|
Log-Analyse und Auswertung: Windows 7: Firefox öffnet automatisch WerbeseitenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
21.07.2017, 22:46 | #1 |
| Windows 7: Firefox öffnet automatisch Werbeseiten Vor ein paar Tagen hat sich ne Scamseite geöffnet, in der ne Stimme sagte mein Windows ist infiziert und ich solle bei der angezeigten Nummer anrufen. habe ich natürlich nicht gemacht. Dabei wurde auch der gesamte Firefox eingefroren, den ich dann über den Taskmanager gekillt habe. So nun tauchen aber immer wieder Werbepopups auf, wenn ich auf einen beliebigen Link auf einer beliebigen Seite klicke. Ich hab Sophos AV rüberlaufen lassen der hat folgendes gefunden: "C:\Users\CHRIS\AppData\Local\Temp\is-H5V2H.tmp\4cLSSRJHnR.dll" gehört zu Adware/PUA 'Generic PUA BI' (Typ Andere). Datei wurde schon entfernt, Problem besteht allerdings immernoch. Ich hoffe ihr könnt mir helfen und vielen Dank in vorraus. FRST.txt: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017 durchgeführt von CHRIS (Administrator) auf CHRIS-PC (21-07-2017 22:51:38) Gestartet von D:\Downloads Geladene Profile: CHRIS (Verfügbare Profile: CHRIS) Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: FF) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCDBLog.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiESNAC.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiSSLVPNdaemon.exe (Novell, Inc.) C:\Program Files\Novell\Client\XTier\Services\xtsvcmgr.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe () C:\Program Files\Novell\Client\cusrvc.exe (Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe (Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe () C:\Program Files (x86)\NetTime\NetTimeService.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Limited) C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Sophos Limited) C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Windscribe Limited) C:\Program Files (x86)\Windscribe\WindscribeService.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FCHelper64.exe (Fortinet Inc.) C:\Program Files (x86)\Fortinet\FortiClient\FortiTray.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft LifeChat\LifeChat.exe (Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe (Cambridge Silicon Radio Limited) C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe (GitHub, Inc.) C:\Program Files\Storj Share\Storj Share.exe () D:\xampp\xampp-control.exe (Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe (Sophos Limited) C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe () C:\Program Files (x86)\NetTime\NetTime.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (GitHub, Inc.) C:\Program Files\Storj Share\Storj Share.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (GitHub, Inc.) C:\Program Files\Storj Share\Storj Share.exe (Apache Software Foundation) D:\xampp\apache\bin\httpd.exe () D:\xampp\mysql\bin\mysqld.exe (GitHub, Inc.) C:\Program Files\Storj Share\Storj Share.exe (Apache Software Foundation) D:\xampp\apache\bin\httpd.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (GitHub, Inc.) C:\Program Files\Storj Share\Storj Share.exe ==================== Registry (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1806136 2015-08-11] (NVIDIA Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor) HKLM\...\Run: [LifeChat] => C:\Program Files\Microsoft LifeChat\LifeChat.exe [371712 2009-09-24] (Microsoft Corporation) HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-26] (Logitech, Inc.) HKLM\...\Run: [CsrHCRPServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe [1134288 2012-03-22] (Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrAudioguiCtrl] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe [511696 2012-03-22] (Cambridge Silicon Radio Limited) HKLM\...\Run: [CsrSyncMLServer] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe [244944 2012-03-22] () HKLM\...\Run: [vksts] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe [25792 2012-03-22] (Cambridge Silicon Radio Limited) HKLM\...\Run: [HarmonyUserStartup] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe [39128 2012-03-22] (Cambridge Silicon Radio Limited) HKLM\...\Run: [TrayApplication] => C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe [529616 2012-03-22] (Cambridge Silicon Radio Limited) HKLM\...\Run: [CSRHarmonySkypePlugin] => C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe [146656 2012-03-22] (Cambridge Silicon Radio Limited) HKLM-x32\...\Run: [Sophos AutoUpdate Monitor] => C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe [1481256 2017-04-25] (Sophos Limited) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation) HKLM-x32\...\Run: [NetTime] => C:\Program Files (x86)\NetTime\NetTime.exe [772096 2012-05-12] () Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.) HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9866968 2017-05-19] (Piriform Ltd) HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\Run: [STORJ] => C:\Program Files\Storj Share\Storj Share.exe [81295352 2017-07-07] (GitHub, Inc.) HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\Run: [XAMPP] => D:\xampp\xampp-control.exe [3367424 2016-12-14] () HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\MountPoints2: {d7bd90d4-63b2-11e6-9b90-00090ffe0001} - F:\HTC_Sync_Manager_PC.exe AppInit_DLLs: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured_x64.dll [235928 2017-04-25] (Sophos Limited) AppInit_DLLs-x32: C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\sophos_detoured.dll [207864 2017-04-25] (Sophos Limited) Lsa: [Authentication Packages] msv1_0 ncv1_0 ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Winsock: Catalog9 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp.dll [139832 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 01 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 02 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 03 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 04 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 05 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 06 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 07 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 08 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Winsock: Catalog9-x64 19 C:\ProgramData\Sophos\Web Intelligence\swi_ifslsp_64.dll [198016 2017-04-25] (Sophos Limited) Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{0FCEE1B0-A9BD-4557-B06B-5077249970ED}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{299C34CA-5E72-435C-8454-5B6D0E00510A}: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{4D6DD3DB-CD6C-4AE0-8CCD-094FD0682C0F}: [DhcpNameServer] 10.111.102.1 Internet Explorer: ================== BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-07-16] (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-05-21] (Oracle Corporation) BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2017-07-16] (Microsoft Corporation) BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-07-16] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-21] (Oracle Corporation) BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-07-16] (Microsoft Corporation) BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-26] (Logitech, Inc.) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL [2017-07-16] (Microsoft Corporation) BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-07-16] (Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-16] (Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-16] (Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-16] (Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-07-16] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2011-01-19] (Skype Technologies) FireFox: ======== FF ProfilePath: C:\Users\CHRIS\AppData\Roaming\Pencil\Profiles\l7pbxjzx.default [2016-07-11] FF ProfilePath: C:\Users\CHRIS\AppData\Roaming\Mozilla\Firefox\Profiles\55h82wpc.default-1453929129200 [2017-07-21] FF Homepage: Mozilla\Firefox\Profiles\55h82wpc.default-1453929129200 -> hxxps://www.startpage.com/eng/?op=ta&prf=b135a495c9a89023831a4c2d6dc20a93#hmb FF Extension: (Adblock Plus) - C:\Users\CHRIS\AppData\Roaming\Mozilla\Firefox\Profiles\55h82wpc.default-1453929129200\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08] FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-08-03] [ist nicht signiert] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-11] () FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-21] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-21] (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-11] () FF Plugin-x32: @FortinetCacheClean -> C:\Program Files (x86)\Fortinet\FortiClient\npccplugin.dll [2016-06-23] (Fortinet Inc.) FF Plugin-x32: @FortinetCacheCleanEx -> C:\Program Files (x86)\Fortinet\FortiClient\npccpluginex.dll [2016-06-23] (Fortinet Inc.) FF Plugin-x32: @FortinetTunnelControl -> C:\Program Files (x86)\Fortinet\FortiClient\nptcplugin.dll [2016-06-23] (Fortinet Inc.) