|
Log-Analyse und Auswertung: Alle Ordner schreibgeschütztWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
22.01.2016, 09:46 | #1 |
| Alle Ordner schreibgeschützt Hey, ich wollte mir gestern ein Programm( Feed the beast ) installieren und bekam die Fehlermeldung: "Check your FTB installation location's write access. Launch button is disabled until installation location is fixed." Kurze Info: Installationsordner ist der Desktop. Es gibt zwar schon einen ähnlichen Thread, aber dieser( http://www.trojaner-board.de/151075-...chuetzt-2.html ) ist ein anderer Fall. Nun habe ich entdeckt, das jeder Ordner mit dem Attribut schreibgeschützt versehen ist. BitDefender hat keine Viren gefunden. Hab auch sachon MalWare Bytes drüberlaufen lassen. Nichts gefunden. Ich kann Dateien verschieben, doch wenn ich Programmen Adminrechte gebe( "Als Admin ausführen" ) funktioniert es nicht. Ach ja: Macbook Pro 13" Win 10 Wäre über Hilfe sehr dankbar MfG Felix |
22.01.2016, 10:41 | #2 |
/// Malwareteam | Alle Ordner schreibgeschütztMein Name ist Dennis und ich werde dir bei der Bereinigung helfen. Bitte beachte, dass es ein paar Regeln gibt:
Sollte ich nicht innerhalb von 48h antworten, schreibe mir eine PM! Wir checken zuerst auf Malware. Welche Ordner sind denn alle schreibgeschützt? Schritt # 1: FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit (Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt # 2: Bitte Posten
__________________ |
22.01.2016, 14:04 | #3 |
| Alle Ordner schreibgeschützt Danke für deine Antwort!
__________________ALLE Ordner sind schreibgeschützt und ich kann dieses Attribut nicht entfernen. Logs: (#-Button) FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016 durchgeführt von Felix (Administrator) auf FELIX-PC (22-01-2016 13:58:16) Gestartet von C:\Users\Felix\Downloads Geladene Profile: Felix (Verfügbare Profile: Felix & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Windows\System32\AppleOSSMgr.exe (Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncservice.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxcr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Zhuhai Kingsoft Office Software Co.,Ltd) C:\Users\Felix\AppData\Local\PPTAssist\ktpcntr.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] () HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1720488 2015-12-10] (Bitdefender) HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1423288 2015-12-10] (Bitdefender) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-01-17] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Benachrichtigungsdienst.lnk [2016-01-17] ShortcutTarget: Update Benachrichtigungsdienst.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{e33fa61b-f3a7-4575-946c-682159d54c8c}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> DefaultScope {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11 SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = hxxp://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaJIBbaQodMJUgJpistu8kOoNm2IExJYL588JeLQq3Zf3Ak3l5ZfcHLLe5YfkvNnQjrcTftxKOxNSVAx9-IfLVh5QaqdtXbiTw-nKNn5dR3-sZ71fVkJo2D3zHTiX0sv5w4nvbC9QCnjd9QqR5ld6nHZhHFoIo4Py2svzwOxLA9b&q={searchTerms} SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11 SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {ielnksrch} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_52_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutA0CtCyD0CtB0EtA0E0FzytD0EtBzztDtN0D0Tzu0StCyEyDtDtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1M1Q1CtCyBtN1L1G1B1V1N2Y1L1Qzu2SyB0A0DyDtCtDyDtBtGyB0FyByDtG0E0CyCtCtGyE0F0B0AtGyCyCzytByBzztC0F0C0C0D0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCtA0Ezz0ByE0AtG0DyDyB0BtGyEyCtCyBtGzy0F0DzytGyBtAyEtD0Fzy0AyBzz0A0AyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByEyE%26cr%3D1457458476%26a%3Dhdr_s_15_52_orgnl%26os%3DWindows%2B10%2BPro&p={searchTerms} BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-10] (Bitdefender) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-16] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation) BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-10] (Bitdefender) BHO-x32: Ó¦Óñ¦Ò»¼ü°²×°²å¼þ -> {50F4150A-48B2-417A-BE4C-C83F580FB904} -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-10] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-10] (Bitdefender) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default FF SelectedSearchEngine: yoursearching FF Homepage: hxxp://www.google.at/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] () FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] () FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [2014-05-30] (腾讯公司) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin HKU\S-1-5-21-2852922398-1150064108-2753843024-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Felix\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-12-16] FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-12-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\C78876CE4A6AA227FCD4C7C42F3DA0EDC788 [2015-12-07] <==== ACHTUNG Chrome: ======= CHR HomePage: Default -> hxxp://google.at/ CHR StartupUrls: Default -> "hxxp://www.yoursearching.com/?type=hp&ts=1450979460&z=6e25035a4439e8acad0f66fg4z8wde9t3m6tczfw7t&from=face&uid=APPLEXSSDXSM0512F_S1K5NYBF559161","hxxps://www.google.at/" CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11] CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-11] CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11] CHR Extension: (Google-Suche) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11] CHR Extension: (Google Docs Offline) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-11] CHR Extension: (Google Mail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11] CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files (x86)\Opera\Launcher.exe hxxp://www.yoursearching.com/?type=sc&ts=1450979460&z=6e25035a4439e8acad0f66fg4z8wde9t3m6tczfw7t&from=face&uid=APPLEXSSDXSM0512F_S1K5NYBF559161 ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender) R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1604080 2015-12-09] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) S3 wpscloudsvr; C:\Users\Felix\AppData\Local\kingsoft\WPS Office\wpscloudsvr.exe [154984 2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) S2 BlueOcean; C:\ProgramData\\BlueOcean\\BlueOcean.exe -f "C:\ProgramData\\BlueOcean\\BlueOcean.dat" -l -a ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AppleCamera; C:\Windows\system32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.) R3 applemtm; C:\Windows\system32\DRIVERS\applemtm.sys [12288 2013-09-06] (Apple Inc.) R3 applemtp; C:\Windows\system32\DRIVERS\applemtp.sys [49152 2015-08-03] (Apple Inc.) R3 AppleSDR; C:\Windows\system32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-10-28] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2015-09-17] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-09-17] (BitDefender) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [10828536 2015-08-05] (Broadcom Corporation) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC) R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.) R3 CirrusUFD; C:\Windows\system32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC) R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [271808 2015-10-22] (Bitdefender) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-22] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath S1 QMUdisk; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17065.224\QMUdisk64.sys [X] S1 softaal; \??\C:\Program Files (x86)\Tencent\QQPCMgr\11.2.17065.224\softaal64.sys [X] U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-22 13:51 - 2016-01-22 13:58 - 00021247 _____ C:\Users\Felix\Downloads\FRST.txt 2016-01-22 13:51 - 2016-01-22 13:58 - 00000000 ____D C:\FRST 2016-01-22 13:51 - 2016-01-22 13:52 - 00034347 _____ C:\Users\Felix\Downloads\Addition.txt 2016-01-22 13:50 - 2016-01-22 13:50 - 02370560 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe 2016-01-21 21:03 - 2016-01-21 21:03 - 00000000 ____D C:\_OTL 2016-01-21 21:01 - 2016-01-21 21:01 - 00228734 _____ C:\Users\Felix\Downloads\OTL.Txt 2016-01-21 21:01 - 2016-01-21 21:01 - 00110500 _____ C:\Users\Felix\Downloads\Extras.Txt 2016-01-21 20:56 - 2016-01-21 20:56 - 00602112 _____ (OldTimer Tools) C:\Users\Felix\Downloads\OTL.exe 2016-01-21 20:46 - 2016-01-21 20:46 - 00000000 ____D C:\Users\Felix\Desktop\HiJack+ 2016-01-21 19:19 - 2016-01-21 19:13 - 07561844 _____ C:\Users\Felix\Desktop\FTB_Launcher.exe 2016-01-21 19:13 - 2016-01-21 20:41 - 00000000 ____D C:\Users\Felix\AppData\Local\ftblauncher 2016-01-21 19:13 - 2016-01-21 19:14 - 00000000 ____D C:\Users\Felix\AppData\Roaming\ftblauncher 2016-01-21 19:13 - 2016-01-21 19:13 - 07561844 _____ C:\Users\Felix\Downloads\FTB_Launcher.exe 2016-01-19 20:18 - 2016-01-19 20:18 - 02776306 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.4_mc1.8.8.jar 2016-01-16 23:05 - 2016-01-16 23:05 - 00000000 ____D C:\Program Files\Boot Camp 2016-01-16 22:47 - 2016-01-22 13:54 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-16 22:47 - 2016-01-17 00:05 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-01-16 22:47 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-16 22:47 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-16 22:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-16 22:46 - 2016-01-16 22:46 - 22908888 _____ (Malwarebytes ) C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024.exe 2016-01-16 22:46 - 2016-01-16 22:46 - 22908888 _____ (Malwarebytes ) C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024 (1).exe 2016-01-15 19:12 - 2016-01-16 23:05 - 00001883 _____ C:\Users\Felix\Desktop\°®ÌÔ±¦.lnk 2016-01-15 19:12 - 2016-01-15 19:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\software 2016-01-15 19:12 - 2016-01-15 19:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\atb 2016-01-13 15:53 - 2016-01-13 15:53 - 00000000 ____D C:\ProgramData\pptassist 2016-01-13 15:13 - 2016-01-22 13:56 - 00000348 _____ C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Felix.job 2016-01-13 15:13 - 2016-01-22 13:50 - 00000616 _____ C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Felix.job 2016-01-13 15:13 - 2016-01-13 18:56 - 00000000 ____D C:\Users\Felix\AppData\Local\PPTAssist 2016-01-13 15:13 - 2016-01-13 16:53 - 00003652 _____ C:\WINDOWS\System32\Tasks\PPTAssistantUpdateTask_Felix 2016-01-13 15:13 - 2016-01-13 15:13 - 00003384 _____ C:\WINDOWS\System32\Tasks\PPTAssistantNotifyTask_Felix 2016-01-13 15:13 - 2016-01-13 15:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\pptassist 2016-01-13 15:13 - 2016-01-13 15:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PPT美化大师 2016-01-13 15:12 - 2016-01-22 13:04 - 00000408 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Felix.job 2016-01-13 15:12 - 2016-01-22 12:37 - 00000602 _____ C:\WINDOWS\Tasks\WpsExternal_Felix_20160113151232.job 2016-01-13 15:12 - 2016-01-13 15:12 - 00003646 _____ C:\WINDOWS\System32\Tasks\WpsExternal_Felix_20160113151232 2016-01-13 15:12 - 2016-01-13 15:12 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Felix 2016-01-13 15:12 - 2016-01-13 15:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office 2016-01-13 15:10 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 15:10 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 15:10 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 15:10 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-13 15:10 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 15:10 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 15:09 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 15:09 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 15:09 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 15:09 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 15:09 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 15:09 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 15:09 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 15:09 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 15:09 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 15:09 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 15:09 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 15:09 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 15:09 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 15:09 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 15:09 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 15:09 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 15:09 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 15:09 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 15:09 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 15:09 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 15:09 - 2016-01-05 02:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys 2016-01-13 15:09 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 15:09 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 15:09 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 15:09 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 15:09 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 15:09 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 15:09 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 15:09 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 15:09 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 15:09 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 15:09 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 15:09 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 15:09 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-01-13 15:09 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 15:09 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 15:09 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 15:09 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 15:09 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 15:09 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 15:09 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 15:09 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 15:09 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 15:09 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 15:09 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 15:09 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 15:09 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 15:09 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 15:09 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 15:09 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-09 12:27 - 2016-01-09 19:00 - 00002976 _____ C:\Users\Felix\Desktop\Musik.txt 2016-01-08 14:37 - 2016-01-08 14:37 - 00000000 ____D C:\Users\Felix\Desktop\Windows 10 TechnicalPreview x64 2016-01-08 14:37 - 2016-01-08 14:37 - 00000000 ____D C:\Users\Felix\Desktop\upgrade 2016-01-07 13:15 - 2016-01-09 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-07 12:47 - 2016-01-07 12:47 - 02756821 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.2_mc1.8.8.jar 2016-01-06 15:22 - 2016-01-06 15:22 - 00025399 _____ C:\Users\Felix\Downloads\DamageIndicator_v2.zip 2016-01-06 15:22 - 2016-01-06 15:22 - 00019480 _____ C:\Users\Felix\Downloads\DirectionHud_v2_mc1.8.8.zip 2016-01-06 15:21 - 2016-01-06 15:23 - 02755068 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.1_mc1.8.8.jar 2016-01-03 23:30 - 2016-01-03 23:30 - 00000630 _____ C:\Users\Felix\AppData\Roaming\jd-gui.cfg 2016-01-03 23:25 - 2016-01-03 23:25 - 08764679 _____ C:\Users\Felix\Downloads\jd-gui-1.4.0.jar 2016-01-03 20:51 - 2016-01-16 23:05 - 00001155 _____ C:\Users\Felix\Desktop\Eclipse Committers Mars.lnk 2016-01-03 20:42 - 2016-01-16 23:05 - 00001120 _____ C:\Users\Felix\Desktop\Eclipse Jee Mars.lnk 2016-01-03 20:30 - 2016-01-03 20:30 - 46355176 _____ C:\Users\Felix\Downloads\eclipse-inst-win64.exe 2016-01-03 20:28 - 2016-01-03 21:10 - 00000000 ____D C:\Users\Felix\Desktop\Server 2016-01-03 18:01 - 2016-01-22 13:52 - 00011610 _____ C:\bdlog.txt 2016-01-02 21:59 - 2016-01-02 22:00 - 00000019 _____ C:\Users\Felix\Desktop\test.bat 2016-01-02 21:57 - 2016-01-17 00:09 - 00001443 _____ C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk 2015-12-30 20:06 - 2016-01-21 21:03 - 00000000 ____D C:\Users\Felix\AppData\Temp 2015-12-30 20:03 - 2015-12-30 20:03 - 00000000 ____D C:\Users\Felix\Downloads\Bitdefender Safepay 2015-12-30 20:00 - 2015-12-30 20:00 - 00434325 _____ C:\ProgramData\1451501783.bdinstall.bin 2015-12-30 20:00 - 2015-12-30 20:00 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml 2015-12-30 20:00 - 2015-12-30 20:00 - 00000385 _____ C:\Users\Felix\AppData\Roaminguser_gensett.xml 2015-12-30 19:58 - 2016-01-17 00:05 - 00002254 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk 2015-12-30 19:58 - 2015-12-30 20:05 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Bitdefender 2015-12-30 19:58 - 2015-12-30 19:58 - 00253404 ____H C:\bdr-ld01 2015-12-30 19:58 - 2015-12-30 19:58 - 00009216 ____H C:\bdr-ld01.mbr 2015-12-30 19:58 - 2015-12-30 19:58 - 00000684 ____H C:\bdr-cf01 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____D C:\ProgramData\BDLogging 2015-12-30 19:58 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im01.gz 2015-12-30 19:58 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys 2015-12-30 19:58 - 2015-10-28 13:01 - 01600512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2015-12-30 19:58 - 2015-10-22 14:02 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys 2015-12-30 19:58 - 2015-09-17 21:24 - 01740520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2015-12-30 19:58 - 2015-09-17 21:24 - 00282000 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys 2015-12-30 19:58 - 2015-09-17 21:23 - 00775424 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2015-12-30 19:58 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2015-12-30 19:58 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz01 2015-12-30 19:58 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll 2015-12-30 19:56 - 2015-12-30 20:29 - 00000000 ____D C:\ProgramData\Bitdefender 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Users\Felix\AppData\Roaming\QuickScan 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Program Files\Bitdefender 2015-12-30 19:56 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2015-12-30 19:56 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2015-12-30 19:55 - 2015-12-30 19:55 - 00000000 ___HD C:\Users\Felix\Desktop\.updtmp 2015-12-30 19:54 - 2016-01-22 13:45 - 00000408 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Felix.job 2015-12-30 19:54 - 2016-01-13 15:12 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Felix 2015-12-30 19:54 - 2016-01-13 15:12 - 00002412 _____ C:\Users\Felix\Desktop\WPS文字.lnk 2015-12-30 19:54 - 2015-12-30 19:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\wps 2015-12-30 19:53 - 2015-12-30 19:53 - 00000000 ____D C:\Users\Felix\AppData\Local\kingsoft 2015-12-30 19:45 - 2015-12-30 19:51 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity(2).exe 2015-12-30 19:41 - 2015-12-30 19:41 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity(1).exe 2015-12-30 19:20 - 2016-01-22 13:54 - 00000000 ____D C:\Program Files\Bitdefender Agent 2015-12-30 19:20 - 2015-12-30 19:20 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity.exe 2015-12-30 19:20 - 2015-12-30 19:20 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2015-12-30 19:20 - 2015-12-30 19:20 - 00000000 ____D C:\ProgramData\Bitdefender Agent 2015-12-30 18:30 - 2016-01-01 13:15 - 00000738 _____ C:\Users\Felix\Desktop\Bio.txt 2015-12-30 15:43 - 2015-12-30 20:01 - 00000000 ____D C:\Users\Felix\AppData\Local\fabi.me 2015-12-30 15:42 - 2013-09-24 11:14 - 00179200 _____ (fabi.me) C:\Users\Felix\Desktop\SpeedAutoClicker.exe 2015-12-30 15:41 - 2015-12-30 15:41 - 00094899 _____ C:\Users\Felix\Downloads\SpeedAutoClicker.zip 2015-12-30 15:36 - 2015-12-30 15:36 - 00000000 ____D C:\ProgramData\PCMGR 2015-12-30 15:23 - 2015-12-24 22:01 - 00127800 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys 2015-12-27 21:17 - 2015-08-03 17:10 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-12-27 17:44 - 2015-08-05 09:02 - 10828536 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL63a.SYS 2015-12-27 17:44 - 2015-08-05 09:02 - 03778568 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll 2015-12-27 17:44 - 2015-08-03 17:10 - 00050688 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\KeyMagic.sys 2015-12-27 17:40 - 2015-12-27 17:40 - 00000000 ____D C:\ProgramData\Intel 2015-12-27 17:38 - 2015-12-27 17:38 - 00000000 ____D C:\Users\Felix\Intel 2015-12-27 17:38 - 2015-08-05 09:01 - 00038912 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleBtBc.sys 2015-12-25 10:23 - 2015-12-25 10:23 - 00000000 ____D C:\Users\Felix\Desktop\Craft Attack 2015-12-25 09:51 - 2015-12-30 19:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-12-24 22:02 - 2015-12-24 22:02 - 00005120 _____ C:\Users\Felix\AppData\Roaming\GiftBag.db 2015-12-24 20:38 - 2015-12-30 19:38 - 00028984 _____ (Tencent) C:\WINDOWS\SysWOW64\Drivers\TS888x64.sys 2015-12-24 20:38 - 2015-12-24 20:38 - 00000000 ____D C:\ProgramData\TXPCMGR 2015-12-24 20:37 - 2015-12-30 20:07 - 00000000 ____D C:\WINDOWS\Minidump 2015-12-24 19:57 - 2015-12-24 19:57 - 00000000 ____D C:\ProgramData\TXQMPC 2015-12-24 19:52 - 2015-12-25 09:50 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 2015-12-24 19:52 - 2015-12-24 19:52 - 00087864 _____ (电脑管家) C:\WINDOWS\system32\Drivers\TFsFltX64.sys 2015-12-24 19:52 - 2015-12-24 19:52 - 00000000 ____D C:\Program Files\Common Files\Tencent 2015-12-24 19:51 - 2015-12-24 20:53 - 00000000 ____D C:\ProgramData\Tencent 2015-12-24 19:51 - 2015-12-24 20:24 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Tencent 2015-12-24 19:51 - 2015-12-24 19:51 - 00000000 ____D C:\Program Files (x86)\Tencent 2015-12-24 19:27 - 2016-01-13 15:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\kingsoft 2015-12-24 18:51 - 2015-12-24 18:51 - 00000074 _____ C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat 2015-12-24 18:50 - 2016-01-13 15:13 - 00000000 ____D C:\ProgramData\kingsoft ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-22 13:56 - 2015-11-28 08:12 - 02086232 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-22 13:56 - 2015-10-30 19:35 - 00889314 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-22 13:56 - 2015-10-30 19:35 - 00197362 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-22 13:56 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-22 13:56 - 2015-10-13 18:37 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Skype 2016-01-22 13:54 - 2015-11-28 08:27 - 00000000 __SHD C:\Users\Felix\IntelGraphicsProfiles 2016-01-22 13:54 - 2015-11-28 08:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-22 13:54 - 2015-10-11 19:57 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-22 13:54 - 2015-10-11 18:51 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-22 13:53 - 2015-11-28 08:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-22 13:52 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-22 13:52 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-22 13:52 - 2015-10-11 20:04 - 00001066 _____ C:\Users\Felix\Desktop\nativelog.txt 2016-01-22 13:49 - 2015-10-11 20:17 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.minecraft 2016-01-22 13:23 - 2015-10-26 11:01 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-22 13:03 - 2015-10-11 18:51 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-22 13:00 - 2015-12-21 13:00 - 00000288 _____ C:\WINDOWS\Tasks\UpdateTask.job 2016-01-21 20:50 - 2015-12-07 03:01 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{515E952E-5BFC-4136-9FC0-930100038690} 2016-01-21 20:49 - 2015-10-11 18:28 - 00000000 ____D C:\Users\Felix\AppData\Local\VirtualStore 2016-01-21 20:37 - 2015-11-28 08:13 - 00000000 ____D C:\Users\Felix 2016-01-21 15:34 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-21 15:34 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-18 15:03 - 2015-12-07 09:46 - 00003376 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1449477981 2016-01-18 15:03 - 2015-12-07 09:45 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-18 15:01 - 2015-10-13 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-17 00:06 - 2015-12-10 22:00 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2016-01-17 00:06 - 2015-12-07 09:46 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-17 00:06 - 2015-11-28 08:17 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-17 00:06 - 2015-10-27 18:54 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express