| |
| |||||||
Log-Analyse und Auswertung: Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durchWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
02.09.2015, 13:12
| #1 |
 |  Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch Hallo liebes Trojaner-Board-Team, vor zwei Tagen habe ich versucht, von Ariva einen Virenscan durchführern zu lassen. Als ich mir das Ergebnis anschauen wollte habe ich gemerkt, dass das Programm wohl abgestürzt ist oder sich selbst beendet hat. Ich habe erneut einen Scan gestartet, doch nach 15 Stunden waren erst 6,8% durchsucht und über 100 Warnungen gefunden. Daraufhin habe ich Avira de- und wieder neu installiert, doch auch danach hat es nicht funktioniert. Deshalb wende ich mich jetzt an euch. Zu den Schritten der Vorbereitung: Schritt 1: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:09 on 02/09/2015 (Margarete)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST.txt Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:31-08-2015
Ran by Margarete (administrator) on MARGARETE (02-09-2015 12:23:51)
Running from C:\Users\Margarete\Downloads
Loaded Profiles: Margarete (Available Profiles: Margarete)
Platform: Windows 8.1 (X64) Language: Englisch (Großbritannien)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Users\Margarete\AppData\Roaming\Host System\host.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [39175960 2015-08-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66936 2015-08-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [782008 2015-08-06] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Run: [Remote Mouse] => C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe [1238528 2014-04-28] (RemoteMouse.net)
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Run: [Wunderlist] => "C:\Program Files (x86)\Wunderlist2\Wunderlist.exe" /silent
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Run: [tubcloud] => C:\Program Files (x86)\tubCloud\tubcloud.exe
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.27.dll [2015-08-14] (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{4680942B-65AE-43A9-86A9-1DBD6D85835F}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.startseite24.net
SearchScopes: HKLM -> DefaultScope {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKLM -> {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080927462-3844598824-2763787523-1001 -> DefaultScope {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080927462-3844598824-2763787523-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=foxysecurity
SearchScopes: HKU\S-1-5-21-4080927462-3844598824-2763787523-1001 -> {E4D45B8F-D367-4CFB-9D5A-7907C795E21E} URL = hxxp://www.startseite24.net/?q={searchTerms}
BHO-x32: No Name -> {269D0B18-45D0-46D0-A644-2D60D928BC7F} -> C:\Users\Margarete\AppData\LocalLow\Internet Explorer BHO\bho.dll [2014-07-23] ()
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-15] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-15] (Oracle Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll [2014-07-24] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-15] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll [2013-05-13] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\user.js [2014-07-24]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\avira-safesearch.xml [2014-09-29]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\google-images.xml [2014-07-28]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\google-maps.xml [2014-07-28]
FF SearchPlugin: C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\searchplugins\websuche.xml [2015-06-24]
FF Extension: Avira Browser Safety - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\abs@avira.com [2015-08-17]
FF Extension: Foxy Secure - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\contact@fox-security.com [2014-07-24]
FF Extension: Avira SafeSearch Plus - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\safesearchplus@avira.com [2015-09-01]
FF Extension: CHIP Best Deal - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\ciuvo-extension@chip.de.xpi [2015-03-17]
FF Extension: NoScript - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-03-22]
FF Extension: Adblock Plus - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-24]
FF HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Margarete\AppData\Roaming\Mozilla\Firefox\Profiles\3pmdsm6s.default\extensions\cliqz@cliqz.com
