Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Meldung Scriptfehler - Avira

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Thema geschlossen
Alt 30.06.2016, 21:40   #1
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Guten Abend,

ich habe den betreffenden Screenshot im Anhang angefügt.

Die Fehlermeldung taucht seit heute früh, nach dem Hochfahren des PC's auf und immer mal zwischendurch.

Muss ich mir Sorgen machen?

Lieber Gruß,


Ralf
Angehängte Grafiken
Dateityp: jpg Fehlermeldung-Avira.jpg (101,2 KB, 104x aufgerufen)

Alt 30.06.2016, 22:52   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 03.07.2016, 01:12   #3
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
durchgeführt von Administrator (Administrator) auf RALF (03-07-2016 02:03:23)
Gestartet von C:\Users\Administrator\Desktop
Geladene Profile: Administrator (Verfügbare Profile: CINC & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Guillemot Corporation) C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [814608 2016-05-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-07-09] (Raptr, Inc)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-06-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{79C82D9F-97D8-4278-8B3B-FB15AF2E49FB}: [DhcpNameServer] 192.54.120.29
Tcpip\..\Interfaces\{AB75B0CE-8F60-48FF-969C-AD4204EAC938}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3394880751-743081515-1311326184-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gfe_rd=cr&ei=ixJQVviUGMqF8QfEzKyYBg&gws_rd=ssl
HKU\S-1-5-21-3394880751-743081515-1311326184-500\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3394880751-743081515-1311326184-500 -> {42E21E09-8ECD-4254-B521-E0938C2A1397} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-13] (IObit)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-05] (Qualcomm Atheros Commnucations)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-04-12] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-04-12] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Extension: Flash and Video Download - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-06-28]
FF Extension: Video DownloadHelper - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-26]
FF Extension: Adblock Edge - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-05-02]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S4 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [970656 2016-05-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [467016 2016-05-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [467016 2016-05-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1435704 2016-05-13] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [302680 2016-06-01] (Avira Operations GmbH & Co. KG)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [802688 2015-01-27] ()
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-13] (IObit)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 Radio.fx; c:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [Datei ist nicht signiert]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 TmWinService; C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe [304640 2011-03-04] (Guillemot Corporation) [Datei ist nicht signiert]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128664 2016-03-17] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [146712 2016-05-13] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [35488 2015-12-02] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [78208 2016-05-13] (Avira Operations GmbH & Co. KG)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 s0016bus; C:\Windows\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\system32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\system32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\system32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\system32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\system32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\drivers\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R3 TmBusEn; C:\Windows\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation)
S3 TmFilter; C:\Windows\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation)
S3 TmHid; C:\Windows\system32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 02:03 - 2016-07-03 02:04 - 00018404 _____ C:\Users\Administrator\Desktop\FRST.txt
2016-07-03 02:01 - 2016-07-03 02:01 - 02390016 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2016-06-29 21:53 - 2016-06-29 21:53 - 00001114 _____ C:\Users\Public\Desktop\Avira Launcher.lnk
2016-06-15 08:28 - 2016-05-06 17:45 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 08:28 - 2016-05-06 17:23 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 08:27 - 2016-05-12 20:38 - 00135336 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 08:27 - 2016-05-12 19:43 - 00115704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2016-06-15 08:27 - 2016-05-12 18:17 - 00331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 08:27 - 2016-05-12 18:08 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 08:27 - 2016-05-12 18:07 - 01360896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 08:27 - 2016-05-12 17:59 - 00398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 08:27 - 2016-05-12 17:43 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 08:27 - 2016-05-12 17:37 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 08:25 - 2016-06-03 19:11 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-06-15 08:25 - 2016-06-03 15:38 - 01413120 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 08:25 - 2016-06-02 19:51 - 00050352 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 08:25 - 2016-05-29 17:04 - 01204224 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 08:25 - 2016-05-29 17:04 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-15 08:25 - 2016-05-29 17:04 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 08:25 - 2016-05-29 17:04 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 08:25 - 2016-05-29 17:04 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-06-15 08:25 - 2016-05-29 17:04 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 08:23 - 2016-04-12 17:46 - 14467584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 08:23 - 2016-04-12 17:30 - 12879872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 08:21 - 2016-05-21 19:28 - 25802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 08:21 - 2016-05-21 18:57 - 20341248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 08:21 - 2016-05-18 07:31 - 00372568 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 08:21 - 2016-05-18 07:31 - 00315224 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 08:21 - 2016-05-16 23:13 - 00563016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 08:21 - 2016-05-16 23:13 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 08:21 - 2016-05-16 23:13 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 08:21 - 2016-05-16 23:13 - 00178008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 08:21 - 2016-05-14 01:09 - 04169216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-15 08:21 - 2016-05-14 01:07 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 08:21 - 2016-05-14 01:07 - 00416768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 08:21 - 2016-05-14 01:06 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 08:21 - 2016-05-14 01:04 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 08:21 - 2016-05-14 00:34 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-06-15 08:21 - 2016-05-14 00:19 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 08:21 - 2016-05-13 23:58 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-06-15 08:21 - 2016-05-09 23:35 - 07075328 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2016-06-15 08:21 - 2016-05-09 22:56 - 05270016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\glcndFilter.dll
2016-06-15 08:21 - 2016-05-09 22:45 - 07793152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 08:21 - 2016-05-09 22:23 - 05265920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 08:21 - 2016-04-14 17:25 - 02778624 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-15 08:21 - 2016-04-14 17:11 - 02464768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-15 08:21 - 2016-01-31 21:17 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2016-06-15 08:21 - 2016-01-31 20:07 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2016-06-15 08:21 - 2016-01-31 19:42 - 03320832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-15 08:21 - 2016-01-31 19:14 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-15 08:20 - 2016-05-21 00:09 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 08:20 - 2016-05-21 00:08 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 08:20 - 2016-05-21 00:02 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 08:20 - 2016-05-20 23:57 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 08:20 - 2016-05-20 23:55 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-06-15 08:20 - 2016-05-20 23:54 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-15 08:20 - 2016-05-20 23:50 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 08:20 - 2016-05-20 23:44 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-15 08:20 - 2016-05-20 23:29 - 13815808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 08:20 - 2016-05-20 23:27 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-06-15 08:20 - 2016-05-20 23:25 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-06-15 08:20 - 2016-05-20 23:25 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-06-15 08:20 - 2016-05-20 23:21 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-06-15 08:20 - 2016-05-20 23:21 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-06-15 08:20 - 2016-05-20 23:19 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-06-15 08:20 - 2016-05-20 23:16 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-06-15 08:20 - 2016-05-20 23:14 - 04610048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 08:20 - 2016-05-20 23:12 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-06-15 08:20 - 2016-05-20 23:11 - 15420928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 08:20 - 2016-05-20 23:11 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-06-15 08:20 - 2016-05-20 23:09 - 00693248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 08:20 - 2016-05-20 23:09 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-15 08:20 - 2016-05-20 23:08 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-15 08:20 - 2016-05-20 23:08 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 08:20 - 2016-05-20 23:06 - 02131968 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-15 08:20 - 2016-05-20 22:46 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 08:20 - 2016-05-20 22:42 - 02121216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 08:20 - 2016-05-20 22:38 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 08:20 - 2016-05-20 22:38 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-06-15 08:20 - 2016-05-20 22:34 - 01544192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 08:20 - 2016-05-20 22:23 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-06-15 08:19 - 2016-05-14 22:01 - 00363104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 08:19 - 2016-05-14 22:01 - 00320720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 08:19 - 2016-05-14 01:07 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 08:19 - 2016-05-13 23:58 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 08:19 - 2016-05-13 23:45 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 08:19 - 2016-05-13 23:35 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 08:19 - 2016-05-13 23:26 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 08:18 - 2016-05-19 01:15 - 01379040 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 08:18 - 2016-05-18 22:35 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-09 22:49 - 2016-06-09 23:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 02:03 - 2015-03-20 23:05 - 00000000 ____D C:\FRST
2016-07-02 19:47 - 2014-09-17 21:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2016-07-02 07:49 - 2014-12-22 07:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Frontier_Developments
2016-07-02 07:45 - 2012-07-26 07:26 - 00000172 _____ C:\WINDOWS\win.ini
2016-07-01 11:36 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 06:11 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-06-30 17:37 - 2015-01-12 08:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-30 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-30 08:30 - 2015-01-18 20:38 - 00000000 ____D C:\01 ZS
2016-06-29 22:04 - 2013-12-09 16:40 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3394880751-743081515-1311326184-500
2016-06-29 21:53 - 2015-02-10 07:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-06-29 21:53 - 2015-02-08 11:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-27 21:48 - 2013-12-27 08:59 - 00000000 ____D C:\Users\Administrator\dwhelper
2016-06-27 08:42 - 2015-02-08 11:50 - 00000000 ____D C:\Users\Administrator
2016-06-26 18:30 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-06-25 23:48 - 2016-04-04 06:43 - 00000000 ____D C:\01 Handy (ab 04-04-2016)
2016-06-25 23:39 - 2014-11-21 05:35 - 01804156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-25 23:39 - 2014-11-21 04:45 - 00775588 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-25 23:39 - 2014-11-21 04:45 - 00163774 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-25 22:33 - 2014-01-13 21:15 - 00000000 ____D C:\ProgramData\ProductData
2016-06-25 22:31 - 2015-07-04 10:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 22:31 - 2015-07-04 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 07:41 - 2015-07-04 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-19 18:59 - 2014-04-24 22:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2016-06-18 06:45 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-17 14:05 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-06-17 09:23 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 08:03 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 07:48 - 2015-01-11 06:08 - 00001114 _____ C:\Users\Public\Desktop\Elite Dangerous Launcher.lnk
2016-06-16 21:44 - 2013-08-22 16:44 - 00382680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-06-16 21:43 - 2013-07-07 19:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-16 21:36 - 2015-04-20 05:11 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-16 21:36 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-06-15 08:47 - 2013-08-21 23:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 08:38 - 2013-06-06 06:21 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 19:13 - 2014-11-21 13:01 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 19:13 - 2014-11-21 13:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-04 09:59 - 2015-12-19 08:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-10 20:18 - 2016-01-25 07:51 - 0018432 _____ () C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Administrator\AppData\Local\Temp\raptrpatch.exe
C:\Users\Administrator\AppData\Local\Temp\raptr_stub.exe
C:\Users\Administrator\AppData\Local\Temp\tmpE0E4.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-01 13:05