für Web.lnk 2016-01-17 00:06 - 2015-10-26 10:57 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-17 00:05 - 2015-12-21 13:00 - 00001848 _____ C:\Users\Public\Desktop\Internet Explorer.lnk 2016-01-17 00:05 - 2015-12-16 15:40 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk 2016-01-17 00:05 - 2015-12-10 22:03 - 00001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2016-01-17 00:05 - 2015-12-07 09:46 - 00001186 _____ C:\Users\Public\Desktop\Opera.lnk 2016-01-17 00:05 - 2015-12-07 02:57 - 00001315 _____ C:\Users\Public\Desktop\Target 3001! V17 discover.lnk 2016-01-17 00:05 - 2015-11-28 08:29 - 00002433 _____ C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-01-17 00:05 - 2015-11-21 08:21 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2016-01-17 00:05 - 2015-11-21 08:21 - 00002191 _____ C:\Users\Public\Desktop\WinZip.lnk 2016-01-17 00:05 - 2015-10-26 10:57 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-01-17 00:05 - 2015-10-19 16:02 - 00001038 _____ C:\Users\Public\Desktop\VNC Viewer.lnk 2016-01-17 00:05 - 2015-10-19 14:56 - 00001069 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk 2016-01-17 00:05 - 2015-10-13 18:37 - 00000000 ____D C:\ProgramData\Skype 2016-01-17 00:05 - 2015-10-11 19:57 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk 2016-01-17 00:05 - 2015-10-11 18:52 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-17 00:05 - 2015-10-11 18:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-01-16 23:05 - 2015-12-16 16:27 - 00001205 _____ C:\Users\Felix\Desktop\Continue Last version Installation.lnk 2016-01-16 23:05 - 2015-12-14 16:32 - 00001426 _____ C:\Users\Felix\Desktop\7zFM - Verknüpfung.lnk 2016-01-16 23:05 - 2015-12-14 16:32 - 00001415 _____ C:\Users\Felix\Desktop\7zG - Verknüpfung.lnk 2016-01-16 23:05 - 2015-12-08 20:18 - 00001139 _____ C:\Users\Felix\Desktop\Logitech Gaming Software 8.76.lnk 2016-01-16 23:05 - 2015-12-07 02:55 - 00001072 _____ C:\Users\Felix\Desktop\TinyCAD.lnk 2016-01-16 23:05 - 2015-11-16 17:01 - 00002135 _____ C:\Users\Felix\Desktop\Chromium.lnk 2016-01-16 23:05 - 2015-11-16 17:00 - 00000306 __RSH C:\ProgramData\ntuser.pol 2016-01-16 23:05 - 2015-11-16 16:57 - 00001219 _____ C:\Users\Felix\Desktop\TeamSpeak 3 Client.lnk 2016-01-16 23:05 - 2015-11-03 18:19 - 00000975 _____ C:\Users\Felix\Desktop\Xming.lnk 2016-01-16 23:05 - 2015-10-25 20:34 - 00001912 _____ C:\Users\Felix\Desktop\Warface Launcher.lnk 2016-01-16 23:05 - 2015-10-15 17:18 - 00001014 _____ C:\Users\Felix\Desktop\Eclipse Java Mars.lnk 2016-01-16 23:05 - 2015-10-13 19:41 - 00001276 _____ C:\Users\Felix\Desktop\Revo Uninstaller.lnk 2016-01-16 23:05 - 2015-10-13 19:36 - 00001097 _____ C:\Users\Felix\Desktop\Cheat Engine.lnk 2016-01-16 23:05 - 2015-10-13 19:33 - 00000970 _____ C:\Users\Felix\Desktop\7-Zip File Manager.lnk 2016-01-16 23:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-01-16 23:03 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-16 23:03 - 2015-10-19 16:02 - 00000000 ____D C:\ProgramData\RealVNC-Service 2016-01-16 23:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-16 22:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-16 17:38 - 2015-12-10 22:17 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-16 17:35 - 2015-12-10 22:17 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-10 08:44 - 2015-10-15 15:07 - 00000000 ____D C:\Users\Felix\AppData\Local\ElevatedDiagnostics 2016-01-09 12:26 - 2015-10-26 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-03 23:00 - 2015-11-16 17:14 - 00000000 ____D C:\Users\Felix\Desktop\plugins 2016-01-03 21:50 - 2015-11-14 20:24 - 00000000 ____D C:\Users\Felix\workspace 2016-01-03 21:14 - 2015-11-14 20:24 - 00000000 ____D C:\Users\Felix\AppData\Local\Eclipse 2016-01-03 21:14 - 2015-10-15 17:15 - 00000000 ____D C:\Users\Felix\.p2 2016-01-03 20:51 - 2015-10-15 17:18 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse 2016-01-03 20:49 - 2015-10-15 17:15 - 00000000 ____D C:\Users\Felix\eclipse 2016-01-03 17:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-31 17:48 - 2015-11-28 08:10 - 00197912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-30 20:51 - 2015-12-07 02:54 - 00000000 ____D C:\Program Files (x86)\45DE5F9F-1449453249-52CA-A8D3-6603358F02FB 2015-12-30 20:51 - 2015-11-25 18:44 - 00000000 ____D C:\Users\Felix\AppData\Local\{56546008-72FC-0CB0-1F64-29583B0CD5C0} 2015-12-30 20:07 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-30 20:07 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2015-12-30 20:02 - 2015-11-16 17:00 - 00000000 ____D C:\Users\Felix\AppData\Local\{0A3F3C63-2E97-50DB-430F-7533676789AB} 2015-12-30 18:00 - 2015-11-16 18:00 - 00000217 _____ C:\Users\Felix\AppData\Roaming\WB.CFG 2015-12-27 21:17 - 2015-11-16 17:01 - 00000000 ____D C:\Users\Felix\AppData\Roaming\FileZilla 2015-12-27 20:00 - 2015-12-13 19:45 - 00000017 _____ C:\WINDOWS\SysWOW64\history.dat 2015-12-27 17:43 - 2015-11-28 08:11 - 00000000 ____D C:\Program Files\Intel 2015-12-27 17:42 - 2015-10-11 18:41 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-27 17:40 - 2015-10-11 16:19 - 00000000 ____D C:\Program Files (x86)\Intel 2015-12-24 20:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-24 18:51 - 2015-10-11 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-07 19:44 - 2015-12-07 18:40 - 9545216 _____ () C:\Users\Felix\AppData\Roaming\agent.dat 2015-12-07 19:44 - 2015-11-19 15:27 - 0000428 _____ () C:\Users\Felix\AppData\Roaming\book.txt 2015-12-07 19:44 - 2015-12-07 18:40 - 0058272 _____ () C:\Users\Felix\AppData\Roaming\Config.xml 2015-12-24 22:02 - 2015-12-24 22:02 - 0005120 _____ () C:\Users\Felix\AppData\Roaming\GiftBag.db 2016-01-03 23:30 - 2016-01-03 23:30 - 0000630 _____ () C:\Users\Felix\AppData\Roaming\jd-gui.cfg 2015-12-07 19:44 - 2015-12-07 17:01 - 0005568 _____ () C:\Users\Felix\AppData\Roaming\md.xml 2015-12-07 19:44 - 2015-11-19 15:26 - 0004134 _____ () C:\Users\Felix\AppData\Roaming\pic.jpg 2015-12-07 19:44 - 2015-11-19 15:26 - 0004134 _____ () C:\Users\Felix\AppData\Roaming\pic1.jpg 2015-11-16 18:00 - 2015-12-30 18:00 - 0000217 _____ () C:\Users\Felix\AppData\Roaming\WB.CFG 2015-10-19 15:30 - 2015-12-03 21:33 - 0000600 _____ () C:\Users\Felix\AppData\Local\PUTTY.RND 2015-10-13 18:59 - 2015-10-13 18:59 - 0007619 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg 2015-11-14 21:12 - 2015-11-14 21:12 - 0292184 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempdxwebsetup.exe 2015-11-14 21:12 - 2015-11-14 21:12 - 7194312 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempvcredist_x64.exe 2015-11-14 21:12 - 2015-11-14 21:12 - 6503984 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempvcredist_x86.exe 2015-12-30 20:00 - 2015-12-30 20:00 - 0434325 _____ () C:\ProgramData\1451501783.bdinstall.bin 2015-12-24 18:51 - 2015-12-24 18:51 - 0000074 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Dateien, die verschoben oder gelöscht werden sollten: ==================== C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat Einige Dateien in TEMP: ==================== C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2297716568542197287.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2578031879161228757.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2758001311468154250.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2859534402223534488.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-5643248797915814353.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-7675824711585635151.dll C:\Users\Felix\AppData\Local\Temp\OfficeAssist.0614.80.242.exe C:\Users\Felix\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-18 16:00 ==================== Ende von FRST.txt ============================ (#-Button) (#-Button)Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016 durchgeführt von Felix (2016-01-22 13:58:47) Gestartet von C:\Users\Felix\Downloads Windows 10 Pro (X64) (2015-11-28 07:27:08) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2852922398-1150064108-2753843024-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2852922398-1150064108-2753843024-503 - Limited - Disabled) Felix (S-1-5-21-2852922398-1150064108-2753843024-1000 - Administrator - Enabled) => C:\Users\Felix Gast (S-1-5-21-2852922398-1150064108-2753843024-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2852922398-1150064108-2753843024-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Spyware-Schutz (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden Application Insights Tools for Visual Studio Express 2015 for Web (x32 Version: 3.3 - Microsoft Corporation) Hidden Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications.VwdExpress (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender) Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.24.1290 - Bitdefender) Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Chromium (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Chromium) (Version: 46.0.2472.0 - Chromium) Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) FileZilla Client 3.14.1 (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 mit Update 1 (HKLM-x32\...\{013c11fd-b596-4e15-a6e6-8373b77f0b5e}) (Version: 14.0.24720.0 - Microsoft Corporation) Microsoft Visual Studio Express 2015 für Web - DEU (HKLM-x32\...\{0c2136c2-b505-4375-b1b0-850f218a13a3}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.4 - Notepad++ Team) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) PPT美化大师 (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\PPTAssist) (Version: 2.0.0.0051 - 珠海金山办公软件有限公司) RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.) Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - Dragonfly GF Co., LTD) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Target 3001! V17 discover (HKLM-x32\...\Target 3001! V17 discover) (Version: - Ing. Buero FRIEDRICH) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TinyCAD 2.80.06 (HKLM-x32\...\TinyCAD) (Version: 2.80.06 - TinyCAD) TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation) Unity Web Player (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd) VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers) Windows-Treiberpaket - Apple Inc. (AppleCamera) Image (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPIDevice) System (02/02/2015 5.1.12.0) (HKLM\...\D59948F3084BF66E63262EC408CE7B915FE1F86C) (Version: 02/02/2015 5.1.12.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPIKeyboard) HIDClass (04/08/2015 5.1.6000.0) (HKLM\...\8628974A5DFA6E4B7C1103AD365BE0B09FBBB36F) (Version: 04/08/2015 5.1.6000.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPITrackpad) HIDClass (03/30/2015 5.1.5800.0) (HKLM\...\9060F8F607B79E8DFBB207F8A68A76BEE41E343B) (Version: 03/30/2015 5.1.5800.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (07/31/2015 6.0.6100.0) (HKLM\...\8F0EDB7FDBC8E1501FC134846F23B8B02EDBC2A0) (Version: 07/31/2015 6.0.6100.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Keyboard (07/21/2015 5.1.6160.0) (HKLM\...\D2D3AB0DFD6CA4C10F9B608AC1A57D5D55A71596) (Version: 07/21/2015 5.1.6160.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multi-Touch (03/30/2015 5.1.5900.0) (HKLM\...\85AD59D6F43923644E140D13C9494D0B9E6775F6) (Version: 03/30/2015 5.1.5900.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple System Device (02/23/2015 5.1.4.0) (HKLM\...\7CCA73822D13048A6F7333D8BC7C76B2B9D4186F) (Version: 02/23/2015 5.1.4.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.) Windows-Treiberpaket - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.) Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom) Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/12/2014 16.8.0.4) (HKLM\...\52A3E8A4470A399105E841E06FD7C6347B788285) (Version: 09/12/2014 16.8.0.4 - Broadcom) Windows-Treiberpaket - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom) Windows-Treiberpaket - Broadcom (B57ports) Net (10/15/2012 1.0.0.3) (HKLM\...\01396BB9E2633BC0DF02F4456D00791CEC0386A6) (Version: 10/15/2012 1.0.0.3 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (07/24/2015 7.35.118.40) (HKLM\...\636525759A12D18B7BB257132F353A1C85A0D8AA) (Version: 07/24/2015 7.35.118.40 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom) Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation) Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) System (01/10/2014 1.0.0.256) (HKLM\...\35B16C75F55CBB304E72CB9CC504E2846F4006C7) (Version: 01/10/2014 1.0.0.256 - Broadcom Corporation) Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.) Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.) Windows-Treiberpaket - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel) Windows-Treiberpaket - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel) Windows-Treiberpaket - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel) Windows-Treiberpaket - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel) Windows-Treiberpaket - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel) Windows-Treiberpaket - Intel Corporation (iaLPSS_GPIO) System (06/13/2014 1.1.226.2) (HKLM\...\8BC4E9FD6C3043002821AE8637B64D1F49158967) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_I2C) System (06/13/2014 1.1.226.2) (HKLM\...\12B5BD67769FF25AA5FD3176BB05C144EE57E87E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_SPI) System (06/13/2014 1.1.226.2) (HKLM\...\D31B79C75E3A9BF07A6B49DECBE8AF63DD032F4E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_UART2) System (01/08/2015 1.1.226.4) (HKLM\...\BBFE1447BB09A9341D77F1B3F64069F9B1FD852C) (Version: 01/08/2015 1.1.226.4 - Intel Corporation) Windows-Treiberpaket - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel) Windows-Treiberpaket - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) WPS Office (10.1.0.5458) (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Kingsoft Office) (Version: 10.1.0.5458 - Kingsoft Corp.) Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{034DF736-A378-4292-ACAE-A561088999F5}\InprocServer32 -> C:\Users\Felix\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{1077138E-896C-445E-BD31-CFCFFA4636C4}\InprocServer32 -> C:\Users\Felix\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Felix\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {041EEAB3-5D3D-47B1-9547-6DE8EBB2546A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {0AE1102B-0630-4ED6-8F1B-1282E4998EA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {0CD2241E-EF10-44B4-A4F7-0869565155A4} - System32\Tasks\WpsExternal_Felix_20160113151232 => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {1A0462B2-8857-4E34-AE5A-8BE2CD50B67A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {1BBB0A95-0E5D-4842-818C-0A09072C70CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated) Task: {1C6F0CD8-B825-480F-8596-6BF575594F09} - System32\Tasks\PPTAssistantNotifyTask_Felix => C:\Users\Felix\AppData\Local\PPTAssist\notify.exe [2016-01-13] (珠海金山办公软件有限公司) Task: {30B4C83B-59FA-459C-A6C7-30174953E426} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {3AD8C5C8-72B5-44A3-8389-E7CC83529F8F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3CEC9C40-CA49-47E1-937F-AFBD393F7AB4} - \Rush Component2 -> Keine Datei <==== ACHTUNG Task: {4302317C-56E3-4C74-8D6F-89B6F749B16C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {4335EDD8-BA13-469A-9622-0E2F97AFD693} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {46933C27-44FE-4D46-842B-2999963BFCF2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {5D81A24D-312B-4AAB-A25D-D2CD19D2CC20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {6D1A262E-7299-4253-9288-00D23D58DA95} - \Palikan dimo -> Keine Datei <==== ACHTUNG Task: {7E9978CC-46F5-44AB-970E-DBB6E1BC8E5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {8288B4DB-8D04-495C-AFFE-125845CCCB65} - System32\Tasks\{0861782D-BA08-434B-861F-57394CC554A5} => pcalua.exe -a C:\Users\Felix\AppData\Local\Temp\2012-2089\pkeyconfigs.exe -d C:\Users\Felix\AppData\Local\Temp\2012-2089 Task: {8586B609-CA6F-408C-B635-97C37A6B6874} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {8A34E133-733C-4A41-9020-1DD0C725A91F} - \spw3016 -> Keine Datei <==== ACHTUNG Task: {8C58B047-710E-42D6-91B5-04808FDE8EF1} - System32\Tasks\Rush Component => Rundll32.exe "C:\Users\Felix\AppData\Local\Rush Component\{5D264D34-715F-A125-3474-4B9D21821758}\RushComponent.dll",#1 <==== ACHTUNG Task: {918404A5-161B-405D-8FF9-12E43DE7ABB8} - System32\Tasks\updateTask => C:\Users\Felix\AppData\Local\{56546~1\UNINST~1.EXE Task: {98721141-60EE-41E1-8583-C923607FCF1F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9B556428-E0FE-46AF-8653-015E647FA61A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {A3199614-481F-4D30-A0BE-672FE74B775A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {A98058D7-5D7A-4E44-B3F0-81F7F6148837} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2015-11-09] (Bitdefender) Task: {AB02DEE5-7B0B-459D-986A-BF72A3F7C358} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {AC8AF8E7-022F-4506-80F1-6AC035EB68F4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {B4E827ED-9AF3-460B-B902-776C569BBB6B} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG Task: {BA6AE93F-BA6D-4762-841E-663F4C8EC099} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {BA8CB637-AD03-41DD-807C-0F9C3096A351} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.) Task: {BB1237EE-12DE-484A-A34D-3E25B2D42CE7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {BB9B5F6E-4228-48CB-B007-462448ABE0F5} - System32\Tasks\WpsNotifyTask_Felix => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsnotify.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {C33C4C36-D856-4A7D-8621-C37BE6DFA13D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C3536915-763E-40AF-969F-77488FCA3C04} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {C58E2307-CD6E-405F-9BC9-E63AEAE19003} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {CDD93E86-4C5E-4FCB-83BC-8B4802F21204} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation) Task: {CFD81C43-056A-41BD-9BDB-6A5F7310BDDB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {CFEE4B21-B240-476D-86C1-D20CD872D913} - System32\Tasks\Opera scheduled Autoupdate 1449477981 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {D02FB55D-C8FB-4010-819E-5C2BEF9F230E} - System32\Tasks\SoftUpgrade => C:\Program Files (x86)\SoftUpgrade\softup.exe [2015-12-01] () Task: {D0C0EC8C-9399-4476-A11F-93EAA62C2B6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {D4D713F3-18EA-4AA3-88A4-0A9F14ECB411} - System32\Tasks\runTask => C:\Users\Felix\AppData\Local\Temp/Updater.exe Task: {D9370376-DCD7-45DE-B367-D7AE6D4DC0E4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DA10067C-AB1A-4BDE-9C65-AE7E25300090} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {E62069D2-8C18-4BCC-9562-DBE47D9F74B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.) Task: {E6AB186A-BEF0-47E0-BC37-18B65DF4B69F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E760F003-AA5B-4FC6-863A-48B03C383865} - System32\Tasks\WpsUpdateTask_Felix => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsupdate.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {E9B670E4-DD01-4BC6-AEF5-2A33CAEE7D0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {ECB37F17-B1A7-4FFD-9BF4-7E5F175DF6F2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {ECFA571D-9A0E-46EA-8F5B-FB60028CF6E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {F1813D4D-4CE3-4FF5-963B-22E29620335F} - System32\Tasks\PPTAssistantUpdateTask_Felix => C:\Users\Felix\AppData\Local\PPTAssist\assistupdate.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {F280C496-6A4D-415F-9068-BD501FD49B03} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {F501142E-FB93-4A2E-A194-3FC390DA8737} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {F8889A01-14F9-4B84-9C31-4AE4F08DA072} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {FEEE3A14-F946-408A-B61B-863041F96076} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Felix.job => C:\Users\Felix\AppData\Local\PPTAssist\notify.exe Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Felix.job => C:\Users\Felix\AppData\Local\PPTAssist\assistupdate.exe Task: C:\WINDOWS\Tasks\UpdateTask.job => C:\Users\Felix\AppData\Local\{56546~1\UNINST~1.EXE Task: C:\WINDOWS\Tasks\WpsExternal_Felix_20160113151232.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll Task: C:\WINDOWS\Tasks\WpsNotifyTask_Felix.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Felix.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsupdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-30 19:58 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll 2016-01-21 17:06 - 2016-01-21 17:06 - 01119064 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpbr.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 00794832 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpdsp.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 03038112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpph.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 01648408 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttprbl.mdl 2014-02-06 11:36 - 2014-02-06 11:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe 2015-12-03 16:20 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-03 16:20 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-04-15 21:13 - 2015-04-15 21:13 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-12-18 19:32 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 19:32 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 15:10 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 15:10 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 15:10 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 15:09 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2016-01-22 10:02 - 2016-01-22 10:02 - 00317440 _____ () C:\Users\Felix\AppData\Roaming\.minecraft\versions\LabyMod\LabyMod-natives-46620172091056\lwjgl64.dll 2016-01-22 10:02 - 2016-01-22 10:02 - 00653832 _____ () C:\Users\Felix\AppData\Roaming\.minecraft\versions\LabyMod\LabyMod-natives-46620172091056\avutil-ttv-51.dll 2016-01-22 10:02 - 2016-01-22 10:02 - 00361103 _____ () C:\Users\Felix\AppData\Roaming\.minecraft\versions\LabyMod\LabyMod-natives-46620172091056\swresample-ttv-0.dll 2016-01-22 10:02 - 2016-01-22 10:02 - 00688161 _____ () C:\Users\Felix\AppData\Roaming\.minecraft\versions\LabyMod\LabyMod-natives-46620172091056\libmp3lame-ttv.dll 2016-01-22 10:02 - 2016-01-22 10:02 - 01384960 _____ () C:\Users\Felix\AppData\Roaming\.minecraft\versions\LabyMod\LabyMod-natives-46620172091056\twitchsdk.dll 2016-01-22 10:02 - 2016-01-22 10:02 - 00382464 _____ () C:\Users\Felix\AppData\Roaming\.minecraft\versions\LabyMod\LabyMod-natives-46620172091056\OpenAL64.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 02940416 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll 2015-10-11 19:59 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-10-11 19:59 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-10-11 19:59 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-10-11 19:58 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2015-10-11 19:59 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2014-10-10 09:37 - 2014-10-10 09:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll 2016-01-13 15:12 - 2016-01-13 15:11 - 00022376 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\krpt.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00200040 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\wpscloudsvrimp.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 09254248 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\QtCore4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00905064 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\QtNetwork4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 12648296 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\QtWebKit4.DLL 2016-01-13 15:12 - 2016-01-13 15:11 - 00256872 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\curls.dll 2016-01-13 15:12 - 2016-01-13 15:11 - 00164200 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\addons\kpluginrunner\kpluginrunner.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 01660264 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\ruby.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 00244072 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\qtruby4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00024936 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\smokebase.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 03666280 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\smokeqtcore.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 00841064 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\smokekso.