| |
| |||||||
Log-Analyse und Auswertung: Sicherheitswarnung von der Telekom, Citadell-Virus festgestelltWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
10.02.2016, 15:27
| #1 |
| |  Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt Hallo liebe Community, schon mehrfach habe ich von der Telekom (Abuse-Team) einen Brief bekommen mit dem Betreff: "Wichtige Sicherheitswarnung zu Ihrem Internetzugang". Laut telefonischer Aussage von der Hotline soll sich ein "Citadell-Virus" auf einem meiner Rechner befinden. Ich nutze über meinen Internetzugang einen Laptop und ein Smartphone. Weiterhin befinden sich noch eine PS3- und PS4-Konsole sowie ein Smart-TV im Netzwerk, die man wohl ausschließen kann. Laut meinem Antivirenprogramm "Microsoft Security Essentials" befindet sich kein Virus auf dem Laptop. Ich hänge mal meine 2 Logs von FRST an: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version:07-02-2016
durchgeführt von privat (Administrator) auf CHRIS-PC (10-02-2016 14:47:38)
Gestartet von C:\Users\privat\Downloads
Geladene Profile: privat (Verfügbare Profile: Chris & privat)
Platform: Microsoft Windows 7 Professional Service Pack 1 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files\Dell Wireless\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE
() C:\ProgramData\DatacardService\HWDeviceService.exe
() C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Atheros Communications) C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Atheros Commnucations) C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(CyberLink Corp.) C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\assembly\GAC_MSIL\PresentationFontCache\3.0.0.0__31bf3856ad364e35\PresentationFontCache.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil32_20_0_0_267_Plugin.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrvEx.exe
(Opera Software) C:\Program Files\Opera\35.0.2066.37\opera.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files\Dell Wireless\Bluetooth Suite\BtvStack.exe [474272 2010-09-02] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files\Dell Wireless\Bluetooth Suite\AthBtTray.exe [298144 2010-09-02] (Atheros Commnucations)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [Acrobat Assistant 8.0] => C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM\...\Run: [RemoteControl9] => C:\Program Files\CyberLink\PowerDVD9\PDVD9Serv.exe [87336 2009-07-06] (CyberLink Corp.)
HKLM\...\Run: [PDVD9LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD9\Language\Language.exe [50472 2010-04-29] (CyberLink Corp.)
HKLM\...\Run: [Dell Webcam Central] => C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [487562 2010-08-20] (Creative Technology Ltd)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe [240112 2010-09-04] (Sonic Solutions)
HKLM\...\Run: [Desktop Disc Tool] => C:\Program Files\Roxio\oem\Roxio Burn\RoxioBurnLauncher.exe [522736 2010-11-01] ()
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1797488 2011-01-07] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [60688 2015-12-17] (Apple Inc.)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [981688 2015-04-29] (Microsoft Corporation)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [596528 2015-11-09] (Oracle Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157456 2015-12-17] (Apple Inc.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [EPSON SX510W Series (Kopie 1)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIFIE.EXE [199680 2008-11-20] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Device Detection] => C:\Program Files\Lidl_Fotos\dd.exe [860528 2013-10-30] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [] => [X]
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [NokiaSuite.exe] => C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe [1090040 2012-12-21] (Nokia)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Run: [Guiqmex] => C:\Users\privat\AppData\Roaming\Bayd\noyr.exe [253440 2013-01-12] ()
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: E - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: F - F:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {1305b0a3-f675-11e1-a1da-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144100-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {4114411a-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {41144133-92dc-11e1-8581-90004e013ab8} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d7ff-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {7357d81a-4967-11e2-8651-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {750a411f-34c9-11e0-b132-806e6f6e6963} - D:\autorun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {dc37c5b5-6a52-11e2-b7ff-f04da26bc8e0} - E:\AutoRun.exe
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\MountPoints2: {f8f69999-c40f-11e2-a005-f04da26bc8e0} - E:\AutoRun.exe
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll [2013-03-12] (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Winsock: Catalog5 10 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{2258AB48-4D93-4911-96B8-1B32A6796175}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{448221D6-933B-418F-8123-42221C7068BA}: [DhcpNameServer] 139.7.30.126 139.7.30.125
Tcpip\..\Interfaces\{8A4DA0DA-3D99-4A6E-9C53-1FCE9296A33F}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{A85015A4-C874-4C44-846D-25AEC4860175}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{AF10391C-F1D8-4024-BC6B-26BD4465F675}: [NameServer] 10.74.210.210 10.74.210.211
Tcpip\..\Interfaces\{BBE6AA86-1C5F-45F8-8486-9DB31DA9A39B}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.softonic.com/MOY00621/tb_v1?SearchSource=10&cc=&mi=e816127f00000000000090004e013ab7
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/USSMB/8
SearchScopes: HKLM -> DefaultScope {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL = hxxp://www.bing.com/search?q={searchTerms}&form=DLSDF8&pc=MDDS&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> DefaultScope {B6A9F6CA-8C02-4118-92F4-807A7285F11B} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e816127f00000000000090004e013ab7&r=415
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> {4B9FC999-DF9D-4DA9-B7D2-A17ED9193392} URL =
SearchScopes: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> {B6A9F6CA-8C02-4118-92F4-807A7285F11B} URL = hxxp://search.softonic.com/MOY00621/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=e816127f00000000000090004e013ab7&r=415
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_66\bin\ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2011-05-13] (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_66\bin\jp2ssv.dll [2015-11-30] (Oracle Corporation)
BHO: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files\Softonic\Softonic\1.8.21.14\bh\Softonic.dll [2013-06-11] (Softonic.com)
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2015-01-28] (DVDVideoSoft Ltd.)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02] (SEIKO EPSON CORPORATION / CyCom Technology Corp.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll [2011-04-01] (Microsoft Corporation.)
Toolbar: HKLM - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.21.14\SoftonicTlbr.dll [2013-06-11] (Softonic.com)
Toolbar: HKU\S-1-5-21-583576071-2610798785-2159693280-1003 -> Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Handler: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF Homepage: hxxps://www.google.de/?gws_rd=ssl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_20_0_0_267.dll [2016-01-14] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2015-10-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @java.com/DTPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\dtplugin\npDeployJava1.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.66.2 -> C:\Program Files\Java\jre1.8.0_66\bin\plugin2\npjp2.dll [2015-11-30] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2012-12-21] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-02] (Google Inc.)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\user.js [2016-01-04]
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL [2008-10-24] (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2015-12-18] (Adobe Systems Inc.)
