-10-25 20:06 - 2016-07-16 08:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI 2016-10-25 19:50 - 2016-07-05 22:02 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\KeePass 2016-10-25 19:07 - 2016-06-22 14:59 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\gnupg 2016-10-25 17:44 - 2016-08-25 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-10-25 15:54 - 2016-07-05 21:57 - 00000000 ___DC C:\Users\Tygan\Documents\My Safes 2016-10-24 23:57 - 2016-01-23 00:25 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2016-10-24 23:57 - 2016-01-23 00:25 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-10-24 01:34 - 2016-08-21 17:03 - 00000000 ___RD C:\Users\Tygan\OneDrive 2016-10-23 12:25 - 2016-04-04 22:47 - 00000000 ____D C:\Users\Tygan\AppData\Local\Packages 2016-10-23 12:25 - 2015-04-07 11:25 - 00000000 ____D C:\ProgramData\Skype 2016-10-21 19:00 - 2016-08-03 17:29 - 00003610 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm 2016-10-20 18:24 - 2016-09-27 00:33 - 00000000 ___DC C:\Users\Tygan\Documents\CqPm5GsWcAEHdkc 2016-10-20 17:51 - 2016-04-04 22:47 - 00000000 ____D C:\Users\Tygan\AppData\Local\Google 2016-10-20 17:51 - 2016-01-23 00:23 - 00000000 ____D C:\Program Files (x86)\Google 2016-10-20 02:46 - 2016-01-20 13:47 - 00000000 ____D C:\Program Files (x86)\SpeedFan 2016-10-20 02:00 - 2016-04-30 20:14 - 00000000 ___DC C:\Users\Tygan\Documents\stuff 2016-10-20 01:48 - 1970-01-01 02:00 - 00000000 ___DC C:\Users\Tygan\Documents\WhatsApp 2016-10-19 23:46 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF 2016-10-19 13:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache 2016-10-18 17:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-10-16 16:16 - 2016-08-21 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2016-10-16 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2016-10-16 02:16 - 2016-08-09 23:38 - 00000000 ___HD C:\OneDriveTemp 2016-10-13 18:50 - 2016-08-03 17:05 - 02124996 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-10-13 18:50 - 2016-07-17 00:51 - 00798842 _____ C:\WINDOWS\system32\perfh007.dat 2016-10-13 18:50 - 2016-07-17 00:51 - 00188136 _____ C:\WINDOWS\system32\perfc007.dat 2016-10-13 01:03 - 2016-07-14 14:55 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\NetSpeedMonitor 2016-10-12 17:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-10-12 16:22 - 2015-07-29 18:28 - 00000000 __RHD C:\Users\Public\AccountPictures 2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs 2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB 2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns 2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz 2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB 2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel 2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences 2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer 2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer 2016-10-12 16:09 - 2016-07-25 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird 2016-10-12 11:42 - 2014-01-23 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-10-12 02:24 - 2014-01-23 20:41 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-10-11 20:20 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll 2016-10-11 20:19 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll 2016-10-09 14:04 - 2016-07-25 15:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer 2016-10-08 16:51 - 2016-04-17 19:45 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\VMware 2016-10-08 16:51 - 2016-04-17 19:45 - 00000000 ____D C:\Users\Tygan\AppData\Local\VMware 2016-10-06 19:22 - 2016-05-29 23:53 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\TeamViewer 2016-10-06 17:14 - 2016-07-25 15:39 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk 2016-10-06 17:14 - 2016-07-25 15:39 - 00001106 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk 2016-10-05 19:26 - 2016-07-13 19:08 - 00000000 ____D C:\Users\Tygan\AppData\Local\Ubisoft Game Launcher 2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2016-10-02 17:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12 2016-10-02 17:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup 2016-10-02 17:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism 2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12 2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup 2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe 2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-10-02 17:23 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep 2016-10-02 17:23 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism 2016-10-02 17:22 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection 2016-10-02 17:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning 2016-10-02 17:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr 2016-10-02 16:18 - 2016-06-25 22:40 - 00000000 ____D C:\Users\Tygan\AppData\Local\SquirrelTemp 2016-09-28 01:25 - 2016-06-25 22:41 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\discord * ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= * 2016-09-18 00:59 - 2016-09-18 17:16 - 0000000 _____ () C:\Users\Tygan\AppData\Roaming\FileIn.cns 2016-09-18 00:59 - 2016-09-18 17:16 - 0000000 _____ () C:\Users\Tygan\AppData\Roaming\FileOut.cns 2016-10-09 09:18 - 2016-10-09 09:18 - 0001737 _____ () C:\Users\Tygan\AppData\Roaming\log.xml 2016-07-17 23:18 - 2016-07-17 23:18 - 0007656 _____ () C:\Users\Tygan\AppData\Local\Resmon.ResmonCfg 2016-10-25 20:07 - 2016-10-25 20:07 - 0000000 ____H () C:\ProgramData\cm-lock * Einige Dateien in TEMP: ==================== C:\Users\Tygan\AppData\Local\Temp\OCLF103.tmp.dll C:\Users\Tygan\AppData\Local\Temp\OCLF1FF.tmp.dll C:\Users\Tygan\AppData\Local\Temp\sfamcc00001.dll C:\Users\Tygan\AppData\Local\Temp\sfareca00001.dll * * ==================== Bamital & volsnap ====================== * (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) * C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert * * LastRegBack: 2016-10-20 19:33* ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2016 durchgeführt von Tygan (28-10-2016 01:01:29) Gestartet von C:\Users\Tygan\Desktop Windows 10 Pro Version 1607 (X64) (2016-08-03 15:38:07) Start-Modus: Normal ========================================================== * * ==================== Konten: ============================= * Administrator (S-1-5-21-624198674-977653023-2037852723-500 - Administrator - Disabled) => C:\Users\Administrator DefaultAccount (S-1-5-21-624198674-977653023-2037852723-503 - Limited - Disabled) Gast (S-1-5-21-624198674-977653023-2037852723-501 - Limited - Disabled) Jendrik (S-1-5-21-624198674-977653023-2037852723-1027 - Limited - Enabled) => C:\Users\Jendrik Tygan (S-1-5-21-624198674-977653023-2037852723-1021 - Administrator - Enabled) => C:\Users\Tygan * ==================== Sicherheits-Center ======================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) * AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: ESET NOD32 Antivirus 9.0.402.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70} AS: ESET NOD32 Antivirus 9.0.402.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * ==================== Installierte Programme ====================== * (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) * 7art Fluorescent Clock © 7art-screensavers.com (HKLM-x32\...\7art Fluorescent Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com) 7art Radiating Clock © 7art-screensavers.com (HKLM-x32\...\7art Radiating Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com) 7art-ScreenSavers-Manager © 7art-screensavers.com (HKLM-x32\...\7art-ScreenSavers-Manager_is1) (Version: 4 - 7art-screensavers.com SoftWare Development Studio) 7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov) Adobe Shockwave Player 12.1 (HKLM-x32\...\{7E33E883-0D17-4397-A461-B576605E34B1}) (Version: 12.1.6.156 - Adobe Systems, Inc) AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam) AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) Core Temp 1.3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.3 - ALCPU) CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd) Discord (HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.) Discord (HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.) Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.02.001 - ) ESET NOD32 Antivirus (HKLM\...\{6A816859-EC01-43F5-9EE2-B3B168CC52CB}) (Version: 9.0.386.1 - ESET, spol. s r.o.) Factorio version 0.12.3 (HKLM\...\Factorio_is1) (Version: *- ) GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: *- GOG.com) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.) Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.) Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden Gpg4win (2.3.1) (HKLM-x32\...\GPG4Win) (Version: 2.3.1 - The Gpg4win Project) Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: *- Rockstar Games) Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games) Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: *- Rockstar Games) KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl) K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - ) LibreOffice 5.1.5.2 (HKLM-x32\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation) Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: *- ) MAGIX Movie Edit Pro 2016 Premium (HKLM\...\MX.{0E64129B-4258-44B9-8034-464C6E28878D}) (Version: 15.0.0.73 - MAGIX Software GmbH) MAGIX Movie Edit Pro 2016 Premium (Version: 15.0.0.73 - MAGIX Software GmbH) Hidden MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation) Microsoft Visual C++ 2010 *x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 *x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation) Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: *- Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft) Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla) Mozilla Thunderbird 45.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 de)) (Version: 45.3.0 - Mozilla) MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation) MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation) NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.2.0.6 - NETGEAR) NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles) puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.) Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.) RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd) Sid Meier's Civilization III: Complete (HKLM\...\Steam App 3910) (Version: *- Firaxis Games) Sid Meier's Civilization IV (HKLM\...\Steam App 3900) (Version: *- Firaxis Games) Sid Meier's Civilization IV: Beyond the Sword (HKLM\...