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 01266536 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\QtScript4.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 00031080 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\win32api.dll 2016-01-13 15:13 - 2016-01-13 15:13 - 00070504 _____ () C:\Users\Felix\AppData\Roaming\Kingsoft\wps\addons\pool\win-i386\ruby_1.0.0.25\win32ole.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00031592 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qt\plugins\imageformats\qgif4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00033640 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qt\plugins\imageformats\qico4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00032104 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qt\plugins\imageformats\qjpeg4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00284520 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qt\plugins\imageformats\qtiff4.dll 2016-01-13 15:12 - 2016-01-13 15:12 - 00194920 _____ () C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qt\plugins\imageformats\qwdp4.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2016-01-15 20:03 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll 2016-01-15 20:03 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Felix\Desktop\FTB_Launcher.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\eclipse-inst-win64.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\FTB_Launcher.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024 (1).exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\OTL.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acwfp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP => ""="service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp => ""="Driver" ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2016-01-22 13:53 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{A7090D6C-AA6F-4BC4-92BE-8F1C20A87DED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe FirewallRules: [{5B5842EA-E170-4E97-8A6B-0FE9DB136608}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe FirewallRules: [UDP Query User{DD137C3D-0C24-4CD0-BDFF-EA8FF9D7366C}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe FirewallRules: [TCP Query User{E743D5CD-0EE1-476A-99AD-9C1FA3F4FAE1}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe FirewallRules: [{5067DFA1-57CA-4F81-A192-7DEB72A645F0}] => (Allow) C:\Users\Felix\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{7507988B-1DDB-402A-B466-F4ECD3ED45ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{341A2C8F-67AF-4A0D-9D91-E2AA0F7B7BE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{4AA14235-3689-434E-B133-12E2DF4DDCD5}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe FirewallRules: [TCP Query User{D80C7D76-A6BF-4759-8C17-2AFF343C6200}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe FirewallRules: [{B6A68673-7665-4E3F-8CFD-AD098F013D6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{C55EF21D-3C18-423B-A442-BCA157B55714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{C7F26546-D3F1-46DA-A049-39A82C779B5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{7DED3F15-7D00-4BF5-AE75-170788DC0A42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{A875EA9D-3959-47B6-B62C-81255C1A5398}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AC60CC99-0A36-4732-A636-FD7DAB611A0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B779193-5ED2-4DB2-9AC7-28D346513786}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{65C447F7-4E39-45E7-A059-C21FF56076AF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [UDP Query User{94BE76BB-C4CD-4DF2-BAE1-B71282A8B186}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{3D6DA3A1-1F57-4FD1-AD86-639F915F5077}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{91849250-DF89-4E7C-903E-787CF66F9510}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FA3885F0-EC9C-4F34-ADFA-437F77B2918A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{F6BF8EAE-632B-4FEC-BD15-50A0A24DB076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{48B86976-A659-4BE7-A15F-5375EFADB553}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4296D42B-9555-42D3-8BD0-F004A5CDA06A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CE3FC1AD-C82F-45A5-92E6-FA0D8AB995BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{447C0F96-5FE0-4E62-88F0-8B15E17C5EA7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{0EF45F02-237D-4284-BCB8-8AB147036D7C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{FB3E01CC-AC97-4F87-A52A-85A0B388E64D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8C41C37A-BBB2-49A5-B356-807DF7CE2A42}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [TCP Query User{EB884493-27D0-497F-A5F1-A74A1AB72E64}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{CCDD99D7-71A7-4FDF-ADEE-8BD788C1AC5A}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [TCP Query User{2192BE85-9A6D-46E7-A5B9-F721B62D585E}C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe FirewallRules: [UDP Query User{037987C2-9184-4D79-89BF-1B9A702D93F4}C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe FirewallRules: [{71436BBB-206E-498E-A4BC-4CD75509CD03}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{546D960B-D0EA-4094-A56C-B82F968D6413}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{E96DA21B-E15A-489B-85FC-4986BE0E68F0}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{64ACDA0F-7B43-445D-BECC-28C3FCA73BAE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [TCP Query User{484156CF-D8BD-407F-9674-94F25998FAEF}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{06CF479A-0902-455A-92F0-4261E659F81C}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{FBBFE8F5-250A-4A0A-8BD0-6A25B1563271}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{DF82E36C-4E12-46C6-A66B-924725A0A874}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{7DCAC4D6-6A2A-447B-8145-003C067E9980}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 31-12-2015 09:12:52 Geplanter Prüfpunkt 10-01-2016 08:43:58 Windows Update 16-01-2016 17:35:01 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Logitech_LGVirHid02 Description: Logitech_LGVirHid02 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Logitech_LGVirHid01 Description: Logitech_LGVirHid01 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/21/2016 07:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:41:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:41:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:12:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:12:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LockApp.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 4cc Startzeit: 01d1547034b2ba5a Beendigungszeit: 4294967295 Anwendungspfad: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Berichts-ID: 8cfd1db6-c06a-11e5-ab59-3c15c2e3ef91 Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen Error: (01/21/2016 07:12:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FELIX-PC) Description: Die App „Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Error: (01/21/2016 04:37:01 PM) (Source: Perflib) (EventID: 1008) (User: ) Description: BITSC:\Windows\System32\bitsperf.dll4 Error: (01/21/2016 03:06:34 PM) (Source: Perflib) (EventID: 1023) (User: ) Description: rdyboost4 Error: (01/21/2016 02:45:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Systemfehler: ============= Error: (01/22/2016 01:53:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (01/22/2016 01:53:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BlueOcean" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (01/22/2016 01:52:34 PM) (Source: DCOM) (EventID: 10010) (User: FELIX-PC) Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} Error: (01/22/2016 01:52:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_540b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 01:52:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _540b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 01:52:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_540b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 01:52:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Synchronisierungshost_540b8" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/21/2016 09:11:21 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: ) Description: 4 Error: (01/21/2016 09:05:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (01/21/2016 09:05:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BlueOcean" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 CodeIntegrity: =================================== Date: 2016-01-22 13:53:30.262 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 13:53:30.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 21:05:21.486 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 21:05:21.440 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 20:31:34.584 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 20:31:34.534 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-19 19:36:02.613 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system. Date: 2016-01-19 19:33:48.511 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-19 19:33:48.464 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-18 15:00:33.808 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4308U CPU @ 2.80GHz Prozentuale Nutzung des RAM: 37% Installierter physikalischer RAM: 8100.69 MB Verfügbarer physikalischer RAM: 5065.7 MB Summe virtueller Speicher: 16804.69 MB Verfügbarer virtueller Speicher: 13502.25 MB ==================== Laufwerke ================================ Drive c: (BOOTCAMP) (Fixed) (Total:232.39 GB) (Free:141.67 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Macintosh HD) (Fixed) (Total:232.29 GB) (Free:115.96 GB) HFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.9 GB) (Disk ID: 3F1EE8D2) Partition: GPT. Partition 2: (Not Active) - (Size=232.3 GB) - (Type=AF) Partition 3: (Not Active) - (Size=620 MB) - (Type=AB) Partition 4: (Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================(#-Button) |
22.01.2016, 14:38 | #4 |
/// Malwareteam | Alle Ordner schreibgeschützt Hi, Schritt # 1: AdwCleaner Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt # 2: FRST Bitte noch ein frisches FRST-Log. Schritt # 3: Bitte Posten
|
22.01.2016, 15:47 | #5 |
| Alle Ordner schreibgeschützt Adw: (#-Button) Benutzername : Felix - FELIX-PC # Gestartet von : C:\Users\Felix\Downloads\AdwCleaner_5.030.exe # Option : Löschen # Unterstützung : Forum - ToolsLib ***** [ Dienste ] ***** [-] Dienst Gelöscht : QMUdisk [-] Dienst Gelöscht : softaal ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Fast-Search [-] Ordner Gelöscht : C:\Program Files (x86)\tencent [-] Ordner Gelöscht : C:\Program Files (x86)\45DE5F9F-1449453249-52CA-A8D3-6603358F02FB [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\tencent [-] Ordner Gelöscht : C:\Program Files\Common Files\tencent [-] Ordner Gelöscht : C:\ProgramData\tencent [-] Ordner Gelöscht : C:\ProgramData\TXQMPC [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 [-] Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\Systweak [-] Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\tencent [-] Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 [-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\END [-] Datei Gelöscht : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat [-] Datei Gelöscht : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys [-] Datei Gelöscht : C:\WINDOWS\SysWOW64\drivers\TS888x64.sys ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** [-] Geplante Aufgabe Gelöscht : runTask [-] Geplante Aufgabe Gelöscht : updateTask ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acwfp [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} [-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3323765B-5B83-4406-841E-473DBA4B8F29} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{389562C4-59D9-40C4-966E-28DA91725FFE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6ED1EF08-DFF4-4252-8986-691D06C54131} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{83E07061-02D1-41EC-8751-BB176B823C38} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0948E7-227A-4F1B-9849-2D8912F185A7} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A471A4AA-5C18-429F-81BF-6C760941DB74} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7971E81-FC71-4659-8CCE-C903576E0924} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{024BF4C8-B53D-45B9-957F-D3BA9655FF39} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{074DCA49-F6A1-417F-B79E-D5E3ADC30330} [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP [-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean [-] Schlüssel Gelöscht : HKCU\Software\yahooprovidedsearch [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1b31c9d2-7135-442b-bb93-7c002172adc6} [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command [] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BDShellExt.BDMenu [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BDShellExt.BDMenu.1 ***** [ Internetbrowser ] ***** [-] [C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "yoursearching"); [-] [C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false); [-] [C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); [-] [C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://www.yoursearching.com/?type=hp&ts=1450979460&z=6e25035a4439e8acad0f66fg4z8wde9t3m6tczfw7t&from=face&uid=APPLEXSSDXSM0512F_S1K5NYBF559161 [-] [C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://yoursearching.com/wefavicon.ico [-] [C:\Users\Felix\AppData\Local\Chromium\User Data\Default\Web Data] [Search Provider] Gelöscht : palikan [-] [C:\Users\Felix\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.palikan.com/?f=1&a=plk_frg01_15_47&cd=2XzuyEtN2Y1L1QzutA0CtCyD0CtB0EtA0E0FzytC0EtBzztDtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC 0B0FyC0E0Fzy0FtGyE0BtByBtGzzyDtB0EtGyBtByD0EtGtByD0D0FyByCyD0EtA0DyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCtA0Ezz0ByE0AtG0DyDyB0BtGyEyCtCyBtGzy0F0DzytGyBtAyE tD0Fzy0AyBzz0A0AyC2QtN0A0LzuyE&cr=1194926374&ir=&uref=chmm ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7600 Bytes] ########## (#-Button) FRST: (#-Button) FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016 durchgeführt von Felix (Administrator) auf FELIX-PC (22-01-2016 15:44:47) Gestartet von C:\Users\Felix\Downloads Geladene Profile: Felix (Verfügbare Profile: Felix & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Windows\System32\AppleOSSMgr.exe (Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncservice.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe (Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] () HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1720488 2015-12-10] (Bitdefender) HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1423288 2015-12-10] (Bitdefender) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-01-17] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Benachrichtigungsdienst.lnk [2016-01-17] ShortcutTarget: Update Benachrichtigungsdienst.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{e33fa61b-f3a7-4575-946c-682159d54c8c}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> DefaultScope {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11 SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11 SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {ielnksrch} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_52_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutA0CtCyD0CtB0EtA0E0FzytD0EtBzztDtN0D0Tzu0StCyEyDtDtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1M1Q1CtCyBtN1L1G1B1V1N2Y1L1Qzu2SyB0A0DyDtCtDyDtBtGyB0FyByDtG0E0CyCtCtGyE0F0B0AtGyCyCzytByBzztC0F0C0C0D0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCtA0Ezz0ByE0AtG0DyDyB0BtGyEyCtCyBtGzy0F0DzytGyBtAyEtD0Fzy0AyBzz0A0AyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByEyE%26cr%3D1457458476%26a%3Dhdr_s_15_52_orgnl%26os%3DWindows%2B10%2BPro&p={searchTerms} BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-10] (Bitdefender) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-16] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation) BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-10] (Bitdefender) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-10] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-10] (Bitdefender) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default FF Homepage: hxxp://www.google.at/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] () FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] () FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin HKU\S-1-5-21-2852922398-1150064108-2753843024-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Felix\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-12-16] FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-12-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\C78876CE4A6AA227FCD4C7C42F3DA0EDC788 [2015-12-07] <==== ACHTUNG Chrome: ======= CHR HomePage: Default -> hxxp://google.at/ CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11] CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-11] CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11] CHR Extension: (Google-Suche) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11] CHR Extension: (Google Docs Offline) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-11] CHR Extension: (Google Mail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11] CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender) R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1604080 2015-12-09] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) S3 wpscloudsvr; C:\Users\Felix\AppData\Local\kingsoft\WPS Office\wpscloudsvr.exe [154984 2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) S2 BlueOcean; C:\ProgramData\\BlueOcean\\BlueOcean.exe -f "C:\ProgramData\\BlueOcean\\BlueOcean.dat" -l -a ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AppleCamera; C:\Windows\system32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.) R3 applemtm; C:\Windows\system32\DRIVERS\applemtm.sys [12288 2013-09-06] (Apple Inc.) R3 applemtp; C:\Windows\system32\DRIVERS\applemtp.sys [49152 2015-08-03] (Apple Inc.) R3 AppleSDR; C:\Windows\system32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-10-28] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2015-09-17] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-09-17] (BitDefender) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [10828536 2015-08-05] (Broadcom Corporation) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC) R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.) R3 CirrusUFD; C:\Windows\system32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC) R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [271808 2015-10-22] (Bitdefender) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-22] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-22 15:39 - 2016-01-22 15:40 - 00000000 ____D C:\AdwCleaner 2016-01-22 14:44 - 2016-01-22 14:44 - 01505280 _____ C:\Users\Felix\Downloads\AdwCleaner_5.030.exe 2016-01-22 13:51 - 2016-01-22 15:44 - 00019731 _____ C:\Users\Felix\Downloads\FRST.txt 2016-01-22 13:51 - 2016-01-22 15:44 - 00000000 ____D C:\FRST 2016-01-22 13:51 - 2016-01-22 14:00 - 00064049 _____ C:\Users\Felix\Downloads\Addition.txt 2016-01-22 13:50 - 2016-01-22 13:50 - 02370560 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe 2016-01-21 21:03 - 2016-01-21 21:03 - 00000000 ____D C:\_OTL 2016-01-21 21:01 - 2016-01-21 21:01 - 00228734 _____ C:\Users\Felix\Downloads\OTL.Txt 2016-01-21 21:01 - 2016-01-21 21:01 - 00110500 _____ C:\Users\Felix\Downloads\Extras.Txt 2016-01-21 20:56 - 2016-01-21 20:56 - 00602112 _____ (OldTimer Tools) C:\Users\Felix\Downloads\OTL.exe 2016-01-21 20:46 - 2016-01-21 20:46 - 00000000 ____D C:\Users\Felix\Desktop\HiJack+ 2016-01-21 19:19 - 2016-01-21 19:13 - 07561844 _____ C:\Users\Felix\Desktop\FTB_Launcher.exe 2016-01-21 19:13 - 2016-01-21 20:41 - 00000000 ____D C:\Users\Felix\AppData\Local\ftblauncher 2016-01-21 19:13 - 2016-01-21 19:14 - 00000000 ____D C:\Users\Felix\AppData\Roaming\ftblauncher 2016-01-21 19:13 - 2016-01-21 19:13 - 07561844 _____ C:\Users\Felix\Downloads\FTB_Launcher.exe 2016-01-19 20:18 - 2016-01-19 20:18 - 02776306 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.4_mc1.8.8.jar 2016-01-16 23:05 - 2016-01-16 23:05 - 00000000 ____D C:\Program Files\Boot Camp 2016-01-16 22:47 - 2016-01-22 15:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-16 22:47 - 2016-01-17 00:05 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-01-16 22:47 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-16 22:47 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-16 22:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-16 22:46 - 2016-01-16 22:46 - 22908888 _____ (Malwarebytes ) C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024.exe 2016-01-16 22:46 - 2016-01-16 22:46 - 22908888 _____ (Malwarebytes ) C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024 (1).exe 2016-01-15 19:12 - 2016-01-16 23:05 - 00001883 _____ C:\Users\Felix\Desktop\°®ÌÔ±¦.lnk 2016-01-15 19:12 - 2016-01-15 19:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\software 2016-01-15 19:12 - 2016-01-15 19:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\atb 2016-01-13 15:53 - 2016-01-13 15:53 - 00000000 ____D C:\ProgramData\pptassist 2016-01-13 15:13 - 2016-01-22 13:56 - 00000348 _____ C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Felix.job 2016-01-13 15:13 - 2016-01-22 13:50 - 00000616 _____ C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Felix.job 2016-01-13 15:13 - 2016-01-13 18:56 - 00000000 ____D C:\Users\Felix\AppData\Local\PPTAssist 2016-01-13 15:13 - 2016-01-13 16:53 - 00003652 _____ C:\WINDOWS\System32\Tasks\PPTAssistantUpdateTask_Felix 2016-01-13 15:13 - 2016-01-13 15:13 - 00003384 _____ C:\WINDOWS\System32\Tasks\PPTAssistantNotifyTask_Felix 2016-01-13 15:13 - 2016-01-13 15:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\pptassist 2016-01-13 15:13 - 2016-01-13 15:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PPT美化大师 2016-01-13 15:12 - 2016-01-22 14:37 - 00000602 _____ C:\WINDOWS\Tasks\WpsExternal_Felix_20160113151232.job 2016-01-13 15:12 - 2016-01-22 14:04 - 00000408 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Felix.job 2016-01-13 15:12 - 2016-01-13 15:12 - 00003646 _____ C:\WINDOWS\System32\Tasks\WpsExternal_Felix_20160113151232 2016-01-13 15:12 - 2016-01-13 15:12 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Felix 2016-01-13 15:12 - 2016-01-13 15:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office 2016-01-13 15:10 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 15:10 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 15:10 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 15:10 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-13 15:10 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 15:10 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 15:09 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 15:09 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 15:09 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 15:09 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 15:09 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 15:09 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 15:09 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 15:09 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 15:09 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 15:09 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 15:09 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 15:09 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 15:09 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 15:09 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 15:09 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 15:09 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 15:09 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 15:09 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 15:09 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 15:09 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 15:09 - 2016-01-05 02:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys 2016-01-13 15:09 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 15:09 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 15:09 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 15:09 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 