Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
JS/SecurityDisabler.B

JS/SecurityDisabler.B


Log-Analyse und Auswertung: JS/SecurityDisabler.B

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 28.10.2016, 13:10   #14
Ladekabel612
 
JS/SecurityDisabler.B - Standard

JS/SecurityDisabler.B


Code:
ATTFilter
==================== Ein Monat: Geänderte Dateien und Ordner ========
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
*
2016-10-28 00:39 - 2016-01-22 15:31 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-10-27 23:17 - 2016-06-12 14:03 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Factorio
2016-10-27 23:11 - 2016-08-03 19:45 - 00000000 ____D C:\Program Files (x86)\Steam
2016-10-27 23:11 - 2016-08-03 16:57 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-10-27 21:55 - 2016-04-08 12:42 - 00000000 ___DC C:\Users\Tygan\Documents\GTA San Andreas User Files
2016-10-27 19:16 - 2016-04-04 23:51 - 00005758 __RSH C:\ProgramData\ntuser.pol
2016-10-27 18:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-10-27 18:10 - 2016-05-29 23:28 - 00000000 ____D C:\Users\Tygan\AppData\Local\ElevatedDiagnostics
2016-10-27 17:42 - 2016-08-03 17:08 - 00000000 ____D C:\Users\Tygan
2016-10-27 16:08 - 2016-04-16 17:34 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\vlc
2016-10-27 15:54 - 2016-04-04 23:35 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\Skype
2016-10-26 13:03 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-10-25 20:07 - 2016-08-03 17:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-10-25 20:07 - 2016-08-03 16:56 - 00638600 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-25 20:07 - 2016-07-22 12:30 - 00000000 ____D C:\ProgramData\VMware
2016-10-25 20:07 - 2014-11-05 17:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-10-25 20:06 - 2016-07-16 08:04 - 01310720 _____ C:\WINDOWS\system32\config\BBI
2016-10-25 19:50 - 2016-07-05 22:02 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\KeePass
2016-10-25 19:07 - 2016-06-22 14:59 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\gnupg
2016-10-25 17:44 - 2016-08-25 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-25 15:54 - 2016-07-05 21:57 - 00000000 ___DC C:\Users\Tygan\Documents\My Safes
2016-10-24 23:57 - 2016-01-23 00:25 - 00002270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-10-24 23:57 - 2016-01-23 00:25 - 00002258 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-10-24 01:34 - 2016-08-21 17:03 - 00000000 ___RD C:\Users\Tygan\OneDrive
2016-10-23 12:25 - 2016-04-04 22:47 - 00000000 ____D C:\Users\Tygan\AppData\Local\Packages
2016-10-23 12:25 - 2015-04-07 11:25 - 00000000 ____D C:\ProgramData\Skype
2016-10-21 19:00 - 2016-08-03 17:29 - 00003610 _____ C:\WINDOWS\System32\Tasks\Open URL by RoboForm
2016-10-20 18:24 - 2016-09-27 00:33 - 00000000 ___DC C:\Users\Tygan\Documents\CqPm5GsWcAEHdkc
2016-10-20 17:51 - 2016-04-04 22:47 - 00000000 ____D C:\Users\Tygan\AppData\Local\Google
2016-10-20 17:51 - 2016-01-23 00:23 - 00000000 ____D C:\Program Files (x86)\Google
2016-10-20 02:46 - 2016-01-20 13:47 - 00000000 ____D C:\Program Files (x86)\SpeedFan
2016-10-20 02:00 - 2016-04-30 20:14 - 00000000 ___DC C:\Users\Tygan\Documents\stuff
2016-10-20 01:48 - 1970-01-01 02:00 - 00000000 ___DC C:\Users\Tygan\Documents\WhatsApp
2016-10-19 23:46 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2016-10-19 13:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-18 17:19 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-16 16:16 - 2016-08-21 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-16 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-16 02:16 - 2016-08-09 23:38 - 00000000 ___HD C:\OneDriveTemp
2016-10-13 18:50 - 2016-08-03 17:05 - 02124996 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-10-13 18:50 - 2016-07-17 00:51 - 00798842 _____ C:\WINDOWS\system32\perfh007.dat
2016-10-13 18:50 - 2016-07-17 00:51 - 00188136 _____ C:\WINDOWS\system32\perfc007.dat
2016-10-13 01:03 - 2016-07-14 14:55 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\NetSpeedMonitor
2016-10-12 17:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-10-12 16:22 - 2015-07-29 18:28 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-12 16:15 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\en-GB
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-12 16:14 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-12 16:09 - 2016-07-25 18:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-12 11:42 - 2014-01-23 20:41 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-12 02:24 - 2014-01-23 20:41 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-11 20:20 - 2016-07-16 13:42 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2016-10-11 20:19 - 2016-07-16 13:43 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2016-10-09 14:04 - 2016-07-25 15:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2016-10-08 16:51 - 2016-04-17 19:45 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\VMware
2016-10-08 16:51 - 2016-04-17 19:45 - 00000000 ____D C:\Users\Tygan\AppData\Local\VMware