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [khjilmcjipkeokomeekfnhkpbnhmgaje] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [887128 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [461672 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [461672 2015-08-06] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1213072 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [228104 2015-08-13] (Avira Operations GmbH & Co. KG)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-10-25] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-15] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-07-15] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
R2 HostService; C:\Users\Margarete\AppData\Roaming\Host System\host.exe [536576 2014-07-23] () [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [137288 2015-08-06] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [148632 2015-08-06] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2015-08-06] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43576 2015-08-06] (Avira Operations GmbH & Co. KG)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
S1 BAPIDRV; system32\DRIVERS\BAPIDRV64.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-02 12:23 - 2015-09-02 12:24 - 00015680 _____ C:\Users\Margarete\Downloads\FRST.txt
2015-09-02 12:23 - 2015-09-02 12:23 - 00000000 ____D C:\FRST
2015-09-02 12:22 - 2015-09-02 12:22 - 02188800 _____ (Farbar) C:\Users\Margarete\Downloads\FRST64.exe
2015-09-02 12:21 - 2015-09-02 12:22 - 01690624 _____ (Farbar) C:\Users\Margarete\Downloads\FRST.exe
2015-09-02 12:09 - 2015-09-02 12:09 - 00000480 _____ C:\Users\Margarete\Desktop\defogger_disable.log
2015-09-02 12:09 - 2015-09-02 12:09 - 00000000 _____ C:\Users\Margarete\defogger_reenable
2015-09-02 12:08 - 2015-09-02 12:08 - 00050477 _____ C:\Users\Margarete\Desktop\Defogger.exe
2015-09-01 16:00 - 2015-09-01 16:00 - 00000000 ____D C:\Users\Margarete\AppData\Roaming\Avira
2015-09-01 15:56 - 2015-09-01 15:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RStudio
2015-09-01 15:56 - 2015-08-06 20:58 - 00148632 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2015-09-01 15:56 - 2015-08-06 20:58 - 00137288 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2015-09-01 15:56 - 2015-08-06 20:58 - 00043576 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2015-09-01 15:56 - 2015-08-06 20:58 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2015-09-01 15:55 - 2015-09-01 15:56 - 00000000 ____D C:\Program Files\RStudio
2015-09-01 15:43 - 2015-09-01 15:53 - 77507680 _____ C:\Users\Margarete\Downloads\RStudio-0.99.473.exe
2015-09-01 15:42 - 2015-09-01 15:42 - 00001054 _____ C:\Users\Public\Desktop\R i386 3.2.2.lnk
2015-09-01 15:42 - 2015-09-01 15:42 - 00001047 _____ C:\Users\Public\Desktop\R x64 3.2.2.lnk
2015-09-01 15:42 - 2015-09-01 15:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R
2015-09-01 15:40 - 2015-09-01 15:40 - 00000000 ____D C:\Program Files\R
2015-09-01 15:26 - 2015-09-01 15:36 - 65288451 _____ (R Core Team ) C:\Users\Margarete\Downloads\R-3.2.2-win.exe
2015-09-01 15:17 - 2015-09-01 15:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-09-01 15:17 - 2015-09-01 15:55 - 00000000 ____D C:\Program Files (x86)\Avira
2015-09-01 15:17 - 2015-09-01 15:17 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Margarete\Downloads\avira_de_av_55e59c48986e6__ws(1).exe
2015-09-01 15:17 - 2015-09-01 15:17 - 00001230 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2015-09-01 15:14 - 2015-09-01 15:14 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Margarete\Downloads\avira_de_av_55e59c48986e6__adw.exe
2015-09-01 14:38 - 2015-09-01 14:39 - 04772888 _____ (Avira Operations GmbH & Co. KG) C:\Users\Margarete\Downloads\avira_de_av_55e59c48986e6__ws.exe
2015-09-01 11:47 - 2015-07-05 12:08 - 00300704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-08-31 12:27 - 2015-08-31 12:29 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Margarete\Downloads\mbam-setup-2.1.8.1057.exe
2015-08-28 20:27 - 2015-08-28 20:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-22 20:24 - 2015-08-22 20:24 - 00000000 ____D C:\Users\Margarete\AppData\Roaming\PDF Architect 3
2015-08-22 20:21 - 2015-08-31 11:09 - 00000000 ____D C:\ProgramData\PDF Architect 3
2015-08-22 20:17 - 2015-08-22 20:20 - 28754952 _____ (pdfforge GmbH) C:\Users\Margarete\Downloads\PDFCreator-2_1_2-setup.exe