15:09 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 15:09 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 15:09 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 15:09 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 15:09 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 15:09 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 15:09 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 15:09 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 15:09 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-01-13 15:09 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 15:09 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 15:09 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 15:09 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 15:09 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 15:09 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 15:09 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 15:09 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 15:09 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 15:09 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 15:09 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 15:09 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 15:09 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 15:09 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 15:09 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 15:09 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-09 12:27 - 2016-01-09 19:00 - 00002976 _____ C:\Users\Felix\Desktop\Musik.txt 2016-01-08 14:37 - 2016-01-08 14:37 - 00000000 ____D C:\Users\Felix\Desktop\Windows 10 TechnicalPreview x64 2016-01-08 14:37 - 2016-01-08 14:37 - 00000000 ____D C:\Users\Felix\Desktop\upgrade 2016-01-07 13:15 - 2016-01-09 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-07 12:47 - 2016-01-07 12:47 - 02756821 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.2_mc1.8.8.jar 2016-01-06 15:22 - 2016-01-06 15:22 - 00025399 _____ C:\Users\Felix\Downloads\DamageIndicator_v2.zip 2016-01-06 15:22 - 2016-01-06 15:22 - 00019480 _____ C:\Users\Felix\Downloads\DirectionHud_v2_mc1.8.8.zip 2016-01-06 15:21 - 2016-01-06 15:23 - 02755068 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.1_mc1.8.8.jar 2016-01-03 23:30 - 2016-01-03 23:30 - 00000630 _____ C:\Users\Felix\AppData\Roaming\jd-gui.cfg 2016-01-03 23:25 - 2016-01-03 23:25 - 08764679 _____ C:\Users\Felix\Downloads\jd-gui-1.4.0.jar 2016-01-03 20:51 - 2016-01-16 23:05 - 00001155 _____ C:\Users\Felix\Desktop\Eclipse Committers Mars.lnk 2016-01-03 20:42 - 2016-01-16 23:05 - 00001120 _____ C:\Users\Felix\Desktop\Eclipse Jee Mars.lnk 2016-01-03 20:30 - 2016-01-03 20:30 - 46355176 _____ C:\Users\Felix\Downloads\eclipse-inst-win64.exe 2016-01-03 20:28 - 2016-01-03 21:10 - 00000000 ____D C:\Users\Felix\Desktop\Server 2016-01-03 18:01 - 2016-01-22 15:40 - 00013184 _____ C:\bdlog.txt 2016-01-02 21:59 - 2016-01-02 22:00 - 00000019 _____ C:\Users\Felix\Desktop\test.bat 2016-01-02 21:57 - 2016-01-17 00:09 - 00001443 _____ C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk 2015-12-30 20:06 - 2016-01-21 21:03 - 00000000 ____D C:\Users\Felix\AppData\Temp 2015-12-30 20:03 - 2015-12-30 20:03 - 00000000 ____D C:\Users\Felix\Downloads\Bitdefender Safepay 2015-12-30 20:00 - 2015-12-30 20:00 - 00434325 _____ C:\ProgramData\1451501783.bdinstall.bin 2015-12-30 20:00 - 2015-12-30 20:00 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml 2015-12-30 20:00 - 2015-12-30 20:00 - 00000385 _____ C:\Users\Felix\AppData\Roaminguser_gensett.xml 2015-12-30 19:58 - 2016-01-17 00:05 - 00002254 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk 2015-12-30 19:58 - 2015-12-30 20:05 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Bitdefender 2015-12-30 19:58 - 2015-12-30 19:58 - 00253404 ____H C:\bdr-ld01 2015-12-30 19:58 - 2015-12-30 19:58 - 00009216 ____H C:\bdr-ld01.mbr 2015-12-30 19:58 - 2015-12-30 19:58 - 00000684 ____H C:\bdr-cf01 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____D C:\ProgramData\BDLogging 2015-12-30 19:58 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im01.gz 2015-12-30 19:58 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys 2015-12-30 19:58 - 2015-10-28 13:01 - 01600512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2015-12-30 19:58 - 2015-10-22 14:02 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys 2015-12-30 19:58 - 2015-09-17 21:24 - 01740520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2015-12-30 19:58 - 2015-09-17 21:24 - 00282000 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys 2015-12-30 19:58 - 2015-09-17 21:23 - 00775424 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2015-12-30 19:58 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2015-12-30 19:58 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz01 2015-12-30 19:58 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll 2015-12-30 19:56 - 2015-12-30 20:29 - 00000000 ____D C:\ProgramData\Bitdefender 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Users\Felix\AppData\Roaming\QuickScan 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Program Files\Bitdefender 2015-12-30 19:56 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2015-12-30 19:56 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2015-12-30 19:55 - 2015-12-30 19:55 - 00000000 ___HD C:\Users\Felix\Desktop\.updtmp 2015-12-30 19:54 - 2016-01-22 15:45 - 00000408 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Felix.job 2015-12-30 19:54 - 2016-01-13 15:12 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Felix 2015-12-30 19:54 - 2016-01-13 15:12 - 00002412 _____ C:\Users\Felix\Desktop\WPS文字.lnk 2015-12-30 19:54 - 2015-12-30 19:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\wps 2015-12-30 19:53 - 2015-12-30 19:53 - 00000000 ____D C:\Users\Felix\AppData\Local\kingsoft 2015-12-30 19:45 - 2015-12-30 19:51 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity(2).exe 2015-12-30 19:41 - 2015-12-30 19:41 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity(1).exe 2015-12-30 19:20 - 2016-01-22 15:42 - 00000000 ____D C:\Program Files\Bitdefender Agent 2015-12-30 19:20 - 2015-12-30 19:20 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity.exe 2015-12-30 19:20 - 2015-12-30 19:20 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2015-12-30 19:20 - 2015-12-30 19:20 - 00000000 ____D C:\ProgramData\Bitdefender Agent 2015-12-30 18:30 - 2016-01-01 13:15 - 00000738 _____ C:\Users\Felix\Desktop\Bio.txt 2015-12-30 15:43 - 2015-12-30 20:01 - 00000000 ____D C:\Users\Felix\AppData\Local\fabi.me 2015-12-30 15:42 - 2013-09-24 11:14 - 00179200 _____ (fabi.me) C:\Users\Felix\Desktop\SpeedAutoClicker.exe 2015-12-30 15:41 - 2015-12-30 15:41 - 00094899 _____ C:\Users\Felix\Downloads\SpeedAutoClicker.zip 2015-12-30 15:36 - 2015-12-30 15:36 - 00000000 ____D C:\ProgramData\PCMGR 2015-12-30 15:23 - 2015-12-24 22:01 - 00127800 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys 2015-12-27 21:17 - 2015-08-03 17:10 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-12-27 17:44 - 2015-08-05 09:02 - 10828536 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL63a.SYS 2015-12-27 17:44 - 2015-08-05 09:02 - 03778568 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll 2015-12-27 17:44 - 2015-08-03 17:10 - 00050688 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\KeyMagic.sys 2015-12-27 17:40 - 2015-12-27 17:40 - 00000000 ____D C:\ProgramData\Intel 2015-12-27 17:38 - 2015-12-27 17:38 - 00000000 ____D C:\Users\Felix\Intel 2015-12-27 17:38 - 2015-08-05 09:01 - 00038912 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleBtBc.sys 2015-12-25 10:23 - 2015-12-25 10:23 - 00000000 ____D C:\Users\Felix\Desktop\Craft Attack 2015-12-24 22:02 - 2015-12-24 22:02 - 00005120 _____ C:\Users\Felix\AppData\Roaming\GiftBag.db 2015-12-24 20:38 - 2015-12-24 20:38 - 00000000 ____D C:\ProgramData\TXPCMGR 2015-12-24 20:37 - 2015-12-30 20:07 - 00000000 ____D C:\WINDOWS\Minidump 2015-12-24 19:27 - 2016-01-13 15:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\kingsoft 2015-12-24 18:50 - 2016-01-13 15:13 - 00000000 ____D C:\ProgramData\kingsoft ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-22 15:43 - 2015-10-13 18:37 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Skype 2016-01-22 15:42 - 2015-11-28 08:27 - 00000000 __SHD C:\Users\Felix\IntelGraphicsProfiles 2016-01-22 15:42 - 2015-11-28 08:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-22 15:42 - 2015-11-28 08:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-22 15:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-22 15:42 - 2015-10-11 19:57 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-22 15:42 - 2015-10-11 18:51 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-22 15:41 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-22 15:40 - 2015-11-16 17:00 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-01-22 15:39 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-22 14:43 - 2015-10-11 20:04 - 00001066 _____ C:\Users\Felix\Desktop\nativelog.txt 2016-01-22 14:42 - 2015-10-11 20:17 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.minecraft 2016-01-22 14:34 - 2015-11-28 08:12 - 02086232 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-22 14:34 - 2015-10-30 19:35 - 00889314 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-22 14:34 - 2015-10-30 19:35 - 00197362 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-22 14:34 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-22 14:02 - 2015-10-11 18:51 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-22 13:58 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-22 13:23 - 2015-10-26 11:01 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-21 20:50 - 2015-12-07 03:01 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{515E952E-5BFC-4136-9FC0-930100038690} 2016-01-21 20:49 - 2015-10-11 18:28 - 00000000 ____D C:\Users\Felix\AppData\Local\VirtualStore 2016-01-21 20:37 - 2015-11-28 08:13 - 00000000 ____D C:\Users\Felix 2016-01-18 15:03 - 2015-12-07 09:46 - 00003376 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1449477981 2016-01-18 15:03 - 2015-12-07 09:45 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-18 15:01 - 2015-10-13 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-17 00:06 - 2015-12-10 22:00 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2016-01-17 00:06 - 2015-12-07 09:46 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-17 00:06 - 2015-11-28 08:17 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-17 00:06 - 2015-10-27 18:54 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express für Web.lnk 2016-01-17 00:06 - 2015-10-26 10:57 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-17 00:05 - 2015-12-21 13:00 - 00001848 _____ C:\Users\Public\Desktop\Internet Explorer.lnk 2016-01-17 00:05 - 2015-12-16 15:40 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk 2016-01-17 00:05 - 2015-12-10 22:03 - 00001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2016-01-17 00:05 - 2015-12-07 09:46 - 00001186 _____ C:\Users\Public\Desktop\Opera.lnk 2016-01-17 00:05 - 2015-12-07 02:57 - 00001315 _____ C:\Users\Public\Desktop\Target 3001! V17 discover.lnk 2016-01-17 00:05 - 2015-11-28 08:29 - 00002433 _____ C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-01-17 00:05 - 2015-11-21 08:21 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2016-01-17 00:05 - 2015-11-21 08:21 - 00002191 _____ C:\Users\Public\Desktop\WinZip.lnk 2016-01-17 00:05 - 2015-10-26 10:57 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-01-17 00:05 - 2015-10-19 16:02 - 00001038 _____ C:\Users\Public\Desktop\VNC Viewer.lnk 2016-01-17 00:05 - 2015-10-19 14:56 - 00001069 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk 2016-01-17 00:05 - 2015-10-13 18:37 - 00000000 ____D C:\ProgramData\Skype 2016-01-17 00:05 - 2015-10-11 19:57 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk 2016-01-17 00:05 - 2015-10-11 18:52 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-17 00:05 - 2015-10-11 18:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-01-16 23:05 - 2015-12-16 16:27 - 00001205 _____ C:\Users\Felix\Desktop\Continue Last version Installation.lnk 2016-01-16 23:05 - 2015-12-14 16:32 - 00001426 _____ C:\Users\Felix\Desktop\7zFM - Verknüpfung.lnk 2016-01-16 23:05 - 2015-12-14 16:32 - 00001415 _____ C:\Users\Felix\Desktop\7zG - Verknüpfung.lnk 2016-01-16 23:05 - 2015-12-08 20:18 - 00001139 _____ C:\Users\Felix\Desktop\Logitech Gaming Software 8.76.lnk 2016-01-16 23:05 - 2015-12-07 02:55 - 00001072 _____ C:\Users\Felix\Desktop\TinyCAD.lnk 2016-01-16 23:05 - 2015-11-16 17:01 - 00002135 _____ C:\Users\Felix\Desktop\Chromium.lnk 2016-01-16 23:05 - 2015-11-16 16:57 - 00001219 _____ C:\Users\Felix\Desktop\TeamSpeak 3 Client.lnk 2016-01-16 23:05 - 2015-11-03 18:19 - 00000975 _____ C:\Users\Felix\Desktop\Xming.lnk 2016-01-16 23:05 - 2015-10-25 20:34 - 00001912 _____ C:\Users\Felix\Desktop\Warface Launcher.lnk 2016-01-16 23:05 - 2015-10-15 17:18 - 00001014 _____ C:\Users\Felix\Desktop\Eclipse Java Mars.lnk 2016-01-16 23:05 - 2015-10-13 19:41 - 00001276 _____ C:\Users\Felix\Desktop\Revo Uninstaller.lnk 2016-01-16 23:05 - 2015-10-13 19:36 - 00001097 _____ C:\Users\Felix\Desktop\Cheat Engine.lnk 2016-01-16 23:05 - 2015-10-13 19:33 - 00000970 _____ C:\Users\Felix\Desktop\7-Zip File Manager.lnk 2016-01-16 23:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-01-16 23:03 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-16 23:03 - 2015-10-19 16:02 - 00000000 ____D C:\ProgramData\RealVNC-Service 2016-01-16 23:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-16 22:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-16 17:38 - 2015-12-10 22:17 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-16 17:35 - 2015-12-10 22:17 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-10 08:44 - 2015-10-15 15:07 - 00000000 ____D C:\Users\Felix\AppData\Local\ElevatedDiagnostics 2016-01-09 12:26 - 2015-10-26 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-03 23:00 - 2015-11-16 17:14 - 00000000 ____D C:\Users\Felix\Desktop\plugins 2016-01-03 21:50 - 2015-11-14 20:24 - 00000000 ____D C:\Users\Felix\workspace 2016-01-03 21:14 - 2015-11-14 20:24 - 00000000 ____D C:\Users\Felix\AppData\Local\Eclipse 2016-01-03 21:14 - 2015-10-15 17:15 - 00000000 ____D C:\Users\Felix\.p2 2016-01-03 20:51 - 2015-10-15 17:18 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse 2016-01-03 20:49 - 2015-10-15 17:15 - 00000000 ____D C:\Users\Felix\eclipse 2016-01-03 17:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-31 17:48 - 2015-11-28 08:10 - 00197912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-30 20:51 - 2015-11-25 18:44 - 00000000 ____D C:\Users\Felix\AppData\Local\{56546008-72FC-0CB0-1F64-29583B0CD5C0} 2015-12-30 20:07 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-30 20:07 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2015-12-30 20:02 - 2015-11-16 17:00 - 00000000 ____D C:\Users\Felix\AppData\Local\{0A3F3C63-2E97-50DB-430F-7533676789AB} 2015-12-30 18:00 - 2015-11-16 18:00 - 00000217 _____ C:\Users\Felix\AppData\Roaming\WB.CFG 2015-12-27 21:17 - 2015-11-16 17:01 - 00000000 ____D C:\Users\Felix\AppData\Roaming\FileZilla 2015-12-27 20:00 - 2015-12-13 19:45 - 00000017 _____ C:\WINDOWS\SysWOW64\history.dat 2015-12-27 17:43 - 2015-11-28 08:11 - 00000000 ____D C:\Program Files\Intel 2015-12-27 17:42 - 2015-10-11 18:41 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-27 17:40 - 2015-10-11 16:19 - 00000000 ____D C:\Program Files (x86)\Intel 2015-12-24 20:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-24 18:51 - 2015-10-11 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-07 19:44 - 2015-12-07 18:40 - 9545216 _____ () C:\Users\Felix\AppData\Roaming\agent.dat 2015-12-07 19:44 - 2015-11-19 15:27 - 0000428 _____ () C:\Users\Felix\AppData\Roaming\book.txt 2015-12-07 19:44 - 2015-12-07 18:40 - 0058272 _____ () C:\Users\Felix\AppData\Roaming\Config.xml 2015-12-24 22:02 - 2015-12-24 22:02 - 0005120 _____ () C:\Users\Felix\AppData\Roaming\GiftBag.db 2016-01-03 23:30 - 2016-01-03 23:30 - 0000630 _____ () C:\Users\Felix\AppData\Roaming\jd-gui.cfg 2015-12-07 19:44 - 2015-12-07 17:01 - 0005568 _____ () C:\Users\Felix\AppData\Roaming\md.xml 2015-12-07 19:44 - 2015-11-19 15:26 - 0004134 _____ () C:\Users\Felix\AppData\Roaming\pic.jpg 2015-12-07 19:44 - 2015-11-19 15:26 - 0004134 _____ () C:\Users\Felix\AppData\Roaming\pic1.jpg 2015-11-16 18:00 - 2015-12-30 18:00 - 0000217 _____ () C:\Users\Felix\AppData\Roaming\WB.CFG 2015-10-19 15:30 - 2015-12-03 21:33 - 0000600 _____ () C:\Users\Felix\AppData\Local\PUTTY.RND 2015-10-13 18:59 - 2015-10-13 18:59 - 0007619 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg 2015-11-14 21:12 - 2015-11-14 21:12 - 0292184 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempdxwebsetup.exe 2015-11-14 21:12 - 2015-11-14 21:12 - 7194312 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempvcredist_x64.exe 2015-11-14 21:12 - 2015-11-14 21:12 - 6503984 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempvcredist_x86.exe 2015-12-30 20:00 - 2015-12-30 20:00 - 0434325 _____ () C:\ProgramData\1451501783.bdinstall.bin Einige Dateien in TEMP: ==================== C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2297716568542197287.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2578031879161228757.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2758001311468154250.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2859534402223534488.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-5643248797915814353.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-7675824711585635151.dll C:\Users\Felix\AppData\Local\Temp\OfficeAssist.0614.80.242.exe C:\Users\Felix\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll C:\Users\Felix\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-18 16:00 ==================== Ende von FRST.txt ============================ (#-Button) FRST Addition: (#-Button)FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016 durchgeführt von Felix (2016-01-22 15:45:14) Gestartet von C:\Users\Felix\Downloads Windows 10 Pro (X64) (2015-11-28 07:27:08) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2852922398-1150064108-2753843024-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2852922398-1150064108-2753843024-503 - Limited - Disabled) Felix (S-1-5-21-2852922398-1150064108-2753843024-1000 - Administrator - Enabled) => C:\Users\Felix Gast (S-1-5-21-2852922398-1150064108-2753843024-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2852922398-1150064108-2753843024-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Spyware-Schutz (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden Application Insights Tools for Visual Studio Express 2015 for Web (x32 Version: 3.3 - Microsoft Corporation) Hidden Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications.VwdExpress (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender) Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.24.1290 - Bitdefender) Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Chromium (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Chromium) (Version: 46.0.2472.0 - Chromium) Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) FileZilla Client 3.14.1 (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 mit Update 1 (HKLM-x32\...\{013c11fd-b596-4e15-a6e6-8373b77f0b5e}) (Version: 14.0.24720.0 - Microsoft Corporation) Microsoft Visual Studio Express 2015 für Web - DEU (HKLM-x32\...\{0c2136c2-b505-4375-b1b0-850f218a13a3}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.4 - Notepad++ Team) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) PPT美化大师 (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\PPTAssist) (Version: 2.0.0.0051 - 珠海金山办公软件有限公司) RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.) Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - Dragonfly GF Co., LTD) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Target 3001! V17 discover (HKLM-x32\...\Target 3001! V17 discover) (Version: - Ing. Buero FRIEDRICH) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TinyCAD 2.80.06 (HKLM-x32\...\TinyCAD) (Version: 2.80.06 - TinyCAD) TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation) Unity Web Player (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd) VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers) Windows-Treiberpaket - Apple Inc. (AppleCamera) Image (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPIDevice) System (02/02/2015 5.1.12.0) (HKLM\...\D59948F3084BF66E63262EC408CE7B915FE1F86C) (Version: 02/02/2015 5.1.12.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPIKeyboard) HIDClass (04/08/2015 5.1.6000.0) (HKLM\...\8628974A5DFA6E4B7C1103AD365BE0B09FBBB36F) (Version: 04/08/2015 5.1.6000.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPITrackpad) HIDClass (03/30/2015 5.1.5800.0) (HKLM\...\9060F8F607B79E8DFBB207F8A68A76BEE41E343B) (Version: 03/30/2015 5.1.5800.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (07/31/2015 6.0.6100.0) (HKLM\...\8F0EDB7FDBC8E1501FC134846F23B8B02EDBC2A0) (Version: 07/31/2015 6.0.6100.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Keyboard (07/21/2015 5.1.6160.0) (HKLM\...\D2D3AB0DFD6CA4C10F9B608AC1A57D5D55A71596) (Version: 07/21/2015 5.1.6160.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multi-Touch (03/30/2015 5.1.5900.0) (HKLM\...\85AD59D6F43923644E140D13C9494D0B9E6775F6) (Version: 03/30/2015 5.1.5900.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple System Device (02/23/2015 5.1.4.0) (HKLM\...\7CCA73822D13048A6F7333D8BC7C76B2B9D4186F) (Version: 02/23/2015 5.1.4.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.) Windows-Treiberpaket - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.) Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom) Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/12/2014 16.8.0.4) (HKLM\...\52A3E8A4470A399105E841E06FD7C6347B788285) (Version: 09/12/2014 16.8.0.4 - Broadcom) Windows-Treiberpaket - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom) Windows-Treiberpaket - Broadcom (B57ports) Net (10/15/2012 1.0.0.3) (HKLM\...\01396BB9E2633BC0DF02F4456D00791CEC0386A6) (Version: 10/15/2012 1.0.0.3 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (07/24/2015 7.35.118.40) (HKLM\...\636525759A12D18B7BB257132F353A1C85A0D8AA) (Version: 07/24/2015 7.35.118.40 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom) Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation) Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) System (01/10/2014 1.0.0.256) (HKLM\...\35B16C75F55CBB304E72CB9CC504E2846F4006C7) (Version: 01/10/2014 1.0.0.256 - Broadcom Corporation) Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.) Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.) Windows-Treiberpaket - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel) Windows-Treiberpaket - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel) Windows-Treiberpaket - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel) Windows-Treiberpaket - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel) Windows-Treiberpaket - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel) Windows-Treiberpaket - Intel Corporation (iaLPSS_GPIO) System (06/13/2014 1.1.226.2) (HKLM\...\8BC4E9FD6C3043002821AE8637B64D1F49158967) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_I2C) System (06/13/2014 1.1.226.2) (HKLM\...\12B5BD67769FF25AA5FD3176BB05C144EE57E87E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_SPI) System (06/13/2014 1.1.226.2) (HKLM\...\D31B79C75E3A9BF07A6B49DECBE8AF63DD032F4E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_UART2) System (01/08/2015 1.1.226.4) (HKLM\...\BBFE1447BB09A9341D77F1B3F64069F9B1FD852C) (Version: 01/08/2015 1.1.226.4 - Intel Corporation) Windows-Treiberpaket - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel) Windows-Treiberpaket - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) WPS Office (10.1.0.5458) (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Kingsoft Office) (Version: 10.1.0.5458 - Kingsoft Corp.) Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{034DF736-A378-4292-ACAE-A561088999F5}\InprocServer32 -> C:\Users\Felix\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{1077138E-896C-445E-BD31-CFCFFA4636C4}\InprocServer32 -> C:\Users\Felix\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Felix\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {041EEAB3-5D3D-47B1-9547-6DE8EBB2546A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {0AE1102B-0630-4ED6-8F1B-1282E4998EA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {0CD2241E-EF10-44B4-A4F7-0869565155A4} - System32\Tasks\WpsExternal_Felix_20160113151232 => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {1A0462B2-8857-4E34-AE5A-8BE2CD50B67A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {1BBB0A95-0E5D-4842-818C-0A09072C70CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated) Task: {1C6F0CD8-B825-480F-8596-6BF575594F09} - System32\Tasks\PPTAssistantNotifyTask_Felix => C:\Users\Felix\AppData\Local\PPTAssist\notify.exe [2016-01-13] (珠海金山办公软件有限公司) Task: {30B4C83B-59FA-459C-A6C7-30174953E426} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {3AD8C5C8-72B5-44A3-8389-E7CC83529F8F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3CEC9C40-CA49-47E1-937F-AFBD393F7AB4} - \Rush Component2 -> Keine Datei <==== ACHTUNG Task: {4302317C-56E3-4C74-8D6F-89B6F749B16C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {4335EDD8-BA13-469A-9622-0E2F97AFD693} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {46933C27-44FE-4D46-842B-2999963BFCF2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {5D81A24D-312B-4AAB-A25D-D2CD19D2CC20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {6D1A262E-7299-4253-9288-00D23D58DA95} - \Palikan dimo -> Keine Datei <==== ACHTUNG Task: {7E9978CC-46F5-44AB-970E-DBB6E1BC8E5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {8288B4DB-8D04-495C-AFFE-125845CCCB65} - System32\Tasks\{0861782D-BA08-434B-861F-57394CC554A5} => pcalua.exe -a C:\Users\Felix\AppData\Local\Temp\2012-2089\pkeyconfigs.exe -d C:\Users\Felix\AppData\Local\Temp\2012-2089 Task: {8586B609-CA6F-408C-B635-97C37A6B6874} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {8A34E133-733C-4A41-9020-1DD0C725A91F} - \spw3016 -> Keine Datei <==== ACHTUNG Task: {8C58B047-710E-42D6-91B5-04808FDE8EF1} - System32\Tasks\Rush Component => Rundll32.exe "C:\Users\Felix\AppData\Local\Rush Component\{5D264D34-715F-A125-3474-4B9D21821758}\RushComponent.dll",#1 <==== ACHTUNG Task: {98721141-60EE-41E1-8583-C923607FCF1F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9B556428-E0FE-46AF-8653-015E647FA61A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {A3199614-481F-4D30-A0BE-672FE74B775A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {A98058D7-5D7A-4E44-B3F0-81F7F6148837} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2015-11-09] (Bitdefender) Task: {AB02DEE5-7B0B-459D-986A-BF72A3F7C358} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {AC8AF8E7-022F-4506-80F1-6AC035EB68F4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {AD4A084A-2553-4934-982D-605101B4B6E5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation) Task: {B4E827ED-9AF3-460B-B902-776C569BBB6B} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG Task: {BA6AE93F-BA6D-4762-841E-663F4C8EC099} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {BA8CB637-AD03-41DD-807C-0F9C3096A351} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.) Task: {BB1237EE-12DE-484A-A34D-3E25B2D42CE7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {BB9B5F6E-4228-48CB-B007-462448ABE0F5} - System32\Tasks\WpsNotifyTask_Felix => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsnotify.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {C33C4C36-D856-4A7D-8621-C37BE6DFA13D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C3536915-763E-40AF-969F-77488FCA3C04} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {C58E2307-CD6E-405F-9BC9-E63AEAE19003} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {CFD81C43-056A-41BD-9BDB-6A5F7310BDDB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {CFEE4B21-B240-476D-86C1-D20CD872D913} - System32\Tasks\Opera scheduled Autoupdate 1449477981 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {D02FB55D-C8FB-4010-819E-5C2BEF9F230E} - System32\Tasks\SoftUpgrade => C:\Program Files (x86)\SoftUpgrade\softup.exe [2015-12-01] () Task: {D0C0EC8C-9399-4476-A11F-93EAA62C2B6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {D9370376-DCD7-45DE-B367-D7AE6D4DC0E4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DA10067C-AB1A-4BDE-9C65-AE7E25300090} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {E62069D2-8C18-4BCC-9562-DBE47D9F74B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.) Task: {E6AB186A-BEF0-47E0-BC37-18B65DF4B69F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E760F003-AA5B-4FC6-863A-48B03C383865} - System32\Tasks\WpsUpdateTask_Felix => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsupdate.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {E9B670E4-DD01-4BC6-AEF5-2A33CAEE7D0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {ECB37F17-B1A7-4FFD-9BF4-7E5F175DF6F2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {ECFA571D-9A0E-46EA-8F5B-FB60028CF6E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {F1813D4D-4CE3-4FF5-963B-22E29620335F} - System32\Tasks\PPTAssistantUpdateTask_Felix => C:\Users\Felix\AppData\Local\PPTAssist\assistupdate.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {F280C496-6A4D-415F-9068-BD501FD49B03} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {F501142E-FB93-4A2E-A194-3FC390DA8737} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {F8889A01-14F9-4B84-9C31-4AE4F08DA072} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {FEEE3A14-F946-408A-B61B-863041F96076} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Felix.job => C:\Users\Felix\AppData\Local\PPTAssist\notify.exe Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Felix.job => C:\Users\Felix\AppData\Local\PPTAssist\assistupdate.exe Task: C:\WINDOWS\Tasks\WpsExternal_Felix_20160113151232.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll Task: C:\WINDOWS\Tasks\WpsNotifyTask_Felix.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Felix.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsupdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-30 19:58 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll 2016-01-21 17:06 - 2016-01-21 17:06 - 01119064 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpbr.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 00794832 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpdsp.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 03038112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpph.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 01648408 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttprbl.mdl 2014-02-06 11:36 - 2014-02-06 11:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe 2015-12-03 16:20 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-03 16:20 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-12-18 19:32 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 19:32 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 15:10 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 15:10 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 15:10 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 15:09 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-10-11 19:59 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-10-11 19:59 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-10-11 19:59 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-10-11 19:58 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2015-10-11 19:59 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2016-01-15 20:03 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll 2016-01-15 20:03 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll 2014-10-10 09:37 - 2014-10-10 09:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Felix\Desktop\FTB_Launcher.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\AdwCleaner_5.030.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\eclipse-inst-win64.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\FTB_Launcher.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024 (1).exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\OTL.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2016-01-22 15:42 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{A7090D6C-AA6F-4BC4-92BE-8F1C20A87DED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe FirewallRules: [{5B5842EA-E170-4E97-8A6B-0FE9DB136608}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe FirewallRules: [UDP Query User{DD137C3D-0C24-4CD0-BDFF-EA8FF9D7366C}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe FirewallRules: [TCP Query User{E743D5CD-0EE1-476A-99AD-9C1FA3F4FAE1}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe FirewallRules: [{5067DFA1-57CA-4F81-A192-7DEB72A645F0}] => (Allow) C:\Users\Felix\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{7507988B-1DDB-402A-B466-F4ECD3ED45ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{341A2C8F-67AF-4A0D-9D91-E2AA0F7B7BE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{4AA14235-3689-434E-B133-12E2DF4DDCD5}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe FirewallRules: [TCP Query User{D80C7D76-A6BF-4759-8C17-2AFF343C6200}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe FirewallRules: [{B6A68673-7665-4E3F-8CFD-AD098F013D6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{C55EF21D-3C18-423B-A442-BCA157B55714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{C7F26546-D3F1-46DA-A049-39A82C779B5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{7DED3F15-7D00-4BF5-AE75-170788DC0A42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{A875EA9D-3959-47B6-B62C-81255C1A5398}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AC60CC99-0A36-4732-A636-FD7DAB611A0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B779193-5ED2-4DB2-9AC7-28D346513786}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{65C447F7-4E39-45E7-A059-C21FF56076AF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [UDP Query User{94BE76BB-C4CD-4DF2-BAE1-B71282A8B186}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{3D6DA3A1-1F57-4FD1-AD86-639F915F5077}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{91849250-DF89-4E7C-903E-787CF66F9510}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FA3885F0-EC9C-4F34-ADFA-437F77B2918A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{F6BF8EAE-632B-4FEC-BD15-50A0A24DB076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{48B86976-A659-4BE7-A15F-5375EFADB553}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4296D42B-9555-42D3-8BD0-F004A5CDA06A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CE3FC1AD-C82F-45A5-92E6-FA0D8AB995BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{447C0F96-5FE0-4E62-88F0-8B15E17C5EA7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{0EF45F02-237D-4284-BCB8-8AB147036D7C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{FB3E01CC-AC97-4F87-A52A-85A0B388E64D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8C41C37A-BBB2-49A5-B356-807DF7CE2A42}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [TCP Query User{EB884493-27D0-497F-A5F1-A74A1AB72E64}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{CCDD99D7-71A7-4FDF-ADEE-8BD788C1AC5A}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [TCP Query User{2192BE85-9A6D-46E7-A5B9-F721B62D585E}C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe FirewallRules: [UDP Query User{037987C2-9184-4D79-89BF-1B9A702D93F4}C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe FirewallRules: [{71436BBB-206E-498E-A4BC-4CD75509CD03}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{546D960B-D0EA-4094-A56C-B82F968D6413}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{E96DA21B-E15A-489B-85FC-4986BE0E68F0}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{64ACDA0F-7B43-445D-BECC-28C3FCA73BAE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [TCP Query User{484156CF-D8BD-407F-9674-94F25998FAEF}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{06CF479A-0902-455A-92F0-4261E659F81C}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{FBBFE8F5-250A-4A0A-8BD0-6A25B1563271}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{DF82E36C-4E12-46C6-A66B-924725A0A874}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{7DCAC4D6-6A2A-447B-8145-003C067E9980}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 31-12-2015 09:12:52 Geplanter Prüfpunkt 10-01-2016 08:43:58 Windows Update 16-01-2016 17:35:01 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Logitech_LGVirHid02 Description: Logitech_LGVirHid02 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Logitech_LGVirHid01 Description: Logitech_LGVirHid01 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/22/2016 02:15:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/22/2016 02:15:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/22/2016 02:15:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:41:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:41:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:12:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:12:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LockApp.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 4cc Startzeit: 01d1547034b2ba5a Beendigungszeit: 4294967295 Anwendungspfad: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Berichts-ID: 8cfd1db6-c06a-11e5-ab59-3c15c2e3ef91 Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen Error: (01/21/2016 07:12:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FELIX-PC) Description: Die App „Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Systemfehler: ============= Error: (01/22/2016 03:42:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (01/22/2016 03:42:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BlueOcean" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (01/22/2016 03:41:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (01/22/2016 03:41:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (01/22/2016 03:41:20 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst Übermittlungsoptimierung konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (01/22/2016 03:40:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (01/22/2016 03:40:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (01/22/2016 03:40:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_60161" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 03:40:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _60161" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 03:40:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_60161" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-01-22 15:42:02.597 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 15:42:02.551 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:31:09.293 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:31:09.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:07:35.364 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:02:15.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 13:53:30.262 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 13:53:30.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 21:05:21.486 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 21:05:21.440 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4308U CPU @ 2.80GHz Prozentuale Nutzung des RAM: 34% Installierter physikalischer RAM: 8100.69 MB Verfügbarer physikalischer RAM: 5342.44 MB Summe virtueller Speicher: 16804.69 MB Verfügbarer virtueller Speicher: 13931.89 MB ==================== Laufwerke ================================ Drive c: (BOOTCAMP) (Fixed) (Total:232.39 GB) (Free:141.65 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Macintosh HD) (Fixed) (Total:232.29 GB) (Free:115.96 GB) HFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.9 GB) (Disk ID: 3F1EE8D2) Partition: GPT. Partition 2: (Not Active) - (Size=232.3 GB) - (Type=AF) Partition 3: (Not Active) - (Size=620 MB) - (Type=AB) Partition 4: (Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ (#-Button) |
22.01.2016, 15:49 | #6 |
| Alle Ordner schreibgeschützt sry hier: Adw: Code:
ATTFilter Benutzername : Felix - FELIX-PC # Gestartet von : C:\Users\Felix\Downloads\AdwCleaner_5.030.exe # Option : Löschen # Unterstützung : hxxp://toolslib.net/forum ***** [ Dienste ] ***** [-] Dienst Gelöscht : QMUdisk [-] Dienst Gelöscht : softaal ***** [ Ordner ] ***** [-] Ordner Gelöscht : C:\Program Files (x86)\Fast-Search [-] Ordner Gelöscht : C:\Program Files (x86)\tencent [-] Ordner Gelöscht : C:\Program Files (x86)\45DE5F9F-1449453249-52CA-A8D3-6603358F02FB [-] Ordner Gelöscht : C:\Program Files (x86)\Common Files\tencent [-] Ordner Gelöscht : C:\Program Files\Common Files\tencent [-] Ordner Gelöscht : C:\ProgramData\tencent [-] Ordner Gelöscht : C:\ProgramData\TXQMPC [-] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\腾讯软件 [-] Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\Systweak [-] Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\tencent [-] Ordner Gelöscht : C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\腾讯软件 [-] Ordner Gelöscht : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\tencent ***** [ Dateien ] ***** [-] Datei Gelöscht : C:\END [-] Datei Gelöscht : C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat [-] Datei Gelöscht : C:\WINDOWS\SysNative\drivers\TFsFltX64.sys [-] Datei Gelöscht : C:\WINDOWS\SysWOW64\drivers\TS888x64.sys ***** [ DLLs ] ***** ***** [ Verknüpfungen ] ***** ***** [ Aufgabenplanung ] ***** [-] Geplante Aufgabe Gelöscht : runTask [-] Geplante Aufgabe Gelöscht : updateTask ***** [ Registrierungsdatenbank ] ***** [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DownloadProxy.EXE [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\QQPCRTP [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\acwfp [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\QQPCRTP [-] Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\zcwfp [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{51BEE30D-EEC8-4BA3-930B-298B8E759EB1} [-] Schlüssel Gelöscht : HKCU\Software\Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{70DE12EA-79F4-46BC-9812-86DB50A2FD64} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{754DF2CE-51E8-4895-B53C-6381418B84AE} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EC0FA563-E0F2-406F-8659-1E728458A91E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{88260EA6-BC91-42DF-ABEF-4A683E8A3C23} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4C097DF1-0716-4FA1-84A9-025BC1E7B03F} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{50F4150A-48B2-417A-BE4C-C83F580FB904} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7270EC6-0113-4A78-B610-E501D0A9E48E} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3323765B-5B83-4406-841E-473DBA4B8F29} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{389562C4-59D9-40C4-966E-28DA91725FFE} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F8D3B31-AEB8-4ED7-8B05-5556068D6B54} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6ED1EF08-DFF4-4252-8986-691D06C54131} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{83E07061-02D1-41EC-8751-BB176B823C38} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0948E7-227A-4F1B-9849-2D8912F185A7} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A471A4AA-5C18-429F-81BF-6C760941DB74} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0A7C2B3-86D6-42AF-8221-79C9E4AD50BA} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F2FB003D-07C7-4E4D-80E3-00B49468A6F4} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7971E81-FC71-4659-8CCE-C903576E0924} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{00E3D575-A24C-4BBC-A708-BCDB8BBCA6C7} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{024BF4C8-B53D-45B9-957F-D3BA9655FF39} [-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{074DCA49-F6A1-417F-B79E-D5E3ADC30330} [-] Schlüssel Gelöscht : HKCU\Software\OCS [-] Schlüssel Gelöscht : HKCU\Software\PRODUCTSETUP [-] Schlüssel Gelöscht : HKCU\Software\Reg\Clean [-] Schlüssel Gelöscht : HKCU\Software\yahooprovidedsearch [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Reg\Clean [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SU [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tab] [-] Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1b31c9d2-7135-442b-bb93-7c002172adc6} [-] Daten Wiederhergestellt : HKLM\SOFTWARE\Clients\StartMenuInternet\OperaStable\shell\open\command [] [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BDShellExt.BDMenu [-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BDShellExt.BDMenu.1 ***** [ Internetbrowser ] ***** [-] [C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\prefs.js] [Preference] Gelöscht : user_pref("browser.search.selectedEngine", "yoursearching"); [-] [C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.enable_search1", false); [-] [C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\prefs.js] [Preference] Gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); [-] [C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Startup_URLs] Gelöscht : hxxp://www.yoursearching.com/?type=hp&ts=1450979460&z=6e25035a4439e8acad0f66fg4z8wde9t3m6tczfw7t&from=face&uid=APPLEXSSDXSM0512F_S1K5NYBF559161 [-] [C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Gelöscht : hxxp://yoursearching.com/wefavicon.ico [-] [C:\Users\Felix\AppData\Local\Chromium\User Data\Default\Web Data] [Search Provider] Gelöscht : palikan [-] [C:\Users\Felix\AppData\Local\Chromium\User Data\Default\Secure Preferences] [Homepage] Gelöscht : hxxp://www.palikan.com/?f=1&a=plk_frg01_15_47&cd=2XzuyEtN2Y1L1QzutA0CtCyD0CtB0EtA0E0FzytC0EtBzztDtN0D0Tzu0StCyEtCyDtN1L2XzutAtFtCyEtFtDtFtDtN1L1Czu1StN1L1G1B1V1N2Y1L1Qzu2SyC0B0FyC0E0Fzy0FtGyE0BtByBtGzzyDtB0EtGyBtByD0EtGtByD0D0FyByCyD0EtA0DyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCtA0Ezz0ByE0AtG0DyDyB0BtGyEyCtCyBtGzy0F0DzytGyBtAyEtD0Fzy0AyBzz0A0AyC2QtN0A0LzuyE&cr=1194926374&ir=&uref=chmm ************************* :: "Tracing" Schlüssel gelöscht :: Proxy Einstellungen zurückgesetzt :: Winsock Einstellungen zurückgesetzt :: Chrome Richtlinien gelöscht ########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [7600 Bytes] ########## Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:18-01-2016 durchgeführt von Felix (Administrator) auf FELIX-PC (22-01-2016 15:44:47) Gestartet von C:\Users\Felix\Downloads Geladene Profile: Felix (Verfügbare Profile: Felix & DefaultAppPool) Platform: Windows 10 Pro Version 1511 (X64) Sprache: Deutsch (Deutschland) Internet Explorer Version 11 (Standard-Browser: Edge) Start-Modus: Normal Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Prozesse (Nicht auf der Ausnahmeliste) ================= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.) (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe () C:\Windows\System32\AppleOSSMgr.exe (Apple Inc.) C:\Windows\System32\AppleTimeSrv.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Microsoft Corporation) C:\Windows\System32\mqsvc.exe (Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncservice.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserver.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (RealVNC Ltd) C:\Program Files\RealVNC\VNC Server\vncserverui.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe (Apple Inc.) C:\Program Files\Boot Camp\Bootcamp.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe (Nico Mak Computing) C:\Program Files\WinZip\FAHWindow64.exe (Nico Mak Computing) C:\Program Files\WinZip\WZUpdateNotifier.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Nicht auf der Ausnahmeliste) =========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.) HKLM\...\Run: [IgfxTray] => C:\Windows\system32\igfxtray.exe [396688 2015-07-18] () HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [15033976 2015-11-20] (Logitech Inc.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1720488 2015-12-10] (Bitdefender) HKLM\...\Run: [Apple_KbdMgr] => C:\Program Files\Boot Camp\Bootcamp.exe [746816 2014-02-06] (Apple Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50378880 2015-12-17] (Skype Technologies S.A.) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1423288 2015-12-10] (Bitdefender) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Ribbons.scr [149504 2015-10-30] (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FAH.lnk [2016-01-17] ShortcutTarget: FAH.lnk -> C:\Program Files\WinZip\FAHConsole.exe (Nico Mak Computing) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Update Benachrichtigungsdienst.lnk [2016-01-17] ShortcutTarget: Update Benachrichtigungsdienst.lnk -> C:\Program Files\WinZip\WZUpdateNotifier.exe (Nico Mak Computing) ==================== Internet (Nicht auf der Ausnahmeliste) ==================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.) Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 Tcpip\..