\Steam App 8800) (Version: *- Firaxis Games) Sid Meier's Civilization IV: Colonization (HKLM\...\Steam App 16810) (Version: *- Firaxis Games) Sid Meier's Civilization IV: Warlords (HKLM\...\Steam App 3990) (Version: *- Firaxis Games) Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.) SleepTimer Ultimate 1.3 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: *- Christian Handorf) SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: *- ) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH) TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer) Terraria (HKLM-x32\...\Steam App 105600) (Version: *- Re-Logic) Tropico 4 (HKLM\...\Steam App 57690) (Version: *- Haemimont Games) Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft) VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.17 - IDRIX) VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN) VMware Workstation (HKLM\...\{F4C0A853-FA3B-4404-954B-799299EB5A98}) (Version: 12.1.1 - VMware, Inc.) WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.) Wireshark 2.0.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.5 - The Wireshark developer community, hxxps://www.wireshark.org) * ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) * CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1021_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation) * ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) * Task: {077D9730-A325-418A-A370-8FDB2AB69740} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-23] (Google Inc.) Task: {0925C293-A417-4212-97B6-79AA19FA7961} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0B75604B-9502-4A48-ADE3-1237E2FBF078} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {0CD77EEF-77A1-4F93-BB9B-E9200CE7EDD2} - System32\Tasks\{D5006F34-817C-4DE0-877C-FFF62AEC3502} => pcalua.exe -a D:\AUTORUN.EXE -d D:\ Task: {15D635DD-27BD-4CBB-8FF7-667CA955FEB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe Task: {1E24BA0C-A9C7-4EB3-B9FC-80BA2F51F025} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe Task: {2010C5A7-AB3A-49B1-9C74-87670E1563B1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {28F380A0-0DF8-4D51-B386-871F732C952C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe Task: {2AC1ADE9-DD33-422E-A1CB-A893D6A0AC4D} - System32\Tasks\{9C213DAE-C246-4484-90F4-704E34947FA1} => pcalua.exe -a D:\setup.exe -d D:\ Task: {34150056-E698-4C15-A124-37E8DE1AC7C7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe Task: {40237349-3DDE-4B82-8440-23FA248D5599} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe Task: {5403244C-E898-4F08-895E-F3CA03F79136} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5653A8BA-5766-4972-AFE4-6AF986F39A5A} - System32\Tasks\{A1C0E21F-C04B-4D7F-A3C7-F4A887B38845} => pcalua.exe -a "C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe" -d "C:\Program Files (x86)\ESET\ESET Online Scanner" Task: {565763B7-74CD-4027-9408-72B0647956E7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe Task: {56F31CE6-6542-4ED2-AD8A-6B1BDE758A4B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {5804C292-C77C-4BA6-A77B-687BCA77E37D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe Task: {5ACFA180-BE93-4757-A600-57A61FE79EDC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {66666BC5-008A-46A1-96D6-285393AE992E} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMOJMMGMJJIMJMLJCNOJHMPMNJCNLMGMGMGMCNGMOMHMKMCNGMLMNMJJLMGMOJJMMMLJKJMMJNJICMIMCNGMCNOMNMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMNMHMJNHICMEKMICNJJCKJNBJCMDLKJCJPMLIHJJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFI (Der Dateneintrag hat 29 mehr Zeichen). Task: {6670D31E-C371-47EA-AEBC-DFCB51D7B4B5} - System32\Tasks\Sperrbildschirm => add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f Task: {6B947FBC-CBFA-49C1-BE7A-76A0EEA3F402} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {726B0AD1-019A-4519-A737-567260356221} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK Task: {79A51A49-477E-4F5F-8156-0AC3B0B6EE79} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe Task: {7D2FC676-CC2E-44B0-820F-C92183A172FF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {8C74191A-5503-44AD-8270-915C52BBC428} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {90633838-3B10-43F0-BC61-5C8504498795} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {90AFBFCB-A5D9-4CA2-A58A-95CFFE3A4C90} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {92ED629F-603B-4D58-A644-04F7BB98D4C8} - System32\Tasks\Core Temp Autostart Tygan => C:\Program Files\Core Temp\Core Temp.exe [2016-09-11] () Task: {948C723C-F96E-4B20-A39A-9FBCBE0F5F2F} - System32\Tasks\avastBCLRestartS-1-5-21-624198674-977653023-2037852723-1003 => Firefox.exe Task: {9958AC97-9AE4-4593-BC43-0FC982D5E833} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe Task: {9B052FB7-4425-490E-BC1E-4E7554AD627D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {9EEF6C19-6405-4416-B34E-A560701B7380} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe Task: {A03E5801-CB80-4C0C-A0E8-F73C97F59AEB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe Task: {A97FEBFA-8C43-4447-B21D-C6897DA374E4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe Task: {AA43015D-35A1-43C5-BE5E-A138B79B3AF1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe Task: {B6E6AFBA-338C-44F1-B2A5-FBD198DEC00C} - System32\Tasks\{A4058700-9B97-4117-8851-8B6C3C211F42} => pcalua.exe -a