FF Extension: WEB.DE MailCheck - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\wwe6u0x0.default-1431504965002\extensions\mailcheck@web.de [2015-12-16]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2016-01-08] [ist nicht signiert]
FF Extension: UITBAutoInstaller - C:\Program Files\Mozilla Firefox\distribution\bundles\{edd7fc99-d65c-4979-85c2-ddeed30c50c7} [2016-01-08] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{22C7F6C6-8D67-4534-92B5-529A0EC09405}] - c:\Program Files\Trend Micro\Client Server Security Agent\bho\1056\FirefoxExtension => nicht gefunden
FF HKLM\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon
FF Extension: Bytemobile Optimization Client - C:\Program Files\T-Mobile\InternetManager_H\OCx32\addon [2012-12-19] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff => nicht gefunden
FF HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\privat\AppData\Roaming\Mozilla\Firefox\Profiles\kpwvyoo0.default\extensions\cliqz@cliqz.com => nicht gefunden
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2015-11-16]
Chrome:
=======
CHR Profile: C:\Users\privat\AppData\Local\Google\Chrome\User Data\default
CHR Extension: (Softonic Chrome Toolbar) - C:\Users\privat\AppData\Local\Google\Chrome\User Data\default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf [2013-10-23]
CHR HKLM\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files\Softonic\Softonic\1.8.21.14\Softonic.crx [2013-06-11]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files\Dell Wireless\Ath_CoexAgent.exe [151552 2010-05-24] (Atheros) [Datei ist nicht signiert]
R2 AtherosSvc; C:\Program Files\Dell Wireless\Bluetooth Suite\adminservice.exe [56480 2010-09-02] (Atheros Commnucations) [Datei ist nicht signiert]
R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [Datei ist nicht signiert]
R2 EPSON_EB_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40ST7.EXE [143872 2007-12-17] (SEIKO EPSON CORPORATION)
R2 EPSON_PM_RPCV4_01; C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RP7.EXE [113664 2007-01-11] (SEIKO EPSON CORPORATION)
S3 FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2011-02-10] (Macrovision Europe Ltd.) [Datei ist nicht signiert]
R2 HWDeviceService.exe; C:\ProgramData\DatacardService\HWDeviceService.exe [270176 2011-01-28] ()
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [Datei ist nicht signiert]
S2 Internet Manager. RunOuc; C:\Program Files\T-Mobile\InternetManager_H\UpdateDog\ouc.exe [224096 2012-12-19] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2015-04-30] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [284504 2015-04-30] (Microsoft Corporation)
S3 RoxMediaDB12OEM; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxMediaDB12OEM.exe [1116656 2010-09-04] (Sonic Solutions)
S2 RoxWatch12; C:\Program Files\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatch12OEM.exe [219632 2010-09-04] (Sonic Solutions)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AthBTPort; C:\Windows\System32\DRIVERS\btath_flt.sys [37224 2010-07-08] (Atheros)
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [281504 2013-04-29] ()
R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [13184 2012-12-19] (Bytemobile, Inc.) [Datei ist nicht signiert]
S3 BTATH_A2DP; C:\Windows\System32\drivers\btath_a2dp.sys [257896 2010-07-08] (Atheros)
R3 BTATH_BUS; C:\Windows\System32\DRIVERS\btath_bus.sys [26984 2010-07-08] (Atheros)
S3 BTATH_HCRP; C:\Windows\System32\DRIVERS\btath_hcrp.sys [178024 2010-07-08] (Atheros)
S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [47976 2010-09-02] (Atheros)
S3 BTATH_RCP; C:\Windows\System32\DRIVERS\btath_rcp.sys [143336 2010-07-08] (Atheros)
S3 BtFilter; C:\Windows\System32\DRIVERS\btfilter.sys [237416 2010-08-31] (Atheros)
S3 FTDIBUS; C:\Windows\System32\drivers\ftdibus.sys [63464 2013-01-22] (FTDI Ltd.)
S3 huawei_cdcacm; C:\Windows\System32\DRIVERS\ew_jucdcacm.sys [90112 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_ext_ctrl; C:\Windows\System32\DRIVERS\ew_juextctrl.sys [26624 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [181760 2012-12-19] (Huawei Technologies Co., Ltd.)
S3 KMWDFILTERx86; C:\Windows\System32\DRIVERS\KMWDFILTER.sys [25088 2009-04-29] (Windows (R) Codename Longhorn DDK provider)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2013-04-29] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [245096 2015-03-04] (Microsoft Corporation)
R1 MpKsl12950f27; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{445E671A-CBFD-4210-99BE-CFCC493851C1}\MpKsl12950f27.sys [39168 2016-02-10] (Microsoft Corporation)
S3 mvusbcomm; C:\Windows\System32\Drivers\mvusbcomm.sys [17408 2013-08-22] (Marvell Semiconductor, Inc.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [18432 2012-03-26] (Apple Inc.) [Datei ist nicht signiert]
R2 risdpcie; C:\Windows\System32\DRIVERS\risdpe86.sys [49152 2009-06-30] (REDC)
S3 rixdpcie; C:\Windows\system32\DRIVERS\rixdpe86.sys [38400 2009-07-04] (REDC)
R3 vpcbus; C:\Windows\System32\DRIVERS\vpchbus.sys [172416 2010-11-20] (Microsoft Corporation)
R1 vpcnfltr; C:\Windows\System32\DRIVERS\vpcnfltr.sys [48128 2010-11-20] (Microsoft Corporation)
R3 vpcusb; C:\Windows\System32\DRIVERS\vpcusb.sys [78336 2010-11-20] (Microsoft Corporation)
R1 vpcvmm; C:\Windows\System32\drivers\vpcvmm.sys [296064 2010-11-20] (Microsoft Corporation)
S3 adxapie; \??\C:\Users\privat\AppData\Local\Temp\adxapie.sys [X]
S3 PCDSRVC{E9D79540-57D5953E-06020101}_0; \??\c:\program files\dell support center\pcdsrvc.pkms [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 14:47 - 2016-02-10 14:49 - 00025102 _____ C:\Users\privat\Downloads\FRST.txt
2016-02-10 14:47 - 2016-02-10 14:47 - 00000000 ____D C:\FRST
2016-02-10 14:46 - 2016-02-10 14:46 - 01721344 _____ (Farbar) C:\Users\privat\Downloads\FRST.exe
2016-02-10 14:23 - 2016-02-10 14:24 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer (1).exe
2016-02-10 14:23 - 2016-02-10 14:23 - 03286400 _____ (Enigma Software Group USA, LLC.) C:\Users\privat\Downloads\SpyHunter-Installer.exe
2016-02-10 04:12 - 2016-02-10 04:12 - 00000000 ____D C:\ef66c554362ecf4d43f9d71f6f1364ae
2016-02-09 22:03 - 2016-01-16 19:42 - 00022464 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-02-09 22:03 - 2016-01-16 19:36 - 01413632 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-02-09 22:03 - 2016-01-16 19:34 - 00949760 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 01198080 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00591360 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00544768 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-02-09 22:03 - 2016-01-11 15:07 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-02-09 22:00 - 2016-01-22 07:13 - 03993536 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2016-02-09 22:00 - 2016-01-22 07:13 - 03938752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-02-09 22:00 - 2016-01-22 07:09 - 01310232 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00642048 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2016-02-09 22:00 - 2016-01-22 07:04 - 00535040 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00872448 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00293888 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\msorcl32.dll
2016-02-09 22:00 - 2016-01-22 07:02 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\mtxoci.dll