\Interfaces\{e33fa61b-f3a7-4575-946c-682159d54c8c}: [DhcpNameServer] 10.0.0.138 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1 SearchScopes: HKLM -> {1b31c9d2-7135-442b-bb93-7c002172adc6} URL = SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> DefaultScope {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11 SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {A060E7FB-91F5-4c7c-BD0F-4A11A581D878} URL = hxxps://www.baidu.com/s?wd={searchTerms}&tn=98012088_5_dg&ch=11 SearchScopes: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000 -> {ielnksrch} URL = hxxps://at.search.yahoo.com/yhs/search?hspart=elm&hsimp=yhs-001&type=hdr_s_15_52_orgnl¶m1=1¶m2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DHodor%26cd%3D2XzuyEtN2Y1L1QzutA0CtCyD0CtB0EtA0E0FzytD0EtBzztDtN0D0Tzu0StCyEyDtDtN1L2XzutAtFtCyDtFtAtFtDtN1L1Czu1M1Q1CtCyBtN1L1G1B1V1N2Y1L1Qzu2SyB0A0DyDtCtDyDtBtGyB0FyByDtG0E0CyCtCtGyE0F0B0AtGyCyCzytByBzztC0F0C0C0D0E2QtN1M1F1B2Z1V1N2Y1L1Qzu2SzyyCtA0Ezz0ByE0AtG0DyDyB0BtGyEyCtCyBtGzy0F0DzytGyBtAyEtD0Fzy0AyBzz0A0AyC2QtN0A0LzuyEtN1B2Z1V1T1S1NzutCtByEyE%26cr%3D1457458476%26a%3Dhdr_s_15_52_orgnl%26os%3DWindows%2B10%2BPro&p={searchTerms} BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-10] (Bitdefender) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-16] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-16] (Oracle Corporation) BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-10] (Bitdefender) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2015-12-10] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2015-12-10] (Bitdefender) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation) FireFox: ======== FF ProfilePath: C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default FF Homepage: hxxp://www.google.at/ FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_286.dll [2016-01-19] () FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-16] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-16] (Oracle Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll [2016-01-19] () FF Plugin-x32: @qq.com/npAndroidAssistant -> C:\Program Files (x86)\Common Files\Tencent\QQPhoneManager\2.0.201.3192\npQQPhoneManagerExt.dll [Keine Datei] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-05] (Google Inc.) FF Plugin HKU\S-1-5-21-2852922398-1150064108-2753843024-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Felix\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-28] (Unity Technologies ApS) FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-12-16] FF Extension: Adblock Plus - C:\Users\Felix\AppData\Roaming\Mozilla\Firefox\Profiles\9w2tpnbg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-01-21] FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-12-16] [ist nicht signiert] FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\C78876CE4A6AA227FCD4C7C42F3DA0EDC788 [2015-12-07] <==== ACHTUNG Chrome: ======= CHR HomePage: Default -> hxxp://google.at/ CHR Profile: C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Präsentationen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-11] CHR Extension: (Google Docs) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-11] CHR Extension: (Google Drive) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-11] CHR Extension: (Google-Suche) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (Google Tabellen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-11] CHR Extension: (Google Docs Offline) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-21] CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-11] CHR Extension: (Google Mail) - C:\Users\Felix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-11] CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-01-08] ==================== Dienste (Nicht auf der Ausnahmeliste) ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R2 AppleOSSMgr; C:\Windows\system32\AppleOSSMgr.exe [226112 2014-02-06] () R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-07-18] (Intel Corporation) S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887256 2014-05-13] (Intel(R) Corporation) R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [193144 2015-11-20] (Logitech Inc.) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [857288 2015-11-09] (Bitdefender) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [124488 2015-09-29] (Bitdefender) R2 vncserver; C:\Program Files\RealVNC\VNC Server\vncservice.exe [639808 2015-01-28] (RealVNC Ltd) R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1604080 2015-12-09] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation) S3 wpscloudsvr; C:\Users\Felix\AppData\Local\kingsoft\WPS Office\wpscloudsvr.exe [154984 2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) S2 BlueOcean; C:\ProgramData\\BlueOcean\\BlueOcean.exe -f "C:\ProgramData\\BlueOcean\\BlueOcean.dat" -l -a ===================== Treiber (Nicht auf der Ausnahmeliste) ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) R3 AppleCamera; C:\Windows\system32\DRIVERS\AppleCamera.sys [1793664 2013-12-04] (Apple Inc.) R3 applemtm; C:\Windows\system32\DRIVERS\applemtm.sys [12288 2013-09-06] (Apple Inc.) R3 applemtp; C:\Windows\system32\DRIVERS\applemtp.sys [49152 2015-08-03] (Apple Inc.) R3 AppleSDR; C:\Windows\system32\DRIVERS\AppleSDR.sys [12800 2013-09-03] (Apple Inc.) R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1600512 2015-10-28] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [282000 2015-09-17] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [775424 2015-09-17] (BitDefender) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [10828536 2015-08-05] (Broadcom Corporation) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-12-03] (BitDefender LLC) R1 BDVEDISK; C:\Windows\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender) R3 CirrusLFD; C:\Windows\system32\DRIVERS\CSLFD.sys [56720 2013-10-17] (Cirrus Logic Inc.) R3 CirrusUFD; C:\Windows\system32\DRIVERS\CSUFD.sys [11928 2013-10-17] (Cirrus Logic Inc.) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160032 2015-04-29] (BitDefender LLC) R0 ignis; C:\Windows\system32\DRIVERS\ignis.sys [271808 2015-10-22] (Bitdefender) R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech) R3 LGJoyXlCore; C:\Windows\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.) R3 lgLowAudio; C:\Windows\system32\drivers\lgLowAudio.sys [26264 2015-11-20] (Logitech Inc.) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-01-22] (Malwarebytes) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [129312 2014-10-10] (Intel Corporation) R3 SensorsAlsDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation) R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [477272 2015-06-02] (BitDefender S.R.L.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation) U3 idsvc; kein ImagePath U3 wpcsvc; kein ImagePath ==================== NetSvcs (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) ==================== Ein Monat: Erstellte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-22 15:39 - 2016-01-22 15:40 - 00000000 ____D C:\AdwCleaner 2016-01-22 14:44 - 2016-01-22 14:44 - 01505280 _____ C:\Users\Felix\Downloads\AdwCleaner_5.030.exe 2016-01-22 13:51 - 2016-01-22 15:44 - 00019731 _____ C:\Users\Felix\Downloads\FRST.txt 2016-01-22 13:51 - 2016-01-22 15:44 - 00000000 ____D C:\FRST 2016-01-22 13:51 - 2016-01-22 14:00 - 00064049 _____ C:\Users\Felix\Downloads\Addition.txt 2016-01-22 13:50 - 2016-01-22 13:50 - 02370560 _____ (Farbar) C:\Users\Felix\Downloads\FRST64.exe 2016-01-21 21:03 - 2016-01-21 21:03 - 00000000 ____D C:\_OTL 2016-01-21 21:01 - 2016-01-21 21:01 - 00228734 _____ C:\Users\Felix\Downloads\OTL.Txt 2016-01-21 21:01 - 2016-01-21 21:01 - 00110500 _____ C:\Users\Felix\Downloads\Extras.Txt 2016-01-21 20:56 - 2016-01-21 20:56 - 00602112 _____ (OldTimer Tools) C:\Users\Felix\Downloads\OTL.exe 2016-01-21 20:46 - 2016-01-21 20:46 - 00000000 ____D C:\Users\Felix\Desktop\HiJack+ 2016-01-21 19:19 - 2016-01-21 19:13 - 07561844 _____ C:\Users\Felix\Desktop\FTB_Launcher.exe 2016-01-21 19:13 - 2016-01-21 20:41 - 00000000 ____D C:\Users\Felix\AppData\Local\ftblauncher 2016-01-21 19:13 - 2016-01-21 19:14 - 00000000 ____D C:\Users\Felix\AppData\Roaming\ftblauncher 2016-01-21 19:13 - 2016-01-21 19:13 - 07561844 _____ C:\Users\Felix\Downloads\FTB_Launcher.exe 2016-01-19 20:18 - 2016-01-19 20:18 - 02776306 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.4_mc1.8.8.jar 2016-01-16 23:05 - 2016-01-16 23:05 - 00000000 ____D C:\Program Files\Boot Camp 2016-01-16 22:47 - 2016-01-22 15:42 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2016-01-16 22:47 - 2016-01-17 00:05 - 00001177 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\ProgramData\Malwarebytes 2016-01-16 22:47 - 2016-01-16 22:47 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 2016-01-16 22:47 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2016-01-16 22:47 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2016-01-16 22:47 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys 2016-01-16 22:46 - 2016-01-16 22:46 - 22908888 _____ (Malwarebytes ) C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024.exe 2016-01-16 22:46 - 2016-01-16 22:46 - 22908888 _____ (Malwarebytes ) C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024 (1).exe 2016-01-15 19:12 - 2016-01-16 23:05 - 00001883 _____ C:\Users\Felix\Desktop\°®ÌÔ±¦.lnk 2016-01-15 19:12 - 2016-01-15 19:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\software 2016-01-15 19:12 - 2016-01-15 19:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\atb 2016-01-13 15:53 - 2016-01-13 15:53 - 00000000 ____D C:\ProgramData\pptassist 2016-01-13 15:13 - 2016-01-22 13:56 - 00000348 _____ C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Felix.job 2016-01-13 15:13 - 2016-01-22 13:50 - 00000616 _____ C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Felix.job 2016-01-13 15:13 - 2016-01-13 18:56 - 00000000 ____D C:\Users\Felix\AppData\Local\PPTAssist 2016-01-13 15:13 - 2016-01-13 16:53 - 00003652 _____ C:\WINDOWS\System32\Tasks\PPTAssistantUpdateTask_Felix 2016-01-13 15:13 - 2016-01-13 15:13 - 00003384 _____ C:\WINDOWS\System32\Tasks\PPTAssistantNotifyTask_Felix 2016-01-13 15:13 - 2016-01-13 15:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\pptassist 2016-01-13 15:13 - 2016-01-13 15:13 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PPT美化大师 2016-01-13 15:12 - 2016-01-22 14:37 - 00000602 _____ C:\WINDOWS\Tasks\WpsExternal_Felix_20160113151232.job 2016-01-13 15:12 - 2016-01-22 14:04 - 00000408 _____ C:\WINDOWS\Tasks\WpsNotifyTask_Felix.job 2016-01-13 15:12 - 2016-01-13 15:12 - 00003646 _____ C:\WINDOWS\System32\Tasks\WpsExternal_Felix_20160113151232 2016-01-13 15:12 - 2016-01-13 15:12 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_Felix 2016-01-13 15:12 - 2016-01-13 15:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WPS Office 2016-01-13 15:10 - 2016-01-05 03:37 - 02544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2016-01-13 15:10 - 2016-01-05 03:33 - 02180128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2016-01-13 15:10 - 2016-01-05 02:59 - 22393856 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll 2016-01-13 15:10 - 2016-01-05 02:57 - 16986112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2016-01-13 15:10 - 2016-01-05 02:49 - 13018624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2016-01-13 15:10 - 2016-01-05 02:39 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2016-01-13 15:09 - 2016-01-05 03:51 - 07477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2016-01-13 15:09 - 2016-01-05 03:51 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2016-01-13 15:09 - 2016-01-05 03:51 - 01141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2016-01-13 15:09 - 2016-01-05 03:50 - 01173344 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2016-01-13 15:09 - 2016-01-05 03:50 - 00713568 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll 2016-01-13 15:09 - 2016-01-05 03:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2016-01-13 15:09 - 2016-01-05 03:49 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2016-01-13 15:09 - 2016-01-05 03:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll 2016-01-13 15:09 - 2016-01-05 03:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2016-01-13 15:09 - 2016-01-05 03:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00848160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2016-01-13 15:09 - 2016-01-05 03:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2016-01-13 15:09 - 2016-01-05 03:36 - 00808800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2016-01-13 15:09 - 2016-01-05 03:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2016-01-13 15:09 - 2016-01-05 03:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll 2016-01-13 15:09 - 2016-01-05 03:31 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe 2016-01-13 15:09 - 2016-01-05 03:27 - 01594408 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2016-01-13 15:09 - 2016-01-05 03:24 - 00796352 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll 2016-01-13 15:09 - 2016-01-05 03:23 - 01309376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll 2016-01-13 15:09 - 2016-01-05 03:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:21 - 01371792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll 2016-01-13 15:09 - 2016-01-05 03:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL 2016-01-13 15:09 - 2016-01-05 03:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll 2016-01-13 15:09 - 2016-01-05 02:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll 2016-01-13 15:09 - 2016-01-05 02:56 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe 2016-01-13 15:09 - 2016-01-05 02:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys 2016-01-13 15:09 - 2016-01-05 02:54 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe 2016-01-13 15:09 - 2016-01-05 02:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx 2016-01-13 15:09 - 2016-01-05 02:52 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2016-01-13 15:09 - 2016-01-05 02:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll 2016-01-13 15:09 - 2016-01-05 02:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll 2016-01-13 15:09 - 2016-01-05 02:50 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe 2016-01-13 15:09 - 2016-01-05 02:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL 2016-01-13 15:09 - 2016-01-05 02:49 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll 2016-01-13 15:09 - 2016-01-05 02:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll 2016-01-13 15:09 - 2016-01-05 02:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll 2016-01-13 15:09 - 2016-01-05 02:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2016-01-13 15:09 - 2016-01-05 02:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax 2016-01-13 15:09 - 2016-01-05 02:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2016-01-13 15:09 - 2016-01-05 02:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll 2016-01-13 15:09 - 2016-01-05 02:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx 2016-01-13 15:09 - 2016-01-05 02:43 - 00953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys 2016-01-13 15:09 - 2016-01-05 02:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll 2016-01-13 15:09 - 2016-01-05 02:43 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2016-01-13 15:09 - 2016-01-05 02:43 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2016-01-13 15:09 - 2016-01-05 02:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll 2016-01-13 15:09 - 2016-01-05 02:41 - 18677760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll 2016-01-13 15:09 - 2016-01-05 02:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL 2016-01-13 15:09 - 2016-01-05 02:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll 2016-01-13 15:09 - 2016-01-05 02:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL 2016-01-13 15:09 - 2016-01-05 02:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00498176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll 2016-01-13 15:09 - 2016-01-05 02:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax 2016-01-13 15:09 - 2016-01-05 02:38 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2016-01-13 15:09 - 2016-01-05 02:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll 2016-01-13 15:09 - 2016-01-05 02:36 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2016-01-13 15:09 - 2016-01-05 02:33 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll 2016-01-13 15:09 - 2016-01-05 02:30 - 02796032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2016-01-13 15:09 - 2016-01-05 02:30 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2016-01-13 15:09 - 2016-01-05 02:29 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 07826432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 04894720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2016-01-13 15:09 - 2016-01-05 02:28 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll 2016-01-13 15:09 - 2016-01-05 02:25 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll 2016-01-09 12:27 - 2016-01-09 19:00 - 00002976 _____ C:\Users\Felix\Desktop\Musik.txt 2016-01-08 14:37 - 2016-01-08 14:37 - 00000000 ____D C:\Users\Felix\Desktop\Windows 10 TechnicalPreview x64 2016-01-08 14:37 - 2016-01-08 14:37 - 00000000 ____D C:\Users\Felix\Desktop\upgrade 2016-01-07 13:15 - 2016-01-09 12:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2016-01-07 12:47 - 2016-01-07 12:47 - 02756821 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.2_mc1.8.8.jar 2016-01-06 15:22 - 2016-01-06 15:22 - 00025399 _____ C:\Users\Felix\Downloads\DamageIndicator_v2.zip 2016-01-06 15:22 - 2016-01-06 15:22 - 00019480 _____ C:\Users\Felix\Downloads\DirectionHud_v2_mc1.8.8.zip 2016-01-06 15:21 - 2016-01-06 15:23 - 02755068 _____ C:\Users\Felix\Downloads\LabyMod_v2.7.1_mc1.8.8.jar 2016-01-03 23:30 - 2016-01-03 23:30 - 00000630 _____ C:\Users\Felix\AppData\Roaming\jd-gui.cfg 2016-01-03 23:25 - 2016-01-03 23:25 - 08764679 _____ C:\Users\Felix\Downloads\jd-gui-1.4.0.jar 2016-01-03 20:51 - 2016-01-16 23:05 - 00001155 _____ C:\Users\Felix\Desktop\Eclipse Committers Mars.lnk 2016-01-03 20:42 - 2016-01-16 23:05 - 00001120 _____ C:\Users\Felix\Desktop\Eclipse Jee Mars.lnk 2016-01-03 20:30 - 2016-01-03 20:30 - 46355176 _____ C:\Users\Felix\Downloads\eclipse-inst-win64.exe 2016-01-03 20:28 - 2016-01-03 21:10 - 00000000 ____D C:\Users\Felix\Desktop\Server 2016-01-03 18:01 - 2016-01-22 15:40 - 00013184 _____ C:\bdlog.txt 2016-01-02 21:59 - 2016-01-02 22:00 - 00000019 _____ C:\Users\Felix\Desktop\test.bat 2016-01-02 21:57 - 2016-01-17 00:09 - 00001443 _____ C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\chrome.lnk 2015-12-30 20:06 - 2016-01-21 21:03 - 00000000 ____D C:\Users\Felix\AppData\Temp 2015-12-30 20:03 - 2015-12-30 20:03 - 00000000 ____D C:\Users\Felix\Downloads\Bitdefender Safepay 2015-12-30 20:00 - 2015-12-30 20:00 - 00434325 _____ C:\ProgramData\1451501783.bdinstall.bin 2015-12-30 20:00 - 2015-12-30 20:00 - 00000385 _____ C:\WINDOWS\system32\user_gensett.xml 2015-12-30 20:00 - 2015-12-30 20:00 - 00000385 _____ C:\Users\Felix\AppData\Roaminguser_gensett.xml 2015-12-30 19:58 - 2016-01-17 00:05 - 00002254 _____ C:\Users\Public\Desktop\Bitdefender 2016.lnk 2015-12-30 19:58 - 2015-12-30 20:05 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Bitdefender 2015-12-30 19:58 - 2015-12-30 19:58 - 00253404 ____H C:\bdr-ld01 2015-12-30 19:58 - 2015-12-30 19:58 - 00009216 ____H C:\bdr-ld01.mbr 2015-12-30 19:58 - 2015-12-30 19:58 - 00000684 ____H C:\bdr-cf01 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016 2015-12-30 19:58 - 2015-12-30 19:58 - 00000000 ____D C:\ProgramData\BDLogging 2015-12-30 19:58 - 2015-12-15 21:35 - 49760229 ____H C:\bdr-im01.gz 2015-12-30 19:58 - 2015-12-04 19:27 - 00087912 _____ (BitDefender) C:\WINDOWS\system32\Drivers\bdvedisk.sys 2015-12-30 19:58 - 2015-10-28 13:01 - 01600512 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avc3.sys 2015-12-30 19:58 - 2015-10-22 14:02 - 00271808 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys 2015-12-30 19:58 - 2015-09-17 21:24 - 01740520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll 2015-12-30 19:58 - 2015-09-17 21:24 - 00282000 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avchv.sys 2015-12-30 19:58 - 2015-09-17 21:23 - 00775424 _____ (BitDefender) C:\WINDOWS\system32\Drivers\avckf.sys 2015-12-30 19:58 - 2013-09-08 19:04 - 00023568 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\bdelam.sys 2015-12-30 19:58 - 2013-08-13 12:38 - 03271472 ____H C:\bdr-bz01 2015-12-30 19:58 - 2007-04-11 10:11 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\capicom.dll 2015-12-30 19:56 - 2015-12-30 20:29 - 00000000 ____D C:\ProgramData\Bitdefender 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Users\Felix\AppData\Roaming\QuickScan 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2015-12-30 19:56 - 2015-12-30 19:56 - 00000000 ____D C:\Program Files\Bitdefender 2015-12-30 19:56 - 2015-06-02 14:21 - 00477272 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys 2015-12-30 19:56 - 2015-04-29 13:32 - 00160032 _____ (BitDefender LLC) C:\WINDOWS\system32\Drivers\gzflt.sys 2015-12-30 19:55 - 2015-12-30 19:55 - 00000000 ___HD C:\Users\Felix\Desktop\.updtmp 2015-12-30 19:54 - 2016-01-22 15:45 - 00000408 _____ C:\WINDOWS\Tasks\WpsUpdateTask_Felix.job 2015-12-30 19:54 - 2016-01-13 15:12 - 00003426 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_Felix 2015-12-30 19:54 - 2016-01-13 15:12 - 00002412 _____ C:\Users\Felix\Desktop\WPS文字.lnk 2015-12-30 19:54 - 2015-12-30 19:54 - 00000000 ____D C:\Users\Felix\AppData\Roaming\wps 2015-12-30 19:53 - 2015-12-30 19:53 - 00000000 ____D C:\Users\Felix\AppData\Local\kingsoft 2015-12-30 19:45 - 2015-12-30 19:51 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity(2).exe 2015-12-30 19:41 - 2015-12-30 19:41 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity(1).exe 2015-12-30 19:20 - 2016-01-22 15:42 - 00000000 ____D C:\Program Files\Bitdefender Agent 2015-12-30 19:20 - 2015-12-30 19:20 - 09736912 _____ C:\Users\Felix\Downloads\bitdefender_tsecurity.exe 2015-12-30 19:20 - 2015-12-30 19:20 - 00003794 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 2015-12-30 19:20 - 2015-12-30 19:20 - 00000000 ____D C:\ProgramData\Bitdefender Agent 2015-12-30 18:30 - 2016-01-01 13:15 - 00000738 _____ C:\Users\Felix\Desktop\Bio.txt 2015-12-30 15:43 - 2015-12-30 20:01 - 00000000 ____D C:\Users\Felix\AppData\Local\fabi.me 2015-12-30 15:42 - 2013-09-24 11:14 - 00179200 _____ (fabi.me) C:\Users\Felix\Desktop\SpeedAutoClicker.exe 2015-12-30 15:41 - 2015-12-30 15:41 - 00094899 _____ C:\Users\Felix\Downloads\SpeedAutoClicker.zip 2015-12-30 15:36 - 2015-12-30 15:36 - 00000000 ____D C:\ProgramData\PCMGR 2015-12-30 15:23 - 2015-12-24 22:01 - 00127800 _____ (Tencent Technology(Shenzhen) Company Limited) C:\WINDOWS\system32\Drivers\TAOKernelEx64.sys 2015-12-27 21:17 - 2015-08-03 17:10 - 01795952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01011.dll 2015-12-27 17:44 - 2015-08-05 09:02 - 10828536 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\BCMWL63a.SYS 2015-12-27 17:44 - 2015-08-05 09:02 - 03778568 _____ (Broadcom Corporation) C:\WINDOWS\system32\bcmihvui64.dll 2015-12-27 17:44 - 2015-08-03 17:10 - 00050688 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\KeyMagic.sys 2015-12-27 17:40 - 2015-12-27 17:40 - 00000000 ____D C:\ProgramData\Intel 2015-12-27 17:38 - 2015-12-27 17:38 - 00000000 ____D C:\Users\Felix\Intel 2015-12-27 17:38 - 2015-08-05 09:01 - 00038912 _____ (Apple Inc.) C:\WINDOWS\system32\Drivers\AppleBtBc.sys 2015-12-25 10:23 - 2015-12-25 10:23 - 00000000 ____D C:\Users\Felix\Desktop\Craft Attack 2015-12-24 22:02 - 2015-12-24 22:02 - 00005120 _____ C:\Users\Felix\AppData\Roaming\GiftBag.db 2015-12-24 20:38 - 2015-12-24 20:38 - 00000000 ____D C:\ProgramData\TXPCMGR 2015-12-24 20:37 - 2015-12-30 20:07 - 00000000 ____D C:\WINDOWS\Minidump 2015-12-24 19:27 - 2016-01-13 15:12 - 00000000 ____D C:\Users\Felix\AppData\Roaming\kingsoft 2015-12-24 18:50 - 2016-01-13 15:13 - 00000000 ____D C:\ProgramData\kingsoft ==================== Ein Monat: Geänderte Dateien und Ordner ======== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.) 