2016-10-06 19:22 - 2016-05-29 23:53 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\TeamViewer
2016-10-06 17:14 - 2016-07-25 15:39 - 00001118 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 11.lnk
2016-10-06 17:14 - 2016-07-25 15:39 - 00001106 _____ C:\Users\Public\Desktop\TeamViewer 11.lnk
2016-10-05 19:26 - 2016-07-13 19:08 - 00000000 ____D C:\Users\Tygan\AppData\Local\Ubisoft Game Launcher
2016-10-03 22:09 - 2016-07-16 13:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-03 22:09 - 2016-07-16 13:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-02 17:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-02 17:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-02 17:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-02 17:23 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-02 17:23 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-02 17:23 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-02 17:22 - 2016-07-17 00:56 - 00000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2016-10-02 17:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-02 17:22 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-10-02 16:18 - 2016-06-25 22:40 - 00000000 ____D C:\Users\Tygan\AppData\Local\SquirrelTemp
2016-09-28 01:25 - 2016-06-25 22:41 - 00000000 ____D C:\Users\Tygan\AppData\Roaming\discord
*
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
*
2016-09-18 00:59 - 2016-09-18 17:16 - 0000000 _____ () C:\Users\Tygan\AppData\Roaming\FileIn.cns
2016-09-18 00:59 - 2016-09-18 17:16 - 0000000 _____ () C:\Users\Tygan\AppData\Roaming\FileOut.cns
2016-10-09 09:18 - 2016-10-09 09:18 - 0001737 _____ () C:\Users\Tygan\AppData\Roaming\log.xml
2016-07-17 23:18 - 2016-07-17 23:18 - 0007656 _____ () C:\Users\Tygan\AppData\Local\Resmon.ResmonCfg
2016-10-25 20:07 - 2016-10-25 20:07 - 0000000 ____H () C:\ProgramData\cm-lock
*
Einige Dateien in TEMP:
====================
C:\Users\Tygan\AppData\Local\Temp\OCLF103.tmp.dll
C:\Users\Tygan\AppData\Local\Temp\OCLF1FF.tmp.dll
C:\Users\Tygan\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Tygan\AppData\Local\Temp\sfareca00001.dll
*
*
==================== Bamital & volsnap ======================
*
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
*
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
*
*
LastRegBack: 2016-10-20 19:33*
==================== Ende von FRST.txt ============================
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 26-10-2016
durchgeführt von Tygan (28-10-2016 01:01:29)
Gestartet von C:\Users\Tygan\Desktop
Windows 10 Pro Version 1607 (X64) (2016-08-03 15:38:07)
Start-Modus: Normal
==========================================================
*
*
==================== Konten: =============================
*
Administrator (S-1-5-21-624198674-977653023-2037852723-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-624198674-977653023-2037852723-503 - Limited - Disabled)
Gast (S-1-5-21-624198674-977653023-2037852723-501 - Limited - Disabled)
Jendrik (S-1-5-21-624198674-977653023-2037852723-1027 - Limited - Enabled) => C:\Users\Jendrik
Tygan (S-1-5-21-624198674-977653023-2037852723-1021 - Administrator - Enabled) => C:\Users\Tygan
*
==================== Sicherheits-Center ========================
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
*
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus 9.0.402.1 (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus 9.0.402.1 (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
*
==================== Installierte Programme ======================
*
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
*
7art Fluorescent Clock © 7art-screensavers.com (HKLM-x32\...\7art Fluorescent Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7art Radiating Clock © 7art-screensavers.com (HKLM-x32\...\7art Radiating Clock Screensaver_is1) (Version: 3.1 - 7art-screensavers.com)
7art-ScreenSavers-Manager © 7art-screensavers.com (HKLM-x32\...\7art-ScreenSavers-Manager_is1) (Version: 4 - 7art-screensavers.com SoftWare Development Studio)
7-Zip 16.00 (x64) (HKLM\...\7-Zip) (Version: 16.00 - Igor Pavlov)
Adobe Shockwave Player 12.1 (HKLM-x32\...\{7E33E883-0D17-4397-A461-B576605E34B1}) (Version: 12.1.6.156 - Adobe Systems, Inc)
AIMP (HKLM-x32\...\AIMP) (Version: v4.11.1841, 09.10.2016 - AIMP DevTeam)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
Core Temp 1.3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.3 - ALCPU)
CrystalDiskInfo 6.8.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.8.2 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0195 - Disc Soft Ltd)
Discord (HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Discord) (Version: 0.0.296 - Hammer & Chisel, Inc.)
Emergency 4 (HKLM-x32\...\{80AE0E0A-5579-4015-9C1A-35F2F2CE5673}) (Version: 1.02.001 - )
ESET NOD32 Antivirus (HKLM\...\{6A816859-EC01-43F5-9EE2-B3B168CC52CB}) (Version: 9.0.386.1 - ESET, spol. s r.o.)
Factorio version 0.12.3 (HKLM\...\Factorio_is1) (Version: *- )
GOG Galaxy (HKLM-x32\...\{7258BA11-600C-430E-A759-27E2C691A335}_is1) (Version: *- GOG.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 54.0.2840.71 - Google Inc.)