2016-02-09 22:00 - 2016-01-22 06:59 - 00642560 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2016-02-09 22:00 - 2016-01-07 18:47 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-02-09 22:00 - 2016-01-07 18:35 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2016-02-09 22:00 - 2016-01-06 19:41 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2016-02-09 22:00 - 2016-01-06 18:56 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-02-09 22:00 - 2015-12-20 19:45 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2016-02-09 22:00 - 2015-12-20 17:16 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-02-09 21:59 - 2016-01-22 07:13 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-02-09 21:59 - 2016-01-22 07:13 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2016-02-09 21:59 - 2016-01-22 07:06 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00171520 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-02-09 21:59 - 2016-01-22 07:06 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00654336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2016-02-09 21:59 - 2016-01-22 07:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 01060864 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2016-02-09 21:59 - 2016-01-22 07:02 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 06:07 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2016-02-09 21:59 - 2016-01-22 06:01 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2016-02-09 21:59 - 2016-01-22 06:00 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2016-02-09 21:59 - 2016-01-22 05:53 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2016-02-09 21:59 - 2016-01-22 05:53 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2016-02-09 21:59 - 2016-01-22 05:51 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2016-02-09 21:59 - 2016-01-22 05:51 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-02-09 21:59 - 2016-01-22 05:51 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-02-09 21:58 - 2016-02-06 11:01 - 20366848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-02-09 21:58 - 2016-02-06 10:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2016-02-09 21:58 - 2016-02-06 10:43 - 02280448 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-02-09 21:58 - 2016-02-06 10:38 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2016-02-09 21:58 - 2016-02-06 10:16 - 12857856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-02-09 21:58 - 2016-02-06 09:54 - 01312256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-02-09 21:58 - 2016-01-22 21:10 - 00341200 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2016-02-09 21:58 - 2016-01-22 07:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2016-02-09 21:58 - 2016-01-22 07:02 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2016-02-09 21:58 - 2016-01-22 07:01 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2016-02-09 21:58 - 2016-01-22 07:01 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2016-02-09 21:58 - 2016-01-22 06:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2016-02-09 21:58 - 2016-01-22 06:52 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2016-02-09 21:58 - 2016-01-22 06:51 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2016-02-09 21:58 - 2016-01-22 06:51 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2016-02-09 21:58 - 2016-01-22 06:46 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2016-02-09 21:58 - 2016-01-22 06:43 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2016-02-09 21:58 - 2016-01-22 06:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2016-02-09 21:58 - 2016-01-22 06:38 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2016-02-09 21:58 - 2016-01-22 06:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2016-02-09 21:58 - 2016-01-22 06:34 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-02-09 21:58 - 2016-01-22 06:33 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2016-02-09 21:58 - 2016-01-22 06:27 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00687104 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-02-09 21:58 - 2016-01-22 06:25 - 00684032 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2016-02-09 21:58 - 2016-01-22 06:24 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2016-02-09 21:58 - 2016-01-22 06:07 - 02120704 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-02-09 21:58 - 2016-01-22 06:02 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-02-09 21:57 - 2016-01-22 07:02 - 00496640 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-02-09 21:57 - 2016-01-22 07:00 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2016-02-09 21:57 - 2016-01-22 06:51 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 04611072 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-02-09 21:57 - 2016-01-22 06:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-02-09 21:57 - 2016-01-22 06:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 02956288 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-09 21:56 - 2016-01-11 19:47 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-09 21:56 - 2016-01-11 19:35 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2016-02-09 21:56 - 2016-01-11 19:17 - 02062848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00573440 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-09 21:56 - 2016-01-11 19:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-09 21:56 - 2016-01-11 19:14 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2016-01-20 13:19 - 2016-01-20 13:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2016-01-20 13:11 - 2016-01-20 13:19 - 00000000 ____D C:\Program Files\QuickTime
2016-01-13 22:45 - 2016-01-13 22:45 - 00000000 ____D C:\Users\Chris\AppData\Local\Apple
2016-01-13 09:44 - 2015-12-08 22:54 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 01620992 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01568768 _____ (Microsoft Corporation) C:\Windows\system32\WMVENCOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01325056 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 01202688 _____ (Microsoft Corporation) C:\Windows\system32\WMALFXGFXDSP.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00902144 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00815616 _____ (Microsoft Corporation) C:\Windows\system32\WMADMOE.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00740352 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2016-01-13 09:44 - 2015-12-08 22:54 - 00739328 _____ (Microsoft Corporation) C:\Windows\system32\WMSPDMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00665088 _____ (Microsoft Corporation) C:\Windows\system32\WMVXENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\system32\WMVSDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00358400 _____ (Microsoft Corporation) C:\Windows\system32\WMVSENCD.DLL
2016-01-13 09:44 - 2015-12-08 22:54 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\VIDRESZR.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 03209728 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 01329664 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2adec.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00829952 _____ (Microsoft Corporation) C:\Windows\system32\MSMPEG2ENC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\mcmde.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00609280 _____ (Microsoft Corporation) C:\Windows\system32\MFWMAAEC.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\MP4SDECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00354816 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\SysFxUI.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00305664 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MPG4DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00241152 _____ (Microsoft Corporation) C:\Windows\system32\MP43DECD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\RESAMPLEDMO.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\qasf.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\ksproxy.ax
2016-01-13 09:44 - 2015-12-08 22:53 - 00153600 _____ (Microsoft Corporation) C:\Windows\system32\COLORCNV.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00079872 _____ (Microsoft Corporation) C:\Windows\system32\MP3DMOD.DLL
2016-01-13 09:44 - 2015-12-08 22:53 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\devenum.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\mfvdsp.dll
2016-01-13 09:44 - 2015-12-08 22:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00023040 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2016-01-13 09:44 - 2015-12-08 22:53 - 00004608 _____ (Microsoft Corporation) C:\Windows\system32\ksuser.dll
2016-01-13 09:44 - 2015-12-08 22:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2016-01-13 09:44 - 2015-12-08 22:43 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2016-01-13 09:44 - 2015-12-08 22:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmkaud.sys
2016-01-13 09:44 - 2015-11-16 21:12 - 00176128 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapistub.dll
2016-01-13 09:44 - 2015-11-13 23:50 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\mapi32.dll