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei] FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-16] (Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-07-16] (Microsoft Corporation) FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-08-07] (NVIDIA Corporation) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.) FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\123058814.js [2017-07-18] <==== ACHTUNG (Zeigt auf eine *.cfg Datei) FF ExtraCheck: C:\Program Files\mozilla firefox\123058814.cfg [2017-07-18] <==== ACHTUNG Chrome: ======= CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx ==================== Dienste (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1536520 2017-05-09] () R2 BtSwitcherService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [64216 2012-03-22] (Cambridge Silicon Radio Limited) S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2017-03-30] (Microsoft Corporation) R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3705536 2017-07-03] (Microsoft Corporation) R2 CSRBtAudioService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [465624 2012-03-22] (Cambridge Silicon Radio Limited) R2 CsrBtOBEX-Dienst; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [1041616 2012-03-22] (Cambridge Silicon Radio Limited) R2 CsrBtService; C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [825032 2012-03-22] (Cambridge Silicon Radio Limited) R2 cusrvc; C:\Program Files\Novell\Client\cusrvc.exe [109240 2014-11-17] () S3 Disc Soft Lite Bus Service; D:\Programme64\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd) R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation) R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2015-03-25] (SEIKO EPSON CORPORATION) R2 FA_Scheduler; C:\Program Files (x86)\Fortinet\FortiClient\scheduler.exe [110098 2016-06-23] (Fortinet Inc.) [Datei ist nicht signiert] R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2017-01-06] (Microsoft Corporation) R2 NetTimeSvc; C:\Program Files (x86)\NetTime\NetTimeService.exe [473088 2012-05-12] () [Datei ist nicht signiert] R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [246488 2013-06-18] (Realtek Semiconductor) R2 SAVAdminService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe [229664 2017-04-25] (Sophos Limited) R2 SAVService; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe [200064 2017-04-25] (Sophos Limited) R2 SntpService; C:\Program Files\Sophos\Sophos Network Threat Protection\bin\SntpService.exe [901248 2016-04-14] (Sophos Limited) R2 Sophos AutoUpdate Service; C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe [761696 2017-04-25] (Sophos Limited) R2 sophossps; C:\Program Files (x86)\Sophos\Sophos System Protection\ssp.exe [2499872 2017-02-02] (Sophos Limited) R2 swi_service; C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe [3644368 2017-04-25] (Sophos Limited) S2 swi_update_64; C:\ProgramData\Sophos\Web Intelligence\swi_update_64.exe [2121216 2017-04-25] (Sophos Limited) S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [139264 2017-01-05] (Microsoft Corporation) [Datei ist nicht signiert] S3 VSStandardCollectorService150; C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [128232 2017-02-08] (Microsoft Corporation) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 WindscribeService; C:\Program Files (x86)\Windscribe\WindscribeService.exe [71272 2017-05-09] (Windscribe Limited) S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.0.5\WsAppService.exe [411648 2016-03-31] (Wondershare) [Datei ist nicht signiert] R2 XTSvcMgr; C:\Program Files\Novell\Client\XTier\Services\XTSvcMgr.exe [49336 2014-11-17] (Novell, Inc.) ===================== Treiber (Nicht auf der Ausnahmeliste) ====================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) S3 AX88772B; C:\Windows\System32\DRIVERS\ax88772b.sys [124936 2015-05-27] (ASIX Electronics Corp.) S3 CsrBtPort; C:\Windows\System32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrpan; C:\Windows\System32\DRIVERS\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrserial; C:\Windows\System32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited) S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited) R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2016-07-05] (Disc Soft Ltd) R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2016-07-05] (Disc Soft Ltd) R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [488216 2014-02-03] (Intel Corporation) S3 fortiapd; C:\Windows\System32\drivers\fortiapd.sys [18000 2016-06-23] (Fortinet Inc) R1 FortiFilter; C:\Windows\System32\DRIVERS\FortiFilter.sys [25312 2014-12-11] (Fortinet Inc) S1 FortiFW; C:\Windows\System32\drivers\FortiFW2.sys [37456 2016-06-23] (Fortinet Inc) S3 Fortips; C:\Windows\System32\drivers\fortips.sys [147536 2016-06-23] (Fortinet Inc) S3 fortisniff; C:\Windows\System32\drivers\fortisniff2.sys [40016 2016-06-23] (Fortinet Inc) R3 ft_vnic; C:\Windows\System32\DRIVERS\ftvnic.sys [16928 2011-03-21] (Fortinet Inc.) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [129312 2014-09-30] (Intel Corporation) R0 NCFilter; C:\Windows\System32\DRIVERS\NCFilter.sys [112312 2014-11-17] () R2 NCFSD; C:\Program Files\Novell\Client\XTier\Drivers\ncfsd.sys [129208 2014-11-17] () R2 NCIOCTL; C:\Program Files\Novell\Client\XTier\Drivers\ncioctl.sys [91320 2014-11-17] () R0 NCRecognizer; C:\Windows\System32\DRIVERS\NCRecognizer.sys [121016 2014-11-17] () R0 NCUncFilter; C:\Windows\System32\DRIVERS\NCUncFilter.sys [27320 2014-11-17] () S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [1617472 2011-04-28] (Ralink Technology Corp.) R1 NICM; C:\Program Files\Novell\Client\XTier\Drivers\nicm.sys [32952 2014-11-17] (Novell, Inc.) R3 pppop; C:\Windows\System32\DRIVERS\pppop64.sys [54344 2016-03-29] (Fortinet Inc.) R1 SAVOnAccess; C:\Windows\System32\DRIVERS\savonaccess.sys [199552 2017-04-25] (Sophos Limited) R2 sntp; C:\Windows\System32\DRIVERS\sntp.sys [116144 2016-04-14] (Sophos Limited) R0 Sophos Endpoint Defense; C:\Windows\System32\DRIVERS\SophosED.sys [200760 2017-02-02] (Sophos Limited) S4 SophosBootDriver; C:\Windows\System32\DRIVERS\SophosBootDriver.sys [45840 2017-04-25] (Sophos Limited) R3 tapwindscribe0901; C:\Windows\System32\DRIVERS\tapwindscribe0901.sys [45560 2017-04-21] (The OpenVPN Project) R1 VBoxNetAdp; C:\Windows\System32\DRIVERS\VBoxNetAdp6.sys [131144 2017-04-28] (Oracle Corporation) R1 VBoxNetLwf; C:\Windows\System32\DRIVERS\VBoxNetLwf.sys [205952 2017-04-28] (Oracle Corporation) U3 nccache; C:\Program Files\Novell\Client\XTier\Drivers\nccache.sys [63672 2014-11-17] (Novell, Inc.) U3 nciom; C:\Program Files\Novell\Client\XTier\Drivers\nciom.sys [82616 2014-11-17] (Novell, Inc.) U3 ncp; C:\Program Files\Novell\Client\XTier\Drivers\ncp.sys [81592 2014-11-17] (Novell, Inc.) U3 ncpfsp; C:\Program Files\Novell\Client\XTier\Drivers\ncpfsp.sys [117432 2014-11-17] (Novell, Inc.) U3 ncpl; C:\Program Files\Novell\Client\XTier\Drivers\ncpl.sys [50360 2014-11-17] (Novell, Inc.) U3 ndm; C:\Program Files\Novell\Client\XTier\Drivers\ndm.sys [20664 2014-11-17] (Novell, Inc.) U3 ndmndap; C:\Program Files\Novell\Client\XTier\Drivers\ndmndap.sys [84664 2014-11-17] (Novell, Inc.) U3 niam; C:\Program Files\Novell\Client\XTier\Drivers\niam.sys [40120 2014-11-17] (Novell, Inc.) U3 nipctl; C:\Program Files\Novell\Client\XTier\Drivers\nipctl.sys [58552 2014-11-17] (Novell, Inc.) U3 nscm; C:\Program Files\Novell\Client\XTier\Drivers\nscm.sys [39608 2014-11-17] (Novell, Inc.) U3 nsns; C:\Program Files\Novell\Client\XTier\Drivers\nsns.sys [29880 2014-11-17] (Novell, Inc.) U3 nsvccost; C:\Program Files\Novell\Client\XTier\Drivers\nsvccost.sys [37048 2014-11-17] (Novell, Inc.) U3 xtxplat; C:\Program Files\Novell\Client\XTier\Drivers\xtxplat.sys [60600 2014-11-17] (Novell, Inc.) ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-21 22:50 - 2017-07-21 22:51 - 00000000 ____D C:\FRST 2017-07-21 20:02 - 2017-07-21 20:02 - 00000942 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2017-07-21 20:02 - 2017-07-21 20:02 - 00000930 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2017-07-21 20:02 - 2017-07-21 20:02 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2017-07-21 19:13 - 2017-07-21 19:13 - 00000000 ____D C:\Users\CHRIS\.ethash 2017-07-21 19:09 - 2017-07-21 19:09 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\Parity 2017-07-21 19:09 - 2017-07-21 19:09 - 00000000 ____D C:\Users\CHRIS\AppData\Local\Parity 2017-07-21 19:09 - 2017-07-21 19:09 - 00000000 ____D C:\Program Files\Ethcore 2017-07-21 18:47 - 2017-07-21 18:47 - 00000000 ____D C:\Users\CHRIS\AppData\Local\Apps\2.0 2017-07-21 17:53 - 2017-07-21 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetTime 2017-07-21 17:53 - 2017-07-21 17:53 - 00000000 ____D C:\Program Files (x86)\NetTime 2017-07-19 14:13 - 2017-07-19 14:13 - 00000000 ____D C:\Users\CHRIS\Desktop\Studienarbeit 2017-07-12 15:43 - 2017-07-12 15:43 - 00000168 _____ C:\Users\CHRIS\Desktop\Praktikum_Beginn.txt 2017-07-12 09:59 - 2017-07-06 06:56 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys 2017-07-12 09:59 - 2017-06-30 06:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2017-07-12 09:59 - 2017-06-30 05:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll 2017-07-12 09:59 - 2017-06-30 04:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll 2017-07-12 09:59 - 2017-06-30 04:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe 2017-07-12 09:59 - 2017-06-30 04:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe 2017-07-12 09:59 - 2017-06-30 04:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll 2017-07-12 09:59 - 2017-06-30 04:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe 2017-07-12 09:59 - 2017-06-30 04:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll 2017-07-12 09:59 - 2017-06-30 04:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll 2017-07-12 09:59 - 2017-06-30 04:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe 2017-07-12 09:59 - 2017-06-30 04:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe 2017-07-12 09:59 - 2017-06-30 04:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe 2017-07-12 09:59 - 2017-06-30 04:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll 2017-07-12 09:59 - 2017-06-29 08:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2017-07-12 09:59 - 2017-06-29 08:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2017-07-12 09:59 - 2017-06-29 08:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2017-07-12 09:59 - 2017-06-29 08:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2017-07-12 09:59 - 2017-06-29 08:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2017-07-12 09:59 - 2017-06-29 08:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2017-07-12 09:59 - 2017-06-29 08:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2017-07-12 09:59 - 2017-06-29 08:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2017-07-12 09:59 - 2017-06-29 08:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2017-07-12 09:59 - 2017-06-29 07:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2017-07-12 09:59 - 2017-06-29 07:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2017-07-12 09:59 - 2017-06-29 07:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2017-07-12 09:59 - 2017-06-29 07:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2017-07-12 09:59 - 2017-06-29 07:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2017-07-12 09:59 - 2017-06-29 07:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2017-07-12 09:59 - 2017-06-29 07:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2017-07-12 09:59 - 2017-06-29 07:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2017-07-12 09:59 - 2017-06-29 07:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2017-07-12 09:59 - 2017-06-29 07:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2017-07-12 09:59 - 2017-06-29 07:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2017-07-12 09:59 - 2017-06-29 07:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx 2017-07-12 09:59 - 2017-06-29 07:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2017-07-12 09:59 - 2017-06-29 07:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll 2017-07-12 09:59 - 2017-06-29 07:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2017-07-12 09:59 - 2017-06-29 07:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2017-07-12 09:59 - 2017-06-29 07:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2017-07-12 09:59 - 2017-06-29 07:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2017-07-12 09:59 - 2017-06-29 07:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2017-07-12 09:59 - 2017-06-29 07:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2017-07-12 09:59 - 2017-06-29 07:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2017-07-12 09:59 - 2017-06-29 07:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec 2017-07-12 09:59 - 2017-06-29 07:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2017-07-12 09:59 - 2017-06-29 07:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2017-07-12 09:59 - 2017-06-29 07:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2017-07-12 09:59 - 2017-06-29 07:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2017-07-12 09:59 - 2017-06-29 07:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2017-07-12 09:59 - 2017-06-29 07:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2017-07-12 09:59 - 2017-06-29 07:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2017-07-12 09:59 - 2017-06-29 07:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2017-07-12 09:59 - 2017-06-29 07:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2017-07-12 09:59 - 2017-06-29 07:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2017-07-12 09:59 - 2017-06-29 07:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2017-07-12 09:59 - 2017-06-29 07:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2017-07-12 09:59 - 2017-06-29 07:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2017-07-12 09:59 - 2017-06-29 07:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2017-07-12 09:59 - 2017-06-29 07:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2017-07-12 09:59 - 2017-06-29 07:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2017-07-12 09:59 - 2017-06-29 07:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll 2017-07-12 09:59 - 2017-06-29 07:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx 2017-07-12 09:59 - 2017-06-29 06:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2017-07-12 09:59 - 2017-06-29 06:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2017-07-12 09:59 - 2017-06-29 06:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2017-07-12 09:59 - 2017-06-29 06:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2017-07-12 09:59 - 2017-06-29 06:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll 2017-07-12 09:59 - 2017-06-29 06:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2017-07-12 09:59 - 2017-06-29 06:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2017-07-12 09:59 - 2017-06-29 06:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll 2017-07-12 09:59 - 2017-06-29 06:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2017-07-12 09:59 - 2017-06-29 06:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2017-07-12 09:59 - 2017-06-29 06:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2017-07-12 09:59 - 2017-06-29 06:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2017-07-12 09:59 - 2017-06-29 06:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2017-07-12 09:59 - 2017-06-29 06:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2017-07-12 09:59 - 2017-06-29 06:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2017-07-12 09:59 - 2017-06-29 06:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2017-07-12 09:59 - 2017-06-29 06:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2017-07-12 09:59 - 2017-06-22 16:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2017-07-12 09:59 - 2017-06-15 22:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys 2017-07-12 09:59 - 2017-06-13 00:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys 2017-07-12 09:59 - 2017-06-13 00:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2017-07-12 09:59 - 2017-06-13 00:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2017-07-12 09:59 - 2017-06-13 00:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx 2017-07-12 09:59 - 2017-06-13 00:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2017-07-12 09:59 - 2017-06-13 00:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx 2017-07-12 09:59 - 2017-06-13 00:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll 2017-07-12 09:59 - 2017-06-13 00:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2017-07-12 09:59 - 2017-06-13 00:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2017-07-12 09:59 - 2017-06-13 00:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2017-07-12 09:59 - 2017-06-13 00:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe 2017-07-12 09:59 - 2017-06-13 00:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe 2017-07-12 09:59 - 2017-06-13 00:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe 2017-07-12 09:59 - 2017-06-13 00:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2017-07-12 09:59 - 2017-06-13 00:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2017-07-12 09:59 - 2017-06-13 00:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2017-07-12 09:59 - 2017-06-13 00:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2017-07-12 09:59 - 2017-06-13 00:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe 2017-07-12 09:59 - 2017-06-13 00:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe 2017-07-12 09:59 - 2017-06-13 00:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe 2017-07-12 09:59 - 2017-06-13 00:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe 2017-07-12 09:59 - 2017-06-13 00:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll 2017-07-12 09:59 - 2017-06-10 17:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll 2017-07-12 09:59 - 2017-06-10 17:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll 2017-07-12 09:59 - 2017-06-09 17:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2017-07-12 09:59 - 2017-06-06 17:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll 2017-07-12 09:59 - 2017-06-06 17:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll 2017-07-12 09:59 - 2017-05-30 06:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2017-07-12 09:59 - 2017-05-30 06:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys 2017-07-12 09:59 - 2017-05-30 06:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2017-07-12 09:59 - 2017-05-21 06:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2017-07-12 09:59 - 2017-05-21 06:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2017-07-12 09:59 - 2017-05-16 17:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2017-07-12 09:59 - 2017-05-16 17:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys 2017-07-12 09:59 - 2017-05-16 17:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2017-07-12 09:53 - 2017-05-03 17:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe 2017-07-12 09:53 - 2017-05-03 17:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll 2017-07-12 09:53 - 2017-05-03 15:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll 2017-07-12 09:53 - 2017-03-23 04:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe 2017-07-11 12:43 - 2017-07-11 12:43 - 00000000 ____D C:\Users\CHRIS\Desktop\Mathe Übungsaufgaben 2017-07-10 01:40 - 2017-07-10 01:40 - 00005886 _____ C:\Users\CHRIS\Desktop\GUI_Spicker.txt 2017-07-09 03:40 - 2017-07-09 03:40 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\fltk.org 2017-07-09 03:32 - 1980-01-01 02:00 - 554133907 _____ C:\Users\CHRIS\Desktop\Crash Bandicoot (E) (EDC) [SCES-00344].bin 2017-07-03 17:36 - 2017-07-03 17:36 - 00001138 _____ C:\Users\CHRIS\Desktop\NumericTextBox.cs 2017-07-03 17:11 - 2017-07-03 17:44 - 00000817 _____ C:\Users\CHRIS\Desktop\GUI.cs.xaml 2017-07-03 16:59 - 2017-07-04 01:17 - 00000520 _____ C:\Users\CHRIS\Desktop\GUI.cs 2017-07-02 17:10 - 2017-07-02 17:10 - 00000127 _____ C:\Users\CHRIS\Desktop\BWL Termin.txt 2017-06-30 02:09 - 2017-06-30 02:01 - 602516544 _____ C:\Users\CHRIS\Desktop\Crash Bandicoot - The Wrath of Cortex (Europe) (En,Fr,De,Es,It,Nl) (v2.01).bin 2017-06-30 02:02 - 2017-06-30 02:02 - 00000000 ____D C:\Users\CHRIS\Desktop\PS2 bios 2017-06-30 01:58 - 2017-06-30 01:58 - 00000000 ____D C:\Users\CHRIS\Documents\PCSX2 2017-06-30 01:57 - 2017-06-30 01:57 - 00000807 _____ C:\Users\Public\Desktop\PCSX2 1.4.0.lnk 2017-06-30 01:57 - 2017-06-30 01:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2 2017-06-29 20:51 - 2017-07-08 16:37 - 00000000 ____D C:\Program Files\Storj Share 2017-06-27 17:56 - 2017-06-27 17:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos 2017-06-27 17:56 - 2017-04-25 18:05 - 00044304 _____ (Sophos Limited) C:\Windows\system32\SophosBootTasks.exe 2017-06-23 00:01 - 2017-06-23 00:01 - 00002567 _____ C:\Users\Public\Desktop\UP Launcher.lnk 2017-06-23 00:01 - 2017-06-23 00:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniting People 2017-06-22 14:30 - 2017-06-22 14:32 - 00068266 _____ C:\Users\CHRIS\Desktop\bewerbung_hueck.pdf ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2017-07-21 22:38 - 2017-03-09 20:38 - 00000911 _____ C:\Windows\Tasks\EPSON XP-332 335 Series Update {C87B5292-9B51-4640-9589-318901179489}.job 2017-07-21 20:35 - 2017-05-19 07:38 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\doublecmd 2017-07-21 20:05 - 2009-07-14 06:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-21 20:05 - 2009-07-14 06:45 - 00021904 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-21 20:04 - 2011-04-12 09:43 - 00699092 _____ C:\Windows\system32\perfh007.dat 2017-07-21 20:04 - 2011-04-12 09:43 - 00149232 _____ C:\Windows\system32\perfc007.dat 2017-07-21 20:04 - 2009-07-14 07:13 - 01619284 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-21 20:04 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf 2017-07-21 20:03 - 2016-10-21 08:58 - 00000000 ____D C:\Users\CHRIS\AppData\LocalLow\Mozilla 2017-07-21 20:02 - 2017-05-03 00:46 - 00000000 ____D C:\Program Files\Mozilla Firefox 2017-07-21 20:02 - 2016-05-15 17:46 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\Notepad++ 2017-07-21 20:00 - 2017-06-06 01:59 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\Storj Share 2017-07-21 20:00 - 2015-09-11 16:07 - 00001191 _____ C:\Users\CHRIS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2017-07-21 19:57 - 2016-05-06 20:39 - 00000093 _____ C:\HaxLogs.txt 2017-07-21 19:57 - 2015-09-11 17:01 - 00000000 ____D C:\ProgramData\NVIDIA 2017-07-21 19:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-07-21 19:13 - 2015-09-11 16:07 - 00000000 ____D C:\Users\CHRIS 2017-07-21 18:32 - 2017-06-20 10:56 - 00001901 _____ C:\Users\CHRIS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Storj Share (64-bit).lnk 2017-07-19 23:49 - 2017-03-30 14:56 - 00000000 ____D C:\Users\CHRIS\Documents\Visual Studio 2017 2017-07-17 03:36 - 2015-12-11 17:10 - 00000000 ____D C:\Users\CHRIS\.VirtualBox 2017-07-16 06:41 - 2015-09-15 17:14 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft 2017-07-16 06:40 - 2016-07-05 20:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office 2017-07-15 00:18 - 2009-07-14 07:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2017-07-13 11:58 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache 2017-07-13 00:35 - 2015-09-11 18:41 - 00000000 ____D C:\Windows\system32\appraiser 2017-07-12 21:56 - 2015-09-11 17:34 - 00000000 ____D C:\Windows\system32\MRT 2017-07-12 21:55 - 2015-09-11 17:34 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe 2017-07-12 21:54 - 2015-09-11 18:22 - 01592628 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2017-07-11 19:49 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\FxsTmp 2017-07-11 15:02 - 2015-09-11 19:36 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-07-11 15:02 - 2015-09-11 19:36 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-07-11 15:02 - 2015-09-11 19:36 - 00004366 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-07-11 15:02 - 2015-09-11 19:36 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-07-11 15:02 - 2015-09-11 19:36 - 00000000 ____D C:\Windows\system32\Macromed 2017-07-11 12:38 - 2016-05-06 23:25 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2017-07-10 20:03 - 2016-01-17 19:26 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\Processing 2017-06-30 00:52 - 2015-09-14 20:21 - 00000000 ____D C:\Users\CHRIS\AppData\Roaming\TS3Client 2017-06-27 17:56 - 2015-12-11 16:11 - 00000000 ____D C:\ProgramData\Sophos 2017-06-23 10:31 - 2017-05-20 16:12 - 00003172 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task v2 2017-06-23 10:30 - 2016-07-05 20:21 - 00002184 _____ C:\Users\CHRIS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk 2017-06-23 10:30 - 2016-07-05 20:21 - 00000000 ___RD C:\Users\CHRIS\OneDrive ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2016-07-04 17:12 - 2017-03-29 17:57 - 0000600 _____ () C:\Users\CHRIS\AppData\Roaming\winscp.rnd 2016-07-07 20:59 - 2016-07-07 20:59 - 0000032 RSHOT () C:\Users\CHRIS\AppData\Local\t80.dat 2016-05-04 21:50 - 2016-06-24 18:54 - 0000235 _____ () C:\Users\CHRIS\AppData\Local\TempGameCenter.main.download.log 2016-06-24 18:54 - 2016-06-25 03:55 - 0001559 _____ () C:\Users\CHRIS\AppData\Local\TempGameCenter.main.log 2016-07-23 01:26 - 2016-07-23 01:26 - 0000016 _____ () C:\ProgramData\mntemp 2015-12-11 16:28 - 2015-12-11 16:29 - 0000586 _____ () C:\ProgramData\NCIDebug.log ==================== Bamital & volsnap ====================== (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\Windows\system32\winlogon.exe => Datei ist digital signiert C:\Windows\system32\wininit.exe => Datei ist digital signiert C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert C:\Windows\explorer.exe => Datei ist digital signiert C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert C:\Windows\system32\svchost.exe => Datei ist digital signiert C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert C:\Windows\system32\services.exe => Datei ist digital signiert C:\Windows\system32\User32.dll => Datei ist digital signiert C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert C:\Windows\system32\userinit.exe => Datei ist digital signiert C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert C:\Windows\system32\rpcss.dll => Datei ist digital signiert C:\Windows\system32\dnsapi.dll => Datei ist digital signiert C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2017-07-12 00:37 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017 durchgeführt von CHRIS (21-07-2017 22:52:00) Gestartet von D:\Downloads Windows 7 Professional Service Pack 1 (X64) (2015-09-11 14:07:16) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-671320741-808220471-3735878450-500 - Administrator - Disabled) CHRIS (S-1-5-21-671320741-808220471-3735878450-1000 - Administrator - Enabled) => C:\Users\CHRIS Gast (S-1-5-21-671320741-808220471-3735878450-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-671320741-808220471-3735878450-1009 - Limited - Enabled) SophosSAUCHRIS-PC0 (S-1-5-21-671320741-808220471-3735878450-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Sophos Anti-Virus (Enabled - Up to date) {FFADE7EA-DC92-4602-D6B2-626CD3450A0F} AS: Sophos Anti-Virus (Enabled - Up to date) {44CC060E-FAA8-498C-EC02-591EA8C240B2} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) .NET Core SDK 1.0.0 (x64) Installer (x64) (HKLM\...\{3A36F010-62C4-4173-9F25-257F1B0899DD}) (Version: 4.0.4911 - Microsoft Corporation) Hidden .NET Core SDK 1.0.0 (x64) Installer (x64) (HKLM-x32\...\{c7c7d963-f622-455d-879a-7ffa111d1322}) (Version: 1.0.0 - Microsoft Corporation) 7-Zip 15.12 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1512-000001000000}) (Version: 15.12.00.0 - Igor Pavlov) Active Directory Authentication Library für SQL Server (HKLM\...\{DCF8CB30-F4CE-476A-AB02-E8D620FADC70}) (Version: 13.0.1601.5 - Microsoft Corporation) Hidden Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated) Adobe Flash Player 26 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 26.0.0.137 - Adobe Systems Incorporated) Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.137 - Adobe Systems Incorporated) Amazon Kindle (HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\Amazon Kindle) (Version: 1.16.0.44025 - Amazon) Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.) Application Insights Tools for Visual Studio 2015 (HKLM-x32\...\{9F429DF7-F8DD-4980-9673-E6DACA012F6C}) (Version: 3.3 - Microsoft Corporation) Hidden Application Verifier x64 External Package (HKLM\...\{AB5E83C8-0175-0A1F-338A-EB8925AFC341}) (Version: 10.1.14393.795 - Microsoft) Hidden BioShock 2 Remastered (HKLM\...\Steam App 409720) (Version: - 2K Marin) BioShock Remastered (HKLM\...\Steam App 409710) (Version: - 2K Boston) Call of Duty 2 (HKLM\...\Steam App 2630) (Version: - Infinity Ward) Call of Duty(R) 2 Patch 1.3 (HKLM-x32\...\{7B4A5C13-069F-4AFE-AE57-C497B4E33C7E}) (Version: 1.3 - ) Hidden Call of Duty: Modern Warfare 2 - Multiplayer (HKLM\...\Steam App 10190) (Version: - Infinity Ward) Call of Duty: Modern Warfare 2 (HKLM-x32\...\Steam App 10180) (Version: - Infinity Ward) CCleaner (HKLM\...\CCleaner) (Version: 5.30 - Piriform) ClickOnce Bootstrapper Package for Microsoft .NET Framework (HKLM-x32\...\{E598B692-764A-413C-8530-59163D6B4AE3}) (Version: 4.6.01590 - Microsoft Corporation) Hidden CSR Harmony Wireless Software Stack (HKLM\...