Google Drive (HKLM-x32\...\{3D7AB4D4-2E45-4986-BAC5-5B3CEED21FAA}) (Version: 1.32.3592.6117 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
Gpg4win (2.3.1) (HKLM-x32\...\GPG4Win) (Version: 2.3.1 - The Gpg4win Project)
Grand Theft Auto III (HKLM-x32\...\Steam App 12100) (Version: *- Rockstar Games)
Grand Theft Auto San Andreas (HKLM-x32\...\{086BADF8-9B1F-4E89-B207-2EDA520972D6}) (Version: 1.00.00001 - Rockstar Games)
Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version: *- Rockstar Games)
KeePass Password Safe 2.34 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.34 - Dominik Reichl)
K-Lite Codec Pack 6.0.4 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 6.0.4 - )
LibreOffice 5.1.5.2 (HKLM-x32\...\{03E3A5F6-2B2C-4CF6-9C18-FBB28AFA512B}) (Version: 5.1.5.2 - The Document Foundation)
Livestreamer 1.12.2 (HKLM-x32\...\Livestreamer) (Version: *- )
MAGIX Movie Edit Pro 2016 Premium (HKLM\...\MX.{0E64129B-4258-44B9-8034-464C6E28878D}) (Version: 15.0.0.73 - MAGIX Software GmbH)
MAGIX Movie Edit Pro 2016 Premium (Version: 15.0.0.73 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2016 Premium Update (Version: 15.0.0.77 - MAGIX Software GmbH) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 *x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 *x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{3c3aafc8-d898-43ec-998f-965ffdae065a}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package - SE (x64) (HKLM\...\Microsoft Visual J# 2.0 Redistributable Package - SE (x64)) (Version: *- Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC100_CRT_x86 (HKLM-x32\...\{6FDDB201-2CA0-42BD-973F-7B2C4A61EA3F}) (Version: 1.0.0 - Microsoft)
Mozilla Firefox 49.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 49.0.2 (x86 de)) (Version: 49.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 49.0.2.6136 - Mozilla)
Mozilla Thunderbird 45.3.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.3.0 (x86 de)) (Version: 45.3.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
NETGEAR WNA3100M N300 Wireless USB Adapter (HKLM-x32\...\{D3580358-0F78-402A-BE53-2E9D06383E04}) (Version: 1.2.0.6 - NETGEAR)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
puush (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284B}) (Version: 1.0.0.0 - Dean Herbert)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.0 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.0 - VS Revo Group, Ltd.)
RuneScape Launcher 2.2.2 (HKLM\...\RuneScape Launcher_is1) (Version: 2.2.2 - Jagex Ltd)
Sid Meier's Civilization III: Complete (HKLM\...\Steam App 3910) (Version: *- Firaxis Games)
Sid Meier's Civilization IV (HKLM\...\Steam App 3900) (Version: *- Firaxis Games)
Sid Meier's Civilization IV: Beyond the Sword (HKLM\...\Steam App 8800) (Version: *- Firaxis Games)
Sid Meier's Civilization IV: Colonization (HKLM\...\Steam App 16810) (Version: *- Firaxis Games)
Sid Meier's Civilization IV: Warlords (HKLM\...\Steam App 3990) (Version: *- Firaxis Games)
Skype™ 7.29 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.29.102 - Skype Technologies S.A.)
SleepTimer Ultimate 1.3 (HKLM-x32\...\{0EE56463-49B2-45E1-B74F-3E0139DBC986}_is1) (Version: *- Christian Handorf)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: *- )
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Steuer 2015 (HKLM-x32\...\{E262CD3B-8825-4D56-AEF1-5E127F2FBB05}) (Version: 23.00.1146 - Buhl Data Service GmbH)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
Terraria (HKLM-x32\...\Steam App 105600) (Version: *- Re-Logic)
Tropico 4 (HKLM\...\Steam App 57690) (Version: *- Haemimont Games)
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.17 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VMware Workstation (HKLM\...\{F4C0A853-FA3B-4404-954B-799299EB5A98}) (Version: 12.1.1 - VMware, Inc.)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
Wireshark 2.0.5 (64-bit) (HKLM-x32\...\Wireshark) (Version: 2.0.5 - The Wireshark developer community, hxxps://www.wireshark.org)
*
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
*
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1021_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Jendrik\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\FileCoAuth.exe (Microsoft Corporation)
*
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
*
Task: {077D9730-A325-418A-A370-8FDB2AB69740} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-23] (Google Inc.)
Task: {0925C293-A417-4212-97B6-79AA19FA7961} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B75604B-9502-4A48-ADE3-1237E2FBF078} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0CD77EEF-77A1-4F93-BB9B-E9200CE7EDD2} - System32\Tasks\{D5006F34-817C-4DE0-877C-FFF62AEC3502} => pcalua.exe -a D:\AUTORUN.EXE -d D:\
Task: {15D635DD-27BD-4CBB-8FF7-667CA955FEB0} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {1E24BA0C-A9C7-4EB3-B9FC-80BA2F51F025} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2010C5A7-AB3A-49B1-9C74-87670E1563B1} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {28F380A0-0DF8-4D51-B386-871F732C952C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {2AC1ADE9-DD33-422E-A1CB-A893D6A0AC4D} - System32\Tasks\{9C213DAE-C246-4484-90F4-704E34947FA1} => pcalua.exe -a D:\setup.exe -d D:\
Task: {34150056-E698-4C15-A124-37E8DE1AC7C7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {40237349-3DDE-4B82-8440-23FA248D5599} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {5403244C-E898-4F08-895E-F3CA03F79136} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5653A8BA-5766-4972-AFE4-6AF986F39A5A} - System32\Tasks\{A1C0E21F-C04B-4D7F-A3C7-F4A887B38845} => pcalua.exe -a "C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe" -d "C:\Program Files (x86)\ESET\ESET Online Scanner"
Task: {565763B7-74CD-4027-9408-72B0647956E7} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {56F31CE6-6542-4ED2-AD8A-6B1BDE758A4B} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {5804C292-C77C-4BA6-A77B-687BCA77E37D} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ACFA180-BE93-4757-A600-57A61FE79EDC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {66666BC5-008A-46A1-96D6-285393AE992E} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/uninstall.html?aaa=KICMPMOJMMGMJJIMJMLJCNOJHMPMNJCNLMGMGMGMCNGMOMHMKMCNGMLMNMJJLMGMOJJMMMLJKJMMJNJICMIMCNGMCNOMNMFMOMOMCNPMCNGMJMPMPMFMJMCNOMCNIMJMPMOMCNNMJNPICMPMFMFMNMHMJNHICMEKMICNJJCKJNBJCMDLKJCJPMLIHJJNKJCMJNNICMJNDJCMLJKJJNMJCMPMFMPMFMPMJNFI (Der Dateneintrag hat 29 mehr Zeichen).