2016-01-13 09:44 - 2015-11-13 23:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\fixmapi.exe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-02-10 14:50 - 2011-02-17 16:11 - 00000422 _____ C:\Windows\Tasks\SystemToolsDailyTest.job
2016-02-10 14:48 - 2011-06-24 16:32 - 00001098 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-10 14:40 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-10 14:40 - 2009-07-14 05:34 - 00025216 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-10 14:35 - 2011-02-10 12:53 - 00000035 _____ C:\Users\Public\Documents\AtherosServiceConfig.ini
2016-02-10 10:03 - 2011-02-10 12:07 - 02293438 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-10 10:03 - 2009-07-14 09:47 - 00964984 _____ C:\Windows\system32\perfh007.dat
2016-02-10 10:03 - 2009-07-14 09:47 - 00238790 _____ C:\Windows\system32\perfc007.dat
2016-02-10 10:03 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\inf
2016-02-10 10:01 - 2011-06-24 16:32 - 00001094 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-10 05:09 - 2015-02-26 04:23 - 00000000 ____D C:\Windows\rescache
2016-02-10 04:19 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-10 04:16 - 2015-10-12 11:34 - 00000946 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-02-10 04:16 - 2009-07-14 05:33 - 00663416 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-10 04:13 - 2014-12-12 03:34 - 00000000 ____D C:\Windows\system32\appraiser
2016-02-10 04:13 - 2014-05-07 02:02 - 00000000 ___SD C:\Windows\system32\CompatTel
2016-02-10 04:13 - 2009-07-14 09:57 - 00000000 ____D C:\Program Files\Windows Journal
2016-02-10 03:56 - 2009-07-14 03:04 - 00000478 _____ C:\Windows\win.ini
2016-02-10 03:28 - 2013-08-15 20:25 - 00000000 ____D C:\Windows\system32\MRT
2016-02-10 03:14 - 2011-02-19 11:57 - 144254680 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-02-09 22:42 - 2014-09-02 17:32 - 00000000 ____D C:\Users\privat\AppData\Local\Adobe
2016-02-09 22:42 - 2012-04-22 17:31 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2016-02-09 22:42 - 2011-05-19 18:23 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2016-02-09 19:54 - 2011-03-21 18:09 - 00000240 _____ C:\Windows\Tasks\Epson Printer Software Downloader.job
2016-02-08 20:36 - 2013-01-16 20:35 - 00000000 ____D C:\Users\privat\Documents\Outlook-Dateien
2016-02-07 00:51 - 2011-04-23 18:46 - 00000000 ____D C:\Users\privat\AppData\Local\CrashDumps
2016-02-04 13:05 - 2011-03-26 11:36 - 00000000 ____D C:\Program Files\Opera
2016-02-01 13:29 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2016-01-18 22:19 - 2015-02-19 20:41 - 00229113 _____ C:\Users\privat\Documents\RK-2015-Taudte NEU.xlsx
2016-01-14 19:33 - 2011-02-17 16:11 - 00000564 _____ C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
2016-01-14 08:50 - 2015-11-30 11:23 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-01-14 03:50 - 2016-01-08 09:23 - 00000000 ____D C:\Program Files\Mozilla Firefox
2016-01-14 03:50 - 2012-05-13 20:13 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2016-01-14 03:50 - 2011-02-10 12:34 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-14 03:28 - 2011-02-10 12:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-11-18 10:07 - 2015-11-18 10:07 - 0207386 _____ () C:\Users\privat\AppData\Local\ars.cache
2015-11-18 10:07 - 2015-11-18 10:07 - 0333491 _____ () C:\Users\privat\AppData\Local\census.cache
2011-09-09 20:57 - 2013-05-08 18:45 - 0008704 _____ () C:\Users\privat\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-11-18 09:28 - 2015-11-18 09:28 - 0000036 _____ () C:\Users\privat\AppData\Local\housecall.guid.cache
2012-01-07 13:04 - 2015-12-17 20:46 - 0007602 _____ () C:\Users\privat\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Chris\AppData\Local\Temp\bitmaps.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib.dll
C:\Users\Chris\AppData\Local\Temp\DiscoveryLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib.dll
C:\Users\Chris\AppData\Local\Temp\fwDownloadLib64.dll
C:\Users\Chris\AppData\Local\Temp\fwupdate.exe
C:\Users\Chris\AppData\Local\Temp\InstallLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallLib64.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib.dll
C:\Users\Chris\AppData\Local\Temp\InstallSeqLib64.dll
C:\Users\Chris\AppData\Local\Temp\jre-8u66-windows-au.exe
C:\Users\Chris\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Chris\AppData\Local\Temp\openslp32.dll
C:\Users\Chris\AppData\Local\Temp\openslp64.dll
C:\Users\Chris\AppData\Local\Temp\Setup.exe
C:\Users\Chris\AppData\Local\Temp\Uninstall.exe
C:\Users\Chris\AppData\Local\Temp\winstaller.exe
C:\Users\Chris\AppData\Local\Temp\winstaller64.exe
C:\Users\privat\AppData\Local\Temp\NOSEventMessages.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-02-10 05:01
==================== Ende vom FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version:07-02-2016
durchgeführt von privat (2016-02-10 14:50:36)
Gestartet von C:\Users\privat\Downloads
Microsoft Windows 7 Professional Service Pack 1 (X86) (2011-02-17 15:08:49)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-583576071-2610798785-2159693280-500 - Administrator - Disabled)
Chris (S-1-5-21-583576071-2610798785-2159693280-1000 - Administrator - Enabled) => C:\Users\Chris
Gast (S-1-5-21-583576071-2610798785-2159693280-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-583576071-2610798785-2159693280-1002 - Limited - Enabled)
privat (S-1-5-21-583576071-2610798785-2159693280-1003 - Administrator - Enabled) => C:\Users\privat
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
ABBYY FineReader 6.0 Sprint (HKLM\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat 9 Standard - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}{AC76BA86-1033-F400-BA7E-000000000004}) (Version: 9.5.5 - Adobe Systems)
Adobe Acrobat 9.5.5 - CPSID_83708 (HKLM\...\{AC76BA86-1033-F400-BA7E-000000000004}_955) (Version: - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.010.20056 - Adobe Systems Incorporated)
Adobe Flash Player 10 ActiveX (HKLM\...\{2BD2FA21-B51D-4F01-94A7-AC16737B2163}) (Version: 10.0.12.36 - Adobe Systems, Inc.)
Adobe Flash Player 20 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
Adobe Flash Player 20 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 20.0.0.306 - Adobe Systems Incorporated)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
ANNO 1503 (HKLM\...\{EBBB1DEF-8878-4CB8-BC0D-1196B30E7527}) (Version: - )
Anno 1701 (HKLM\...\{A2433A63-5F5D-40E5-B529-9123C2B3E734}) (Version: 1.00 - Sunflowers)
Apple Application Support (32-Bit) (HKLM\...\{7FA9ECCF-A2DE-4DA1-BFF3-81260DBDA68F}) (Version: 4.1.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{9A629DCB-415D-4A50-85B9-5C2E4F8F74A8}) (Version: 9.1.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{FFD1F7F1-1AC9-4BC4-A908-0686D635ABAF}) (Version: 2.1.4.131 - Apple Inc.)
Beyond Good & Evil (HKLM\...\{6BF81CE7-3D5A-497F-8912-2A65A0253E1B}) (Version: 1.01.000 - )
Bing Bar (HKLM\...\{449CE12D-E2C7-4B97-B19E-55D163EA9435}) (Version: 7.0.619.0 - Microsoft Corporation)
Bluetooth Win7 Suite (HKLM\...\{101A497C-7EF6-4001-834D-E5FA1C70FEFA}) (Version: 7.2.0.6 - Atheros Communications)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
Broken Sword 2.5 (HKLM\...\Broken Sword 2.5_is1) (Version: - mindFactory)
CCleaner (HKLM\...\CCleaner) (Version: 3.20 - Piriform)
Cliqz (HKLM\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
combit address manager 15 Workstation Einrichtung (HKLM\...\combit address manager 15 Workstation Einrichtung) (Version: 1.0.0 - combit GmbH)
Commandos 2: Men of Courage (HKLM\...\{F7963BA0-EE1C-11D4-9FA5-00A0C9E6A342}) (Version: - )
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.129.0.64 - Conexant)
CyberLink PowerDVD 9.5 (HKLM\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.5.1.3225 - CyberLink Corp.)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Dell Backup and Recovery Manager (HKLM\...\{4688EB75-28E2-4731-9BCB-55E624F7CD45}) (Version: 1.3 - Dell Inc.)
Dell Bluetooth Installation (HKLM\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Dell Edoc Viewer (HKLM\...\{3138EAD3-700B-4A10-B617-B3F8096EE30D}) (Version: 1.0.0 - Dell Inc)
Dell Support Center (HKLM\...\Dell Support Center) (Version: 3.0.5621.01 - Dell Inc.)
Dell Support Center (Version: 3.0.5621.01 - PC-Doctor, Inc.) Hidden
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1007.101.102 - ALPS ELECTRIC CO., LTD.)