\{17DEA095-8EE1-49A2-AC5A-9663DB098FA9}) (Version: 2.1.63.0 - CSR Plc.) DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd) Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform) DiagnosticsHub_CollectionService (HKLM\...\{90A561D7-0C29-464D-94E1-2A7E1C553230}) (Version: 15.0.26208 - Microsoft Corporation) Hidden Discord (HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.) Double Commander 0.7.8 beta (HKLM\...\Double Commander_is1) (Version: - ) Entity Framework 6.1.3 Tools for Visual Studio 15 (HKLM-x32\...\{F8C0447E-D45C-4E52-94E8-C6340AAC9DB8}) (Version: 6.1.60104.0 - Microsoft Corporation) Hidden EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation) Epson Software Updater (HKLM-x32\...\{B4F0E794-11F5-4971-85EC-6D7F2E4DAC68}) (Version: 4.4.3 - SEIKO EPSON CORPORATION) EPSON XP-332 335 Series Printer Uninstall (HKLM\...\EPSON XP-332 335 Series) (Version: - Seiko Epson Corporation) EPSON-Handbücher (HKLM-x32\...\{84CECC1B-21EF-41B1-9A91-3E724E5D99D3}) (Version: 1.52.0.0 - SEIKO EPSON CORPORATION) EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) FortiClient (HKLM\...\{B611B858-9363-42FC-AE47-3430D54CCE1B}) (Version: 5.4.1.0840 - Fortinet Inc) Garry's Mod (HKLM\...\Steam App 4000) (Version: - Facepunch Studios) Gtk# for .Net 2.12.26 (HKLM-x32\...\{BC25B808-A11C-4C9F-9C0A-6682E47AAB83}) (Version: 2.12.26 - Xamarin, Inc.) Guitar Hero World Tour (HKLM-x32\...\{A126E617-63F0-4E57-BFA4-7190F5845C39}) (Version: 1.0 - Aspyr) H1Z1: King of the Kill (HKLM\...\Steam App 433850) (Version: - Daybreak Game Company) Half-Life 2 (HKLM-x32\...\Steam App 220) (Version: - Valve) Half-Life 2: Deathmatch (HKLM\...\Steam App 320) (Version: - Valve) Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version: - Valve) Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version: - Valve) Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version: - Valve) icecap_collection_neutral (HKLM-x32\...\{64F3E6FC-68E3-4062-9C2C-ABD93FDFF309}) (Version: 15.0.26208 - Microsoft Corporation) Hidden icecap_collection_x64 (HKLM\...\{0AD162D1-4973-4315-97E9-5DE9A92B4049}) (Version: 15.0.26208 - Microsoft Corporation) Hidden icecap_collectionresources (HKLM-x32\...\{FE002482-71A5-4B32-9D08-60ADFAF19E07}) (Version: 15.0.26208 - Microsoft Corporation) Hidden icecap_collectionresourcesx64 (HKLM-x32\...\{9FBD9D6F-A511-45F5-B672-63A5087F6F89}) (Version: 15.0.26208 - Microsoft Corporation) Hidden IIS 10.0 Express (HKLM\...\{0148E8AA-4A50-4673-B532-DB9F30F804BE}) (Version: 10.0.1737 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) Hidden IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Hidden Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel) Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{e48a2f61-851a-4155-82f9-af1b04db8c3b}) (Version: 10.0.13 - Intel(R) Corporation) Hidden Intel® Hardware Accelerated Execution Manager (HKLM\...\{30F3FF94-225B-4319-A13C-E307FFDA3CFB}) (Version: 6.0.1 - Intel Corporation) Intellisense Lang Pack Mobile Extension SDK 10.0.14393.0 (HKLM-x32\...\{FE250127-0DBB-47AA-8439-7A2FA145030F}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden IntelliTraceProfilerProxy (HKLM-x32\...\{51783942-DFB0-4452-97CC-BDF2D4AB3A48}) (Version: 15.0.24.0 - Microsoft Corporation) Hidden Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation) Java SE Development Kit 8 Update 92 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180920}) (Version: 8.0.920.14 - Oracle Corporation) Kits Configuration Installer (HKLM-x32\...\{84645792-B4DC-8386-13D6-94810C42EF8A}) (Version: 10.1.14393.795 - Microsoft) Hidden Kumulatives Microsoft .NET Framework Intellisense Pack für Visual Studio (Deutsch) (HKLM-x32\...\{91BF6CA6-F6AA-4639-944A-627B7D02567E}) (Version: 4.6.01604 - Microsoft Corporation) Hidden Logitech SetPoint 6.67 (HKLM\...\sp6) (Version: 6.67.83 - Logitech) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 SDK (HKLM-x32\...\{39BEF607-44E6-472B-90C1-BD62AA2B7A3F}) (Version: 4.6.01586 - Microsoft Corporation) Microsoft .NET Framework 4.6.2 Targeting Pack (HKLM-x32\...\{C07B4BC7-A37D-46A8-B2A3-620CC569D149}) (Version: 4.6.01586 - Microsoft Corporation) Microsoft .NET Framework 4.7 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.7.02053 - Microsoft Corporation) Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation) Microsoft Azure Authoring Tools - v2.9.5.2 (HKLM\...\{8EDF1CB5-F95D-4D6F-916F-5F7D52216221}) (Version: 2.9.8599.18 - Microsoft Corporation) Microsoft Azure Compute Emulator - v2.9.5.2 (HKLM\...\Microsoft Azure Compute Emulator - v2.9.5.2) (Version: 2.9.8599.18 - Microsoft Corporation) Microsoft Azure Libraries for .NET – v2.9 (HKLM\...\{C5C91AA6-3E83-430E-8B7A-6B790083F28D}) (Version: 3.0.0127.060 - Microsoft Corporation) Microsoft Azure Mobile App SDK V2.0 (HKLM-x32\...\{829D812B-3F25-4E8B-B1DF-1AD09164684C}) (Version: 2.0.50130.0 - Microsoft Corporation) Microsoft Azure Storage Emulator - v5.0 (HKLM-x32\...\Microsoft Azure Storage Emulator - v5.0) (Version: 5.0.1717.1622 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Identity Extensions (HKLM\...\{F99F24BF-0B90-463E-9658-3FD2EFC3C992}) (Version: 2.0.1459.0 - Microsoft Corporation) Microsoft LifeChat (HKLM\...\{BD198331-FF8A-4DEB-9F30-A0AC56625A3B}) (Version: 1.40.224.0 - Microsoft) Microsoft Office 365 ProPlus - de-de (HKLM\...\O365ProPlusRetail - de-de) (Version: 16.0.7766.2096 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-671320741-808220471-3735878450-1000\...\OneDriveSetup.exe) (Version: 17.3.6917.0607 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{E9AD0F97-5DF2-4F5B-BC5B-F524D21BF165}) (Version: 11.3.6518.0 - Microsoft Corporation) Microsoft SQL Server 2016 LocalDB (HKLM\...\{C555970C-4C94-4A20-9869-AE7E2F84748F}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visio Professional 2016 - de-de (HKLM\...\VisioProRetail - de-de) (Version: 16.0.7766.2096 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation) Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation) Microsoft Visual Studio 2017 (HKLM-x32\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 1.5.30308.1 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{5CB4DD27-6252-4C08-BFCF-22F6A110CBFA}) (Version: 10.0.1972 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM\...\{FEC926D4-785B-4ED7-B35D-3FA37DD29F8B}) (Version: 13.0.1601.5 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server*2016 (HKLM-x32\...\{A37BE9D7-EAAE-4C6B-9D7E-DBD8B8D88681}) (Version: 13.0.1601.5 - Microsoft Corporation) Mozilla Firefox 54.0.1 (x64 de) (HKLM\...\Mozilla Firefox 54.0.1 (x64 de)) (Version: 54.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 54.0.1 - Mozilla) NetTime (HKLM-x32\...\NetTime_is1) (Version: - Mark Griffiths) NICI U.S./Worldwide 2.77.2.0 (x64) (HKLM\...\{31173D4D-50FB-47B7-B7AC-622EDFA97B88}) (Version: 2.77.2.0 - Novell, Inc.) NICI U.S./Worldwide 2.77.3.0 (x32) (HKLM-x32\...\{7BD5D2CC-3186-4FE9-921E-4C4F64C68CAF}) (Version: 2.77.3.0 - Novell, Inc.) NMAS Challenge Response Method (HKLM\...\{54031C8D-F80D-47BB-B3CA-5E9BD7750C27}) (Version: 2.8.3.3 - Novell, Inc.) NMAS Client (HKLM\...\{22859902-78CE-40B0-9429-6FE7A00BBF85}) (Version: 8.8.8.10 - Novell, Inc.) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.9.1 - Notepad++ Team) NVIDIA 3D Vision Treiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.82 - NVIDIA Corporation) NVIDIA Grafiktreiber 353.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.82 - NVIDIA Corporation) NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation) NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.7766.2096 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2096 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.7766.2096 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.7668.2066 - Microsoft Corporation) Hidden ONE PIECE PIRATE WARRIORS 3 (HKLM\...\Steam App 331600) (Version: - KOEI TECMO GAMES CO., LTD.) Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation) Hidden Oracle VM VirtualBox 5.1.22 (HKLM\...\{8D5E4D4D-5E0C-4448-B018-5DDEF1E208D9}) (Version: 5.1.22 - Oracle Corporation) PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2) (Version: - ) PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7004 - Realtek Semiconductor Corp.) Sophos Anti-Virus (HKLM-x32\...\{788B9788-7F03-4A2B-8258-3445C0278C33}) (Version: 10.7.2.49 - Sophos Limited) Sophos AutoUpdate (HKLM-x32\...\{AFBCA1B9-496C-4AE6-98AE-3EA1CFF65C54}) (Version: 5.7.220 - Sophos Limited) Sophos Endpoint Defense (HKLM\...\Sophos Endpoint Defense) (Version: 1.0.0.265 - Sophos Limited) Sophos Network Threat Protection (HKLM\...\{66967E5F-43E8-4402-87A4-04685EE5C2CB}) (Version: 1.2.2.50 - Sophos Limited) Sophos System Protection (HKLM-x32\...\{1093B57D-A613-47F3-90CF-0FD5C5DCFFE6}) (Version: 1.3.1 - Sophos Limited) Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform) sptools_Microsoft.VisualStudio.OfficeDeveloperTools.Msi (HKLM-x32\...\{1BEA326A-D74B-4076-8B48-32D9C6E7A36A}) (Version: 15.0.26112 - Microsoft Corporation) Hidden sptools_Microsoft.VisualStudio.Vsto.Msi (HKLM-x32\...\{3FD6CA39-B431-401C-8705-46D95FA91342}) (Version: 15.0.26112 - Microsoft Corporation) Hidden sptools_Microsoft.VisualStudio.Vsto.Msi.Resources (HKLM-x32\...\{B47EBBFF-EC3B-4FF7-AF3B-147EC198B208}) (Version: 15.0.26112 - Microsoft Corporation) Hidden sptools_Microsoft.VisualStudio.Vsto.Msi.x64 (HKLM-x32\...\{13882E79-4567-4303-83B6-F04F5303C3E2}) (Version: 15.0.26112 - Microsoft Corporation) Hidden Storj Share (64-bit) (HKLM\...\Storj Share) (Version: 6.2.0 - Storj Labs Inc.) Stronghold Crusader Extreme HD (HKLM-x32\...\{8C3727F2-8E37-49E4-820C-03B1677F53B6}) (Version: 1.30.1002 - Firefly Studios) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.17 - TeamSpeak Systems GmbH) TypeScript Power Tool (HKLM-x32\...