Task: {6670D31E-C371-47EA-AEBC-DFCB51D7B4B5} - System32\Tasks\Sperrbildschirm => add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\SessionData /t REG_DWORD /v AllowLockScreen /d 0 /f
Task: {6B947FBC-CBFA-49C1-BE7A-76A0EEA3F402} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {726B0AD1-019A-4519-A737-567260356221} - System32\Tasks\CreateExplorerShellUnelevatedTask => /NOUACCHECK
Task: {79A51A49-477E-4F5F-8156-0AC3B0B6EE79} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {7D2FC676-CC2E-44B0-820F-C92183A172FF} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {8C74191A-5503-44AD-8270-915C52BBC428} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {90633838-3B10-43F0-BC61-5C8504498795} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {90AFBFCB-A5D9-4CA2-A58A-95CFFE3A4C90} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {92ED629F-603B-4D58-A644-04F7BB98D4C8} - System32\Tasks\Core Temp Autostart Tygan => C:\Program Files\Core Temp\Core Temp.exe [2016-09-11] ()
Task: {948C723C-F96E-4B20-A39A-9FBCBE0F5F2F} - System32\Tasks\avastBCLRestartS-1-5-21-624198674-977653023-2037852723-1003 => Firefox.exe 
Task: {9958AC97-9AE4-4593-BC43-0FC982D5E833} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9B052FB7-4425-490E-BC1E-4E7554AD627D} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {9EEF6C19-6405-4416-B34E-A560701B7380} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A03E5801-CB80-4C0C-A0E8-F73C97F59AEB} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {A97FEBFA-8C43-4447-B21D-C6897DA374E4} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {AA43015D-35A1-43C5-BE5E-A138B79B3AF1} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B6E6AFBA-338C-44F1-B2A5-FBD198DEC00C} - System32\Tasks\{A4058700-9B97-4117-8851-8B6C3C211F42} => pcalua.exe -a C:\Users\Jendrik\Downloads\jxpiinstall.exe -d C:\Users\Jendrik\Downloads
Task: {B6F44A38-2743-4D90-A4F1-751570CCFEBC} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe [2016-08-25] (Microsoft Corporation)
Task: {B954A2A3-7EA5-47B8-93AB-136A508381A7} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {BF62A763-E716-43FD-8FE9-0C5A5842EDF7} - System32\Tasks\{8E2B0D8E-A7C2-41AB-A0CC-6F1051CCC161} => pcalua.exe -a "C:\Program Files\Codemasters\OperationFlashpoint\OpFlashPreferences.exe" -d "C:\Program Files\Codemasters\OperationFlashpoint"
Task: {C525495D-FB5A-4963-BDEC-4C77CE448931} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-10-12] (Microsoft Corporation)
Task: {C9DE67D1-1BB8-4B1A-AA9D-E0B1199931F8} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CBA0DA7C-9D08-4490-9AD7-B38E02C71747} - System32\Tasks\{197B8FA4-1324-4E58-977E-3387813919D4} => pcalua.exe -a D:\DirectX\dxsetup.exe -d D:\DirectX
Task: {CDE38717-7FCF-49E4-9B48-4D8930E458E0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {DA80726F-9E08-4DF3-B961-7A8A7D20A5C6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E7EAF163-3F7F-44D3-9B80-C8B5F93C8F28} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F1E4FF0B-03E2-4A42-BF69-17E5765E0C20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F6A11EE2-0023-4595-8D9D-F2922462880E} - System32\Tasks\{1A673BBD-E760-48DE-8182-982ABA1E0CD0} => pcalua.exe -a C:\Users\Deus\Downloads\forge-1.8-11.14.1.1361-installer-win.exe -d C:\Users\Deus\Downloads
Task: {F8D69DA4-D5C2-4E9D-930E-2906092F8638} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FB409A52-D98C-4458-BB8A-24EE89EF7A6E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {FC13AE24-50AF-4150-830A-1BA18858E237} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FE639A93-6D40-4961-AC31-1B45E9126512} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {FF4245B5-59A8-403F-B4E5-8A1D3FF865E7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-01-23] (Google Inc.)