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Administrator (2016-07-03 02:04:49)
Gestartet von C:\Users\Administrator\Desktop
Windows 8.1 (Update) (X64) (2015-02-08 18:48:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3394880751-743081515-1311326184-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-3394880751-743081515-1311326184-1004 - Limited - Enabled)
CINC (S-1-5-21-3394880751-743081515-1311326184-1001 - Administrator - Enabled) => C:\Users\CINC
Gast (S-1-5-21-3394880751-743081515-1311326184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3394880751-743081515-1311326184-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.17.273 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3d9e0476-943f-4962-99dc-b9c937a43840}) (Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.65.9690 - Avira Operations GmbH & Co. KG) Hidden
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Classic Shell (HKLM\...\{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}) (Version: 3.6.7 - IvoSoft)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
D-Fend Reloaded 1.4.1 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.1 - Alexander Herzog)
DVD Architect Studio 5.0 (HKLM-x32\...\{4347F591-C451-11E1-BA36-F04DA23A5C58}) (Version: 5.0.161 - Sony)
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVA Reborn Version 2.06 (HKLM-x32\...\{87817FFC-5181-48DB-90D4-C1687AEB7429}_is1) (Version: 2.06 - Mc Cloud 2K9)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 3.8.0.41505.25 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.7.2405 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Jagged Alliance - Back in Action (HKLM-x32\...\Steam App 57740) (Version:  - Coreplay GmbH)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{BFB6D89E-0BDF-11E2-A35E-F04DA23A5C58}) (Version: 12.0.530 - Sony)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PeaceMaker 1.1.1 (HKLM-x32\...\PeaceMaker 1.1.1) (Version:  - ImpactGames, LLC)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Satellite Reign (HKLM-x32\...\Steam App 268870) (Version:  - 5 Lives Studios)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Silent Hunter III (HKLM-x32\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.00.0000 - Ubisoft)
Silent Hunter III (x32 Version: 1.00.0000 - Ubisoft) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A9D3D30-BEEC-11E1-91CF-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SpaceEngine Version 0.9.7.1 (HKLM-x32\...\{53E413B3-2417-4BD1-984D-8C92C81C231F}_is1) (Version: 0.9.7.1 - SpaceEngine)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Star Citizen Launcher (HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
STASIS (HKLM-x32\...\Steam App 380150) (Version:  - THE BROTHERHOOD)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.12.4 (HKLM-x32\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
Thrustmaster TARGET (HKLM-x32\...\{8036A569-CA02-4D33-A7E9-E9BC8A482E91}) (Version: 2.0.10.0 - Thrustmaster)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.0.2.10230 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VoiceAttack (HKLM-x32\...\{FBABC026-02F7-46D5-A0F9-3D355D3C3133}) (Version: 1.5.7 - VoiceAttack.com)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WDR RadioRecorder (HKLM-x32\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinUAE (HKLM-x32\...\{A93442DE-6AA1-4C2B-9BCC-0AA461A93350}) (Version: 2.8.1.0 - Arabuusimiehet)
XCom Long War EW Mod version Beta 15f (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: Beta 15f - JohnnyLump)
XCom Long War Mod version 2.12 (HKLM-x32\...\{9F2A2F03-5F43-4BD1-860E-F61284EE7AC5}_is1) (Version: 2.12 - JohnnyLump)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XMedia Recode Version 3.2.5.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.5.2 - XMedia Recode)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03AC4671-5DD9-47DA-9F1D-C724E1047A13} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {3E591A77-E1F3-4548-B264-ADA8DF066A76} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {4C618C49-B48B-4623-8EF8-4EDE5E68C476} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {562E8010-14D1-46ED-9287-533DC2385537} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {643281B4-2AE7-4029-897C-01B43AD670B8} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {66DA3013-B927-4691-AB21-CCFBEB2DBF9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6E460240-F5FB-4D35-9119-96B460418498} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {7B42D922-09D9-4795-A7D7-A77822D14037} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {85C81B8E-99E7-490B-AC6D-A732A321EFF9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {89EC4393-C94C-4283-993E-09FDC38E71A6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {8E3B3EDD-840C-4006-A4D6-A09E8DB8A626} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {8FA64066-72B2-439C-A342-0A66D8491813} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {955EAB01-029D-4B0B-8196-2082D05F42FC} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {A2DBF4D8-EB9D-4435-B15B-853ADCA06740} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {A73F45A2-C85F-44AA-9C55-2984FE33590D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-06-15] (Microsoft Corporation)
Task: {A99AC5AC-5B12-4FC2-A063-26F0C4CA14A4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-23] (Sony Corporation)
Task: {AC94E708-E1AD-4166-A2A0-28D0B1AB322D} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {B50003B6-293C-4A5F-9E58-F3B3F852CE03} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {C882C882-59D5-4B8E-83A5-95E13E9070AC} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {CD3D944B-5E53-4219-A69D-7F90BD35A1A1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {DB63DE73-1402-458C-9A88-BBDF2AF279A3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {DCC096BF-9E2B-436C-9764-A37E477436CD} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2014-01-13] (IObit)
Task: {DDBB8D55-E9B5-40FA-B74D-66265DD7535B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-11 01:12 - 2011-11-18 14:51 - 03673944 _____ () c:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-02-21 04:31 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 07:26 - 2014-02-12 19:59 - 00000920 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 prod.xcom.firaxis.com
127.0.0.1 prod.xcom-ew.firaxis.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3394880751-743081515-1311326184-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img5 Wallpaper 1600x900.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "ISBMgr.exe"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\StartupApproved\Run: => "InetStat"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7C599AE9-0F87-46BC-B7D4-27EF15FF4AE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{70837CD6-F6C6-46AD-809C-B64A6CA79790}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{52D30DC9-E3FC-463D-9633-A93366CE55D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9EFE4D59-A69F-4B6C-928F-C9D5CA0915C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{2EA8EB72-046E-4730-8ED4-9644107A2C8A}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{522377EF-DE7C-4B07-B0DF-075369B5B941}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{C0F0C53C-6466-4370-83D8-1938AC897169}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0631F33-DA6F-4621-9009-305887359D93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ABA1F6F8-6116-428F-A486-5F08F74D09B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{2B6C632B-8A1A-42DD-956D-74D31369DFDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{610DB338-1202-46CD-90A8-23F4821C323E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{E8C5ED36-85B8-4790-9631-5CFE2335F5A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{35443487-3A81-4AF8-8285-7874B4D8F7D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{79FF6C50-D980-43B6-8A22-B13285D6784C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [UDP Query User{73112990-C398-4DE1-8662-5912B6149002}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [TCP Query User{159FC26D-35AE-42DE-AA09-D3476E71C6CF}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [UDP Query User{C82AC975-497B-4673-9050-EC790095689D}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [TCP Query User{6C87ED9C-F666-4661-9F63-3447618A994F}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [UDP Query User{1BD904A7-606C-4630-A0B2-21D79322FDBE}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{D1E960B5-FBE4-4E61-A4FA-ABBEC0F208A0}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{9FA48802-593E-4CBA-BFBF-4F196D96D657}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{8BF464F8-8A4D-404E-B095-837B9A7F4C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{90379DB8-2168-4566-A343-F706AE78DB48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DBD7BF95-5ACA-470C-B687-2FCF24389C1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{25228787-EA01-4318-A6EB-B7FE8E6C063F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{DBCFFB29-B802-47BB-8855-80C347135659}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{CC32B806-4339-4C65-8FE1-7F2DA7BA31E5}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{794123D8-264F-4078-BF17-8A9FB2FDFEBC}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{4DDDA8D2-FAA7-495F-98E9-68603189315C}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{473F1D73-E2CC-40BB-9B91-F41FCB36EDC9}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [UDP Query User{8BA5AA4E-F1A8-4871-ADC5-A63D0499612D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{086FFC33-B758-4332-A26E-CC30CAB50CE6}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{596FB744-99A5-481B-A22A-89372DB7C9B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{74859B18-1F86-4F57-B1D0-2B3E1FB633DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [UDP Query User{47EA8F7B-93DE-472B-B268-1083DF4C57BE}C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [TCP Query User{A3DC21A1-C574-4607-84F5-56C26A63B029}C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{BC0B025F-6B0E-4A69-BF6A-6BBB330EBC22}] => (Allow) C:\Program Files (x86)\Games\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{6B6183D7-7F79-42F4-A3EA-C7FAC1CD5994}] => (Allow) C:\Program Files (x86)\Games\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{E397FD05-BC09-4F58-83F7-C067A86A3B09}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E60CEA97-40A1-4A43-B486-7662DED204BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3474A9DE-3F54-4769-BC9E-45398EC2695F}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{92DA9A8F-B176-4A62-967E-354F25873B3A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [TCP Query User{F0B08F9B-9305-45D5-8CDC-B50A135A6FF6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{891862A5-ACE2-42B1-9E17-B9C8D99F56F9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{D065C8D2-BE48-48CD-8DE0-717114FA3B88}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{46E5C46E-4414-4E83-81C0-6230C5A3740F}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{2192CB1C-BB11-4E0D-ACB2-733BB33B3E9B}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{AA916F0B-226E-4150-92DA-48D6878058E2}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{97EBCC7E-8BFE-4B91-B580-9EEFDEFFDA2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{64CED78D-979A-493C-A456-92033C8AE668}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2840930D-B493-4451-B158-844E169AEE7E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0CBABA5B-5F24-459E-9227-8F8B7577B3D3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{33958FE7-B7EC-4E84-9780-CA41BED602D3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A41EBAEB-AFEB-488F-84D3-6F87637FB51B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9DD82F5C-64D2-43EF-B867-230C5F36023D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{491D30AC-6BDB-4AE0-A39B-DA80AEAC05A7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4D567E91-F819-4187-85DE-B668463507DC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B0B2E5C4-03CF-4B25-B7D2-9602DA07A201}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{8BE44492-2CFB-432A-B747-95185F6D9DE0}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{E53B4074-454B-4282-8D0C-2CC0772CFA00}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{883547CF-FB7A-420D-863B-853AB484BD31}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe
FirewallRules: [UDP Query User{CC49DC17-42A5-45F3-A6DB-7E4676BCE71B}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe
FirewallRules: [{8A0116A9-BEBB-48E0-AC94-E8C4AA5B03E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{AF2E7F88-4B4E-49B8-BD5F-B347A797C1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{A9DE3386-7BD5-4EE9-B5FA-EA103E4D33CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{FF23CA88-D588-445B-8673-4BE3CBB292C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [TCP Query User{F4D79965-71E5-4559-A1D2-BC4EEE49E731}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{18CC9501-381B-40AA-8FEA-91503DA573BA}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{2504AAE6-395A-4A27-9506-57E11300DBA9}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5F3A7946-E584-40A2-AFFC-3EF4DEBF5D4C}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{44AC461A-048B-4F36-88CD-4749369E34D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{DF0C661C-85DC-4CB5-A7D5-013214899F75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{A6C610D5-17A2-4402-8960-1F343DCE45CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB08FB87-89FF-4CB7-B462-CFD8FF7A1735}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{36B4AB8C-3A80-4F03-AB27-9DBF851D24FA}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe
FirewallRules: [UDP Query User{680FC9F6-0D28-4AA9-928E-79A897F7DF1F}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe

==================== Wiederherstellungspunkte =========================

30-06-2016 09:02:29 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/02/2016 06:49:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11b4

Startzeit: 01d1d41c21f54ca9

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 6259bda7-4010-11e6-bfd9-5453ed382337

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/01/2016 11:39:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x5dc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/27/2016 05:23:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0xa50
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/21/2016 06:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x149c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/19/2016 09:15:13 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm EliteDangerous32.exe, Version 109.555.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1274

Startzeit: 01d1ca5e269ce520

Endzeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Frontier\EDLaunch\Products\FORC-FDEV-D-1010\EliteDangerous32.exe

Berichts-ID: 24b1dfc2-3652-11e6-bfd2-5453ed382337

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (06/18/2016 11:55:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0xa98
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/18/2016 07:07:43 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x614
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/17/2016 09:16:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x6c4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/14/2016 08:40:12 PM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (06/03/2016 07:06:12 AM) (Source: SPP) (EventID: 16389) (User: )
Description: Behebbarer Fehler des Writers "Shadow Copy Optimization Writer" beim Erstellen der Schattenkopie. Der Vorgang wird wiederholt...

Weitere Informationen: "".


Systemfehler:
=============
Error: (07/02/2016 08:03:50 PM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2016 07:55:44 PM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2016 07:55:14 PM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/02/2016 09:51:11 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/02/2016 09:50:41 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2016 07:41:22 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/02/2016 07:40:52 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/02/2016 06:49:53 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/02/2016 06:49:53 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {4545DEA0-2DFC-4906-A728-6D986BA399A9}

Error: (07/02/2016 06:49:51 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {06622D85-6856-4460-8DE1-A81921B41C4B}


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 37%
Installierter physikalischer RAM: 4043.28 MB
Verfügbarer physikalischer RAM: 2537.06 MB
Summe virtueller Speicher: 5356.91 MB
Verfügbarer virtueller Speicher: 2946.86 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:428.61 GB) (Free:8.03 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:1862.92 GB) (Free:261.01 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B62B837B)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: E4943E2C)
Partition 1: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 04.07.2016, 09:15   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Bitte Avira deinstallieren. Das Teil empfehlen wir schon seit Jahren aus mehreren Gründen nicht mehr. Ein Grund ist ne rel. hohe Fehlalarmquote, der zweite Hauptgrund ist, dass die immer noch mit ASK zusammenarbeiten (Avira Suchfunktion geht über ASK). Auch andere Freewareanbieter wie AVG, Avast oder Panda sprangen auf diesen Zug auf; so was ist bei Sicherheitssoftware einfach inakzeptabel. Vgl. Antivirensoftware: Schutz Für Ihre Dateien, Aber Auf Kosten Ihrer Privatsphäre? | Emsisoft Blog

Gib Bescheid wenn Avira weg ist; wenn wir hier durch sind, kannst du auf einen anderen Virenscanner umsteigen, Infos folgen dann im Abschlussposting. Bitte JETZT nix mehr ohne Absprache installieren!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.07.2016, 05:43   #5
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



..so, kein Avira mehr: habe es via Windows (nicht mit dem Iobit-Deinstaller, glaube den kritisiert Ihr auch) deinstalliert.

Lieber Gruß..


Alt 06.07.2016, 08:42   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
--> Meldung Scriptfehler - Avira

Alt 09.07.2016, 06:20   #7
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



..also das Programm sagt mir "Congratulations, no cleanup is required", "Scan finished, no maleware found".

..die system-log lautet, wie folgt:

Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.3.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.3.9200 Windows 8.1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.18350

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.494000 GHz
Memory total: 4239683584, free: 2816057344

Downloaded database version: v2016.07.09.03
Downloaded database version: v2016.05.27.01
Downloaded database version: v2016.07.05.01
=======================================
Initializing...
Driver version: 0.3.0.4
------------ Kernel report ------------
     07/09/2016 06:35:12
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\drivers\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\CLVirtualDrive.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\atikmpag.sys
\SystemRoot\system32\DRIVERS\atikmdag.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\System32\drivers\HECIx64.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\system32\DRIVERS\athw8x.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\system32\DRIVERS\RtsPStor.sys
\SystemRoot\system32\DRIVERS\Rt630x64.sys
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\System32\drivers\SFEP.sys
\SystemRoot\System32\drivers\sows.sys
\SystemRoot\System32\drivers\mshidkmdf.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\System32\drivers\wmiacpi.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\ks.sys
\SystemRoot\System32\drivers\btath_bus.sys
\SystemRoot\System32\drivers\TmBusEn.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\seehcri.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\drivers\AtihdWB6.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\AMDACPKSL.SYS
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\kbdhid.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\Drivers\usbvideo.sys
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\drivers\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\cdd.dll
\??\C:\WINDOWS\system32\drivers\mbamchameleon.sys
\??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
----------- End -----------
Done!