\{0B693FB7-DF61-44DB-AEAA-E2E30F85A781}) (Version: 2.1.5.0 - Microsoft Corporation) Hidden Unity (HKLM-x32\...\Unity) (Version: 5.4.0f3 - Unity Technologies ApS) Universal CRT Extension SDK (HKLM-x32\...\{4E8F20FD-6BC7-B65C-D4F2-5D7CEDE3352E}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Headers Libraries and Sources (HKLM-x32\...\{233B73D9-650E-9CEC-1002-767C916C1B61}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Redistributable (HKLM-x32\...\{DA52B326-3A74-1EB4-A788-D812C2F100A8}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Tools x64 (HKLM\...\{BF8547E5-1066-30AE-F3CB-028DC61A7D01}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal CRT Tools x86 (HKLM-x32\...\{0C8D9D70-FA5A-4CA9-763F-D8D93BC099B5}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Universal General MIDI DLS Extension SDK (HKLM-x32\...\{F2EB74A7-148A-8DC9-82A5-B5A88093EEC4}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden UP Launcher (HKLM-x32\...\{7E6EADD5-AF31-4A74-858A-EFF722C2D3E7}) (Version: 3.0.0 - Uniting People) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) Usb GamePad (HKLM-x32\...\{DEC7CD2E-2BB5-40C3-9592-078F64677E6C}) (Version: 1.00.0000 - ) vcpp_crt.redist.clickonce (HKLM-x32\...\{F48A9651-9D00-4D94-810E-8738A41F16C2}) (Version: 14.10.25008 - Microsoft Corporation) Hidden VS Immersive Activate Helper (HKLM-x32\...\{D8A4EA2B-1A97-45A5-BF96-7493183F8524}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden VS JIT Debugger (HKLM\...\{2901E697-0E9C-404B-B7D0-6E2D43F64CE5}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden VS Script Debugging Common (HKLM\...\{3B64C68E-14E0-4214-A53D-502E9FBD32E7}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden VS WCF Debugging (HKLM\...\{9E1EF6F7-ED70-4BD8-A1AE-83C5DEF0DA91}) (Version: 16.0.59.0 - Microsoft Corporation) Hidden vs_BlendMsi (HKLM-x32\...\{1070C8E8-4DFB-419F-984A-5C835828897E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsi (HKLM-x32\...\{B9F4AA09-F4AC-4108-ADA0-27CDD45FCEC3}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_clickoncebootstrappermsires (HKLM-x32\...\{AEF5E0F2-31D1-454A-A992-C523C0007B4D}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_clickoncesigntoolmsi (HKLM-x32\...\{DE8B48BF-82B9-434A-B254-1EA2306E5FBA}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_communitymsi (HKLM-x32\...\{0E1A59A3-625B-47C4-BC96-E8A876417A8F}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_communitymsires (HKLM-x32\...\{B3988EC1-015B-4A61-A323-BCCCDD218E4F}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_devenvmsi (HKLM-x32\...\{581E5656-26E2-4A02-9711-48C8E4998310}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_filehandler_amd64 (HKLM-x32\...\{15D591B0-7B40-4957-B6C0-EB7452B5AAB6}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_filehandler_x86 (HKLM-x32\...\{DC296244-0701-4EDE-9696-05B9C1D017B3}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_FileTracker_Singleton (HKLM-x32\...\{11230C85-1813-4BC3-9C24-E0B74B59653E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_Graphics_Singletonx64 (HKLM\...\{F3217611-B414-4A3A-81BF-6A3A4DB7E743}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_Graphics_Singletonx86 (HKLM-x32\...\{D4DCEC6A-BC59-43D5-866A-AB057E64F73F}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_minshellinteropmsi (HKLM-x32\...\{1E8F631A-96B4-4BB1-9455-B2FF083DA864}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_minshellmsi (HKLM-x32\...\{47C6B2A0-8A58-4C87-91B8-DC8D138524AA}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_minshellmsires (HKLM-x32\...\{37968509-8B79-4E9A-85D1-6AA39DA2211A}) (Version: 15.0.26228 - Microsoft Corporation) Hidden vs_SQLClickOnceBootstrappermsi (HKLM-x32\...\{D396CF10-5F2B-417D-9571-0B669B99440E}) (Version: 15.0.26208 - Microsoft Corporation) Hidden vs_tipsmsi (HKLM-x32\...\{A32A9CF6-E7AA-48B8-A3D3-50C157E69F53}) (Version: 15.0.26208 - Microsoft Corporation) Hidden WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation) WinAppDeploy (HKLM-x32\...\{C9966D24-DB2F-8514-EAA3-BEED85F3E166}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden Windows SDK AddOn (HKLM-x32\...\{3BE62AA1-60B9-42EA-99BC-1A46B31C7E0C}) (Version: 10.1.0.0 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.14393.795 (HKLM-x32\...\{5eb6fbea-73ee-4a8e-9042-110704768d7f}) (Version: 10.1.14393.795 - Microsoft Corporation) Windows Software Development Kit - Windows 10.0.26624 (HKLM-x32\...\{e7a0c8b6-b0e9-41e2-8a0a-a6784f88d1d4}) (Version: 10.0.26624 - Microsoft Corporation) Windscribe Version 1.70 build 4 (HKLM-x32\...\{fa690e90-ddb0-4f0c-b3f1-136c084e5fc7}_is1) (Version: 1.70 build 4 - Windscribe) WinRT Intellisense Desktop - en-us (HKLM-x32\...\{A249F631-CEBC-EDCB-4C49-700E551E66CA}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense Desktop - Other Languages (HKLM-x32\...\{E71CB7F1-3E88-4450-1764-B3CC1E205C4A}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense IoT - en-us (HKLM-x32\...\{C49E6FDA-8196-0CAF-2CDD-CF1B0F4EA5AD}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense IoT - Other Languages (HKLM-x32\...\{33D11371-82A5-852B-CDE2-5528CE406151}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense PPI - en-us (HKLM-x32\...\{FB431EE2-C835-6DE9-8DC3-C8FCDE028FE0}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense PPI - Other Languages (HKLM-x32\...\{FB82399D-9C48-9AF5-DCA1-CFE61BCA70A6}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense UAP - en-us (HKLM-x32\...\{23909757-D6F0-7F7C-BD34-7E72BA9BD59C}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinRT Intellisense UAP - Other Languages (HKLM-x32\...\{D3A337CD-EA32-F4BA-03FA-825903190C92}) (Version: 10.1.14393.795 - Microsoft Corporation) Hidden WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl) Workflow Manager Client 1.0 (HKLM\...\{BD88D998-D321-43F3-B3FE-6D82C796AF7A}) (Version: 2.0.50408.1 - Microsoft Corporation) Hidden Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{0ADF2CF1-58EF-4216-ABC6-E1FE32B2BCBA}) (Version: 2.0.61026.0 - Microsoft Corporation) Hidden Xamarin PCL Profiles v1.0.8 (HKLM-x32\...\{6B09653F-1E6A-48AF-AC97-69521A3F02FE}) (Version: 1.0.8.0 - Xamarin) Hidden Xamarin Workbooks and Inspector (HKLM-x32\...\{184D63CB-4157-4C67-B67B-3D262E3EC92B}) (Version: 1.1.2.0 - Xamarin) Hidden Xamarin.Bonjour v1.0.11 (HKLM-x32\...\{B484E6C8-B82E-4CCE-8FAA-136473B22B1D}) (Version: 1.0.11.0 - Xamarin) Hidden XAMPP (HKLM-x32\...\xampp) (Version: 7.1.1-0 - Bitnami) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-671320741-808220471-3735878450-1000_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\CHRIS\AppData\Local\Microsoft\OneDrive\17.3.6917.0607\amd64\FileCoAuthLib64.dll (Microsoft Corporation) ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers01: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2016-03-28] () ContextMenuHandlers01: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers01: [NetWareMenuItems] -> [CC]{e3bbbfc0-f61f-11cf-bb16-00c04fd371f4} => -> Keine Datei ContextMenuHandlers01: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2017-04-25] (Sophos Limited) ContextMenuHandlers02: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2017-04-25] (Sophos Limited) ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers04: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2017-04-25] (Sophos Limited) ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2015-08-07] (NVIDIA Corporation) ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2015-11-19] (Igor Pavlov) ContextMenuHandlers06: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd) ContextMenuHandlers06: [NetWareMenuItems] -> [CC]{e3bbbfc0-f61f-11cf-bb16-00c04fd371f4} => -> Keine Datei ContextMenuHandlers06: [NetWareServerMenu] -> [CC]{9b173360-732b-11ce-aa22-00805f9834b0} => -> Keine Datei ContextMenuHandlers06: [SavShellExt] -> {A3A1D8A1-006D-4B93-BA27-6F6B4C9C4F1D} => C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavShellExtX64.dll [2017-04-25] (Sophos Limited) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {160A2FF9-8F8C-44F0-9879-E31630D60962} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-07-16] (Microsoft Corporation) Task: {2A615DD9-B78D-424D-A4D0-FD73FFD3378A} - System32\Tasks\{52E7D4FB-32AD-40AD-9F67-CBD4E3F0C458} => D:\Downloads\Setup.X86.de-DE_O365ProPlusRetail_f2565e0c-cf7f-44fa-b446-1b51c20e59c0_TX_PR_.exe <==== ACHTUNG Task: {33B280EE-DBB4-4770-BB5D-92B0DCB33CAE} - System32\Tasks\LifeChatTask => C:\Program Files\Microsoft LifeChat\LifeChat.exe [2009-09-24] (Microsoft Corporation) Task: {3FD885D3-E2D5-4020-9BBD-82554549D200} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-05-19] (Piriform Ltd) Task: {42915B0A-DDD2-4A51-A87A-DA373C4FC2E3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-07-11] (Adobe Systems Incorporated) Task: {5F223E7C-F008-40BB-ADE2-75A317A62A0F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated) Task: {DB50F9E7-A26A-4515-B617-0D45ABA2D84F} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation) Task: {DFF0B61F-F547-4544-B3CE-496E78DA02A3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-16] (Microsoft Corporation) Task: {EA0ABA97-A3FF-4524-A9D8-3265EBADE17F} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-07-03] (Microsoft Corporation) Task: {F3CB8AE7-C355-49E9-9BB4-B77A75427E53} - System32\Tasks\EPSON XP-332 335 Series Update {C87B5292-9B51-4640-9589-318901179489} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE [2015-03-25] (SEIKO EPSON CORPORATION) Task: {F67E64AE-4163-4A05-A817-5ACBD747D464} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2017-07-16] (Microsoft