Task: {FFF8BFAC-4011-4218-BA7B-C5B42F2008CC} - System32\Tasks\{104B9CA5-EF7D-4A10-ADB6-70F6F3EB62CE} => pcalua.exe -a C:\Users\Deus\Downloads\VMware-workstation-full-11.1.0-2496824.exe -d C:\Users\Deus\Downloads
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
*
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
*
==================== Verknüpfungen =============================
*
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
*
ShortcutWithArgument: C:\Users\Tygan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Lem0th - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
*
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
*
2016-04-05 13:25 - 2016-04-05 13:25 - 00216576 _____ () C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
2014-11-03 19:48 - 2014-08-18 18:50 - 00316120 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvc.exe
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-04-17 15:46 - 2016-09-11 10:19 - 00925160 _____ () C:\Program Files\Core Temp\Core Temp.exe
2016-09-30 22:17 - 2016-09-15 19:25 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-08-25 17:45 - 2016-08-25 17:45 - 01864384 _____ () C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\amd64\ClientTelemetry.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00130048 _____ () C:\WINDOWS\SYSTEM32\CHARTV.dll
2016-05-27 14:19 - 2016-05-27 14:19 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2016-09-14 23:31 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2016-10-11 20:51 - 2016-10-05 11:35 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2012-01-10 14:41 - 2015-05-30 18:26 - 00568904 _____ () C:\Program Files (x86)\puush\puush.exe
2015-02-11 20:57 - 2015-08-10 02:21 - 08276200 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WNA3100M.exe
2016-10-11 20:52 - 2016-10-05 11:21 - 09760256 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-10-11 20:52 - 2016-10-05 11:13 - 01401344 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-11 20:52 - 2016-10-05 11:13 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2016-10-11 20:52 - 2016-10-05 11:13 - 02424832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-10-11 20:53 - 2016-10-05 11:14 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-26 12:50 - 2016-10-26 12:51 - 00055808 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11609.1001.29.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2016-04-05 13:12 - 2016-04-05 13:12 - 00221696 _____ () C:\Program Files (x86)\GNU\GnuPG\libksba-8.dll
2016-04-05 13:01 - 2016-04-05 13:01 - 00050176 _____ () C:\Program Files (x86)\GNU\GnuPG\libw32pth-0.dll
2016-04-05 13:12 - 2016-04-05 13:12 - 00073728 _____ () C:\Program Files (x86)\GNU\GnuPG\libassuan-0.dll
2016-04-05 13:15 - 2016-04-05 13:15 - 00750592 _____ () C:\Program Files (x86)\GNU\GnuPG\libgcrypt-20.dll
2016-04-05 13:06 - 2016-04-05 13:06 - 00087552 _____ () C:\Program Files (x86)\GNU\GnuPG\libgpg-error-0.dll
2016-04-14 17:16 - 2016-04-14 17:16 - 01309768 _____ () C:\Program Files (x86)\VMware\VMware Workstation\libxml2.dll
2014-11-03 19:48 - 2015-07-15 17:26 - 00450560 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiLib.dll
2015-02-11 20:58 - 2014-07-22 11:18 - 00278528 _____ () C:\Program Files (x86)\NETGEAR\WNA3100M\WifiSvcLib.dll
2016-08-25 17:45 - 2016-08-25 17:45 - 01383616 _____ () C:\Users\Tygan\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\ClientTelemetry.dll
2016-10-24 23:57 - 2016-10-20 10:47 - 01819240 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libglesv2.dll
2016-10-24 23:57 - 2016-10-20 10:47 - 00093288 _____ () C:\Program Files (x86)\Google\Chrome\Application\54.0.2840.71\libegl.dll
2016-08-03 19:49 - 2016-09-08 05:14 - 00784672 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2016-08-03 19:49 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2016-08-03 19:49 - 2016-10-13 03:58 - 02321696 _____ () C:\Program Files (x86)\Steam\video.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2016-08-03 19:49 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2016-08-03 19:49 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2016-08-03 19:49 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2016-08-03 19:49 - 2016-10-13 03:58 - 00836896 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2016-08-03 19:49 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-10-14 13:18 - 2016-08-04 22:56 - 49825056 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.winxp\libcef.dll
2016-08-03 19:49 - 2015-09-25 01:52 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
Code:
ATTFilter
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
*
*
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
*
*
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
*
*
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
*
*
==================== Hosts Inhalt: ==========================
*
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
*
2009-07-14 04:34 - 2016-02-24 15:53 - 00001095 ____A C:\WINDOWS\system32\Drivers\etc\hosts
*
127.0.0.1 choice.microsoft.com
127.0.0.1 Choice.microsoft.com.nstac.net
127.0.0.1 Df.telemetry.microsoft.com
127.0.0.1 Oca.telemetry.microsoft.com
127.0.0.1 Oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 Redir.metaservices.microsoft.com
127.0.0.1 Reports.wes.df.telemetry.microsoft.com
127.0.0.1 Services.wes.df.telemetry.microsoft.com
127.0.0.1 Settings-sandbox.data.microsoft.com
127.0.0.1 Sqm.df.telemetry.microsoft.com
127.0.0.1 Sqm.telemetry.microsoft.com
127.0.0.1 Sqm.telemetry.microsoft.com.nsatc.net
127.0.0.1 Telecommand.telemetry.microsoft.com
127.0.0.1 Telecommand.telemetry.microsoft.com.nsatc.net
127.0.0.1 Telemetry.appex.bing.net
127.0.0.1 Telemetry.appex.bing.net:443
127.0.0.1 Telemetry.microsoft.com
127.0.0.1 Telemetry.urs.microsoft.com
127.0.0.1 Vortex-sandbox.data.microsoft.com
127.0.0.1 Vortex-win.data.microsoft.com
127.0.0.1 Vortex.data.microsoft.com
127.0.0.1 Watson.telemetry.microsoft.com
127.0.0.1 Watson.telemetry.microsoft.com.nsatc.net
127.0.0.1 apps.skype.com
127.0.0.1 apps.spotify.com
*
==================== Andere Bereiche ============================
*
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
*
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-624198674-977653023-2037852723-1021\Control Panel\Desktop\\Wallpaper -> c:\users\tygan\appdata\roaming\mozilla\firefox\desktop-hintergrund.bmp
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> c:\users\tygan\appdata\roaming\mozilla\firefox\desktop-hintergrund.bmp
HKU\S-1-5-21-624198674-977653023-2037852723-1027-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Jendrik\Pictures\Saved Pictures\askwallpapers.com-43185.jpg