2015-08-22 19:16 - 2015-08-11 03:20 - 25191936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-08-22 19:16 - 2015-08-11 02:20 - 19871232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-08-18 12:03 - 2015-07-30 16:04 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 12:03 - 2015-07-30 15:48 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-18 10:36 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-08-18 10:36 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-08-18 10:36 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-08-18 10:36 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-08-18 10:36 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-08-18 10:36 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-08-18 10:36 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-08-18 10:36 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-08-18 10:36 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-08-18 10:36 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-08-18 10:36 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-08-18 10:36 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-08-18 10:36 - 2015-07-16 22:36 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-08-18 10:36 - 2015-07-16 22:36 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2015-08-18 10:36 - 2015-07-16 22:35 - 02885632 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-08-18 10:36 - 2015-07-16 22:26 - 05923328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-08-18 10:36 - 2015-07-16 22:23 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-08-18 10:36 - 2015-07-16 22:21 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-08-18 10:36 - 2015-07-16 21:53 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-08-18 10:36 - 2015-07-16 21:51 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-08-18 10:36 - 2015-07-16 21:50 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2015-08-18 10:36 - 2015-07-16 21:45 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-08-18 10:36 - 2015-07-16 21:45 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-08-18 10:36 - 2015-07-16 21:41 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-08-18 10:36 - 2015-07-16 21:39 - 00664064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-08-18 10:36 - 2015-07-16 21:38 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-08-18 10:36 - 2015-07-16 21:36 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-08-18 10:36 - 2015-07-16 21:34 - 14451200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-08-18 10:36 - 2015-07-16 21:32 - 02125824 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-08-18 10:36 - 2015-07-16 21:14 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-08-18 10:36 - 2015-07-16 21:13 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-08-18 10:36 - 2015-07-16 21:12 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-08-18 10:36 - 2015-07-16 21:12 - 02427904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-08-18 10:36 - 2015-07-16 21:10 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-08-18 10:36 - 2015-07-16 21:06 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-08-18 10:36 - 2015-07-16 21:01 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-08-18 10:36 - 2015-07-16 20:52 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-08-18 10:36 - 2015-07-16 20:49 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-08-18 10:36 - 2015-07-16 20:42 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-08-18 10:36 - 2015-07-16 20:38 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-08-18 10:36 - 2015-07-16 20:37 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-08-18 10:36 - 2015-06-09 20:27 - 00411133 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-08-18 10:35 - 2015-07-16 02:29 - 07458648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-08-18 10:35 - 2015-07-16 02:29 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-08-18 10:35 - 2015-07-16 02:29 - 00101720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mountmgr.sys
2015-08-18 10:35 - 2015-07-16 02:28 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-08-18 10:35 - 2015-07-10 19:54 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2015-08-18 10:35 - 2015-07-07 11:40 - 00270168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2015-08-18 10:35 - 2015-07-07 11:40 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2015-08-18 10:35 - 2015-07-07 11:40 - 00044560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2015-08-18 10:35 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2015-08-18 10:35 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2015-08-18 10:34 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2015-08-18 10:34 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2015-08-18 10:34 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2015-08-18 10:34 - 2015-07-02 00:19 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2015-08-18 10:34 - 2015-07-02 00:16 