Dell Webcam Central (HKLM\...\Dell Webcam Central) (Version: 2.00.35 - Creative Technology Ltd)
Der Pate® Das Spiel (HKLM\...\{1D2CF076-A63F-41A5-00A1-5924FADFAD9D}) (Version: - )
Desperados 1.0 (HKLM\...\Desperados 1.0) (Version: - )
DialUp (HKLM\...\DialUp) (Version: 12.08.101 - Huawei Technologies Co.,Ltd)
Die Gilde (HKLM\...\Die Gilde) (Version: - )
Die Gilde Update 1.05 Beta 3 (HKLM\...\Die Gilde Update 1.05 Beta 3) (Version: - )
DIE SIEDLER - Aufstieg eines Königreichs (HKLM\...\{D3F80A98-05AB-4D8C-9272-766CCFA6A48D}) (Version: 1.00.0000 - Ubisoft)
DIE SIEDLER - Das Erbe der Könige - Gold Edition (HKLM\...\{E08DE897-B6AF-4DFF-9E90-131E80C876B4}) (Version: 1.00.0000 - Blue Byte)
Die Siedler 2 - Die nächste Generation (HKLM\...\{ED56EF4F-35FF-48D4-B616-A66E791EF1B6}) (Version: 1.00.0000 - UBISOFT)
DirectX 9 Runtime (Version: 1.00.0000 - Sonic Solutions) Hidden
Drakensang (HKLM\...\Drakensang_is1) (Version: - dtp)
Dropbox (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\Dropbox) (Version: 1.6.18 - Dropbox, Inc.)
Dungeon Keeper (HKLM\...\Keeper) (Version: - )
Emulator Starter (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32bce9526e87661e) (Version: 1.0.0.141 - Free Game Empire)
Epson Easy Photo Print 2 (HKLM\...\{87C2248A-C7DD-49ED-9BCD-B312A9D0819E}) (Version: 2.1.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
Epson Printer Software Downloader (HKLM\...\Epson Printer Software Downloader) (Version: - )
Epson Printer Software Downloader (Version: 2.0.0 - SEIKO EPSON CORPORATION) Hidden
EPSON Scan (HKLM\...\EPSON Scanner) (Version: - )
Epson Stylus SX510W_TX550W Handbuch (HKLM\...\Epson Stylus SX510W_TX550W Benutzerhandbuch) (Version: - )
EPSON SX510W Series Printer Uninstall (HKLM\...\EPSON SX510W Series) (Version: - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4i - SEIKO EPSON CORPORATION)
EpsonNet Setup (HKLM\...\{FFFAE01B-466F-4C07-9821-A94FD753BDDA}) (Version: 3.1c - SEIKO EPSON CORPORATION)
EXIFeditor (HKLM\...\{50FC1CE8-FF32-4F3B-B654-050DD6ECD474}) (Version: 1.0.0 - kiwi.software.NET)
Fallout 3 (HKLM\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
FlexMail 4.0 (HKLM\...\{A95AD78E-D9C4-4ECE-8D54-CED21CEB2D52}) (Version: 4.00.0000 - Flex Systems B.V.)
fotokasten comfort 5.4 (HKLM\...\fotokasten comfort_is1) (Version: - )
Foto-Mosaik-Edda Standard V6.6.12082.1 (HKLM\...\{A2D6ECD0-7E52-42B7-9236-DB2951436616}_is1) (Version: - Steffen Schirmer)
Fotor 1.3.0 (HKLM\...\Fotor) (Version: 1.3.0 - Everimaging Co., Ltd.)
FP-PostBase (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\32b33acc94e46eaf) (Version: 1.8.0.0 - Francotyp-Postalia)
Free YouTube to MP3 Converter version 3.12.54.128 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.54.128 - DVDVideoSoft Ltd.)
FUJIdirekt Bestellsoftware 5.1 (HKLM\...\FUJIdirekt Bestellsoftware_is1) (Version: - )
Garmin Trip and Waypoint Manager v5 (HKLM\...\{414A373B-59DF-4102-94CA-9FE9A74CBDDA}) (Version: 5.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{ABA5E381-EC46-425C-86C5-5CD15BBFB4BF}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin WebUpdater (HKLM\...\{AE1EC58E-B2AC-4959-A4C2-C38202A25239}) (Version: 2.5.6 - Garmin Ltd or its subsidiaries)
GIMP 2.6.11 (HKLM\...\WinGimp-2.0_is1) (Version: 2.6.11 - The GIMP Team)
GLtron version 0.70 (HKLM\...\GLtron_is1) (Version: - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.29.5 - Google Inc.) Hidden
GPSBabel 1.4.2 (HKLM\...\{1B8FE958-A304-4902-BF7A-4E2F0F5B7017}_is1) (Version: - GPSBabel)
HDAUDIO Soft Data Fax Modem with SmartCP (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.7.50 - Conexant Systems)
Hex-Editor MX (HKLM\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2182 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.4.1002 - Intel Corporation)
Internet Manager (HKLM\...\Internet Manager) (Version: 22.001.18.00.748 - Huawei Technologies Co.,Ltd)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
iTunes (HKLM\...\{2C741651-87E0-4479-9703-6DD0D7988B84}) (Version: 12.3.2.35 - Apple Inc.)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lidl-Fotos (HKLM\...\Lidl-Fotos_is1) (Version: - )
locr GPS Photo (HKLM\...\{E58A0BB1-1FA1-40DC-AFA4-2C86D0A3B879}) (Version: 1.2.4 - locr)
Luminance HDR 2.3.1 (HKLM\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
M Series Driver (HKLM\...\M Series Driver) (Version: - )
mailcredit (HKLM\...\{986D05F1-1487-4865-BBAF-70A969B95A24}) (Version: 1.2.4 - Francotyp-Postalia)
mailreport (HKLM\...\{1C9F6F44-3990-48AE-926B-C5F3B8D23B45}) (Version: 1.6.0 - FP)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
MFCLOC (Version: 1.00.0000 - Dell Inc.) Hidden
Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-0000-0000000FF1CE}) (Version: 14.0.6029.1000 - Microsoft Corporation)
Microsoft Age of Empires II (HKLM\...\Age of Empires 2.0) (Version: - )
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.0 (HKLM\...\{CD232781-26CA-4E18-BC70-4343A2F0D583}) (Version: 8.01.249.0 - Microsoft)
Microsoft Office Access Runtime (English) 2007 (HKLM\...\{90120000-001C-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Access Runtime (German) 2007 (HKLM\...\{90120000-001C-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x86) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Minecraft (HKLM\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mobile Partner (HKLM\...\Mobile Partner) (Version: 16.001.06.01.500 - Huawei Technologies Co.,Ltd)
Mozilla Firefox 43.0.4 (x86 de) (HKLM\...\Mozilla Firefox 43.0.4 (x86 de)) (Version: 43.0.4 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 43.0.4.5848 - Mozilla)
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Navigator Base Components (HKLM\...\{759F0957-BB9E-4C55-88A7-86961F9099A8}) (Version: 1.3.0.0 - FP)
NehrimUninstaller (HKLM\...\Nehrim - Am Rande des Schicksals_is1) (Version: 1.0.0 - SureAI)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.60.0 - Nokia)
Nokia PC Suite (Version: 7.1.60.0 - Nokia) Hidden
Nokia Suite (HKLM\...\Nokia Suite) (Version: 3.7.22.0 - Nokia)
Nokia Suite (Version: 3.7.22.0 - Nokia) Hidden
Nur Entfernen der CopyTrans Suite möglich (HKU\S-1-5-21-583576071-2610798785-2159693280-1003\...\CopyTrans Suite) (Version: 2.37 - WindSolutions)
NVIDIA PhysX (HKLM\...\{B83FC356-B7C0-441F-8A4D-D71E088E7974}) (Version: 9.09.0428 - NVIDIA Corporation)
Nvu 1.0 (HKLM\...\Nvu_is1) (Version: 1.0 - Thorsten Fritz)
Oblivion (HKLM\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
OpenAL (HKLM\...\OpenAL) (Version: - )
OpenTTD 1.1.1 (HKLM\...\OpenTTD) (Version: 1.1.1 - OpenTTD)
Opera 12.17 (HKLM\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 35.0.2066.37 (HKLM\...\Opera 35.0.2066.37) (Version: 35.0.2066.37 - Opera Software)
Origin (HKLM\...\Origin) (Version: 9.2.1.4399 - Electronic Arts, Inc.)