HKU\S-1-5-21-624198674-977653023-2037852723-500-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
*
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
*
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: MF NTFS Monitor => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: rpcapd => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Dropbox"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A4E4554F4E7E4C46D94738AFC6CF13"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "SecureBanking"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "pCloud"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-624198674-977653023-2037852723-1021\...\StartupApproved\Run: => "GalaxyClient"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleChromeAutoLaunch_F9A4E4554F4E7E4C46D94738AFC6CF13"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "ISUSPM Startup"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "SecureBanking"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GoogleDriveSync"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "pCloud"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-624198674-977653023-2037852723-1021-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\StartupApproved\Run: => "GalaxyClient"
*
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
*
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
*
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{E60AE206-2D55-4AE2-BE03-1329312FD0F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{378394AB-9822-4122-8E55-E3995F4CA54A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{777B1491-5F7F-41B3-88A0-E196B3EAFCC0}] => (Block) C:\Program Files\MAGIX\Movie Edit Pro 2016 Premium\Videodeluxe.exe
FirewallRules: [{D27C7C8E-1B14-45CA-B1D5-1CE4ECCE5D37}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe
FirewallRules: [{A42BE9C8-851B-4EF6-AEEF-811D2922A9E2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Beyond the Sword\Beyond the Sword\Civ4BeyondSword.exe
FirewallRules: [{88B80F2A-4D2D-4167-B2DB-274A064167AF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe
FirewallRules: [{3D971F71-8933-43F4-ABF0-1D0FAFA5D112}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords_PitBoss.exe
FirewallRules: [{AC68BEBD-FB95-4821-96F5-D051F3C7570F}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe
FirewallRules: [{AB8027AA-30D9-418F-933C-E9C1E46F1131}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV Warlords\Warlords\Civ4Warlords.exe
FirewallRules: [{5CA233AE-05C8-43E9-B286-450B6F760564}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe
FirewallRules: [{50A6CFBE-9E49-42AC-9709-23D26F9C4577}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Civilization IV Colonization\Colonization.exe
FirewallRules: [{3C38DAF4-FB24-44EF-878A-F4A6C9C03B8E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{109A825B-BFD3-4938-AC47-369D022FF258}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization IV\Civilization4.exe
FirewallRules: [{B44C3290-9BDF-4139-8560-92E46110C1C1}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\Factorio.exe
FirewallRules: [{BF63379B-841E-4B1F-BBA1-A06987AD092E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Factorio Demo\bin\x64\Factorio.exe
FirewallRules: [UDP Query User{7FC55172-7B01-4F4C-8E97-01BD9B41FF9F}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{C37E1485-FA69-404E-9B3C-CAB73BFD5045}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{1DB619F2-55EB-458A-A1F0-CC69931D7953}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [TCP Query User{CF1861DC-4799-410C-8AE7-FB60D285C243}C:\program files\java\jre1.8.0_91\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_91\bin\javaw.exe
FirewallRules: [UDP Query User{1B73E9FF-F469-4B8D-888C-CA465E90CCA3}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{816974BA-CA0A-4943-9878-2EC7BEE898A6}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{8CA8EC04-3441-45AD-9C88-62454794DE5E}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [TCP Query User{1BE7434B-A126-4C66-AA5D-1AD1CD895E4E}C:\program files\java\jre1.8.0_73\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_73\bin\javaw.exe
FirewallRules: [UDP Query User{26D9069E-74CF-4BB8-BB4E-B9A4F160A93B}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{9EBF9B06-1E53-4968-8D45-64E7F5AB85D4}C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\terraria\terrariaserver.exe
FirewallRules: [UDP Query User{4AD96FA5-D0F1-4A80-B277-A8EC07B1095B}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [TCP Query User{1C83C5A9-CB4A-4E20-8FA2-A55AD8A8AD85}C:\program files\java\jre1.8.0_71\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\java.exe
FirewallRules: [{E6972D16-0AC3-4BC9-B47C-514B7F426CB7}] => (Block) C:\Program Files\MAGIX\Movie Edit Pro 2016 Premium\Videodeluxe.exe
FirewallRules: [UDP Query User{1281CC9F-65AC-4C51-899F-6F497D4741B1}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [TCP Query User{A0D57D79-90D4-4328-A541-14045F7C2F3A}C:\program files\java\jre1.8.0_71\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_71\bin\javaw.exe
FirewallRules: [UDP Query User{87795A95-AC95-41A5-B44D-0FC8B98692F7}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{49D22B15-CEAC-4B61-B0DB-ADB5DD1DBD3B}C:\program files\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{460DAE00-1A73-4C21-88E5-DF8586370FE8}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{5E58BCBA-2A54-42BA-9272-F8FC180D0541}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [UDP Query User{FEB90422-50BF-4BBC-9C67-1CA183385D2A}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [TCP Query User{2E56E230-0344-4E6A-A98B-DB52242916A6}C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_66\bin\javaw.exe
FirewallRules: [{ABD9AFF4-0930-4994-A760-3A0541789D0A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{1070E7AE-683B-4575-AE32-64B778CEA047}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Terraria\Terraria.exe