Scan started
Database versions:
  main:    v2016.07.09.03
  rootkit: v2016.05.27.01

<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xffffe00200e115e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00200e10040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00200e115e0, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001ff5fe060, DeviceName: \Device\0000002f\, DriverName: \Driver\iaStorA\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: B62B837B

GPT Protective MBR Partition information:

    Partition 0 type is EFI-GPT (0xee)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 1  Numsec = 4294967295

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

GPT Partition information:

    GPT Header Signature 4546492050415254
    GPT Header Revision 65536 Size 92 CRC 3300668340
    GPT Header CurrentLba = 1 BackupLba 976773167
    GPT Header FirstUsableLba 34  LastUsableLba 976773134
    GPT Header Guid 63693f0c-fbbc-4b91-a71d-2ccc22f9b9d5
    GPT Header Contains 128 partition entries starting at LBA 2
    GPT Header Partition entry size = 128

    Backup GPT header Signature 4546492050415254
    Backup GPT header Revision 65536 Size 92 CRC 3300668340
    Backup GPT header CurrentLba = 976773167 BackupLba 1
    Backup GPT header FirstUsableLba 34  LastUsableLba 976773134
    Backup GPT header Guid 63693f0c-fbbc-4b91-a71d-2ccc22f9b9d5
    Backup GPT header Contains 128 partition entries starting at LBA 976773135
    Backup GPT header Partition entry size = 128

    Partition 0 Type f4019732-66e-4e12-8273-346c5641494f
    Partition ID e913db08-54ab-46d6-988b-dff239e32837
    FirstLBA 2048  Last LBA 534527
    Attributes 1
    Partition Name                 EFI system partition

    Partition 1 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID b617490b-e584-4cb8-8abe-2a0e4e8f0ab
    FirstLBA 534528  Last LBA 3553279
    Attributes 1
    Partition Name                 Basic data partition

    Partition 2 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
    Partition ID 9a8d2b58-388a-446d-905b-aa0939476b7
    FirstLBA 3553280  Last LBA 4085759
    Attributes 0
    Partition Name                 EFI system partition

    GPT Partition 2 is bootable
    Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
    Partition ID ede4587d-ce9a-478c-952d-43efa0cd1a84
    FirstLBA 4085760  Last LBA 4347903
    Attributes 0
    Partition Name         Microsoft reserved partition

    Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
    Partition ID 2e811ed-cbee-44a8-894f-4cc3e835b4f
    FirstLBA 4347904  Last LBA 903204863
    Attributes 0
    Partition Name                 Basic data partition

    Partition 5 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID b426c722-de2e-4b26-99df-728069404ac7
    FirstLBA 903204864  Last LBA 904130559
    Attributes 1
    Partition Name                                     

    Partition 6 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
    Partition ID 25c938b9-f2dc-48e4-8974-bc22ba1bd1ab
    FirstLBA 904130560  Last LBA 976773119
    Attributes 1
    Partition Name                 Basic data partition

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xffffe00203a5b770, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\disk\
--------- Disk Stack ------
DevicePointer: 0xffffe00203f69a40, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xffffe00203a5b770, DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\disk\
DevicePointer: 0xffffe001ffae6b10, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR2\, DriverName: \Driver\disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: E4943E2C

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 206848  Numsec = 3906820096
    Partition is not bootable
    Partition file system is NTFS

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0
    Partition is not bootable

Disk Size: 2000398931968 bytes
Sector size: 512 bytes

Done!
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICRENDER.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BASICDISPLAY.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHAVRCPTG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHHFENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHLEENUM.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthmodem.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\COMPOSITEBUS.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EHSTORTCGDRV.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MSGPIOWIN32.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\NPSVCTRIG.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\SPACEPORT.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\BthHFSrv.dll" is compressed (flags = 1)
File "C:\Windows\System32\fsquirt.exe" is compressed (flags = 1)
File "C:\Windows\System32\SysFxUI.dll" is compressed (flags = 1)
File "C:\Windows\System32\CIRCoInst.dll" is compressed (flags = 1)
File "C:\Windows\System32\iscsilog.dll" is compressed (flags = 1)
File "C:\Windows\System32\streamci.dll" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
Scan finished
         

Alt 09.07.2016, 17:21   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Anleitung richtig lesen - richtiges Log posten
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 11.07.2016, 23:23   #9
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Entschuldigung. Jetzt das richtige Log,

mbar-log-2016-07-09 (06-35-23):

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.07.09.03
  rootkit: v2016.05.27.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18350
Administrator :: RALF [administrator]

09.07.2016 06:35:23
mbar-log-2016-07-09 (06-35-23).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 368654
Time elapsed: 33 minute(s), 19 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 12.07.2016, 09:55   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.07.2016, 19:06   #11
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Code:
ATTFilter
# AdwCleaner v5.201 - Bericht erstellt am 14/07/2016 um 19:45:18
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-14.1 [Server]
# Betriebssystem : Windows 8.1  (X64)
# Benutzername : Administrator - RALF
# Gestartet von : C:\Downloads\Firefox\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Wert gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Wert gelöscht : HKU\S-1-5-21-3394880751-743081515-1311326184-500\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run [InetStat]

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [1305 Bytes] - [14/07/2016 19:45:18]
C:\AdwCleaner\AdwCleaner[R0].txt - [885 Bytes] - [22/03/2015 00:39:20]
C:\AdwCleaner\AdwCleaner[S0].txt - [1060 Bytes] - [22/03/2015 00:44:40]
C:\AdwCleaner\AdwCleaner[S1].txt - [1363 Bytes] - [14/07/2016 19:42:00]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [1596 Bytes] ##########
         
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 8.1 x64 
Ran by Administrator (Administrator) on 14.07.2016 at 20:03:07,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5 

Successfully deleted: C:\ProgramData\productdata (Folder) 
Successfully deleted: C:\Users\Administrator\AppData\Roaming\productdata (Folder) 
Successfully deleted: C:\WINDOWS\system32\Tasks\Uninstaller_SkipUac_Administrator (Task)
Successfully deleted: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Administrator.job (Task) 
Successfully deleted: C:\WINDOWS\wininit.ini (File) 



Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.07.2016 at 20:04:42,94
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Alt 14.07.2016, 20:50   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 17.07.2016, 00:05   #13
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Guten Abend lieber cosinus,