OSM World Routable (HKLM\...\OSM World Routable) (Version: - )
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1BF}) (Version: 3.60.0 - dotPDN LLC)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Perfect Effects 4.0.1 (HKLM\...\{385E6A4D-A440-43E2-9BAF-A012FB5FC2E2}) (Version: 4.0.1 - onOne Software)
PhotoShowExpress (Version: 2.0.028 - Sonic Solutions) Hidden
Picture Collage Maker Free 2.1.2 (HKLM\...\{DEB7295A-D00E-4D45-846C-2947E8C3F080}_is1) (Version: - PearlMountain Soft)
PL-2303 Vista Driver Installer (HKLM\...\{EEC010D0-1252-4E1D-BAD9-F1B8F414535C}) (Version: 3.0.1.0 - Prolific)
QuickTime 7 (HKLM\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Risen (HKLM\...\{155F4A0E-76ED-45A2-91FB-FF2A2133C31A}) (Version: 1.00.0000 - Deep Silver)
Roxio Burn (HKLM\...\{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}) (Version: 1.8.57.4 - Roxio)
Roxio Creator Starter (HKLM\...\{6F0BBEFE-BE1C-419B-BA1F-D36C9E7915BC}) (Version: 12.1.40.0 - Roxio)
ScummVM 1.5.0 (HKLM\...\ScummVM_is1) (Version: - The ScummVM Team)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shape Collage (HKLM\...\ShapeCollage) (Version: - Shape Collage Inc.)
Sid Meier's Civilization IV Colonization (HKLM\...\{EF36A836-BF89-4A4F-B079-057B0C68C1E0}) (Version: 1.00 - Firaxis Games)
Sid Meier's Pirates! (HKLM\...\InstallShield_{1632FD86-1BA4-4FC4-8B25-A8C655D63F68}) (Version: 1.00.0000 - Ihr Firmenname)
Sid Meier's Pirates! (Version: 1.00.0000 - Ihr Firmenname) Hidden
SimCity 3000 (HKLM\...\SimCity 3000) (Version: - )
Snapseed (HKLM\...\{D5BEB842-5696-4AE8-A222-03D06384856D}) (Version: 1.2.1 - Nik Software, Inc.)
Softonic toolbar on IE and Chrome (HKLM\...\Softonic) (Version: 1.8.21.14 - Softonic) <==== ACHTUNG
Sonic CinePlayer Decoder Pack (Version: 4.3.0 - Sonic Solutions) Hidden
System Requirements Lab (HKLM\...\SystemRequirementsLab) (Version: - )
TB-Logger (HKLM\...\{0A6E0A7D-0F43-4D71-849C-C3DBB03FDF72}) (Version: 1.00.0000 - Seelenreiter Software)
Total Commander (Remove or Repair) (HKLM\...\Totalcmd) (Version: 8.01 - Ghisler Software GmbH)
Transport Tycoon Deluxe (HKLM\...\ft_Transport Tycoon Deluxe) (Version: - )
Tropico 3: Absolute Power (HKLM\...\Tropico3) (Version: 2.01 - Kalypso Media)
VLC media player 1.1.11 (HKLM\...\VLC media player) (Version: 1.1.11 - VideoLAN)
WEB.DE MailCheck für Mozilla Firefox (HKLM\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 3.0.1.1739 - 1&1 Mail & Media GmbH)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
Windows-Treiberpaket - Nokia Modem (06/09/2010 7.01.0.8) (HKLM\...\E5372C32E8562C76C24DBA6525002B1031495F34) (Version: 06/09/2010 7.01.0.8 - Nokia)
Windows-Treiberpaket - Nokia Modem (10/07/2010 4.6) (HKLM\...\6DA48AFDE796708D5A4C9121A83E7617A63A9A15) (Version: 10/07/2010 4.6 - Nokia)
Windows-Treiberpaket - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-583576071-2610798785-2159693280-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\privat\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll (Dropbox, Inc.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {06FA2F6D-6D2F-4739-AFDF-011FCFD6B4ED} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-06-22] (Piriform Ltd)
Task: {0833FD78-E630-457E-9947-33225F0994AD} - System32\Tasks\{9B46B8A8-F2CE-4EFA-A9EA-21D54C46250D} => pcalua.exe -a C:\Users\privat\Downloads\freecol-0.10.7-installer.exe -d C:\Users\privat\Downloads
Task: {106C5547-C970-48C4-98D3-9A69E1E8217D} - System32\Tasks\SystemToolsDailyTest => C:\Program Files\Dell Support Center\pcdrcui.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {305297D7-3F18-4448-958C-463AA931B8BC} - System32\Tasks\{432716FB-6E5B-48C0-B400-ADA1E77754EA} => pcalua.exe -a "E:\Drivers\Huawei Win Driver 3.17.00.00\DriverSetup.exe" -d "E:\Drivers\Huawei Win Driver 3.17.00.00"
Task: {31ED0145-0072-4BE0-B2F8-3E0773E4E233} - System32\Tasks\Epson Printer Software Downloader => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE [2009-05-26] (SEIKO EPSON CORPORATION)
Task: {3683B6EC-41DE-4347-B438-1DFB3360EC75} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\Dell Support Center\uaclauncher.exe [2010-08-05] (PC-Doctor, Inc.)
Task: {47906A49-AACC-4DDE-BE34-84FA8036A59E} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-11-09] (Oracle Corporation)
Task: {53DDFE59-4F7F-452F-81BB-85BFAFC07A80} - System32\Tasks\{AC89E59D-1720-4EF5-A2AA-AEA3059E64D8} => C:\Program Files\Railroad Tycoon 3\RT3.EXE
Task: {5792CAA8-BDDF-478E-A175-683AF94919D3} - System32\Tasks\{6795A8F1-12C3-4B30-95E2-E56FF108CAB8} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\dotnetfx35.exe -d C:\Users\Chris\Downloads\Francotyp
Task: {5C172A1C-E728-4FB2-AFA0-EAEAB9078C64} - System32\Tasks\{32694C1D-C6FD-445E-862F-98800CCC474E} => pcalua.exe -a D:\Desperados.exe -d D:\ -c -autorun
Task: {6427F481-55CF-4BFC-8EF2-51E3132043CE} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-01-07] (Microsoft Corporation)
Task: {72C7C7E6-2016-4A49-9947-A96D3708455B} - System32\Tasks\{FACA8AB1-8477-4456-85AE-07DBE1AA83B6} => C:\Spiele\Black Isle\BGII - SvA\baldur.exe
Task: {906BEC28-8275-42EE-BD7B-6725E865EE5B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2015-08-26] (Apple Inc.)