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2015-08-18 10:34 - 2015-07-01 23:37 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2015-08-18 10:34 - 2015-07-01 23:35 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2015-08-18 10:33 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2015-08-18 10:33 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2015-08-18 10:33 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2015-08-18 10:33 - 2015-07-14 05:22 - 02529880 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-08-18 10:33 - 2015-07-14 05:21 - 01901776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-08-18 10:33 - 2015-07-13 21:46 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\csrsrv.dll
2015-08-18 10:33 - 2015-07-13 21:45 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2015-08-18 10:33 - 2015-07-10 19:42 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-08-18 10:33 - 2015-07-10 18:47 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-08-18 10:33 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2015-08-18 10:33 - 2015-07-09 19:13 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2015-08-18 10:33 - 2015-07-09 18:30 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2015-08-18 10:33 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2015-08-18 10:33 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2015-08-18 10:30 - 2015-07-10 20:19 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2015-08-18 10:30 - 2015-07-10 19:14 - 00856064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2015-08-18 10:30 - 2015-07-10 19:13 - 07032320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2015-08-18 10:30 - 2015-07-10 18:31 - 06213120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2015-08-18 10:29 - 2015-07-29 16:37 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-08-18 10:29 - 2015-07-29 16:30 - 01381888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-08-18 10:29 - 2015-07-29 16:23 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-08-18 10:29 - 2015-07-24 20:57 - 04177408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-08-18 10:29 - 2015-07-24 20:57 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-08-18 10:29 - 2015-07-24 20:52 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-08-18 10:29 - 2015-07-24 19:27 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-08-18 10:29 - 2015-07-24 19:23 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-08-17 17:30 - 2015-08-17 17:30 - 00001530 _____ C:\Users\Margarete\AppData\Local\recently-used.xbel
2015-08-06 15:26 - 2015-08-06 15:26 - 00001765 _____ C:\Users\Public\Desktop\iTunes.lnk
2015-08-06 15:26 - 2015-08-06 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-08-06 15:25 - 2015-08-06 15:26 - 00000000 ____D C:\Program Files\iTunes
2015-08-06 15:25 - 2015-08-06 15:25 - 00000000 ____D C:\Program Files\iPod
2015-08-06 15:25 - 2015-08-06 15:25 - 00000000 ____D C:\Program Files (x86)\iTunes
2015-08-06 14:57 - 2015-08-06 15:16 - 155875632 _____ (Apple Inc.) C:\Users\Margarete\Downloads\iTunes6464Setup.exe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-02 12:17 - 2014-07-24 17:00 - 01204253 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-02 12:10 - 2014-07-24 17:30 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4080927462-3844598824-2763787523-1001
2015-09-02 12:09 - 2014-07-24 17:07 - 00000000 ____D C:\Users\Margarete
2015-09-02 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-02 11:58 - 2014-07-24 17:27 - 00003946 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{AFE74C98-7B23-4051-A7D7-CF7230CE9F7D}
2015-09-01 20:31 - 2015-07-15 16:20 - 00000934 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2015-09-01 15:55 - 2014-07-24 20:51 - 00000000 ____D C:\ProgramData\Avira
2015-09-01 15:20 - 2015-06-10 23:10 - 00000000 ____D C:\Program Files (x86)\R-Studio
2015-09-01 15:17 - 2014-08-24 12:31 - 00000000 ____D C:\ProgramData\Package Cache
2015-09-01 15:00 - 2014-09-27 19:18 - 00443392 ___SH C:\Users\Margarete\Downloads\Thumbs.db
2015-09-01 12:06 - 2015-07-15 16:29 - 00000000 ___RD C:\Users\Margarete\Dropbox
2015-09-01 12:06 - 2014-06-12 14:16 - 00000000 ___DO C:\Users\Margarete\SkyDrive
2015-09-01 12:05 - 2015-07-15 16:20 - 00000930 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2015-09-01 12:05 - 2015-06-21 14:18 - 00000000 ____D C:\Users\Margarete\AppData\Local\Dropbox
2015-09-01 12:04 - 2014-07-24 16:53 - 00380334 _____ C:\WINDOWS\PFRO.log
2015-09-01 12:04 - 2013-08-22 16:46 - 00064187 _____ C:\WINDOWS\setupact.log