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-07-2016
durchgeführt von Administrator (Administrator) auf RALF (17-07-2016 00:59:25)
Gestartet von C:\Users\Administrator\Desktop
Geladene Profile: Administrator (Verfügbare Profile: CINC & Administrator)
Platform: Windows 8.1 (Update) (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicShellService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
() C:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Guillemot Corporation) C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(AMD) C:\Windows\System32\atieclxx.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Ruiware LLC) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-10-10] (Realtek Semiconductor)
HKLM\...\Run: [BtTray] => C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [766080 2012-11-05] (Qualcomm Atheros)
HKLM\...\Run: [BtvStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-11-05] (Atheros Communications)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3928264 2015-05-27] (Synaptics Incorporated)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [68776 2012-08-18] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe [724576 2012-07-27] (Sony Corporation)
HKLM-x32\...\Run: [Intel AppUp(R) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [156000 2012-10-04] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-03-07] (Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2014-11-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-07-09] (Raptr, Inc)
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1154112 2014-07-21] (Ruiware LLC)
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\Run: [Speech Recognition] => C:\WINDOWS\Speech\Common\sapisvr.exe [44032 2014-11-21] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{79C82D9F-97D8-4278-8B3B-FB15AF2E49FB}: [DhcpNameServer] 192.54.120.29
Tcpip\..\Interfaces\{AB75B0CE-8F60-48FF-969C-AD4204EAC938}: [DhcpNameServer] 192.168.2.1 192.168.2.1