FirewallRules: [{CA1EF5BB-0368-4FDB-B4D7-A96D85334062}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{F930D29C-5362-4EE2-99B9-D74E90CF26FC}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [UDP Query User{9AAF3CFF-DD7A-497A-BE2F-F9EFB4709A44}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{CBCA0539-E485-4FB4-BF53-DEB504D29C8C}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{C6C52E2C-A3B4-4AD8-AEB5-CC968831FC3E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{93D428DF-D9C1-4E3D-A833-119E7AD19B5F}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{E2BF7FA6-5490-4AD5-9649-9CEADB98B4C6}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{59343DAA-AC50-4FC2-8130-AFAAD277F5B4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{F425035C-FBD1-4846-BDC4-AE2E1A8F6BD6}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{C5BED132-D2F1-4B49-8E1C-89BA784920F2}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{4A4247F5-9F6F-4FBE-AE9A-6856E2C09127}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{8275ADA2-E5C4-49CD-8056-9491007BA7D8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{54B2336C-4F2A-4C84-8028-6A77EF4C8E56}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{EC32C821-96C4-41F2-BD9A-609FEFA5B42F}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{D204B75D-FE2F-452A-A067-DBA89935BD82}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{902F54A4-0F65-4C67-91EA-EC5BFBEEE553}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{A24E337A-91EB-489C-82A0-4CA2CCEBA69D}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{FC5CEB87-E833-4592-8760-3780D7556624}C:\users\l14d\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\l14d\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9EBBE327-BE32-4380-9CBC-88C1AD733278}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{6236CC6A-BAC1-4844-B52D-4F058E166D63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [TCP Query User{EE24100D-05F1-4FDC-B0FB-55A8BF1B4487}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{98E01700-645C-4C9A-9952-5BF89CBCF7CB}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{4B8C2D2F-48DE-4603-A1B7-651D9094521E}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{B808CC0C-4968-48F4-9BE7-084EF520E631}C:\users\johnny\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\johnny\appdata\roaming\spotify\spotify.exe
FirewallRules: [{06645459-E8FE-460B-9788-FE0E7710DD9A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{3BB40C19-F2EA-4690-B6BB-367E7C2C263A}C:\users\tygan\desktop\utox64.exe] => (Allow) C:\users\tygan\desktop\utox64.exe
FirewallRules: [UDP Query User{AF48CB2B-A69C-4CF2-B462-881C4995E614}C:\users\tygan\desktop\utox64.exe] => (Allow) C:\users\tygan\desktop\utox64.exe
FirewallRules: [{CC5F2C28-7374-4AED-9D91-90C23E4FBB56}] => (Allow) %ProgramFiles% (x86)\Steam\Steam.exe
FirewallRules: [{3C26B0A2-E042-47DB-90D4-9F81BC82B2CC}] => (Allow) %ProgramFiles% (x86)\Mozilla Thunderbird\thunderbird.exe
FirewallRules: [{021008C2-F369-4EC7-A04F-B64627B642D6}] => (Allow) %ProgramFiles% (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CFD36A9-C245-4D8B-BCE4-B97CFBC7E2E3}] => (Allow) %ProgramFiles% (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{A42A4ACF-AFF2-4FE1-B6E7-01E1B0D51AD6}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{FA3668CF-4DB9-442E-8FD0-BEA511AF5C28}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-authd.exe
FirewallRules: [{10002992-5381-4F7E-A8E3-F9AC916948F0}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [{1A0E3CA8-C531-4491-9CC0-85423CB2DCB8}] => (Allow) C:\Program Files (x86)\VMware\VMware Workstation\vmware-hostd.exe
FirewallRules: [TCP Query User{CCB62BA7-C113-4531-B50E-640CD87BB559}C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe] => (Block) C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe
FirewallRules: [UDP Query User{33C0DCE6-0B9C-4CBA-AF03-8E1E16C6D5E3}C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe] => (Block) C:\program files (x86)\sixteen tons entertainment\emergency 4\em4.exe
FirewallRules: [{744C119E-95E6-45E9-9D1B-C5B0C2DED0C3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{E3FA991D-9810-466F-9656-15F57B069853}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Tropico 4\Tropico4.exe
FirewallRules: [{52BCE2DD-BE9B-4D83-94DC-518971B48B41}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{6108EBF8-5249-4288-8E76-82B630A50267}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization III Complete\Conquests\Civ3Conquests.exe
FirewallRules: [{570422B8-0DA1-4ED4-9AF5-B3C0CB2218A7}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{F68498C4-1C82-46BF-A645-3429352A92A0}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{DE432B9C-B9B8-484E-92F4-420DB4569043}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{BC9350F7-BEDB-4808-995E-02C045262D71}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
FirewallRules: [{D39CE7E7-9A84-4D48-A6CD-950B7A709948}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{0AD4EE55-F182-4650-B77C-B0AA0CC77498}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{782A129E-D7B8-4D5F-84C3-5B942E514135}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{97F0C4C6-8E0B-47A1-93A9-FE98D28FAD5B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{4B08A4B8-7066-457B-8854-5622FFC641A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
*
==================== Wiederherstellungspunkte =========================
*
20-10-2016 02:35:17 Installed LibreOffice 5.1.5.2
*
==================== Fehlerhafte Geräte im Gerätemanager =============
*
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
*
Name: PS/2-Standardtastatur
Description: PS/2-Standardtastatur
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
*
*
==================== Fehlereinträge in der Ereignisanzeige: =========================
*
Applikationsfehler:
==================
Error: (10/28/2016 12:24:53 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_MapsBroker, Version: 10.0.14393.0, Zeitstempel: 0x57899b1c
Name des fehlerhaften Moduls: mapsbtsvc.dll, Version: 10.0.14393.187, Zeitstempel: 0x57cf9ec8
Ausnahmecode: 0x8400000a
Fehleroffset: 0x00000000000023d4
ID des fehlerhaften Prozesses: 0x259c
Startzeit der fehlerhaften Anwendung: 0x01d230a06f022ede
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\svchost.exe
Pfad des fehlerhaften Moduls: c:\windows\system32\mapsbtsvc.dll
Berichtskennung: 0777afb1-fe40-4e56-852b-7d8a71287e53
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
*
Error: (10/27/2016 06:12:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
*
Error: (10/27/2016 06:12:40 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL ASP.NET_1.1.4322 kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
*
Error: (10/26/2016 05:38:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 49.0.2.6136, Zeitstempel: 0x5807c043
Name des fehlerhaften Moduls: mozglue.dll, Version: 49.0.2.6136, Zeitstempel: 0x5807b9a7
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e83e
ID des fehlerhaften Prozesses: 0x64c
Startzeit der fehlerhaften Anwendung: 0x01d22f9edf59269a
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 801a007a-6037-4a52-b9c5-20d7d7c56269
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
*
Error: (10/26/2016 03:16:28 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.