2015-09-01 12:04 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-01 12:04 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-08-29 14:19 - 2014-07-24 17:14 - 01775860 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-08-29 14:19 - 2013-09-12 11:43 - 00807878 _____ C:\WINDOWS\system32\perfh007.dat
2015-08-29 14:19 - 2013-09-12 11:43 - 00180026 _____ C:\WINDOWS\system32\perfc007.dat
2015-08-28 22:10 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-08-28 20:27 - 2015-07-15 16:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-08-22 19:17 - 2013-08-22 17:20 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-08-22 18:15 - 2013-08-22 16:44 - 00422896 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files\Windows Defender
2015-08-21 13:14 - 2013-08-22 17:36 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-08-21 13:01 - 2014-10-21 10:30 - 00094720 ___SH C:\Users\Margarete\Desktop\Thumbs.db
2015-08-18 16:09 - 2013-09-12 12:47 - 00000000 ___DC C:\WINDOWS\Panther
2015-08-18 16:01 - 2015-07-10 18:49 - 00000000 ___HD C:\$Windows.~BT
2015-08-18 12:02 - 2014-07-26 13:38 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-08-18 11:57 - 2014-07-26 13:38 - 132483416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-08-18 11:55 - 2014-12-11 18:30 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-08-18 11:55 - 2014-07-28 20:53 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2015-08-18 11:55 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-18 11:55 - 2013-08-22 17:36 - 00000000 ___RD C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-08-17 17:35 - 2014-06-29 00:08 - 00000000 ____D C:\Users\Margarete\.gimp-2.8
2015-08-08 15:55 - 2014-12-12 19:37 - 00794088 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-08-08 15:55 - 2014-12-12 19:37 - 00179688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-08-06 16:11 - 2014-07-24 20:54 - 00000000 ____D C:\Users\Margarete\AppData\Roaming\Apple Computer
2015-08-06 15:25 - 2014-07-24 20:52 - 00000000 ____D C:\Program Files\Common Files\Apple
==================== Files in the root of some directories =======
2015-08-17 17:30 - 2015-08-17 17:30 - 0001530 _____ () C:\Users\Margarete\AppData\Local\recently-used.xbel
Some files in TEMP:
====================
C:\Users\Margarete\AppData\Local\Temp\360TS_Setup_DE_Softonic_5-0-0-2018.exe
C:\Users\Margarete\AppData\Local\Temp\360TS_Setup_DE_Softonic_5-0-0-2018[1].exe
C:\Users\Margarete\AppData\Local\Temp\avgnt.exe
C:\Users\Margarete\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbg9d0a.dll
C:\Users\Margarete\AppData\Local\Temp\IminentSetup_july17.exe
C:\Users\Margarete\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Margarete\AppData\Local\Temp\OpenOffice_4.1.1_Win_x86_install_de.exe
C:\Users\Margarete\AppData\Local\Temp\StartMeinWeb_IE.exe
C:\Users\Margarete\AppData\Local\Temp\Wunderlist-Setup2.3.0.31.exe
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-08-28 21:00
==================== End of FRST.txt ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version:31-08-2015
Ran by Margarete (2015-09-02 12:25:51)
Running from C:\Users\Margarete\Downloads
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-4080927462-3844598824-2763787523-500 - Administrator - Disabled)
Guest (S-1-5-21-4080927462-3844598824-2763787523-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4080927462-3844598824-2763787523-1003 - Limited - Enabled)
Margarete (S-1-5-21-4080927462-3844598824-2763787523-1001 - Administrator - Enabled) => C:\Users\Margarete
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.12.420 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{315dd168-0794-4cf1-8355-f195cde642fc}) (Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.45.11819 - Avira Operations GmbH & Co. KG) Hidden
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 DEU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Buildtools-Sprachressourcen - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKLM-x32\...\Dropbox) (Version: 3.8.8 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.33 - Dropbox, Inc.) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{3FF082A7-A5DE-4BDA-B56A-1D2BEFD617A3}) (Version: 11.1.3000.0 - Microsoft Corporation)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JavaScript Tooling (Version: 12.0.21005 - Microsoft Corporation) Hidden
Language Pack (DEU) für freigegebene Windows Azure-Komponenten für Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