Task: {97D56506-9867-477D-B10A-80C5E2A42F1C} - System32\Tasks\{9FA1911B-70FF-4B59-AD46-7A38C41BA63A} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\dotnetfx.exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {A9122413-B787-4F21-B0D1-8ACA54041341} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe [2016-02-09] (Adobe Systems Incorporated)
Task: {B680FFBC-F40E-4A0A-9E59-73C67D95A013} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {B9468491-1DD7-41F7-AB2D-C0BC34B4EE7C} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {C0E586BE-4F89-4744-AD68-FC203C7D70EE} - System32\Tasks\{BB66391B-993D-4607-AA35-975E7C3830D7} => pcalua.exe -a C:\Users\privat\Downloads\TagesSetup.exe -d "C:\Program Files\Mozilla Firefox"
Task: {CECF4D3E-CB7B-4DA8-9D83-6DC2E7336D83} - System32\Tasks\{624BB5A4-6322-4841-9017-29740BA7C313} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {D1CD5220-A3B6-4926-B75A-BDA6A4914B96} - System32\Tasks\PCDEventLauncher => C:\Program Files\Dell Support Center\sessionchecker.exe [2010-08-05] ()
Task: {D8C246C0-6B69-46E0-8F2C-9AA3E87BF665} - System32\Tasks\{1EAB8755-15D3-451C-8C4A-BD15D1B399AB} => pcalua.exe -a C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3\Setup.Exe -d C:\Users\Chris\Downloads\Francotyp\SSM-PC²\SSM-PC²_2.9.3
Task: {D9E449DA-6E3C-455C-A00B-8FC79791DBED} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {E3B1F8CF-6126-46AD-AC3B-C8775117E667} - System32\Tasks\Opera scheduled Autoupdate 1418247860 => C:\Program Files\Opera\launcher.exe [2016-02-01] (Opera Software)
Task: {E8702BC3-28A3-4036-BC22-5E08F68D94AE} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {EC0040A7-BE93-43A4-B831-933AAD10B65B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
Task: {F6CEE181-C99B-48E7-B472-26CC0E000C8A} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-12-14] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_20_0_0_306_pepper.exe
Task: C:\Windows\Tasks\Epson Printer Software Downloader.job => C:\Program Files\EPSON\EPAPDL\E_SAPDL2.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job => C:\Program Files\Dell Support Center\uaclauncher.exeo-backgroundmon scripts\defaultscan.xml
Task: C:\Windows\Tasks\SystemToolsDailyTest.job => C:\Program Files\Dell Support Center\pcdrcui.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-01-14 09:52 - 2013-12-06 08:00 - 00032768 _____ () C:\Windows\System32\splmk14O.DLL
2013-08-22 12:26 - 2013-08-22 12:26 - 00108544 _____ () C:\Windows\System32\zlm_AstroMSeries.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-10-13 04:46 - 2015-10-13 04:46 - 01040144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-01-28 05:03 - 2011-01-28 05:03 - 00270176 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2012-12-19 00:00 - 2012-12-19 10:41 - 00224096 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\ouc.exe
2012-12-19 00:00 - 2012-05-02 16:51 - 00011362 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\mingwm10.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 00043008 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\libgcc_s_dw2-1.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 02415104 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtCore4.dll
2012-12-19 00:00 - 2012-05-02 16:51 - 01148416 _____ () C:\ProgramData\Internet Manager\OnlineUpdate\QtNetwork4.dll
2011-02-10 12:05 - 2010-06-08 17:44 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-05-19 08:58 - 2009-02-27 23:39 - 00019968 _____ () C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.deu
2011-03-21 18:06 - 2009-03-12 15:45 - 00135168 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2011-03-21 18:06 - 2008-11-21 13:58 - 00057344 ____N () C:\Program Files\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2016-02-04 13:05 - 2016-02-04 13:04 - 62319736 _____ () C:\Program Files\Opera\35.0.2066.37\opera.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 02074232 _____ () C:\Program Files\Opera\35.0.2066.37\libglesv2.dll
2016-02-04 13:05 - 2016-02-04 13:03 - 00081528 _____ () C:\Program Files\Opera\35.0.2066.37\libegl.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-583576071-2610798785-2159693280-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\privat\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C38CCF7-702E-4CB8-9F0F-063583B21CE5}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD Cinema\PowerDVDCinema.exe
FirewallRules: [{44B096DD-0713-4CA9-823C-1847ECA6FFFA}] => (Allow) C:\Program Files\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{B0606A41-F54E-475D-B9AC-A31B6D52A66B}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{C60B7DEF-0C69-4797-A9C4-1CB93170BC55}] => (Allow) LPort=2869
FirewallRules: [{C1B020ED-762D-4FC4-91F6-2CDF212E0987}] => (Allow) LPort=1900
FirewallRules: [{290BE0B2-C46D-4E32-8EE5-7A2F13570D77}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{1AC0F625-12FF-49A8-80D8-B1C9BF4F3ADE}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe
FirewallRules: [{3D45F63A-3FDA-49DC-B21C-7369AFE16C74}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [TCP Query User{4E054D63-38F8-43E6-8964-5734EBFD0965}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [UDP Query User{14DC5B4C-3581-4462-A607-AB2E42FEB050}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe
FirewallRules: [{72E9878D-0E75-4D16-8F68-247D43DFBCB2}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [{A05BC5AC-A497-4A9D-BB84-F6D2DA5B58EB}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool09\ENEasyApp.exe
FirewallRules: [TCP Query User{72864067-6E8E-4F1E-992D-EE2B459C9350}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CC565558-9E3F-44B3-B6A6-5B3FA2E2C6F8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{B0BE42B7-89B0-4A03-9304-4350DFCBBE75}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [{65A064CA-FA6B-4C45-9EEA-B9477BFBF08F}] => (Allow) C:\Program Files\Opera\opera.exe
FirewallRules: [TCP Query User{2209214F-FB63-4126-AA51-63EDED0B7EC1}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{099C7999-1BCE-41F0-A4BD-E05C357D11BD}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{502B46D3-DE80-4545-AE55-CCEDEEC70760}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{CB9D4E65-5D32-4C63-A5E6-DDD749FEA1C8}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [TCP Query User{1EE0DBA3-1F76-4866-B1B4-3B8F13190D87}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{B992EE84-3205-45A6-8B03-2588478CEC4C}C:\program files\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files\google\google earth\plugin\geplugin.exe
FirewallRules: [{CC47A10B-8AFF-4277-86C6-942636607F2B}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{2D1653DE-5270-4CF1-B49B-399F4632D9C0}] => (Allow) C:\Program Files\Ubisoft\DIE SIEDLER - Aufstieg eines Königreichs\base\bin\Settlers6.exe
FirewallRules: [{D3EE7C81-2420-4E04-BA73-5DF577FF4C64}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{B13429D1-CB1F-4DA1-83F8-1914AB8A0E15}] => (Allow) C:\Users\privat\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [TCP Query User{E3EF4AD6-237A-496D-8C7E-77224B490224}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [UDP Query User{DD4B8ADE-9311-4B6A-A3D5-0E8DD1EECE16}C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\privat\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{0AF52037-981E-4BE4-B347-2FBEAB0B29DD}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [UDP Query User{78E1F88C-F4F3-4BF4-A348-EBF3E3B15AEA}C:\program files\opera\opera.exe] => (Block) C:\program files\opera\opera.exe
FirewallRules: [TCP Query User{FCBE8810-6AF2-4F0A-84DB-55AA6DAC1443}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{EB009E32-192A-4DF1-882F-C4233FDDEC3D}C:\program files\microsoft games\age of empires ii\empires2.exe] => (Block) C:\program files\microsoft games\age of empires ii\empires2.exe