C:\Users\Jendrik\Downloads\jxpiinstall.exe -d C:\Users\Jendrik\Downloads Task: {B6F44A38-2743-4D90-A4F1-751570CCFEBC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation) Task: {B954A2A3-7EA5-47B8-93AB-136A508381A7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {BF62A763-E716-43FD-8FE9-0C5A5842EDF7} - System32\Tasks\{8E2B0D8E-A7C2-41AB-A0CC-6F1051CCC161} => pcalua.exe -a "C:\Program Files\Codemasters\OperationFlashpoint\OpFlashPreferences.exe" -d "C:\Program Files\Codemasters\OperationFlashpoint" Task: {C525495D-FB5A-4963-BDEC-4C77CE448931} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation) Task: {C9DE67D1-1BB8-4B1A-AA9D-E0B1199931F8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {CBA0DA7C-9D08-4490-9AD7-B38E02C71747} - System32\Tasks\{197B8FA4-1324-4E58-977E-3387813919D4} => pcalua.exe -a D:\DirectX\dxsetup.exe -d D:\DirectX Task: {CDE38717-7FCF-49E4-9B48-4D8930E458E0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {DA80726F-9E08-4DF3-B961-7A8A7D20A5C6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe Task: {E7EAF163-3F7F-44D3-9B80-C8B5F93C8F28} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe Task: {F1E4FF0B-03E2-4A42-BF69-17E5765E0C20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe Task: {F6A11EE2-0023-4595-8D9D-F2922462880E} - System32\Tasks\{1A673BBD-E760-48DE-8182-982ABA1E0CD0} => pcalua.exe -a C:\Users\Deus\Downloads\forge-1.8-11.14.1.1361-installer-win.exe -d C:\Users\Deus\Downloads Task: {F8D69DA4-D5C2-4E9D-930E-2906092F8638} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe Task: {FB409A52-D98C-4458-BB8A-24EE89EF7A6E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {FC13AE24-50AF-4150-830A-1BA18858E237} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {FE639A93-6D40-4961-AC31-1B45E9126512} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {FF4245B5-59A8-403F-B4E5-8A1D3FF865E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-23] (Google Inc.) Task: {FFF8BFAC-4011-4218-BA7B-C5B42F2008CC} - System32\Tasks\{104B9CA5-EF7D-4A10-ADB6-70F6F3EB62CE} => pcalua.exe -a C:\Users\Deus\Downloads\VMware-workstation-full-11.1.0-2496824.exe -d C:\Users\Deus\Downloads * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) * Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe * ==================== Verknüpfungen ============================= * (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) * ShortcutWithArgument: C:\Users\Tygan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Lem0th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" * ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== * 2016-04-05 13:25 - 2016-04-05 13:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe 2014-11-03 19:48 - 2014-08-18 18:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe 2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2016-04-17 15:46 - 2016-09-11 10:19 - 00925160 _____ () C:\Program Files\Core Temp\Core Temp.exe 2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll 2016-08-25 17:45 - 2016-08-25 17:45 - 01864384 _____ () C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll 2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll 2016-05-27 14:19 - 2016-05-27 14:19 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2016-09-14 23:31 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll 2016-10-11 20:51 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll 2012-01-10 14:41 - 2015-05-30 18:26 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe 2015-02-11 20:57 - 2015-08-10 02:21 - 08276200 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe 2016-10-11 20:52 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-10-11 20:52 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-10-11 20:52 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll 2016-10-11 20:52 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-10-11 20:53 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2016-10-26 12:50 - 2016-10-26 12:51 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11609.1001.29.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll 2016-04-05 13:12 - 2016-04-05 13:12 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll 2016-04-05 13:01 - 2016-04-05 13:01 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll 2016-04-05 13:12 - 2016-04-05 13:12 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll 2016-04-05 13:15 - 2016-04-05 13:15 - 00750592 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll 2016-04-05 13:06 - 2016-04-05 13:06 - 00087552 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll 2016-04-14 17:16 - 2016-04-14 17:16 - 01309768 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll 2014-11-03 19:48 - 2015-07-15 17:26 - 00450560 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiLib.dll 2015-02-11 20:58 - 2014-07-22 11:18 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll 2016-08-25 17:45 - 2016-08-25 17:45 - 01383616 _____ () C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll 2016-10-24 23:57 - 2016-10-20 10:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll 2016-10-24 23:57 - 2016-10-20 10:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll 2016-08-03 19:49 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2016-08-03 19:49 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll 2016-08-03 19:49 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll 2016-08-03 19:49 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2016-08-03 19:49 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2016-08-03 19:49 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2016-08-03 19:49 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2016-08-03 19:49 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2016-08-03 19:49 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2016-08-03 19:49 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2016-08-03 19:49 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2016-08-03 19:49 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll 2016-10-14 13:18 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll 2016-08-03 19:49 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll Code:
ATTFilter ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) * * ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) * * ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) * * ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) * * ==================== Hosts Inhalt: ========================== * (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) * 2009-07-14 04:34 - 2016-02-24 15:53 - 00001095 ____A C:\WINDOWS\system32\Drivers\etc\hosts * 127.0.0.1 choice.microsoft.com 127.0.0.1 Choice.microsoft.com.nstac.net 127.0.0.1 Df.telemetry.microsoft.com 127.0.0.1 Oca.telemetry.microsoft.com 127.0.0.1 Oca.telemetry.microsoft.com.nsatc.net 127.0.0.1 Redir.metaservices.microsoft.com 127.0.0.1 Reports.wes.df.telemetry.microsoft.com 127.0.0.1 Services.wes.df.telemetry.microsoft.com 127.0.0.1 Settings-sandbox.data.microsoft.com 127.0.0.1 Sqm.df.telemetry.microsoft.com 127.0.0.1 Sqm.telemetry.microsoft.com 127.0.0.1 Sqm.telemetry.microsoft.com.nsatc.net 127.0.0.1 Telecommand.telemetry.microsoft.com 127.0.0.1 Telecommand.telemetry.microsoft.com.nsatc.net 127.0.0.1 Telemetry.appex.bing.net 127.0.0.1 Telemetry.appex.bing.net:443 127.0.0.1 Telemetry.microsoft.com 127.0.0.1 Telemetry.urs.microsoft.com 127.0.0.1 Vortex-sandbox.data.microsoft.com 127.0.0.1 Vortex-win.data.microsoft.com 127.0.0.1 Vortex.data.microsoft.com 127.0.0.1 Watson.telemetry.microsoft.com 127.0.0.1 Watson.telemetry.microsoft.com.nsatc.net 127.0.0.1 apps.skype.com 127.0.0.1 apps.spotify.com * ==================== Andere Bereiche ============================ * (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) * HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg HKU\S-1-5-21-624198674-977653023-2037852723-1021\Control Panel\Desktop\\Wallpaper -> c:\users\tygan\appdata\roaming\mozilla\firefox\desktop-hintergrund.bmp HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\tygan\appdata\roaming\mozilla\firefox\desktop-hintergrund.bmp HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jendrik\Pictures\Saved Pictures\askwallpapers.com-43185.jpg HKU\S-1-5-21-624198674-977653023-2037852723-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. * ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == * MSCONFIG\Services: dbupdate => 2 MSCONFIG\Services: dbupdatem => 3 MSCONFIG\Services: gupdate => 2 MSCONFIG\Services: gupdatem => 3 MSCONFIG\Services: hshld => 2 MSCONFIG\Services: HssTrayService => 3 MSCONFIG\Services: HssWd => 2 MSCONFIG\Services: MBAMScheduler => 2 MSCONFIG\Services: MBAMService => 2 MSCONFIG\Services: MF NTFS Monitor => 2 MSCONFIG\Services: MozillaMaintenance => 3 MSCONFIG\Services: Origin Client Service => 3 MSCONFIG\Services: rpcapd => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\Services: Steam Client Service => 3 MSCONFIG\Services: TeamViewer => 2 MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0" HKLM\...\StartupApproved\Run32: => "Dropbox" HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched" HKLM\...\StartupApproved\Run32: => "ISUSScheduler" HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A4E4554F4E7E4C46D94738AFC6CF13" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "ISUSPM Startup" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "SecureBanking" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "pCloud" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GalaxyClient" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A4E4554F4E7E4C46D94738AFC6CF13" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ISUSPM Startup" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SandboxieControl" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SecureBanking" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Discord" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleDriveSync" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "pCloud" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive" HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GalaxyClient" * ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) * FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{E60AE206-2D55-4AE2-BE03-1329312FD0F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{378394AB-9822-4122-8E55-E3995F4CA54A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{777B1491-5F7F-41B3-88A0-E196B3EAFCC0}] => (Block) C:\Program Files\MAGIX\Movie Edit Pro 2016 Premium\Videodeluxe.exe FirewallRules: [{D27C7C8E-1B14-45CA-B1D5-1CE4ECCE5D37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe FirewallRules: [{A42BE9C8-851B-4EF6-AEEF-811D2922A9E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe FirewallRules: [{88B80F2A-4D2D-4167-B2DB-274A064167AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe FirewallRules: [{3D971F71-8933-43F4-ABF0-1D0FAFA5D112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe FirewallRules: [{AC68BEBD-FB95-4821-96F5-D051F3C7570F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe FirewallRules: [{AB8027AA-30D9-418F-933C-E9C1E46F1131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe FirewallRules: [{5CA233AE-05C8-43E9-B286-450B6F760564}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe FirewallRules: [{50A6CFBE-9E49-42AC-9709-23D26F9C4577}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe FirewallRules: [{3C38DAF4-FB24-44EF-878A-F4A6C9C03B8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe FirewallRules: [{109A825B-BFD3-4938-AC47-369D022FF258}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe FirewallRules: [{B44C3290-9BDF-4139-8560-92E46110C1C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\Factorio.exe FirewallRules: [{BF63379B-841E-4B1F-BBA1-A06987AD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\Factorio.exe FirewallRules: [UDP Query User{7FC55172-7B01-4F4C-8E97-01BD9B41FF9F}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [TCP Query User{C37E1485-FA69-404E-9B3C-CAB73BFD5045}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{1DB619F2-55EB-458A-A1F0-CC69931D7953}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [TCP Query User{CF1861DC-4799-410C-8AE7-FB60D285C243}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe FirewallRules: [UDP Query User{1B73E9FF-F469-4B8D-888C-CA465E90CCA3}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe FirewallRules: [TCP Query User{816974BA-CA0A-4943-9878-2EC7BEE898A6}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe FirewallRules: [UDP Query User{8CA8EC04-3441-45AD-9C88-62454794DE5E}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe FirewallRules: [TCP Query User{1BE7434B-A126-4C66-AA5D-1AD1CD895E4E}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe FirewallRules: [UDP Query User{26D9069E-74CF-4BB8-BB4E-B9A4F160A93B}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [TCP Query User{9EBF9B06-1E53-4968-8D45-64E7F5AB85D4}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe FirewallRules: [UDP Query User{4AD96FA5-D0F1-4A80-B277-A8EC07B1095B}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe FirewallRules: [TCP Query User{1C83C5A9-CB4A-4E20-8FA2-A55AD8A8AD85}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe FirewallRules: [{E6972D16-0AC3-4BC9-B47C-514B7F426CB7}] => (Block) C:\Program Files\MAGIX\Movie Edit Pro 2016 Premium\Videodeluxe.exe FirewallRules: [UDP Query User{1281CC9F-65AC-4C51-899F-6F497D4741B1}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [TCP Query User{A0D57D79-90D4-4328-A541-14045F7C2F3A}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe FirewallRules: [UDP Query User{87795A95-AC95-41A5-B44D-0FC8B98692F7}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{49D22B15-CEAC-4B61-B0DB-ADB5DD1DBD3B}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{460DAE00-1A73-4C21-88E5-DF8586370FE8}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{5E58BCBA-2A54-42BA-9272-F8FC180D0541}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [UDP Query User{FEB90422-50BF-4BBC-9C67-1CA183385D2A}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [TCP Query User{2E56E230-0344-4E6A-A98B-DB52242916A6}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe FirewallRules: [{ABD9AFF4-0930-4994-A760-3A0541789D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{1070E7AE-683B-4575-AE32-64B778CEA047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe FirewallRules: [{CA1EF5BB-0368-4FDB-B4D7-A96D85334062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe FirewallRules: [{F930D29C-5362-4EE2-99B9-D74E90CF26FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe FirewallRules: [UDP Query User{9AAF3CFF-DD7A-497A-BE2F-F9EFB4709A44}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [TCP Query User{CBCA0539-E485-4FB4-BF53-DEB504D29C8C}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{C6C52E2C-A3B4-4AD8-AEB5-CC968831FC3E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{93D428DF-D9C1-4E3D-A833-119E7AD19B5F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{E2BF7FA6-5490-4AD5-9649-9CEADB98B4C6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{59343DAA-AC50-4FC2-8130-AFAAD277F5B4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{F425035C-FBD1-4846-BDC4-AE2E1A8F6BD6}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [UDP Query User{C5BED132-D2F1-4B49-8E1C-89BA784920F2}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe FirewallRules: [{4A4247F5-9F6F-4FBE-AE9A-6856E2C09127}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{8275ADA2-E5C4-49CD-8056-9491007BA7D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{54B2336C-4F2A-4C84-8028-6A77EF4C8E56}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{EC32C821-96C4-41F2-BD9A-609FEFA5B42F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [TCP Query User{D204B75D-FE2F-452A-A067-DBA89935BD82}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{902F54A4-0F65-4C67-91EA-EC5BFBEEE553}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{A24E337A-91EB-489C-82A0-4CA2CCEBA69D}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{FC5CEB87-E833-4592-8760-3780D7556624}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe FirewallRules: [{9EBBE327-BE32-4380-9CBC-88C1AD733278}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe FirewallRules: [{6236CC6A-BAC1-4844-B52D-4F058E166D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe FirewallRules: [TCP Query User{EE24100D-05F1-4FDC-B0FB-55A8BF1B4487}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johnny\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{98E01700-645C-4C9A-9952-5BF89CBCF7CB}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johnny\appdata\roaming\spotify\spotify.exe FirewallRules: [TCP Query User{4B8C2D2F-48DE-4603-A1B7-651D9094521E}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnny\appdata\roaming\spotify\spotify.exe FirewallRules: [UDP Query User{B808CC0C-4968-48F4-9BE7-084EF520E631}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnny\appdata\roaming\spotify\spotify.exe FirewallRules: [{06645459-E8FE-460B-9788-FE0E7710DD9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [TCP Query User{3BB40C19-F2EA-4690-B6BB-367E7C2C263A}C:\users\tygan\desktop\utox64.exe] => (Allow) C:\users\tygan\desktop\utox64.exe FirewallRules: [UDP Query User{AF48CB2B-A69C-4CF2-B462-881C4995E614}C:\users\tygan\desktop\utox64.exe] => (Allow) C:\users\tygan\desktop\utox64.exe FirewallRules: [{CC5F2C28-7374-4AED-9D91-90C23E4FBB56}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe FirewallRules: [{3C26B0A2-E042-47DB-90D4-9F81BC82B2CC}] => (Allow) %ProgramFiles% (x86)\Mozilla Thunderbird\thunderbird.exe FirewallRules: [{021008C2-F369-4EC7-A04F-B64627B642D6}] => (Allow) %ProgramFiles% (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{0CFD36A9-C245-4D8B-BCE4-B97CFBC7E2E3}] => (Allow) %ProgramFiles% (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{A42A4ACF-AFF2-4FE1-B6E7-01E1B0D51AD6}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{FA3668CF-4DB9-442E-8FD0-BEA511AF5C28}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe FirewallRules: [{10002992-5381-4F7E-A8E3-F9AC916948F0}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [{1A0E3CA8-C531-4491-9CC0-85423CB2DCB8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe FirewallRules: [TCP Query User{CCB62BA7-C113-4531-B50E-640CD87BB559}C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe] => (Block) C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe FirewallRules: [UDP Query User{33C0DCE6-0B9C-4CBA-AF03-8E1E16C6D5E3}C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe] => (Block) C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe FirewallRules: [{744C119E-95E6-45E9-9D1B-C5B0C2DED0C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe FirewallRules: [{E3FA991D-9810-466F-9656-15F57B069853}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe FirewallRules: [{52BCE2DD-BE9B-4D83-94DC-518971B48B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe FirewallRules: [{6108EBF8-5249-4288-8E76-82B630A50267}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe FirewallRules: [{570422B8-0DA1-4ED4-9AF5-B3C0CB2218A7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{F68498C4-1C82-46BF-A645-3429352A92A0}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{DE432B9C-B9B8-484E-92F4-420DB4569043}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{BC9350F7-BEDB-4808-995E-02C045262D71}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe FirewallRules: [{D39CE7E7-9A84-4D48-A6CD-950B7A709948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{0AD4EE55-F182-4650-B77C-B0AA0CC77498}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{782A129E-D7B8-4D5F-84C3-5B942E514135}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{97F0C4C6-8E0B-47A1-93A9-FE98D28FAD5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{4B08A4B8-7066-457B-8854-5622FFC641A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe * ==================== Wiederherstellungspunkte ========================= * 20-10-2016 02:35:17 Installed LibreOffice 5.1.5.2 * ==================== Fehlerhafte Geräte im Gerätemanager ============= * Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. * Name: PS/2-Standardtastatur Description: PS/2-Standardtastatur Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standardtastaturen) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. * * ==================== Fehlereinträge in der Ereignisanzeige: ========================= * Applikationsfehler: ================== Error: (10/28/2016 12:24:53 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.14393.0, Zeitstempel: 0x57899b1c Name des fehlerhaften Moduls: mapsbtsvc.dll, Version: 10.0.14393.187, Zeitstempel: 0x57cf9ec8 Ausnahmecode: 0x8400000a Fehleroffset: 0x00000000000023d4 ID des fehlerhaften Prozesses: 0x259c Startzeit der fehlerhaften Anwendung: 0x01d230a06f022ede Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe Pfad des fehlerhaften Moduls: c:\windows\system32\mapsbtsvc.dll Berichtskennung: 0777afb1-fe40-4e56-852b-7d8a71287e53 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: * Error: (10/27/2016 06:12:40 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. * Error: (10/27/2016 06:12:40 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Die erweiterbare Leistungsindikator-DLL ASP.NET_1.1.4322 kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode. * Error: (10/26/2016 05:38:09 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 