LibreOffice 4.2.5.2 (HKLM-x32\...\{8D8F47B2-0E03-4C50-9803-A01120878F96}) (Version: 4.2.5.2 - The Document Foundation)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for de-de Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK - DEU Lang Pack (HKLM-x32\...\{21B0F482-5EF9-45DA-8840-340AFE705A6C}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.1 Sprachpaket - DEU) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20513.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK - DEU (HKLM-x32\...\{F351AA2C-723C-4CFE-A7CB-8E43AB164F7F}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{D4E30517-FE6F-491E-942F-AE10E1B18F38}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (x64) (HKLM\...\{B4EDAE03-DB34-4DD0-BA7E-2ED80DEA50B1}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{269A8DF6-BBDA-441F-932B-233F9B746D72}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{EC75BD20-F9CA-4E77-825F-ABD77E95BE91}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{0BF65908-D137-4A9E-B7C9-78F32F74F6FD}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL-Sprachdienst (HKLM-x32\...\{1D812D86-D8EF-41AC-A518-BA12E1913747}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (12.0.30919.1) (HKLM-x32\...\{7CC03C58-3471-43D2-A251-EC9AE225E772}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - DEU (12.0.30919.1) (HKLM-x32\...\{BCB8A870-2B3D-4CC0-87D6-F931E065AC0C}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{D434E072-F482-4F52-AB97-7B19DD5DAEB5}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{485F4AC6-F79E-4482-A0D2-EDF0CCE1E124}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.40820 - Microsoft Corporation)
Microsoft Visual Studio Professional 2013 (HKLM-x32\...\{c59d30df-4d25-44da-be52-3e17381c68c1}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{43341417-7882-4F34-8390-53DFD00F6C0F}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{24440413-490E-41CA-BD33-0B30FD3EBE3A}) (Version: 11.1.3366.16 - Microsoft Corporation)
MiKTeX 2.9 (HKLM-x32\...\MiKTeX 2.9) (Version: 2.9 - MiKTeX.org)
Mozilla Firefox 31.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 de)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Python Tools - Umleitungsvorlage (x32 Version: 1.1 - Microsoft Corporation) Hidden
R for Windows 3.2.2 (HKLM\...\R for Windows 3.2.2_is1) (Version: 3.2.2 - R Core Team)
RStudio (HKLM-x32\...\RStudio) (Version: 0.99.473 - RStudio)
SharePoint Client Components (Version: 15.0.4481.1505 - Microsoft Corporation) Hidden
Solid Edge ST7 (HKLM\...\{AB0F3228-D90C-4574-8A28-589483A68C93}) (Version: 107.00.00104 - Siemens)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
WCF Data Services 5.6.0 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 DEU Language Pack (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WinRAR 5.21 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Workflow Manager Client 1.0 (Version: 2.0.30813.2 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.30725.1 - Microsoft Corporation) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00EBF3B2-CE7C-4A1D-9625-916AE6A82AD8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {1A7D501F-5DA3-4136-A9A5-9E612745912A} - System32\Tasks\Abelssoft\Updater scan => C:\Program Files (x86)\CHIP Updater\CHIPUpdater.exe
Task: {2B90411B-FE1F-4203-85CB-430DEB410095} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {837779F7-2133-4423-9B67-85C17AB5E0E2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-07-15] (Dropbox, Inc.)
Task: {A0A3AD03-C7F8-472F-BE63-BD733811CD8B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {CAF80CF2-F143-4840-B6C5-F2EBBE392572} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-18] (Microsoft Corporation)
Task: {EB2C1E40-F863-41A6-ABDD-3DF9D9DCD48F} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
==================== Loaded Modules (Whitelisted) ==============
2014-07-24 17:01 - 2014-03-04 15:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-24 21:50 - 2014-07-23 14:16 - 00536576 _____ () C:\Users\Margarete\AppData\Roaming\Host System\host.exe
2014-11-25 18:14 - 2014-11-25 18:14 - 00183296 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\ErrorReporting.dll
2014-07-24 21:50 - 2014-07-24 21:50 - 00374272 _____ () C:\Users\Margarete\AppData\Roaming\Host System\sub\default.dll
2015-09-01 12:05 - 2015-09-01 12:05 - 00071168 _____ () c:\Users\Margarete\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpbg9d0a.dll
2015-07-15 16:27 - 2015-08-05 07:26 - 00012800 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick.2\qtquick2plugin.dll
2015-07-15 16:27 - 2015-08-05 07:26 - 00779776 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-07-21 15:35 - 2015-08-05 07:26 - 00056320 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-07-15 16:27 - 2015-08-05 07:26 - 00012288 _____ () C:\Program Files (x86)\Dropbox\Client\QtQuick\Window.2\windowplugin.dll