Internet Explorer:
==================
HKU\S-1-5-21-3394880751-743081515-1311326184-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/?gfe_rd=cr&ei=ixJQVviUGMqF8QfEzKyYBg&gws_rd=ssl
HKU\S-1-5-21-3394880751-743081515-1311326184-500\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://vaioportal.sony.eu
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3394880751-743081515-1311326184-500 -> {42E21E09-8ECD-4254-B521-E0938C2A1397} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q113&_nkw={searchTerms}
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2014-01-13] (IObit)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-11-05] (Qualcomm Atheros Commnucations)
BHO: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_64.dll [2013-04-12] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-26] (Oracle Corporation)
BHO-x32: ClassicIE9BHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll [2013-04-12] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2013-04-12] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2013-04-12] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default
FF SelectedSearchEngine: Google
FF Homepage: www.google.de
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-19] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2013-02-21] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-19] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-26] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Extension: Flash and Video Download - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default\extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2016-06-28]
FF Extension: Video DownloadHelper - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-05-26]
FF Extension: Adblock Edge - C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\oog2nyzl.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-05-02]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [231040 2012-11-05] (Qualcomm Atheros Commnucations) [Datei ist nicht signiert]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [802688 2015-01-27] ()
R2 ClassicShellService; C:\Program Files\Classic Shell\ClassicShellService.exe [68608 2013-04-12] (IvoSoft) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2151744 2014-01-13] (IObit)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [623784 2012-10-18] (Sony Corporation)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [474208 2012-07-27] (Sony Corporation)
R2 Radio.fx; c:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe [3673944 2011-11-18] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [Datei ist nicht signiert]
S3 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)
R2 TmWinService; C:\Program Files (x86)\Thrustmaster\TARGET\TmService.exe [304640 2011-03-04] (Guillemot Corporation) [Datei ist nicht signiert]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [964608 2012-09-28] (Sony Corporation) [Datei ist nicht signiert]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1265824 2012-10-23] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-11-05] (Atheros) [Datei ist nicht signiert]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [223232 2014-06-21] (Advanced Micro Devices)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [76952 2012-11-05] (Qualcomm Atheros)
S3 BTATH_VDP; C:\Windows\system32\drivers\btath_vdp.sys [427416 2012-11-05] (Qualcomm Atheros)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)
S3 s0016bus; C:\Windows\System32\drivers\s0016bus.sys [115240 2008-05-16] (MCCI Corporation)
S3 s0016mdfl; C:\Windows\system32\DRIVERS\s0016mdfl.sys [19496 2008-05-16] (MCCI Corporation)
S3 s0016mdm; C:\Windows\system32\DRIVERS\s0016mdm.sys [158760 2008-05-16] (MCCI Corporation)
S3 s0016mgmt; C:\Windows\system32\DRIVERS\s0016mgmt.sys [137256 2008-05-16] (MCCI Corporation)
S3 s0016nd5; C:\Windows\system32\DRIVERS\s0016nd5.sys [34344 2008-05-16] (MCCI Corporation)
S3 s0016obex; C:\Windows\system32\DRIVERS\s0016obex.sys [136744 2008-05-16] (MCCI Corporation)
S3 s0016unic; C:\Windows\System32\drivers\s0016unic.sys [151592 2008-05-16] (MCCI Corporation)
R3 seehcri; C:\Windows\System32\drivers\seehcri.sys [34032 2008-01-09] (Sony Ericsson Mobile Communications)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [42696 2015-05-27] (Synaptics Incorporated)
R3 SOWS; C:\Windows\System32\drivers\sows.sys [24280 2012-06-11] (Sony Corporation)
R3 TmBusEn; C:\Windows\System32\drivers\TmBusEn.sys [30208 2011-01-26] (Guillemot Corporation)
S3 TmFilter; C:\Windows\System32\drivers\TmFilter.sys [24576 2011-01-26] (Guillemot Corporation)
S3 TmHid; C:\Windows\system32\DRIVERS\TmHid.sys [24704 2011-01-26] (Guillemot Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-17 00:59 - 2016-07-17 01:00 - 00016042 _____ C:\Users\Administrator\Desktop\FRST.txt
2016-07-17 00:59 - 2016-07-17 00:59 - 00000000 ____D C:\Users\Administrator\Desktop\FRST-OlderVersion
2016-07-14 20:04 - 2016-07-14 20:04 - 00000925 _____ C:\Users\Administrator\Desktop\JRT.txt
2016-07-12 20:21 - 2016-05-25 15:22 - 00875712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2016-07-12 20:21 - 2016-05-25 15:22 - 00536768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2016-07-12 20:21 - 2016-05-25 15:12 - 00869576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2016-07-12 20:21 - 2016-05-25 15:12 - 00678600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2016-07-12 20:15 - 2016-06-25 22:05 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-12 20:15 - 2016-06-25 20:13 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-12 20:15 - 2016-06-25 18:24 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-12 20:15 - 2016-06-25 18:15 - 01094656 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-12 20:15 - 2016-06-25 18:13 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-12 20:15 - 2016-06-25 18:05 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-12 20:15 - 2016-06-22 15:48 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\centel.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 01208320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 00544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 00294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-12 20:15 - 2016-06-21 15:48 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-12 20:15 - 2016-01-30 21:50 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2016-07-12 20:15 - 2016-01-30 21:00 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2016-07-12 20:15 - 2016-01-30 20:48 - 00269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2016-07-12 20:15 - 2016-01-30 20:18 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2016-07-12 20:15 - 2016-01-30 19:48 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2016-07-12 20:15 - 2016-01-30 19:41 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2016-07-12 20:14 - 2016-06-21 20:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2016-07-12 20:14 - 2016-06-21 16:12 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2016-07-12 20:14 - 2016-06-11 21:45 - 07445856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-12 20:13 - 2016-06-11 20:14 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-12 20:13 - 2016-06-11 20:11 - 02895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-12 20:13 - 2016-06-11 19:56 - 25812992 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-12 20:13 - 2016-06-11 19:56 