*
Error: (10/26/2016 12:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: plugin-container.exe, Version: 49.0.2.6136, Zeitstempel: 0x5807c043
Name des fehlerhaften Moduls: mozglue.dll, Version: 49.0.2.6136, Zeitstempel: 0x5807b9a7
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000e83e
ID des fehlerhaften Prozesses: 0x141c
Startzeit der fehlerhaften Anwendung: 0x01d22f0d4afb5636
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 37ccbcb1-246f-4207-a377-71512cbb5b4a
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
*
Error: (10/25/2016 04:53:52 PM) (Source: Perflib) (EventID: 1010) (User: )
Description: Die Collect-Prozedur für den "C:\Windows\System32\winspool.drv"-Dienst in der DLL "Spooler" hat eine Ausnahme verursacht oder einen ungültigen Status zurückgegeben. Die von der Leistungsindikatoren-DLL zurückgegebenen Leistungsdaten werden nicht im Perf Data Block zurückgegeben. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Ausnahmecode oder den Statuscode.
*
Error: (10/25/2016 04:53:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
*
Error: (10/25/2016 04:53:51 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Die erweiterbare Leistungsindikator-DLL ASP.NET_1.1.4322 kann nicht geladen werden. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Windows-Fehlercode.
*
Error: (10/25/2016 11:55:12 AM) (Source: Microsoft-Windows-EFS) (EventID: 4401) (User: COMPUTER-128234)
Description: 7.488: Der EFS-Dienst*konnte keinen Benutzer für „Unternehmensdatenschutz“ bereitstellen. Fehlercode: 0x80070005.
*
*
Systemfehler:
=============
Error: (10/28/2016 01:04:51 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/28/2016 01:02:51 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler
*
Error: (10/28/2016 12:49:11 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/28/2016 12:47:11 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler
*
Error: (10/28/2016 12:39:07 AM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/28/2016 12:37:07 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler
*
Error: (10/28/2016 12:24:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Manager für heruntergeladene Karten" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
*
Error: (10/27/2016 05:42:42 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
*und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
*im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
*
Error: (10/27/2016 02:01:27 PM) (Source: DCOM) (EventID: 10010) (User: COMPUTER-128234)
Description: Der Server "{37998346-3765-45B1-8C66-AA88CA6B20B8}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
*
Error: (10/27/2016 01:59:27 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Plattformdienst für verbundene Geräte" wurde mit folgendem Fehler beendet: 
Unbekannter Fehler
*
*
CodeIntegrity:
===================================
* Date: 2016-08-16 19:43:08.880
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:43:08.878
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:43:08.600
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:43:08.472
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\x86_microsoft-windows-utilman_31bf3856ad364e35_10.0.10586.0_none_3310acc4233710cd\Utilman.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:57.720
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:57.162
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:57.144
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
* Date: 2016-08-16 19:41:56.389
* Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\WINDOWS\WinSxS\wow64_windows-devices-perception_31bf3856ad364e35_10.0.10586.0_none_5c4fdcd072d3b010\Windows.Devices.Perception.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
*
*
==================== Speicherinformationen =========================== 
*
Prozessor: Intel(R) Core(TM)2 Duo CPU E7300 @ 2.66GHz
Prozentuale Nutzung des RAM: 84%
Installierter physikalischer RAM: 4094.18 MB
Verfügbarer physikalischer RAM: 615.38 MB
Summe virtueller Speicher: 8446.18 MB
Verfügbarer virtueller Speicher: 1360.23 MB
*
==================== Laufwerke ================================
*
Drive c: (System) (Fixed) (Total:390.09 GB) (Free:207.49 GB) NTFS
Drive y: (Volume) (Fixed) (Total:75.14 GB) (Free:75.04 GB) NTFS
*
==================== MBR & Partitionstabelle ==================
*
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 933BC6BB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=390.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=75.1 GB) - (Type=OF Extended)
*
==================== Ende von Addition.txt ============================
Soll ich den Langen ESET Scan Log auch nochmal hinzufügen?

 

Themen zu JS/SecurityDisabler.B
angezeigt, angucken, anhänge, anhängen, aufklärung, bearbeitung, bereinigung, eset, folge, folgender, forum, freue, gemeldet, gucken, https, hänge, hängen, js/securitydisabler.b, log, log's, meldung, nicht, thema, thread, warnung


« 'EXP/FLASH.Pubenush.W.Gen [exploit]' | System seit einiger Zeit instabil und langsam »


Zum Thema JS/SecurityDisabler.B - Code: Alles auswählen Aufklappen ATTFilter ==================== Ein Monat: Geänderte Dateien und Ordner ======== * (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) * 2016-10-28 00:39 - JS/SecurityDisabler.B...
Archiv
Du betrachtest: JS/SecurityDisabler.B auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131