2016-01-22 15:43 - 2015-10-13 18:37 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Skype 2016-01-22 15:42 - 2015-11-28 08:27 - 00000000 __SHD C:\Users\Felix\IntelGraphicsProfiles 2016-01-22 15:42 - 2015-11-28 08:18 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-01-22 15:42 - 2015-11-28 08:11 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2016-01-22 15:42 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\AppReadiness 2016-01-22 15:42 - 2015-10-11 19:57 - 00000000 ____D C:\Program Files (x86)\Steam 2016-01-22 15:42 - 2015-10-11 18:51 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2016-01-22 15:41 - 2015-10-30 07:28 - 00262144 ___SH C:\WINDOWS\system32\config\BBI 2016-01-22 15:40 - 2015-11-16 17:00 - 00000008 __RSH C:\ProgramData\ntuser.pol 2016-01-22 15:39 - 2015-10-30 08:24 - 00000000 ___HD C:\Program Files\WindowsApps 2016-01-22 14:43 - 2015-10-11 20:04 - 00001066 _____ C:\Users\Felix\Desktop\nativelog.txt 2016-01-22 14:42 - 2015-10-11 20:17 - 00000000 ____D C:\Users\Felix\AppData\Roaming\.minecraft 2016-01-22 14:34 - 2015-11-28 08:12 - 02086232 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-01-22 14:34 - 2015-10-30 19:35 - 00889314 _____ C:\WINDOWS\system32\perfh007.dat 2016-01-22 14:34 - 2015-10-30 19:35 - 00197362 _____ C:\WINDOWS\system32\perfc007.dat 2016-01-22 14:34 - 2015-10-30 08:21 - 00000000 ____D C:\WINDOWS\INF 2016-01-22 14:02 - 2015-10-11 18:51 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2016-01-22 13:58 - 2015-10-30 07:28 - 00000000 ____D C:\Windows 2016-01-22 13:23 - 2015-10-26 11:01 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2016-01-21 20:50 - 2015-12-07 03:01 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{515E952E-5BFC-4136-9FC0-930100038690} 2016-01-21 20:49 - 2015-10-11 18:28 - 00000000 ____D C:\Users\Felix\AppData\Local\VirtualStore 2016-01-21 20:37 - 2015-11-28 08:13 - 00000000 ____D C:\Users\Felix 2016-01-18 15:03 - 2015-12-07 09:46 - 00003376 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1449477981 2016-01-18 15:03 - 2015-12-07 09:45 - 00000000 ____D C:\Program Files (x86)\Opera 2016-01-18 15:01 - 2015-10-13 18:37 - 00000000 ___RD C:\Program Files (x86)\Skype 2016-01-17 00:06 - 2015-12-10 22:00 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Visual Studio 2015.lnk 2016-01-17 00:06 - 2015-12-07 09:46 - 00001204 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk 2016-01-17 00:06 - 2015-11-28 08:17 - 00001552 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk 2016-01-17 00:06 - 2015-10-27 18:54 - 00001495 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Express für Web.lnk 2016-01-17 00:06 - 2015-10-26 10:57 - 00001171 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2016-01-17 00:05 - 2015-12-21 13:00 - 00001848 _____ C:\Users\Public\Desktop\Internet Explorer.lnk 2016-01-17 00:05 - 2015-12-16 15:40 - 00002636 _____ C:\Users\Public\Desktop\Skype.lnk 2016-01-17 00:05 - 2015-12-10 22:03 - 00001506 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blend for Visual Studio 2015.lnk 2016-01-17 00:05 - 2015-12-07 09:46 - 00001186 _____ C:\Users\Public\Desktop\Opera.lnk 2016-01-17 00:05 - 2015-12-07 02:57 - 00001315 _____ C:\Users\Public\Desktop\Target 3001! V17 discover.lnk 2016-01-17 00:05 - 2015-11-28 08:29 - 00002433 _____ C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk 2016-01-17 00:05 - 2015-11-21 08:21 - 00002203 _____ C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk 2016-01-17 00:05 - 2015-11-21 08:21 - 00002191 _____ C:\Users\Public\Desktop\WinZip.lnk 2016-01-17 00:05 - 2015-10-26 10:57 - 00001153 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk 2016-01-17 00:05 - 2015-10-19 16:02 - 00001038 _____ C:\Users\Public\Desktop\VNC Viewer.lnk 2016-01-17 00:05 - 2015-10-19 14:56 - 00001069 _____ C:\Users\Public\Desktop\Win32DiskImager.lnk 2016-01-17 00:05 - 2015-10-13 18:37 - 00000000 ____D C:\ProgramData\Skype 2016-01-17 00:05 - 2015-10-11 19:57 - 00000969 _____ C:\Users\Public\Desktop\Steam.lnk 2016-01-17 00:05 - 2015-10-11 18:52 - 00002254 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2016-01-17 00:05 - 2015-10-11 18:33 - 00002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2016-01-16 23:05 - 2015-12-16 16:27 - 00001205 _____ C:\Users\Felix\Desktop\Continue Last version Installation.lnk 2016-01-16 23:05 - 2015-12-14 16:32 - 00001426 _____ C:\Users\Felix\Desktop\7zFM - Verknüpfung.lnk 2016-01-16 23:05 - 2015-12-14 16:32 - 00001415 _____ C:\Users\Felix\Desktop\7zG - Verknüpfung.lnk 2016-01-16 23:05 - 2015-12-08 20:18 - 00001139 _____ C:\Users\Felix\Desktop\Logitech Gaming Software 8.76.lnk 2016-01-16 23:05 - 2015-12-07 02:55 - 00001072 _____ C:\Users\Felix\Desktop\TinyCAD.lnk 2016-01-16 23:05 - 2015-11-16 17:01 - 00002135 _____ C:\Users\Felix\Desktop\Chromium.lnk 2016-01-16 23:05 - 2015-11-16 16:57 - 00001219 _____ C:\Users\Felix\Desktop\TeamSpeak 3 Client.lnk 2016-01-16 23:05 - 2015-11-03 18:19 - 00000975 _____ C:\Users\Felix\Desktop\Xming.lnk 2016-01-16 23:05 - 2015-10-25 20:34 - 00001912 _____ C:\Users\Felix\Desktop\Warface Launcher.lnk 2016-01-16 23:05 - 2015-10-15 17:18 - 00001014 _____ C:\Users\Felix\Desktop\Eclipse Java Mars.lnk 2016-01-16 23:05 - 2015-10-13 19:41 - 00001276 _____ C:\Users\Felix\Desktop\Revo Uninstaller.lnk 2016-01-16 23:05 - 2015-10-13 19:36 - 00001097 _____ C:\Users\Felix\Desktop\Cheat Engine.lnk 2016-01-16 23:05 - 2015-10-13 19:33 - 00000970 _____ C:\Users\Felix\Desktop\7-Zip File Manager.lnk 2016-01-16 23:03 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\ELAMBKUP 2016-01-16 23:03 - 2015-10-30 07:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM 2016-01-16 23:03 - 2015-10-19 16:02 - 00000000 ____D C:\ProgramData\RealVNC-Service 2016-01-16 23:02 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\appraiser 2016-01-16 22:45 - 2015-10-30 08:11 - 00000000 ____D C:\WINDOWS\CbsTemp 2016-01-16 17:38 - 2015-12-10 22:17 - 00000000 ____D C:\WINDOWS\system32\MRT 2016-01-16 17:35 - 2015-12-10 22:17 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2016-01-10 08:44 - 2015-10-15 15:07 - 00000000 ____D C:\Users\Felix\AppData\Local\ElevatedDiagnostics 2016-01-09 12:26 - 2015-10-26 10:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2016-01-03 23:00 - 2015-11-16 17:14 - 00000000 ____D C:\Users\Felix\Desktop\plugins 2016-01-03 21:50 - 2015-11-14 20:24 - 00000000 ____D C:\Users\Felix\workspace 2016-01-03 21:14 - 2015-11-14 20:24 - 00000000 ____D C:\Users\Felix\AppData\Local\Eclipse 2016-01-03 21:14 - 2015-10-15 17:15 - 00000000 ____D C:\Users\Felix\.p2 2016-01-03 20:51 - 2015-10-15 17:18 - 00000000 ____D C:\Users\Felix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eclipse 2016-01-03 20:49 - 2015-10-15 17:15 - 00000000 ____D C:\Users\Felix\eclipse 2016-01-03 17:50 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\NDF 2016-01-03 02:40 - 2015-10-30 08:26 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe 2016-01-03 02:40 - 2015-10-30 08:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl 2015-12-31 17:48 - 2015-11-28 08:10 - 00197912 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2015-12-30 20:51 - 2015-11-25 18:44 - 00000000 ____D C:\Users\Felix\AppData\Local\{56546008-72FC-0CB0-1F64-29583B0CD5C0} 2015-12-30 20:07 - 2015-10-30 08:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files 2015-12-30 20:07 - 2015-10-30 08:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages 2015-12-30 20:02 - 2015-11-16 17:00 - 00000000 ____D C:\Users\Felix\AppData\Local\{0A3F3C63-2E97-50DB-430F-7533676789AB} 2015-12-30 18:00 - 2015-11-16 18:00 - 00000217 _____ C:\Users\Felix\AppData\Roaming\WB.CFG 2015-12-27 21:17 - 2015-11-16 17:01 - 00000000 ____D C:\Users\Felix\AppData\Roaming\FileZilla 2015-12-27 20:00 - 2015-12-13 19:45 - 00000017 _____ C:\WINDOWS\SysWOW64\history.dat 2015-12-27 17:43 - 2015-11-28 08:11 - 00000000 ____D C:\Program Files\Intel 2015-12-27 17:42 - 2015-10-11 18:41 - 00000000 ____D C:\ProgramData\Package Cache 2015-12-27 17:40 - 2015-10-11 16:19 - 00000000 ____D C:\Program Files (x86)\Intel 2015-12-24 20:38 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports 2015-12-24 18:51 - 2015-10-11 18:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ======= 2015-12-07 19:44 - 2015-12-07 18:40 - 9545216 _____ () C:\Users\Felix\AppData\Roaming\agent.dat 2015-12-07 19:44 - 2015-11-19 15:27 - 0000428 _____ () C:\Users\Felix\AppData\Roaming\book.txt 2015-12-07 19:44 - 2015-12-07 18:40 - 0058272 _____ () C:\Users\Felix\AppData\Roaming\Config.xml 2015-12-24 22:02 - 2015-12-24 22:02 - 0005120 _____ () C:\Users\Felix\AppData\Roaming\GiftBag.db 2016-01-03 23:30 - 2016-01-03 23:30 - 0000630 _____ () C:\Users\Felix\AppData\Roaming\jd-gui.cfg 2015-12-07 19:44 - 2015-12-07 17:01 - 0005568 _____ () C:\Users\Felix\AppData\Roaming\md.xml 2015-12-07 19:44 - 2015-11-19 15:26 - 0004134 _____ () C:\Users\Felix\AppData\Roaming\pic.jpg 2015-12-07 19:44 - 2015-11-19 15:26 - 0004134 _____ () C:\Users\Felix\AppData\Roaming\pic1.jpg 2015-11-16 18:00 - 2015-12-30 18:00 - 0000217 _____ () C:\Users\Felix\AppData\Roaming\WB.CFG 2015-10-19 15:30 - 2015-12-03 21:33 - 0000600 _____ () C:\Users\Felix\AppData\Local\PUTTY.RND 2015-10-13 18:59 - 2015-10-13 18:59 - 0007619 _____ () C:\Users\Felix\AppData\Local\Resmon.ResmonCfg 2015-11-14 21:12 - 2015-11-14 21:12 - 0292184 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempdxwebsetup.exe 2015-11-14 21:12 - 2015-11-14 21:12 - 7194312 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempvcredist_x64.exe 2015-11-14 21:12 - 2015-11-14 21:12 - 6503984 _____ (Microsoft Corporation) C:\Users\Felix\AppData\Local\Tempvcredist_x86.exe 2015-12-30 20:00 - 2015-12-30 20:00 - 0434325 _____ () C:\ProgramData\1451501783.bdinstall.bin Einige Dateien in TEMP: ==================== C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2297716568542197287.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2578031879161228757.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2758001311468154250.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-2859534402223534488.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-5643248797915814353.dll C:\Users\Felix\AppData\Local\Temp\jansi-64-git-Spigot-5f38d38-18fbb24-7675824711585635151.dll C:\Users\Felix\AppData\Local\Temp\OfficeAssist.0614.80.242.exe C:\Users\Felix\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll C:\Users\Felix\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap ================= (Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.) C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert C:\WINDOWS\explorer.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert C:\WINDOWS\system32\services.exe => Datei ist digital signiert C:\WINDOWS\system32\User32.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert LastRegBack: 2016-01-18 16:00 ==================== Ende von FRST.txt ============================ Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:18-01-2016 durchgeführt von Felix (2016-01-22 15:45:14) Gestartet von C:\Users\Felix\Downloads Windows 10 Pro (X64) (2015-11-28 07:27:08) Start-Modus: Normal ========================================================== ==================== Konten: ============================= Administrator (S-1-5-21-2852922398-1150064108-2753843024-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-2852922398-1150064108-2753843024-503 - Limited - Disabled) Felix (S-1-5-21-2852922398-1150064108-2753843024-1000 - Administrator - Enabled) => C:\Users\Felix Gast (S-1-5-21-2852922398-1150064108-2753843024-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-2852922398-1150064108-2753843024-1002 - Limited - Enabled) ==================== Sicherheits-Center ======================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.) AV: Bitdefender Antivirus (Enabled - Out of date) {9A0813D8-CED6-F86B-072E-28D2AF25A83D} AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Bitdefender Spyware-Schutz (Enabled - Out of date) {2169F23C-E8EC-F7E5-3D9E-13A0D4A2E280} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Bitdefender Firewall (Enabled) {A23392FD-84B9-F933-2C71-81E751F6EF46} ==================== Installierte Programme ====================== (Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.) 7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - ) Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.286 - Adobe Systems Incorporated) Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden Application Insights Tools for Visual Studio Express 2015 for Web (x32 Version: 3.3 - Microsoft Corporation) Hidden Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden AzureTools.Notifications.VwdExpress (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender) Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.24.1290 - Bitdefender) Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden Boot Camp-Dienste (HKLM\...\{FA2B2C2A-EA41-495A-9308-60726125D562}) (Version: 5.1.5640 - Apple Inc.) Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version: - Treyarch) Call of Duty: Black Ops II (HKLM-x32\...\Steam App 202970) (Version: - Treyarch) Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine) Chromium (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Chromium) (Version: 46.0.2472.0 - Chromium) Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Entity Framework 6.1.3 Tools for Visual Studio 2015 Update 1 (HKLM-x32\...\{2A56910C-69C8-495D-8ED8-9080F0A14E58}) (Version: 14.0.41103.0 - Microsoft Corporation) Erforderliche Komponenten für SSDT (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation) FileZilla Client 3.14.1 (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\FileZilla Client) (Version: 3.14.1 - Tim Kosse) Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.111 - Google Inc.) Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden IIS 10.0 Express (HKLM\...\{7A28A2B0-458B-4A58-84AC-C90D2D4B79FB}) (Version: 10.0.1735 - Microsoft Corporation) IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version: - ) IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version: - ) Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.30.1072 - Intel Corporation) Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation) Intel® Chipsatz-Gerätesoftware (x32 Version: 10.0.27 - Intel(R) Corporation) Hidden Java 8 Update 65 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418065F0}) (Version: 8.0.650.17 - Oracle Corporation) Java 8 Update 66 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418066F0}) (Version: 8.0.660.17 - Oracle Corporation) Java SE Development Kit 8 Update 60 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180600}) (Version: 8.0.600.27 - Oracle Corporation) Logitech Gaming Software 8.76 (HKLM\...\Logitech Gaming Software) (Version: 8.76.155 - Logitech Inc.) Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation) Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{19E8AE59-4D4A-3534-B567-6CC08FA4102E}) (Version: 4.5.51651 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (Deutsch) (HKLM-x32\...\{529EFF09-750D-48B9-A47A-34A3B6248C3F}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 SDK (HKLM-x32\...\{2F0ECC80-B9E4-4485-8083-CD32F22ABD92}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (ENU) (HKLM-x32\...\{8EEB28EE-5141-411C-9CF0-9952264FE4AF}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Framework 4.6.1 Targeting Pack (HKLM-x32\...\{8BC3EEC9-090F-4C53-A8DA-1BEC913040F9}) (Version: 4.6.01055 - Microsoft Corporation) Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation) Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation) Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation) Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation) Microsoft SQL Server 2012 Native Client (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation) Microsoft SQL Server Compact 4.0 SP1 x64 DEU (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation) Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation) Microsoft SQL Server*2014 Express LocalDB (HKLM\...\{CA191120-4CB1-4E3D-89B8-79FDB9017A2E}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 Transact-SQL ScriptDom (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft SQL Server*2014 T-SQL Language Service (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation) Microsoft Visual Studio Community 2015 mit Update 1 (HKLM-x32\...\{013c11fd-b596-4e15-a6e6-8373b77f0b5e}) (Version: 14.0.24720.0 - Microsoft Corporation) Microsoft Visual Studio Express 2015 für Web - DEU (HKLM-x32\...\{0c2136c2-b505-4375-b1b0-850f218a13a3}) (Version: 14.0.23107.10 - Microsoft Corporation) Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation) Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation) Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden Mozilla Firefox 43.0.4 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla) Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.4 - Notepad++ Team) Opera Stable 34.0.2036.25 (HKLM-x32\...\Opera 34.0.2036.25) (Version: 34.0.2036.25 - Opera Software) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{FACF2669-E25A-428A-9167-5EEDE741F3B9}) (Version: 4.6.00127 - Microsoft Corporation) Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6.1 (Deutsch) (HKLM-x32\...\{4860C1E5-CE58-4D32-89DE-37951333B4C9}) (Version: 4.6.01055 - Microsoft Corporation) PPT美化大师 (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\PPTAssist) (Version: 2.0.0.0051 - 珠海金山办公软件有限公司) RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5936 - Realtek Semiconductor Corp.) Recover Keys (HKLM-x32\...\Recover Keys_is1) (Version: 9.0.3.168 - Recover Keys) Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - Dragonfly GF Co., LTD) Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation) Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) Target 3001! V17 discover (HKLM-x32\...\Target 3001! V17 discover) (Version: - Ing. Buero FRIEDRICH) Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden TeamSpeak 3 Client (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH) Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden TinyCAD 2.80.06 (HKLM-x32\...\TinyCAD) (Version: 2.80.06 - TinyCAD) TypeScript Power Tool (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.6.3.0 - Microsoft Corporation) Hidden TypeScript Tools for Microsoft Visual Studio 2015 1.6.3.0 (HKLM-x32\...\{da31aa25-410a-4c1b-9ec0-114dd8dff786}) (Version: 1.6.23313.0 - Microsoft Corporation) Unity Web Player (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\UnityWebPlayer) (Version: 5.2.0f3 - Unity Technologies ApS) Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation) VNC Server 5.2.3 (HKLM\...\{0D2201F0-2E7B-4C89-8C5D-03D3F5BB5042}) (Version: 5.2.3 - RealVNC Ltd) VNC Viewer 5.2.3 (HKLM\...\{8824CB84-60DF-4CBC-AB3A-7C5AB2A41F31}) (Version: 5.2.3 - RealVNC Ltd) Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH) WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers) Windows-Treiberpaket - Apple Inc. (AppleCamera) Image (11/21/2013 5.0.22.0) (HKLM\...\1FCF3C93707C46D648F0B00E216A55E96DEB5A17) (Version: 11/21/2013 5.0.22.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPIDevice) System (02/02/2015 5.1.12.0) (HKLM\...\D59948F3084BF66E63262EC408CE7B915FE1F86C) (Version: 02/02/2015 5.1.12.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPIKeyboard) HIDClass (04/08/2015 5.1.6000.0) (HKLM\...\8628974A5DFA6E4B7C1103AD365BE0B09FBBB36F) (Version: 04/08/2015 5.1.6000.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleSPITrackpad) HIDClass (03/30/2015 5.1.5800.0) (HKLM\...\9060F8F607B79E8DFBB207F8A68A76BEE41E343B) (Version: 03/30/2015 5.1.5800.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. (AppleUSBEthernet) Net (02/01/2008 3.10.3.10) (HKLM\...\D53CBF2C12DF51DA5E9C1A9DA97FF0DCA0C524C5) (Version: 02/01/2008 3.10.3.10 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Bluetooth (03/01/2010 3.0.0.5) (HKLM\...\EA3C044F6FD39CEC8F4F596836BF4197E97E1D39) (Version: 03/01/2010 3.0.0.5 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Broadcom Bluetooth (07/31/2015 6.0.6100.0) (HKLM\...\8F0EDB7FDBC8E1501FC134846F23B8B02EDBC2A0) (Version: 07/31/2015 6.0.6100.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Display (01/23/2009 3.0.0.0) (HKLM\...\E0EAD0CEA9119B77350ED4DE28D9A82E57014D94) (Version: 01/23/2009 3.0.0.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple IR Receiver (02/21/2008 2.0.4.0) (HKLM\...\D5BB697E7D0C75712F3AD00AB1B85412CB5C0FD3) (Version: 02/21/2008 2.0.4.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Keyboard (01/10/2014 5.0.8.0) (HKLM\...\ABCCA6C3F97A148D7C69114CB55DFA9D46053BEA) (Version: 01/10/2014 5.0.8.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Keyboard (07/21/2015 5.1.6160.0) (HKLM\...\D2D3AB0DFD6CA4C10F9B608AC1A57D5D55A71596) (Version: 07/21/2015 5.1.6160.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multi-Touch (03/30/2015 5.1.5900.0) (HKLM\...\85AD59D6F43923644E140D13C9494D0B9E6775F6) (Version: 03/30/2015 5.1.5900.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multitouch (09/04/2013 5.0.2.0) (HKLM\...\277F15E06E6EEB458048F41BCB8FB843B3241E95) (Version: 09/04/2013 5.0.2.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Multitouch Mouse (09/11/2012 4.0.3.0) (HKLM\...\742CB1BDA52EA9F1BBE482DA6DAA17944652B476) (Version: 09/11/2012 4.0.3.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple ODD (05/17/2010 3.1.0.0) (HKLM\...\D6B4CB6AD2F81752C2EF8DCF6AD5EBC567ADD45C) (Version: 05/17/2010 3.1.0.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple SD Card Reader (07/22/2013 1.0.0.1) (HKLM\...\D323E2C0C5E4948B07EE346CF62161281B0A8578) (Version: 07/22/2013 1.0.0.1 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple System Device (02/23/2015 5.1.4.0) (HKLM\...\7CCA73822D13048A6F7333D8BC7C76B2B9D4186F) (Version: 02/23/2015 5.1.4.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple System Device (05/20/2013 5.0.2.0) (HKLM\...\1A9F109A8ACEE4CA1F898708DBB0FBA6EF0587FC) (Version: 05/20/2013 5.0.2.0 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Wireless Mouse (06/01/2011 4.0.0.1) (HKLM\...\D088EE4BD2819FBA2B349EF9D55176F223419BE6) (Version: 06/01/2011 4.0.0.1 - Apple Inc.) Windows-Treiberpaket - Apple Inc. Apple Wireless Trackpad (10/29/2011 5.0.0.0) (HKLM\...\551732BB0872DA97E26385C221B172A5BD4DE93C) (Version: 10/29/2011 5.0.0.0 - Apple Inc.) Windows-Treiberpaket - Atheros Communications Inc. (athr) Net (11/13/2010 9.2.0.113) (HKLM\...\F0A3F8394866FA91E82C8D5AB92C918FE40FE1DF) (Version: 11/13/2010 9.2.0.113 - Atheros Communications Inc.) Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/04/2012 15.4.0.17) (HKLM\...\75E64992A03EC5E73D33586790CC506561DCC5DB) (Version: 09/04/2012 15.4.0.17 - Broadcom) Windows-Treiberpaket - Broadcom (b57nd60a) Net (09/12/2014 16.8.0.4) (HKLM\...\52A3E8A4470A399105E841E06FD7C6347B788285) (Version: 09/12/2014 16.8.0.4 - Broadcom) Windows-Treiberpaket - Broadcom (B57ports) Net (06/16/2009 1.0.0.1) (HKLM\...\FC2077892425ED71A137B1CB6D99A9CA7475435D) (Version: 06/16/2009 1.0.0.1 - Broadcom) Windows-Treiberpaket - Broadcom (B57ports) Net (10/15/2012 1.0.0.3) (HKLM\...\01396BB9E2633BC0DF02F4456D00791CEC0386A6) (Version: 10/15/2012 1.0.0.3 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (07/24/2015 7.35.118.40) (HKLM\...\636525759A12D18B7BB257132F353A1C85A0D8AA) (Version: 07/24/2015 7.35.118.40 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (11/13/2012 5.106.199.1) (HKLM\...\3D6DDDCF8961C8C866F6660579A59B5B6CFA281F) (Version: 11/13/2012 5.106.199.1 - Broadcom) Windows-Treiberpaket - Broadcom (BCM43XX) Net (12/13/2013 6.30.223.215) (HKLM\...\A5E73046BA905B7B0235AB40FA98A4E3AB96E00E) (Version: 12/13/2013 6.30.223.215 - Broadcom) Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) SDHost (08/14/2012 1.0.0.243) (HKLM\...\ADF3AD5C5705E56E7DEA1447D58EFF216BA1223D) (Version: 08/14/2012 1.0.0.243 - Broadcom Corporation) Windows-Treiberpaket - Broadcom Corporation (bScsiSDa) System (01/10/2014 1.0.0.256) (HKLM\...\35B16C75F55CBB304E72CB9CC504E2846F4006C7) (Version: 01/10/2014 1.0.0.256 - Broadcom Corporation) Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusFilter) MEDIA (02/19/2013 6.6001.1.40) (HKLM\...\969EFE1D5E95B01D3C42B9D0363FA64AF9E336E7) (Version: 02/19/2013 6.6001.1.40 - Cirrus Logic, Inc.) Windows-Treiberpaket - Cirrus Logic, Inc. (CirrusLFD) MEDIA (10/03/2013 6.6001.3.13) (HKLM\...\9EBC96DD99F2C854D540FBF6A16A557BADDBC228) (Version: 10/03/2013 6.6001.3.13 - Cirrus Logic, Inc.) Windows-Treiberpaket - Intel (e1express) Net (03/26/2010 9.13.41.0) (HKLM\...\159439476E3A00F9FAE49DD6C1A78F2F6288A5B9) (Version: 03/26/2010 9.13.41.0 - Intel) Windows-Treiberpaket - Intel (e1kexpress) Net (04/12/2010 11.6.92.0) (HKLM\...\5BEF08C10896D86DC13394FFA75874564B700368) (Version: 04/12/2010 11.6.92.0 - Intel) Windows-Treiberpaket - Intel (e1qexpress) Net (12/04/2009 11.4.7.0) (HKLM\...\57AFA39B22ADEC4E383572E9331167546EB3C9C7) (Version: 12/04/2009 11.4.7.0 - Intel) Windows-Treiberpaket - Intel (e1rexpress) Net (01/07/2010 11.4.16.0) (HKLM\...\F71DB41300D30088C8D3716343D1429488E605C1) (Version: 01/07/2010 11.4.16.0 - Intel) Windows-Treiberpaket - Intel (e1yexpress) Net (04/07/2010 10.1.9.0) (HKLM\...