Corporation) (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\Windows\Tasks\EPSON XP-332 335 Series Update {C87B5292-9B51-4640-9589-318901179489}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE:/EXE:{C87B5292-9B51-4640-9589-318901179489} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi ==================== Verknüpfungen & WMI ======================== (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-03-25 17:49 - 2014-11-17 17:04 - 00049336 _____ () C:\Windows\system32\ncv1_0.DLL 2015-03-25 17:49 - 2014-11-17 17:04 - 01024696 _____ () C:\Windows\system32\ncnetprovider.dll 2015-03-25 17:49 - 2014-11-17 17:04 - 00109752 _____ () C:\Windows\system32\NCLangID.dll 2015-03-25 17:49 - 2014-11-17 17:04 - 00175288 _____ () C:\Windows\system32\MAPBASE.dll 2015-03-25 17:49 - 2014-11-17 17:04 - 00272056 _____ () C:\Windows\system32\NWSHLXNT.dll 2015-03-25 17:49 - 2013-03-03 23:44 - 00016384 _____ () C:\Windows\system32\nls\DEUTSCH\NCLangIDR.DLL 2015-03-25 17:49 - 2013-03-03 23:44 - 00086528 _____ () C:\Windows\system32\nls\DEUTSCH\MAPBASER.DLL 2015-03-25 17:49 - 2013-03-03 23:44 - 00102400 _____ () C:\Windows\system32\nls\DEUTSCH\NWSHLXNTR.DLL 2015-03-25 17:49 - 2013-03-03 23:44 - 00496640 _____ () C:\Windows\system32\nls\DEUTSCH\ncnetproviderR.DLL 2015-09-11 17:01 - 2015-08-07 02:44 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2015-03-25 17:49 - 2014-11-17 17:04 - 00153784 _____ () C:\Program Files\Novell\Client\XTier\Common\libslp.dll 2015-03-25 17:49 - 2014-11-17 17:04 - 00109240 _____ () C:\Program Files\Novell\Client\cusrvc.exe 2017-07-21 17:53 - 2012-05-12 01:27 - 00473088 _____ () C:\Program Files (x86)\NetTime\NetTimeService.exe 2016-04-14 17:15 - 2016-04-14 17:15 - 00233608 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\http.plg 2016-04-14 17:15 - 2016-04-14 17:15 - 00140696 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ip.plg 2016-04-14 17:15 - 2016-04-14 17:15 - 00119344 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\ipv6.plg 2016-04-14 17:15 - 2016-04-14 17:15 - 00076704 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\portmap.plg 2016-04-14 17:15 - 2016-04-14 17:15 - 00165000 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\tcp.plg 2016-04-14 17:15 - 2016-04-14 17:15 - 00148440 _____ () C:\Program Files\Sophos\Sophos Network Threat Protection\bin\plugins\udp.plg 2016-03-28 20:07 - 2016-03-28 20:07 - 00230064 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2012-03-22 22:11 - 2012-03-22 22:11 - 00244944 _____ () C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe 2017-07-07 00:37 - 2017-07-07 00:37 - 02141184 _____ () C:\Program Files\Storj Share\ffmpeg.dll 2017-02-07 15:33 - 2016-12-14 13:47 - 03367424 _____ () D:\xampp\xampp-control.exe 2017-07-21 17:53 - 2012-05-12 09:28 - 00772096 _____ () C:\Program Files (x86)\NetTime\NetTime.exe 2017-05-19 20:17 - 2017-05-19 20:17 - 00069632 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll 2017-07-07 00:37 - 2017-07-07 00:37 - 02551808 _____ () C:\Program Files\Storj Share\libglesv2.dll 2017-07-07 00:37 - 2017-07-07 00:37 - 00093184 _____ () C:\Program Files\Storj Share\libegl.dll 2017-07-07 00:38 - 2017-07-07 00:38 - 00231424 _____ () \\?\C:\Program Files\Storj Share\resources\app\node_modules\secp256k1\build\Release\secp256k1.node 2017-07-07 00:37 - 2017-07-07 00:37 - 00522752 _____ () \\?\C:\Program Files\Storj Share\resources\app\node_modules\leveldown\build\Release\leveldown.node 2017-07-07 00:38 - 2017-07-07 00:38 - 00141824 _____ () \\?\C:\Program Files\Storj Share\resources\app\node_modules\weak\build\Release\weakref.node 2017-02-07 15:33 - 2017-01-17 22:54 - 11755976 _____ () d:\xampp\mysql\bin\mysqld.exe 2016-06-23 15:23 - 2016-06-23 15:23 - 00552978 _____ () C:\Program Files (x86)\Fortinet\FortiClient\sqlite3.dll 2017-02-07 15:33 - 2016-06-15 12:26 - 00419328 _____ () d:\xampp\apache\bin\pcre.dll 2017-02-07 15:33 - 2017-01-18 21:16 - 00150016 _____ () D:\xampp\php\libpq.dll 2017-02-07 15:33 - 2017-01-18 21:16 - 00180736 _____ () d:\xampp\apache\bin\libssh2.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SAVService => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SntpService => ""="service" ==================== Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: ========================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 04:34 - 2017-06-23 15:09 - 00000867 _____ C:\Windows\system32\Drivers\etc\hosts 127.0.0.1 localhost 176.31.104.226 upzom ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-671320741-808220471-3735878450-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\CHRIS\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == MSCONFIG\startupfolder: C:^Users^CHRIS^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^An OneNote senden.lnk => C:\Windows\pss\An OneNote senden.lnk.Startup MSCONFIG\startupreg: DAEMON Tools Lite Automount => "D:\Programme64\DAEMON Tools Lite\DTAgent.exe" -autorun MSCONFIG\startupreg: Discord => C:\Users\CHRIS\AppData\Local\Discord\app-0.0.297\Discord.exe MSCONFIG\startupreg: iTunesHelper => "D:\Programme64\ITunes\iTunesHelper.exe" MSCONFIG\startupreg: NWTRAY => %ProgramFiles%\Novell\Client\nwtray.exe ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe FirewallRules: [{16EA6BC5-0AF6-4C20-9EBE-0A5E460192F4}] => (Allow) D:\Programme32\Steam\Steam.exe FirewallRules: [{D15DBE43-BFE3-46DD-B2EE-E1775B2CD808}] => (Allow) D:\Programme32\Steam\Steam.exe FirewallRules: [TCP Query User{95DD166C-F5FC-4546-8D9F-CA63151EDD15}D:\programme32\guitar hero\ghwt.exe] => (Allow) D:\programme32\guitar hero\ghwt.exe FirewallRules: [UDP Query User{40FAB355-5DE7-414E-9B0E-7CC2DD4F4F28}D:\programme32\guitar hero\ghwt.exe] => (Allow) D:\programme32\guitar hero\ghwt.exe FirewallRules: [{08CAF2E7-CA7B-4E48-B0B1-30BD61D28D28}] => (Allow) D:\Programme32\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{2E920EF7-40EF-4119-AC0E-31939E1A688E}] => (Allow) D:\Programme32\Steam\SteamApps\common\BioShock Infinite\Binaries\Win32\BioShockInfinite.exe FirewallRules: [{36226B26-3DB8-4F41-A1FC-C7B03F299D11}] => (Allow) D:\Programme32\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{F02CC5B8-2F8F-40F9-AE0B-04B8C929B0CF}] => (Allow) D:\Programme32\Steam\SteamApps\common\Half-Life 2\hl2.exe FirewallRules: [{301A30E4-4C72-4184-943B-1FB19A615FB9}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{B3411367-32D5-4933-A2A6-512EFE8AAE40}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4sp.exe FirewallRules: [{EB3BAE52-0F45-4767-8B9E-4E47A903AC87}] => (Allow) D:\Programme32\Steam\SteamApps\common\OPPW3\oppw3.exe FirewallRules: [{DB59F086-2BBD-4ACB-A6DF-9D2421899608}] => (Allow) D:\Programme32\Steam\SteamApps\common\OPPW3\oppw3.exe FirewallRules: [TCP Query User{419472DF-ED43-4AF8-9F63-64B5C9DC14BA}C:\program files\java\jdk1.8.0_92\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_92\bin\java.exe FirewallRules: [UDP Query User{03DE0502-61CF-4EBF-B50D-F6582C593BE8}C:\program files\java\jdk1.8.0_92\bin\java.exe] => (Allow) C:\program files\java\jdk1.8.0_92\bin\java.exe FirewallRules: [{AB2A56DF-EF99-4A15-BD24-D52D58A875A9}] => (Allow) D:\Programme32\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe FirewallRules: [{EFC14DB4-3B41-461E-ACEC-C6AFBE3F9C66}] => (Allow) D:\Programme32\Steam\SteamApps\common\Half-Life 2 Deathmatch\hl2.exe FirewallRules: [{727369BE-6A7A-47F8-A4AA-123A305E824D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{368AB5BD-AD49-41D0-B0AA-030FC6D404BB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{C164DE9C-8955-4C9F-A45A-37532B2C7187}] => (Allow) C:\Users\CHRIS\AppData\Local\Microsoft\OneDrive\OneDrive.exe FirewallRules: [{9D0D0852-5B93-4F05-A6E9-E7209FF495C7}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\ipsec.exe FirewallRules: [{FC0A7780-3D93-4414-8FEB-ABD49B4983B2}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortiesnac.exe FirewallRules: [{4E0A6DDB-AA81-40C1-A170-E33FE62F6CC2}] => (Allow) C:\Program Files (x86)\Fortinet\FortiClient\fortifws.exe FirewallRules: [{6AEDEA67-2685-4628-9784-634E41051445}] => (Allow) D:\Programme32\Stronghold Crusader\Stronghold Crusader.exe FirewallRules: [{D54357B8-5E2B-425B-BA64-D97E971B0F3C}] => (Allow) D:\Programme32\Stronghold Crusader\Stronghold Crusader.exe FirewallRules: [{964FD716-1B69-462D-BF86-E9EABAC5BE68}] => (Allow) D:\Programme32\Stronghold Crusader\Stronghold_Crusader_Extreme.exe FirewallRules: [{C4284CC6-2076-486D-979A-F7F6ED0427BA}] => (Allow) D:\Programme32\Stronghold Crusader\Stronghold_Crusader_Extreme.exe FirewallRules: [{DA43CCA3-DE3E-422B-BC25-7CBD775392B3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe FirewallRules: [{CABBD89F-F6A7-41FA-BF35-8DDF678BF616}] => (Allow) D:\Programme32\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{CCDAB423-465A-46BE-9D97-D03779F25FB8}] => (Allow) D:\Programme32\Steam\bin\cef\cef.win7\steamwebhelper.exe FirewallRules: [{1F3CB5B9-FED7-4ABB-AA33-703A89C6A324}] => (Allow) D:\Programme32\Steam\SteamApps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe FirewallRules: [{EED1E415-1429-4364-BF9D-B4F6F9CB76B9}] => (Allow) D:\Programme32\Steam\SteamApps\common\BioShock 2 Remastered\Build\Final\Bioshock2HD.exe FirewallRules: [{1846AC07-4AAD-402A-BC1A-B7CE70A3B120}] => (Allow) D:\Programme32\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe FirewallRules: [{6B188CC7-B371-4023-A7D0-9F4008C54248}] => (Allow) D:\Programme32\Steam\SteamApps\common\BioShock Remastered\Build\Final\BioshockHD.exe FirewallRules: [TCP Query User{BB10F88F-DD8F-4E96-967F-CA135A148006}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe FirewallRules: [UDP Query User{5F7C66F9-6BD4-45B9-A986-43B7277E22BA}D:\xampp\apache\bin\httpd.exe] => (Allow) D:\xampp\apache\bin\httpd.exe