2014-07-24 17:29 - 2014-07-17 07:42 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Margarete\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Theme2\img7.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4080927462-3844598824-2763787523-1001\...\StartupApproved\Run: => "Remote Mouse"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0BD6AA0F-1B86-4949-A9E3-ED302DAA387A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F7C086BA-87EE-4052-B4FC-70B9A365C392}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EFC30380-3D19-497F-86D8-FE4270ADEA30}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D4B43D94-5A79-4526-A6F7-CB98FFA43437}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{7EEAD8C5-295B-4BF0-BBE9-417D077EF602}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [UDP Query User{44A336DD-B71D-4DB6-BC4E-29F41106C286}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin
FirewallRules: [{CBBD32A8-2EC5-4EB3-B853-561BD53ACCF9}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [{BD9AFDC8-3078-457E-83E4-4D559B0C1FD1}] => (Allow) C:\Program Files (x86)\Remote Mouse\RemoteMouse.exe
FirewallRules: [TCP Query User{83C4B481-4FD0-4AB2-BDBA-3CEAFBA1C03D}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [UDP Query User{1068006E-3F44-45EF-97CD-BE1EA00C5271}C:\program files (x86)\remote mouse\remotemouse.exe] => (Block) C:\program files (x86)\remote mouse\remotemouse.exe
FirewallRules: [{3DD41C3B-7CE7-4C00-9E82-32C197485C93}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\devenv.exe
FirewallRules: [{7B2BF6E0-64AC-4C0F-9A89-8E4194184C4E}] => (Allow) LPort=12292
FirewallRules: [{26F277E5-4ACB-4285-AE65-BBE6AFC7DE6A}] => (Allow) C:\Program Files\KeyShot5\bin\keyshot_daemon.exe
FirewallRules: [{49B936F3-AF13-4C0F-888B-FF24D1E8A005}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1719B55B-A36B-471A-B308-FD5B6023B67D}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
==================== Faulty Device Manager Devices =============
Name: SM-Bus-Controller
Description: SM-Bus-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: PCI-Kommunikationscontroller (einfach)
Description: PCI-Kommunikationscontroller (einfach)
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (6264) Instance: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -501 auf.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 170 (0x000000AA) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log" bei Offset 696320 (0x00000000000aa000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 1061003732829370789 (0xeb9714608a879a5), und die tatsächliche Prüfsumme war 1061003732829370789 (0xeb9714608a879a5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 96 (0x00000060) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb.log" bei Offset 393216 (0x0000000000060000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 11301865381017986696 (0x9cd84aaf26dca688), und die tatsächliche Prüfsumme war 524802084482356933 (0x74878b71ef496c5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost (6264) Instance: Bei Datenbankwiederherstellung trat ein unerwarteter Fehler -501 auf.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 170 (0x000000AA) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log" bei Offset 696320 (0x00000000000aa000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 1061003732829370789 (0xeb9714608a879a5), und die tatsächliche Prüfsumme war 1061003732829370789 (0xeb9714608a879a5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost (6264) Instance: Während des Soft Recovery-Vorgangs wurde eine Beschädigung von Protokolldatei C:\ProgramData\Microsoft\Windows\AppRepository\edb.log festgestellt. Der Datensatz mit der fehlerhaften Prüfsumme befindet sich an Position END. Daten, die nicht mit dem Füllmuster der Protokolldatei übereinstimmen, traten zuerst in Sektor 96 (0x00000060) auf. Diese Protokolldatei wurde beschädigt und ist unbrauchbar.
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost (6264) Instance: Bei Überprüfung des aus Datei "C:\ProgramData\Microsoft\Windows\AppRepository\edb.log" bei Offset 393216 (0x0000000000060000) für 4096 (0x00001000) Bytes gelesenen Protokollbereichs ist durch eine Inkonsistenz der Bereichsprüfsumme ein Fehler aufgetreten. Die erwartete Prüfsumme war 11301865381017986696 (0x9cd84aaf26dca688), und die tatsächliche Prüfsumme war 524802084482356933 (0x74878b71ef496c5). Fehler -501 (0xfffffe0b) beim Lesevorgang. Wenn dieser Zustand andauert, stellen Sie die Protokolldatei aus einer vorherigen Sicherung wieder her.