\CB599752301BCA080D135697FDD05900F5A5CF4C) (Version: 04/07/2010 10.1.9.0 - Intel) Windows-Treiberpaket - Intel Corporation (iaLPSS_GPIO) System (06/13/2014 1.1.226.2) (HKLM\...\8BC4E9FD6C3043002821AE8637B64D1F49158967) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_I2C) System (06/13/2014 1.1.226.2) (HKLM\...\12B5BD67769FF25AA5FD3176BB05C144EE57E87E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_SPI) System (06/13/2014 1.1.226.2) (HKLM\...\D31B79C75E3A9BF07A6B49DECBE8AF63DD032F4E) (Version: 06/13/2014 1.1.226.2 - Intel Corporation) Windows-Treiberpaket - Intel Corporation (iaLPSS_UART2) System (01/08/2015 1.1.226.4) (HKLM\...\BBFE1447BB09A9341D77F1B3F64069F9B1FD852C) (Version: 01/08/2015 1.1.226.4 - Intel Corporation) Windows-Treiberpaket - Intel System (07/20/2007 1.2.76.0) (HKLM\...\E2708073906571A0B56F17FD825EF19281ECE29B) (Version: 07/20/2007 1.2.76.0 - Intel) Windows-Treiberpaket - Marvell (yukonx64) Net (12/06/2007 10.51.1.3) (HKLM\...\CDD703ED0B390A5643DB748EBFA5BD55FEEC0D8A) (Version: 12/06/2007 10.51.1.3 - Marvell) WinZip 20.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240EF}) (Version: 20.0.11659 - WinZip Computing, S.L. ) WPS Office (10.1.0.5458) (HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\...\Kingsoft Office) (Version: 10.1.0.5458 - Kingsoft Corp.) Xming 6.9.0.31 (HKLM-x32\...\Xming_is1) (Version: 6.9.0.31 - Colin Harrison) ==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ========================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{034DF736-A378-4292-ACAE-A561088999F5}\InprocServer32 -> C:\Users\Felix\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{1077138E-896C-445E-BD31-CFCFFA4636C4}\InprocServer32 -> C:\Users\Felix\AppData\Local\PPTAssist\pptassist64.dll (珠海金山办公软件有限公司) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{67F4D210-BFC2-4ADD-9A2A-C9B9E1F42C4F}\InprocServer32 -> C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\office6\qingshellext64.dll (Zhuhai Kingsoft Office Software Co.,Ltd) CustomCLSID: HKU\S-1-5-21-2852922398-1150064108-2753843024-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Felix\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation) ==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) Task: {041EEAB3-5D3D-47B1-9547-6DE8EBB2546A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG Task: {0AE1102B-0630-4ED6-8F1B-1282E4998EA7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {0CD2241E-EF10-44B4-A4F7-0869565155A4} - System32\Tasks\WpsExternal_Felix_20160113151232 => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {0CFE2E40-6A97-48C5-9F38-DE82315CF1B0} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto Task: {1A0462B2-8857-4E34-AE5A-8BE2CD50B67A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG Task: {1BBB0A95-0E5D-4842-818C-0A09072C70CD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-01-19] (Adobe Systems Incorporated) Task: {1C6F0CD8-B825-480F-8596-6BF575594F09} - System32\Tasks\PPTAssistantNotifyTask_Felix => C:\Users\Felix\AppData\Local\PPTAssist\notify.exe [2016-01-13] (珠海金山办公软件有限公司) Task: {30B4C83B-59FA-459C-A6C7-30174953E426} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe Task: {3AD8C5C8-72B5-44A3-8389-E7CC83529F8F} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {3CEC9C40-CA49-47E1-937F-AFBD393F7AB4} - \Rush Component2 -> Keine Datei <==== ACHTUNG Task: {4302317C-56E3-4C74-8D6F-89B6F749B16C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG Task: {4335EDD8-BA13-469A-9622-0E2F97AFD693} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe Task: {46933C27-44FE-4D46-842B-2999963BFCF2} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG Task: {5D81A24D-312B-4AAB-A25D-D2CD19D2CC20} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe Task: {6D1A262E-7299-4253-9288-00D23D58DA95} - \Palikan dimo -> Keine Datei <==== ACHTUNG Task: {7E9978CC-46F5-44AB-970E-DBB6E1BC8E5F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe Task: {8288B4DB-8D04-495C-AFFE-125845CCCB65} - System32\Tasks\{0861782D-BA08-434B-861F-57394CC554A5} => pcalua.exe -a C:\Users\Felix\AppData\Local\Temp\2012-2089\pkeyconfigs.exe -d C:\Users\Felix\AppData\Local\Temp\2012-2089 Task: {8586B609-CA6F-408C-B635-97C37A6B6874} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe Task: {8A34E133-733C-4A41-9020-1DD0C725A91F} - \spw3016 -> Keine Datei <==== ACHTUNG Task: {8C58B047-710E-42D6-91B5-04808FDE8EF1} - System32\Tasks\Rush Component => Rundll32.exe "C:\Users\Felix\AppData\Local\Rush Component\{5D264D34-715F-A125-3474-4B9D21821758}\RushComponent.dll",#1 <==== ACHTUNG Task: {98721141-60EE-41E1-8583-C923607FCF1F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {9B556428-E0FE-46AF-8653-015E647FA61A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe Task: {A3199614-481F-4D30-A0BE-672FE74B775A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG Task: {A98058D7-5D7A-4E44-B3F0-81F7F6148837} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2015-11-09] (Bitdefender) Task: {AB02DEE5-7B0B-459D-986A-BF72A3F7C358} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG Task: {AC8AF8E7-022F-4506-80F1-6AC035EB68F4} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe Task: {AD4A084A-2553-4934-982D-605101B4B6E5} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-16] (Microsoft Corporation) Task: {B4E827ED-9AF3-460B-B902-776C569BBB6B} - \LaunchPreSignup -> Keine Datei <==== ACHTUNG Task: {BA6AE93F-BA6D-4762-841E-663F4C8EC099} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe Task: {BA8CB637-AD03-41DD-807C-0F9C3096A351} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.) Task: {BB1237EE-12DE-484A-A34D-3E25B2D42CE7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe Task: {BB9B5F6E-4228-48CB-B007-462448ABE0F5} - System32\Tasks\WpsNotifyTask_Felix => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsnotify.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {C33C4C36-D856-4A7D-8621-C37BE6DFA13D} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {C3536915-763E-40AF-969F-77488FCA3C04} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe Task: {C58E2307-CD6E-405F-9BC9-E63AEAE19003} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG Task: {CFD81C43-056A-41BD-9BDB-6A5F7310BDDB} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe Task: {CFEE4B21-B240-476D-86C1-D20CD872D913} - System32\Tasks\Opera scheduled Autoupdate 1449477981 => C:\Program Files (x86)\Opera\launcher.exe [2015-12-04] (Opera Software) Task: {D02FB55D-C8FB-4010-819E-5C2BEF9F230E} - System32\Tasks\SoftUpgrade => C:\Program Files (x86)\SoftUpgrade\softup.exe [2015-12-01] () Task: {D0C0EC8C-9399-4476-A11F-93EAA62C2B6B} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe Task: {D9370376-DCD7-45DE-B367-D7AE6D4DC0E4} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe Task: {DA10067C-AB1A-4BDE-9C65-AE7E25300090} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG Task: {E62069D2-8C18-4BCC-9562-DBE47D9F74B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-10-11] (Google Inc.) Task: {E6AB186A-BEF0-47E0-BC37-18B65DF4B69F} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {E760F003-AA5B-4FC6-863A-48B03C383865} - System32\Tasks\WpsUpdateTask_Felix => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsupdate.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {E9B670E4-DD01-4BC6-AEF5-2A33CAEE7D0A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG Task: {ECB37F17-B1A7-4FFD-9BF4-7E5F175DF6F2} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe Task: {ECFA571D-9A0E-46EA-8F5B-FB60028CF6E0} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG Task: {F1813D4D-4CE3-4FF5-963B-22E29620335F} - System32\Tasks\PPTAssistantUpdateTask_Felix => C:\Users\Felix\AppData\Local\PPTAssist\assistupdate.exe [2016-01-13] (Zhuhai Kingsoft Office Software Co.,Ltd) Task: {F280C496-6A4D-415F-9068-BD501FD49B03} - \AutoKMS -> Keine Datei <==== ACHTUNG Task: {F501142E-FB93-4A2E-A194-3FC390DA8737} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG Task: {F8889A01-14F9-4B84-9C31-4AE4F08DA072} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe Task: {FEEE3A14-F946-408A-B61B-863041F96076} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.) Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\PPTAssistantNotifyTask_Felix.job => C:\Users\Felix\AppData\Local\PPTAssist\notify.exe Task: C:\WINDOWS\Tasks\PPTAssistantUpdateTask_Felix.job => C:\Users\Felix\AppData\Local\PPTAssist\assistupdate.exe Task: C:\WINDOWS\Tasks\WpsExternal_Felix_20160113151232.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\ksolaunch.exe~/wpscloudlaunch /run_plugin /plugin_name=ktaskschdtool /plugin_entry=ktaskschdtool.dll Task: C:\WINDOWS\Tasks\WpsNotifyTask_Felix.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsnotify.exe Task: C:\WINDOWS\Tasks\WpsUpdateTask_Felix.job => C:\Users\Felix\AppData\Local\Kingsoft\WPS Office\10.1.0.5458\wtoolex\wpsupdate.exe ==================== Verknüpfungen ============================= (Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.) ==================== Geladene Module (Nicht auf der Ausnahmeliste) ============== 2015-10-30 08:18 - 2015-10-30 08:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll 2015-12-30 19:58 - 2013-09-03 13:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll 2016-01-21 17:06 - 2016-01-21 17:06 - 01119064 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpbr.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 00794832 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpdsp.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 03038112 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttpph.mdl 2016-01-21 17:06 - 2016-01-21 17:06 - 01648408 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_01751_003\ashttprbl.mdl 2014-02-06 11:36 - 2014-02-06 11:36 - 00226112 _____ () C:\Windows\system32\AppleOSSMgr.exe 2015-12-03 16:20 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\system32\CoreUIComponents.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeHost.exe 2015-12-03 16:20 - 2015-11-22 11:47 - 02653816 _____ () C:\WINDOWS\System32\CoreUIComponents.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00043480 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll 2015-07-18 00:35 - 2015-07-18 00:35 - 00396688 _____ () C:\WINDOWS\system32\igfxTray.exe 2015-12-18 19:32 - 2015-12-07 05:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll 2015-12-18 19:32 - 2015-12-07 05:00 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2016-01-13 15:10 - 2016-01-05 02:29 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2016-01-13 15:10 - 2016-01-05 02:23 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2016-01-13 15:10 - 2016-01-05 02:24 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll 2016-01-13 15:09 - 2016-01-05 02:26 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 01095448 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll 2015-03-07 01:07 - 2015-03-07 01:07 - 00060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll 2015-11-20 22:41 - 2015-11-20 22:41 - 00240408 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll 2015-12-18 19:30 - 2015-12-18 19:30 - 21845504 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.12.15004.0_x86__8wekyb3d8bbwe\SkyWrap.dll 2015-10-11 19:59 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll 2015-10-11 19:59 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll 2015-10-11 19:59 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll 2015-10-11 19:58 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll 2015-10-11 19:59 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL 2015-10-11 19:58 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll 2015-12-05 10:21 - 2015-12-05 10:21 - 00933056 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll 2015-10-11 19:59 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll 2015-10-16 11:02 - 2015-10-16 11:02 - 00039384 _____ () C:\Program Files\FileZilla FTP Client\fzshellext.dll 2016-01-15 20:03 - 2016-01-12 17:35 - 01590088 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libglesv2.dll 2016-01-15 20:03 - 2016-01-12 17:35 - 00087880 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.111\libegl.dll 2014-10-10 09:37 - 2014-10-10 09:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll ==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) ========= (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.) AlternateDataStreams: C:\Users\Felix\Desktop\FTB_Launcher.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\AdwCleaner_5.030.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\eclipse-inst-win64.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\FRST64.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\FTB_Launcher.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024 (1).exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\mbam-setup-2.2.0.1024.exe:BDU AlternateDataStreams: C:\Users\Felix\Downloads\OTL.exe:BDU ==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) =================== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.) ==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.) ==================== Internet Explorer Vertrauenswürdig/Eingeschränkt =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.) ==================== Hosts Inhalt: =============================== (Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.) 2009-07-14 03:34 - 2016-01-22 15:42 - 00000828 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Andere Bereiche ============================ (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) HKU\S-1-5-21-2852922398-1150064108-2753843024-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 10.0.0.138 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall ist aktiviert. ==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge == (Aktuell gibt es keinen automatisierten Fix für diesen Bereich.) ==================== Firewall Regeln (Nicht auf der Ausnahmeliste) =============== (Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808 FirewallRules: [{A7090D6C-AA6F-4BC4-92BE-8F1C20A87DED}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe FirewallRules: [{5B5842EA-E170-4E97-8A6B-0FE9DB136608}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\Binaries\Win32\sf2.exe FirewallRules: [UDP Query User{DD137C3D-0C24-4CD0-BDFF-EA8FF9D7366C}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe FirewallRules: [TCP Query User{E743D5CD-0EE1-476A-99AD-9C1FA3F4FAE1}C:\program files\java\jre1.8.0_66\bin\java.exe] => (Allow) C:\program files\java\jre1.8.0_66\bin\java.exe FirewallRules: [{5067DFA1-57CA-4F81-A192-7DEB72A645F0}] => (Allow) C:\Users\Felix\AppData\Local\Chromium\Application\chrome.exe FirewallRules: [{7507988B-1DDB-402A-B466-F4ECD3ED45ED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{341A2C8F-67AF-4A0D-9D91-E2AA0F7B7BE6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [UDP Query User{4AA14235-3689-434E-B133-12E2DF4DDCD5}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe FirewallRules: [TCP Query User{D80C7D76-A6BF-4759-8C17-2AFF343C6200}C:\program files (x86)\xming\xming.exe] => (Allow) C:\program files (x86)\xming\xming.exe FirewallRules: [{B6A68673-7665-4E3F-8CFD-AD098F013D6A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{C55EF21D-3C18-423B-A442-BCA157B55714}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6sp.exe FirewallRules: [{C7F26546-D3F1-46DA-A049-39A82C779B5E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{7DED3F15-7D00-4BF5-AE75-170788DC0A42}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Call of Duty Black Ops II\t6mp.exe FirewallRules: [{A875EA9D-3959-47B6-B62C-81255C1A5398}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{AC60CC99-0A36-4732-A636-FD7DAB611A0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{8B779193-5ED2-4DB2-9AC7-28D346513786}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [{65C447F7-4E39-45E7-A059-C21FF56076AF}] => (Allow) C:\Program Files\RealVNC\VNC Server\vncserver.exe FirewallRules: [UDP Query User{94BE76BB-C4CD-4DF2-BAE1-B71282A8B186}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{3D6DA3A1-1F57-4FD1-AD86-639F915F5077}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [{91849250-DF89-4E7C-903E-787CF66F9510}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{FA3885F0-EC9C-4F34-ADFA-437F77B2918A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{F6BF8EAE-632B-4FEC-BD15-50A0A24DB076}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\SKILL\DFUBG.exe FirewallRules: [{48B86976-A659-4BE7-A15F-5375EFADB553}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{4296D42B-9555-42D3-8BD0-F004A5CDA06A}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe FirewallRules: [{CE3FC1AD-C82F-45A5-92E6-FA0D8AB995BC}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [{447C0F96-5FE0-4E62-88F0-8B15E17C5EA7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe FirewallRules: [TCP Query User{0EF45F02-237D-4284-BCB8-8AB147036D7C}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{FB3E01CC-AC97-4F87-A52A-85A0B388E64D}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{8C41C37A-BBB2-49A5-B356-807DF7CE2A42}] => (Allow) C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe FirewallRules: [TCP Query User{EB884493-27D0-497F-A5F1-A74A1AB72E64}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [UDP Query User{CCDD99D7-71A7-4FDF-ADEE-8BD788C1AC5A}C:\program files\java\jre1.8.0_60\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_60\bin\javaw.exe FirewallRules: [TCP Query User{2192BE85-9A6D-46E7-A5B9-F721B62D585E}C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe FirewallRules: [UDP Query User{037987C2-9184-4D79-89BF-1B9A702D93F4}C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe] => (Allow) C:\users\felix\eclipse\java-mars\eclipse\eclipse.exe FirewallRules: [{71436BBB-206E-498E-A4BC-4CD75509CD03}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{546D960B-D0EA-4094-A56C-B82F968D6413}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [{E96DA21B-E15A-489B-85FC-4986BE0E68F0}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\tencentdl.exe FirewallRules: [{64ACDA0F-7B43-445D-BECC-28C3FCA73BAE}] => (Allow) C:\program files (x86)\common files\tencent\qqdownload\130\bugreport_xf.exe FirewallRules: [TCP Query User{484156CF-D8BD-407F-9674-94F25998FAEF}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [UDP Query User{06CF479A-0902-455A-92F0-4261E659F81C}C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) C:\users\felix\desktop\runtime\jre-x64\1.8.0_25\bin\javaw.exe FirewallRules: [TCP Query User{FBBFE8F5-250A-4A0A-8BD0-6A25B1563271}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [UDP Query User{DF82E36C-4E12-46C6-A66B-924725A0A874}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe FirewallRules: [{7DCAC4D6-6A2A-447B-8145-003C067E9980}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Wiederherstellungspunkte ========================= 31-12-2015 09:12:52 Geplanter Prüfpunkt 10-01-2016 08:43:58 Windows Update 16-01-2016 17:35:01 Windows Update ==================== Fehlerhafte Geräte im Gerätemanager ============= Name: Logitech_LGVirHid02 Description: Logitech_LGVirHid02 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: Logitech_LGVirHid01 Description: Logitech_LGVirHid01 Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Fehlereinträge in der Ereignisanzeige: ========================= Applikationsfehler: ================== Error: (01/22/2016 02:15:58 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/22/2016 02:15:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/22/2016 02:15:56 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:56:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:41:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:41:45 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.Messaging_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2147023174. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:12:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: FELIX-PC) Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2144927142. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“. Error: (01/21/2016 07:12:40 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: Programm LockApp.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 4cc Startzeit: 01d1547034b2ba5a Beendigungszeit: 4294967295 Anwendungspfad: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe Berichts-ID: 8cfd1db6-c06a-11e5-ab59-3c15c2e3ef91 Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy Auf das fehlerhafte Paket bezogene Anwendungs-ID: WindowsDefaultLockScreen Error: (01/21/2016 07:12:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: FELIX-PC) Description: Die App „Microsoft.LockApp_10.0.10586.0_neutral__cw5n1h2txyewy+WindowsDefaultLockScreen“ wurde nicht innerhalb der vorgesehenen Zeit gestartet. Systemfehler: ============= Error: (01/22/2016 03:42:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: ) Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1058 Error: (01/22/2016 03:42:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Der Dienst "BlueOcean" wurde aufgrund folgenden Fehlers nicht gestartet: %%2 Error: (01/22/2016 03:41:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (01/22/2016 03:41:20 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (01/22/2016 03:41:20 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: Der Dienst Übermittlungsoptimierung konnte nach dem Empfang eines Preshutdown-Steuerelements nicht richtig heruntergefahren werden. Error: (01/22/2016 03:40:51 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT) Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet. Modulpfad: C:\WINDOWS\System32\bcmihvsrv64.dll Error: (01/22/2016 03:40:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: %%1056 Error: (01/22/2016 03:40:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenzugriff_60161" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 03:40:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Benutzerdatenspeicher _60161" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. Error: (01/22/2016 03:40:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Der Dienst "Kontaktdaten_60161" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts. CodeIntegrity: =================================== Date: 2016-01-22 15:42:02.597 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 15:42:02.551 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:31:09.293 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:31:09.248 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:07:35.364 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 14:02:15.176 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 13:53:30.262 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-22 13:53:30.214 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 21:05:21.486 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. Date: 2016-01-21 21:05:21.440 Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\wininit.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\GermanA.dll that did not meet the Windows signing level requirements. ==================== Speicherinformationen =========================== Prozessor: Intel(R) Core(TM) i5-4308U CPU @ 2.80GHz Prozentuale Nutzung des RAM: 34% Installierter physikalischer RAM: 8100.69 MB Verfügbarer physikalischer RAM: 5342.44 MB Summe virtueller Speicher: 16804.69 MB Verfügbarer virtueller Speicher: 13931.89 MB ==================== Laufwerke ================================ Drive c: (BOOTCAMP) (Fixed) (Total:232.39 GB) (Free:141.65 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)] Drive d: (Macintosh HD) (Fixed) (Total:232.29 GB) (Free:115.96 GB) HFS ==================== MBR & Partitionstabelle ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.9 GB) (Disk ID: 3F1EE8D2) Partition: GPT. Partition 2: (Not Active) - (Size=232.3 GB) - (Type=AF) Partition 3: (Not Active) - (Size=620 MB) - (Type=AB) Partition 4: (Active) - (Size=232.8 GB) - (Type=07 NTFS) ==================== Ende von Addition.txt ============================ |
22.01.2016, 15:49 | #7 |
/// Malwareteam | Alle Ordner schreibgeschützt Hi, Zukünftig bitte so posten: Lesestoff: Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit. Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Mach mal bitte die Anleitung hier: Windows reparieren - so geht's - Anleitungen |
Themen zu Alle Ordner schreibgeschützt |
anderer, beast, bitdefender, button, bytes, check, dateien, defender, entdeck, entdeckt, fehlermeldung, funktioniert, installation, installieren, launch, malware, malware / spyware, nichts, ordner, programm, programme, programmen, rechte, thread, trojaner, verschieben, viren, zunge |