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-07-12 20:13 - 2016-06-11 19:42 - 06047744 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-12 20:13 - 2016-06-11 19:23 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-07-12 20:13 - 2016-06-11 19:22 - 00497664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-12 20:13 - 2016-06-11 19:22 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2016-07-12 20:13 - 2016-06-11 19:21 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2016-07-12 20:13 - 2016-06-11 19:20 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-12 20:13 - 2016-06-11 19:13 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-12 20:13 - 2016-06-11 19:12 - 20348928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-12 20:13 - 2016-06-11 19:12 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-07-12 20:13 - 2016-06-11 19:07 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-07-12 20:13 - 2016-06-11 19:03 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-12 20:13 - 2016-06-11 19:01 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-07-12 20:13 - 2016-06-11 19:00 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-12 20:13 - 2016-06-11 19:00 - 00724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-07-12 20:13 - 2016-06-11 18:57 - 02131456 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-12 20:13 - 2016-06-11 18:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2016-07-12 20:13 - 2016-06-11 18:43 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-12 20:13 - 2016-06-11 18:38 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-07-12 20:13 - 2016-06-11 18:33 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-12 20:13 - 2016-06-11 18:31 - 04608000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-12 20:13 - 2016-06-11 18:31 - 00692736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-12 20:13 - 2016-06-11 18:31 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-07-12 20:13 - 2016-06-11 18:30 - 15409664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-12 20:13 - 2016-06-11 18:29 - 02055680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-12 20:13 - 2016-06-11 18:26 - 02869248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-12 20:13 - 2016-06-11 18:15 - 13806080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-12 20:13 - 2016-06-11 18:12 - 01550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-12 20:13 - 2016-06-11 18:02 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-12 20:13 - 2016-06-11 17:59 - 02392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-12 20:13 - 2016-06-11 17:56 - 01315840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-12 20:13 - 2016-06-11 17:56 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-12 20:10 - 2016-06-10 23:35 - 04167680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-07-09 06:35 - 2016-07-09 07:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-07-09 06:32 - 2016-07-09 07:21 - 00000000 ____D C:\Users\Administrator\Desktop\mbar
2016-07-09 06:27 - 2016-07-09 06:28 - 16563352 _____ (Malwarebytes Corp.) C:\Users\Administrator\Desktop\mbar-1.09.3.1001.exe
2016-07-03 02:01 - 2016-07-17 00:59 - 02391040 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-17 00:59 - 2015-03-20 23:05 - 00000000 ____D C:\FRST
2016-07-17 00:20 - 2012-07-26 07:26 - 00000172 _____ C:\WINDOWS\win.ini
2016-07-16 22:37 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-16 07:10 - 2013-12-27 08:59 - 00000000 ____D C:\Users\Administrator\dwhelper
2016-07-15 18:59 - 2013-12-09 16:40 - 00003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3394880751-743081515-1311326184-500
2016-07-15 09:10 - 2015-12-19 08:43 - 00004476 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-15 09:08 - 2015-12-19 08:43 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-07-14 20:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2016-07-14 19:53 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-14 19:52 - 2013-08-22 16:44 - 00382680 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-14 19:46 - 2015-04-20 05:11 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-14 19:46 - 2014-11-21 05:13 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 19:46 - 2013-08-22 17:36 - 00000000 ___RD C:\WINDOWS\ToastData
2016-07-14 19:46 - 2013-08-22 15:36 - 00000000 ____D C:\WINDOWS\Inf
2016-07-14 19:45 - 2015-03-22 00:39 - 00000000 ____D C:\AdwCleaner
2016-07-14 18:36 - 2014-09-17 21:18 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2016-07-12 20:30 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-12 20:29 - 2013-08-21 23:14 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-12 20:24 - 2013-06-06 06:21 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-07-10 02:14 - 2015-01-18 20:38 - 00000000 ____D C:\01 ZS
2016-07-09 06:35 - 2015-01-12 08:08 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-09 06:32 - 2015-01-12 08:07 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-07 02:39 - 2013-06-05 22:40 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-07-06 06:33 - 2015-02-10 07:31 - 00000000 ____D C:\ProgramData\Avira
2016-07-06 06:33 - 2015-02-08 11:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-07-06 06:27 - 2013-08-22 15:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-07-06 06:25 - 2015-02-10 07:55 - 00000000 ____D C:\Users\Administrator\AppData\Roaming\Avira
2016-07-02 07:49 - 2014-12-22 07:35 - 00000000 ____D C:\Users\Administrator\AppData\Local\Frontier_Developments
2016-07-02 06:29 - 2014-11-21 13:01 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-07-02 06:29 - 2014-11-21 13:01 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-30 10:33 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-27 08:42 - 2015-02-08 11:50 - 00000000 ____D C:\Users\Administrator
2016-06-25 23:48 - 2016-04-04 06:43 - 00000000 ____D C:\01 Handy (ab 04-04-2016)
2016-06-25 23:39 - 2014-11-21 05:35 - 01804156 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-06-25 23:39 - 2014-11-21 04:45 - 00775588 _____ C:\WINDOWS\system32\perfh007.dat
2016-06-25 23:39 - 2014-11-21 04:45 - 00163774 _____ C:\WINDOWS\system32\perfc007.dat
2016-06-25 22:31 - 2015-07-04 10:26 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 22:31 - 2015-07-04 10:26 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 07:41 - 2015-07-04 10:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-19 18:59 - 2014-04-24 22:38 - 00000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2016-06-18 06:45 - 2013-08-22 17:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-06-17 07:48 - 2015-01-11 06:08 - 00001114 _____ C:\Users\Public\Desktop\Elite Dangerous Launcher.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-02-10 20:18 - 2016-01-25 07:51 - 0018432 _____ () C:\Users\Administrator\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Einige Dateien in TEMP:
====================
C:\Users\Administrator\AppData\Local\Temp\avgnt.exe
C:\Users\Administrator\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Administrator\AppData\Local\Temp\libeay32.dll
C:\Users\Administrator\AppData\Local\Temp\msvcr120.dll
C:\Users\Administrator\AppData\Local\Temp\raptrpatch.exe
C:\Users\Administrator\AppData\Local\Temp\raptr_stub.exe
C:\Users\Administrator\AppData\Local\Temp\sqlite3.dll
C:\Users\Administrator\AppData\Local\Temp\tmpE0E4.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-14 20:19