System errors:
=============
Error: (09/02/2015 12:17:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Error: (09/01/2015 03:20:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Error: (09/01/2015 02:52:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Error: (09/01/2015 12:17:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Error: (09/01/2015 11:18:47 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Error: (08/31/2015 01:17:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Error: (08/31/2015 10:35:28 AM) (Source: DCOM) (EventID: 10016) (User: MARGARETE)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MargareteMargareteS-1-5-21-4080927462-3844598824-2763787523-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (08/31/2015 10:35:28 AM) (Source: DCOM) (EventID: 10016) (User: MARGARETE)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MargareteMargareteS-1-5-21-4080927462-3844598824-2763787523-1001LocalHost (Using LRPC)UnavailableUnavailable
Error: (08/31/2015 10:32:59 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalActivation{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)UnavailableUnavailable
Error: (08/30/2015 10:57:44 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80240020 fehlgeschlagen: Upgrade to Windows 10 Home
Microsoft Office:
=========================
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost6264Instance: -501
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.logEND170 (0x000000AA)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log696320 (0x00000000000aa000)4096 (0x00001000)-501 (0xfffffe0b)1061003732829370789 (0xeb9714608a879a5)1061003732829370789 (0xeb9714608a879a5)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.logEND96 (0x00000060)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.log393216 (0x0000000000060000)4096 (0x00001000)-501 (0xfffffe0b)11301865381017986696 (0x9cd84aaf26dca688)524802084482356933 (0x74878b71ef496c5)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 454) (User: )
Description: svchost6264Instance: -501
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.logEND170 (0x000000AA)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb00042.log696320 (0x00000000000aa000)4096 (0x00001000)-501 (0xfffffe0b)1061003732829370789 (0xeb9714608a879a5)1061003732829370789 (0xeb9714608a879a5)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 465) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.logEND96 (0x00000060)
Error: (09/02/2015 12:18:28 PM) (Source: ESENT) (EventID: 477) (User: )
Description: svchost6264Instance: C:\ProgramData\Microsoft\Windows\AppRepository\edb.log393216 (0x0000000000060000)4096 (0x00001000)-501 (0xfffffe0b)11301865381017986696 (0x9cd84aaf26dca688)524802084482356933 (0x74878b71ef496c5)
CodeIntegrity:
===================================
Date: 2015-02-11 15:28:19.791
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-11 15:28:19.189
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-11 10:53:24.232
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-11 10:53:24.107
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-10 14:55:37.167
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-10 14:55:37.042
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-09 10:18:36.822
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-09 10:18:36.681
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-08 12:27:15.886
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\x64\sysapcrt.dll that did not meet the Windows signing level requirements.
Date: 2015-02-08 12:27:15.761
Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Settings Manager\smdmf\sysapcrt.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G3220 @ 3.00GHz
Percentage of memory in use: 39%
Total physical RAM: 4051.48 MB
Available physical RAM: 2436.33 MB
Total Virtual: 5489.27 MB
Available Virtual: 2815.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:931 GB) (Free:788.59 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Schritt 3: Wenn ich das Programm öffnen möchte kommt folgende Fehlermeldung: C:\WINDOWS\system32\config\system: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird. Am Versuch in den abgesicherten Modus zu wechseln bin ich leider gescheitert. Schritt 4: Ich habe nur die drei Logfiles der ersten beiden Schritte, da mir bei Avira keine angezeigt werden. Vielen Dank schon mal im Voraus! |
| Themen zu Windows 8: Avira stürzt ab oder führt keinen kompletten Scan durch |
| adware, antivirus, avira, avira -scan, beschädigung, bonjour, browser, cpu, desktop, dnsapi.dll, fehler, firefox, flash player, homepage, mozilla, programm, prozess, realtek, registry, rundll, scan, server, software, svchost.exe, system, udp, updates, windows, windowsapps |
Baum-Darstellung