FirewallRules: [TCP Query User{43EB2067-591D-47B9-91A1-F1F9F8ED3D56}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe FirewallRules: [UDP Query User{5A314E88-3753-49C2-A52C-8A113F1C1E85}D:\xampp\mysql\bin\mysqld.exe] => (Allow) D:\xampp\mysql\bin\mysqld.exe FirewallRules: [{BA22850D-F9B6-4DCA-901B-278D31877050}] => (Allow) D:\Programme32\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [{E806D905-1AFA-48D6-AC88-7A986A7F93E9}] => (Allow) D:\Programme32\Steam\SteamApps\common\H1Z1 King of the Kill\LaunchPad.exe FirewallRules: [TCP Query User{C58BABDC-382D-4018-A5DC-7D3A25FFBD4E}D:\programme32\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\programme32\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [UDP Query User{0E6D7EF3-FFDF-435A-ADEB-B49F5CDFC205}D:\programme32\steam\steamapps\common\h1z1 king of the kill\h1z1.exe] => (Allow) D:\programme32\steam\steamapps\common\h1z1 king of the kill\h1z1.exe FirewallRules: [{5A9FFF1D-5920-49DA-8D32-050FCB1A440C}] => (Allow) D:\Programme32\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{BA721818-F2A7-466A-ABDB-83FF18F909ED}] => (Allow) D:\Programme32\Steam\SteamApps\common\GarrysMod\hl2.exe FirewallRules: [{0149E5AD-F69F-4C3E-A035-405D348A4CB2}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{D5519FA2-617A-4379-8B87-668480E6CE6D}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty Modern Warfare 2\iw4mp.exe FirewallRules: [{F2E509A4-258C-448F-909D-14B478C06AAC}] => (Allow) D:\Programme32\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{08E533F5-3243-40AA-A534-9FA3D4255604}] => (Allow) D:\Programme32\Steam\steamapps\common\Warframe\Tools\Launcher.exe FirewallRules: [{8FE0E1FF-C608-4E0E-B250-E3664D34FA28}] => (Allow) C:\Users\CHRIS\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{E82B6DEC-58D3-4548-BD94-5230B499F8DE}] => (Allow) C:\Users\CHRIS\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe FirewallRules: [{0BAFC817-0793-4CF2-83B7-CC01E2896914}] => (Allow) LPort=12292 FirewallRules: [TCP Query User{0338761D-716C-4924-862C-5BD785D9845C}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [UDP Query User{4AFA9575-5F80-4A4B-A4E5-05278E2F8B37}C:\program files\unity\editor\unity.exe] => (Allow) C:\program files\unity\editor\unity.exe FirewallRules: [{32D26C2E-F398-4D51-9B56-1F98297A5E74}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty 2\CoD2SP_s.exe FirewallRules: [{5C881BA5-51C0-45BB-8CA5-A625665A3BB1}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty 2\CoD2SP_s.exe FirewallRules: [{96D6DDFD-A247-4473-8FDE-81D90AED3B16}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty 2\CoD2MP_s.exe FirewallRules: [{B3EBAC87-1D4E-4FD4-9343-EC28727B3F0A}] => (Allow) D:\Programme32\Steam\SteamApps\common\Call of Duty 2\CoD2MP_s.exe FirewallRules: [TCP Query User{479A6636-2A29-4D4E-A20B-BD1ED1F85F04}C:\program files\storj share\storj share.exe] => (Allow) C:\program files\storj share\storj share.exe FirewallRules: [UDP Query User{18C68F84-9B32-4522-9D3E-5CB2FBAC218A}C:\program files\storj share\storj share.exe] => (Allow) C:\program files\storj share\storj share.exe FirewallRules: [{C94E6D60-CB94-418A-9864-477A66242C94}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe FirewallRules: [{FFC9725A-0A80-47AF-B137-DD7818D2998D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe FirewallRules: [{2D6F2C1D-2960-4742-8A9F-B7FA7E8B4D61}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{E8928F99-5BED-42EE-B6A1-76868994BABE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Wiederherstellungspunkte ========================= ACHTUNG: Systemwiederherstellung ist deaktiviert ==================== Fehlerhafte Geräte im Gerätemanager ============= ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Systemfehler: ============= ==================== Speicherinformationen =========================== Prozessor: Intel(R) Xeon(R) CPU E3-1231 v3 @ 3.40GHz Prozentuale Nutzung des RAM: 48% Installierter physikalischer RAM: 8126.96 MB Verfügbarer physikalischer RAM: 4182.76 MB Summe virtueller Speicher: 16252.1 MB Verfügbarer virtueller Speicher: 12118.79 MB ==================== Laufwerke ================================ Drive c: (SYSTEM) (Fixed) (Total:119.14 GB) (Free:12.1 GB) NTFS Drive d: (DATEN) (Fixed) (Total:2794.39 GB) (Free:2602.16 GB) NTFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: 00000000) Partition: GPT. ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: 359AFEC6) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=119.1 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
21.07.2017, 22:51 | #2 | |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Firefox öffnet automatisch WerbeseitenZitat:
__________________ |
22.07.2017, 10:22 | #3 |
| Windows 7: Firefox öffnet automatisch Werbeseiten Ne ist ein privates System. Die Software hat auch nur ne Studenten-Lizenz, welche nach Exmatrikulation auch nicht mehr gültig. Wenn man als Student das Privileg hat eigentlich teure Software kostenlos zu verwenden, warum nicht?
__________________Geändert von Xvidia (22.07.2017 um 10:28 Uhr) |
22.07.2017, 12:23 | #4 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Firefox öffnet automatisch Werbeseiten Ist aber noch lange kein Grund, sein System zuzukleistern. Man installiert nur die Software die man braucht, nicht alles was man in die Finger bekommt. Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ Logfiles bitte immer in CODE-Tags posten |
22.07.2017, 12:44 | #5 |
| Windows 7: Firefox öffnet automatisch Werbeseiten Ich hab den MBAR Scan ausgeführt, es wurde aber nichts gefunden. Log: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001 www.malwarebytes.org Database version: main: v2017.07.22.04 rootkit: v2017.05.27.01 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.18738 CHRIS :: CHRIS-PC [administrator] 22.07.2017 13:29:48 mbar-log-2017-07-22 (13-29-48).txt Scan type: Quick scan Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken Scan options disabled: Objects scanned: 322949 Time elapsed: 6 minute(s), 34 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 0 (No malicious items detected) Physical Sectors Detected: 0 (No malicious items detected) (end) |
22.07.2017, 13:00 | #6 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Firefox öffnet automatisch Werbeseiten Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
__________________ --> Windows 7: Firefox öffnet automatisch Werbeseiten |
22.07.2017, 19:30 | #7 |
| Windows 7: Firefox öffnet automatisch Werbeseiten Der AdwCleaner hat nichts gefunden. Hier die log: Code:
ATTFilter # AdwCleaner 7.0.0.0 - Logfile created on Sat Jul 22 18:08:52 2017 # Updated on 2017/17/07 by Malwarebytes # Running on Windows 7 Professional (X64) # Mode: clean # Support: https://www.malwarebytes.com/support ***** [ Services ] ***** No malicious services deleted. ***** [ Folders ] ***** No malicious folders deleted. ***** [ Files ] ***** No malicious files deleted. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks deleted. ***** [ Registry ] ***** No malicious registry entries deleted. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries deleted. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries deleted. ************************* ::Tracing keys deleted ::Winsock settings cleared ::Prefetch files deleted ::Proxy settings cleared ::IE policies deleted ::Chrome policies deleted ::Additional Actions: 0 ************************* C:/AdwCleaner/AdwCleaner[S0].txt - [952 B] - [2017/7/22 18:8:28] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ########## Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Professional x64 Ran by CHRIS (Administrator) on 22.07.2017 at 20:25:15,02 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 0 Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 22.07.2017 at 20:26:18,62 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
22.07.2017, 21:02 | #8 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Firefox öffnet automatisch Werbeseiten Dann versteh ich deine Probleme nicht..weder mit MBAM Funde, noch mit adwCleaner oder JRT.
__________________ Logfiles bitte immer in CODE-Tags posten |
23.07.2017, 11:55 | #9 |
| Windows 7: Firefox öffnet automatisch Werbeseiten Ich habe jetzt NoScript installiert und das Problem scheint damit gelöst zu sein. Echt komisch, dass nichts gefunden wurde, aber das System neu aufsetzen möchte auch nicht ._. . Man füllt sich irgendwie unsicher. Man stelle sich vor man hat ne Spyware auf dem Rechner die nicht erkannt wird (Bundestrojaner lässt grüßen). |
23.07.2017, 13:26 | #10 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Firefox öffnet automatisch Werbeseiten Schonmal davon gehört, dass es nirgends 100 % Sicherheit gibt? Wenn du ohne Malware leben willst musst du Windows richtig gut absichern und viele Sicherheitsregeln beachten. Oder einfach Linux verwenden und nicht ganz hirnfrei am PC werkeln...
__________________ Logfiles bitte immer in CODE-Tags posten |
23.07.2017, 13:26 | #11 |
/// Winkelfunktion /// TB-Süch-Tiger™ | Windows 7: Firefox öffnet automatisch Werbeseiten Schonmal davon gehört, dass es nirgends 100 % Sicherheit gibt? Wenn du ohne Malware leben willst musst du Windows richtig gut absichern und viele Sicherheitsregeln beachten. Oder einfach Linux verwenden und nicht ganz hirnfrei am PC werkeln...
__________________ Logfiles bitte immer in CODE-Tags posten |
Themen zu Windows 7: Firefox öffnet automatisch Werbeseiten |
cpu, defender, desktop, explorer, firefox, flash player, homepage, mozilla, office 365, port, problem, prozesse, realtek, registry, scan, secur, server, software, svchost.exe, system, taskmanager, temp, windows, winlogon.exe, wmi, öffnet |