49.0.2.6136, Zeitstempel: 0x5807c043 Name des fehlerhaften Moduls: mozglue.dll, Version: 49.0.2.6136, Zeitstempel: 0x5807b9a7 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000e83e ID des fehlerhaften Prozesses: 0x64c Startzeit der fehlerhaften Anwendung: 0x01d22f9edf59269a Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Berichtskennung: 801a007a-6037-4a52-b9c5-20d7d7c56269 Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: * Error: (10/26/2016 03:16:28 AM) (Source: Winlogon) (EventID: 4005) (User: ) Description: Der Windows-Anmeldeprozess wurde unerwartet beendet. * Error: (10/26/2016 12:47:00 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 49.0.2.6136, Zeitstempel: 0x5807c043 Name des fehlerhaften Moduls: mozglue.dll, Version: 49.0.2.6136, Zeitstempel: 0x5807b9a7 Ausnahmecode: 0x80000003 Fehleroffset: 0x0000e83e ID des fehlerhaften Prozesses: 0x141c Startzeit der fehlerhaften Anwendung: 0x01d22f0d4afb5636 Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll Berichtskennung: 37ccbcb1-246f-4207-a377-71512cbb5b4a Vollständiger Name des fehlerhaften Pakets: Anwendungs-ID, die relativ zum fehlerhaften Paket ist: * Error: (10/25/2016 04:53:52 PM) (Source: Perflib) (EventID: 1010) (User: ) Description: Die Collect-Prozedur für den "C:\Windows\System32\winspool.drv"-Dienst in der DLL "Spooler" hat eine Ausnahme verursacht oder einen ungültigen Status zurückgegeben. Die von der Leistungsindikatoren-DLL zurückgegebenen Leistungsdaten werden nicht im Perf Data Block zurückgegeben. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Ausnahmecode oder den Statuscode. * Error: (10/25/2016 04:53:51 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode. * Error: (10/25/2016 04:53:51 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: Die erweiterbare Leistungsindikator-DLL ASP.NET_1.1.4322 kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode. * Error: (10/25/2016 11:55:12 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: COMPUTER-128234) Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005. * * Systemfehler: ============= Error: (10/28/2016 01:04:51 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234) Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. * Error: (10/28/2016 01:02:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: Unbekannter Fehler * Error: (10/28/2016 12:49:11 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234) Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. * Error: (10/28/2016 12:47:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: Unbekannter Fehler * Error: (10/28/2016 12:39:07 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234) Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. * Error: (10/28/2016 12:37:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: Unbekannter Fehler * Error: (10/28/2016 12:24:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Dienst "Manager für heruntergeladene Karten" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert. * Error: (10/27/2016 05:42:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT) Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID {8D8F4F83-3594-4F07-8369-FC3C3CAE4919} *und der APPID {F72671A9-012C-4725-9D2F-2A4D32D65169} *im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden. * Error: (10/27/2016 02:01:27 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234) Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden. * Error: (10/27/2016 01:59:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: Unbekannter Fehler * * CodeIntegrity: =================================== * Date: 2016-08-16 19:43:08.880 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:43:08.878 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:43:08.600 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:43:08.472 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:41:57.720 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:41:57.162 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:41:57.144 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * Date: 2016-08-16 19:41:56.389 * Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. * * ==================== Speicherinformationen =========================== * Prozessor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz Prozentuale Nutzung des RAM: 84% Installierter physikalischer RAM: 4094.18 MB Verfügbarer physikalischer RAM: 615.38 MB Summe virtueller Speicher: 8446.18 MB Verfügbarer virtueller Speicher: 1360.23 MB * ==================== Laufwerke ================================ * Drive c: (System) (Fixed) (Total:390.09 GB) (Free:207.49 GB) NTFS Drive y: (Volume) (Fixed) (Total:75.14 GB) (Free:75.04 GB) NTFS * ==================== MBR & Partitionstabelle ================== * ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 933BC6BB) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=390.1 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=450 MB) - (Type=27) Partition 4: (Not Active) - (Size=75.1 GB) - (Type=OF Extended) * ==================== Ende von Addition.txt ============================ |
Themen zu JS/SecurityDisabler.B |
angezeigt, angucken, anhänge, anhängen, aufklärung, bearbeitung, bereinigung, eset, folge, folgender, forum, freue, gemeldet, gucken, https, hänge, hängen, js/securitydisabler.b, log, log's, meldung, nicht, thema, thread, warnung |