FirewallRules: [{17463ADF-BA96-4C5E-899C-1601D47E2727}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{037F7F0B-A9E4-42F8-A3A1-6CC3EBB19222}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{DBECFA57-8DF9-41B2-8498-16D7F62CC1D5}] => (Allow) C:\Program Files\nokia\nokia suite\nokiasuite.exe
FirewallRules: [TCP Query User{5D96BB2B-D88B-4CCE-8C9B-E1C75DAB932B}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{8A0B0BE5-6DF6-4CAF-81CC-9795EC3C02AD}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{5B78E45C-8A86-4715-9F6C-EC9CB92FE479}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [UDP Query User{FE52BCC7-B2A3-46B6-BDBE-FDEC371F87E5}C:\windows\system32\taskhost.exe] => (Allow) C:\windows\system32\taskhost.exe
FirewallRules: [TCP Query User{20F703AE-2A27-49A6-8C81-AAB5FF0276BE}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{7BBDCE2C-3C36-45DE-9C70-EF5442EE0811}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [TCP Query User{7041B9BF-BF63-4E58-AEBE-13EB105972A4}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{AC0B7146-3890-43F8-984D-7ECA353BAC65}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{BE488148-EB2A-4243-95DC-842E5397AA7E}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [UDP Query User{2695B1F1-7F82-4650-B210-17851DC6B263}C:\windows\explorer.exe] => (Allow) C:\windows\explorer.exe
FirewallRules: [{80BE2064-51E8-4C05-840C-B904A274945D}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [{29B9E2B6-05B0-4C06-B70D-DCB3F226E8BB}] => (Allow) C:\Program Files\2K Games\Firaxis Games\Sid Meier's Civilization IV Colonization\Colonization.exe
FirewallRules: [TCP Query User{F410B639-5D80-4B30-99B7-A89888DB4C0C}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{D4F17FD8-601A-49EA-8437-35D3775DAC62}C:\program files\electronic arts\eadm\core.exe] => (Allow) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{4A5DC1A0-88F5-4A5D-B2C5-8ADEA5C22CE0}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{C8CC75B5-ED27-4B58-A4B8-198263C44A8F}C:\program files\electronic arts\eadm\core.exe] => (Block) C:\program files\electronic arts\eadm\core.exe
FirewallRules: [TCP Query User{F59809A6-A9E2-44A9-834A-4558E763D0B9}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [UDP Query User{1F91DFAB-B552-4DE3-9951-DAB1F7111844}C:\program files\onone software\perfect effects 4\perfect effects 4.exe] => (Allow) C:\program files\onone software\perfect effects 4\perfect effects 4.exe
FirewallRules: [TCP Query User{7742D69F-F040-48FF-91CD-3DEDB71BF335}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [UDP Query User{5E91F9CF-ACC6-4D96-868C-DA6612C5DC67}C:\program files\memjet\m series driver\toolbox\usb2http.exe] => (Allow) C:\program files\memjet\m series driver\toolbox\usb2http.exe
FirewallRules: [TCP Query User{FCB67176-167B-46EC-912D-BF0558389E75}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [UDP Query User{F935B6B0-23A4-4708-9EBC-03C46BEE021C}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe] => (Allow) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\bin\settlershok.exe
FirewallRules: [TCP Query User{D650801F-1A42-4E33-AF26-0FE2CBE3EC4D}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [UDP Query User{975EA1D6-8B3F-4162-B1CC-9C027911B38E}C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe] => (Block) C:\program files\ubisoft\blue byte\die siedler - das erbe der könige - gold edition\extra1\bin\settlershok.exe
FirewallRules: [{ED91245C-E5D4-450B-B728-F92B83C2AD03}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{E5B7E9F0-1676-4A3A-A109-E3F7B01C7BB6}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{A901D81D-AC94-4362-B2BE-D22F967E52A1}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{AA7E2350-244C-45B6-959E-DF330D5A3A49}] => (Allow) C:\Program Files\fotokasten comfort\Loader.exe
FirewallRules: [{FE68019C-9EF3-4589-B6FC-295543D050DD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{91330218-F13B-49E8-98D8-7C1BE66CFC36}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3B3674F8-FD09-4E15-B14A-D826AA47888A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{600CF4EB-D0D9-4ECA-BC82-82159D0079DB}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{15B905FC-11C5-4596-81DE-600FE7C157DE}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{BB3AC775-3CC8-452D-BEE0-A94691721D25}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2CA81FCE-C86F-4C3F-BFBD-0F93D5589729}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Dell Wireless 1702 Bluetooth v3.0+HS
Description: Dell Wireless 1702 Bluetooth v3.0+HS
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 512447
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 512447
Error: (02/10/2016 02:35:34 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8205
Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8205
Error: (02/10/2016 02:27:10 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7067
Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7067
Error: (02/10/2016 02:27:09 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (02/10/2016 02:27:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 6068
Systemfehler:
=============
Error: (02/10/2016 10:14:13 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: "C:\Program Files\Adobe\Acrobat Reader DC\AcroRd32Info.exe" /PDFShell -Embedding2{98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}
Error: (02/10/2016 05:17:59 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (02/10/2016 04:20:01 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/10/2016 04:20:01 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (02/10/2016 04:16:52 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Internet Manager. OUC" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (02/10/2016 04:16:52 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Internet Manager. OUC erreicht.
Error: (02/10/2016 04:12:34 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0902 fehlgeschlagen: Update für Windows 7 (KB3123862)
Error: (02/10/2016 04:12:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.213.5692.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.8.0204.00
Quellpfad: 4.8.0204.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/10/2016 04:12:32 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.213.5692.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.8.0204.00
Quellpfad: 4.8.0204.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (02/10/2016 03:36:13 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T6670 @ 2.20GHz
Prozentuale Nutzung des RAM: 64%
Installierter physikalischer RAM: 3036.36 MB
Verfügbarer physikalischer RAM: 1085.12 MB
Summe virtueller Speicher: 6071.04 MB
Verfügbarer virtueller Speicher: 3784.52 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:283.4 GB) (Free:2.65 GB) NTFS
Drive d: (Disc 2) (CDROM) (Total:0.34 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298.1 GB) (Disk ID: 11121702)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=14.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=283.4 GB) - (Type=07 NTFS)
==================== Ende vom Addition.txt ============================
Ich hoffe, ihr könnt mir weiterhelfen. Vielen Dank im Voraus...Chris |
| Themen zu Sicherheitswarnung von der Telekom, Citadell-Virus festgestellt |
| bonjour, converter, cpu, defender, desktop, dnsapi.dll, entfernen, flash player, homepage, iexplore.exe, installation, mozilla, netzwerk, object, programm, prozesse, registry, scan, security, services.exe, software, svchost.exe, system, vista, windows, wlan |
Baum-Darstellung