==================== Ende von FRST.txt ============================
         

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-07-2016
durchgeführt von Administrator (2016-07-17 01:00:33)
Gestartet von C:\Users\Administrator\Desktop
Windows 8.1 (Update) (X64) (2015-02-08 18:48:19)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-3394880751-743081515-1311326184-500 - Administrator - Enabled) => C:\Users\Administrator
ASPNET (S-1-5-21-3394880751-743081515-1311326184-1004 - Limited - Enabled)
CINC (S-1-5-21-3394880751-743081515-1311326184-1001 - Administrator - Enabled) => C:\Users\CINC
Gast (S-1-5-21-3394880751-743081515-1311326184-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3394880751-743081515-1311326184-1007 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20050 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.5.5790 - CDBurnerXP)
Classic Shell (HKLM\...\{7F34ADBE-77C0-47A0-BBC6-B3DA16CE8E68}) (Version: 3.6.7 - IvoSoft)
CrystalDiskInfo 6.3.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.0 - Crystal Dew World)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.2126 - CyberLink Corp.)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.5728.52 - CyberLink Corp.)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
D-Fend Reloaded 1.4.1 (deinstallieren) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.1 - Alexander Herzog)
DVD Architect Studio 5.0 (HKLM-x32\...\{4347F591-C451-11E1-BA36-F04DA23A5C58}) (Version: 5.0.161 - Sony)
Elite Dangerous Launcher version 0.4.5499.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.5499.0 - Frontier Developments)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
EVA Reborn Version 2.06 (HKLM-x32\...\{87817FFC-5181-48DB-90D4-C1687AEB7429}_is1) (Version: 2.06 - Mc Cloud 2K9)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
FDUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto V (HKLM-x32\...\{E01FA564-2094-4833-8F2F-1FFEC6AFCC46}) (Version: "1.00.0000" - Rockstar Games)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Hex-Editor MX (HKLM-x32\...\{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1) (Version: 6.0 - NEXT-Soft)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41505) (Version: 3.8.0.41505.25 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.6.0.1030 - Intel Corporation)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 3.1.7.2405 - IObit)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
Jagged Alliance - Back in Action (HKLM-x32\...\Steam App 57740) (Version:  - Coreplay GmbH)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
KUx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Movie Studio Platinum 12.0 (64-bit) (HKLM\...\{BFB6D89E-0BDF-11E2-A35E-F04DA23A5C58}) (Version: 12.0.530 - Sony)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
Mozilla Thunderbird 31.5.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 31.5.0 (x86 de)) (Version: 31.5.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.4 - F.J. Wechselberger)
NVIDIA PhysX (HKLM-x32\...\{46ED2B64-85C7-4E1F-920C-A555B21F2E4C}) (Version: 9.11.1111 - NVIDIA Corporation)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
PeaceMaker 1.1.1 (HKLM-x32\...\PeaceMaker 1.1.1) (Version:  - ImpactGames, LLC)
PlayMemories Home (HKLM-x32\...\{10DD6128-A810-4A90-9523-475D573FBB37}) (Version: 6.3.02.07270 - Sony Corporation)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.214 - Qualcomm Atheros Communications)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6695 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.28121 - Realtek Semiconductor Corp.)
Restore (x32 Version: 1.0.0 - Sony Corporation) Hidden
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.6.1 - Rockstar Games)
Satellite Reign (HKLM-x32\...\Steam App 268870) (Version:  - 5 Lives Studios)
Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Silent Hunter III (HKLM-x32\...\InstallShield_{9720C029-0C2C-4D1E-9DE0-E89971C4C8C7}) (Version: 1.00.0000 - Ubisoft)
Silent Hunter III (x32 Version: 1.00.0000 - Ubisoft) Hidden
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
Sound Forge Audio Studio 10.0 (HKLM-x32\...\{7A9D3D30-BEEC-11E1-91CF-F04DA23A5C58}) (Version: 10.0.178 - Sony)
SpaceEngine Version 0.9.7.1 (HKLM-x32\...\{53E413B3-2417-4BD1-984D-8C92C81C231F}_is1) (Version: 0.9.7.1 - SpaceEngine)
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Star Citizen Launcher (HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\Star Citizen Launcher) (Version: 00.01.00.00 - Cloud Imperium Games)
STASIS (HKLM-x32\...\Steam App 380150) (Version:  - THE BROTHERHOOD)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Stellarium 0.12.4 (HKLM-x32\...\Stellarium_is1) (Version: 0.12.4 - Stellarium team)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.5.0 - Synaptics Incorporated)
Thrustmaster TARGET (HKLM-x32\...\{8036A569-CA02-4D33-A7E9-E9BC8A482E91}) (Version: 2.0.10.0 - Thrustmaster)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.1.0.11020 - Sony Corporation)
VAIO Care (HKLM\...\{EC635BC0-0D7C-4CA2-9B87-2A330C298CB2}) (Version: 8.1.0.10120 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.1.0.10300 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.10.0.07270 - Sony Corporation)
VAIO Easy Connect (x32 Version: 1.3.0.09290 - Sony Corporation) Hidden
VAIO Gate (HKLM-x32\...\{14AC95A2-7675-4988-A5BD-3F5B943AED08}) (Version: 3.0.0.08140 - Sony Corporation)
VAIO Gate Default (HKLM-x32\...\{B7546697-2A80-4256-A24B-1C33163F535B}) (Version: 3.1.0.10240 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Gesture Control (x32 Version: 2.1.0.10220 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.0.00.08170 - Sony Corporation)
VAIO Image Optimizer (x32 Version: 3.0.00.08170 - Sony Corporation) Hidden
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.1.0.10220 - Sony Corporation)
VAIO Media Server Settings (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.0.1.10170 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.0.00.10170 - Sony Corporation)
VAIO Movie Creator (x32 Version: 4.0.00.10170 - Sony Corporation) Hidden
VAIO Movie Creator Template Data (x32 Version: 4.0.00.08170 - Sony Corporation) Hidden
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 6.0.2.10230 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.1.0.09200 - Sony Corporation)
VAIO-Handbuch (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 3.0.0.08100 - Sony Corporation)
VAIO-Hardwarediagnose-Plugin für VAIO Care (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.7.0.11070 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VGClientX64 (Version: 1.0.0 - Sony Corporation) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
VMLx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VoiceAttack (HKLM-x32\...\{FBABC026-02F7-46D5-A0F9-3D355D3C3133}) (Version: 1.5.7 - VoiceAttack.com)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VU5x64 (Version: 1.0.0 - Sony Corporation ) Hidden
VU5x86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VUx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VUx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
WDR RadioRecorder (HKLM-x32\...\Tobit Radio.fx Server 1) (Version:  - Tobit.Software)
WinPatrol (HKLM\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 32.0.2014.5 - Ruiware)
WinUAE (HKLM-x32\...\{A93442DE-6AA1-4C2B-9BCC-0AA461A93350}) (Version: 2.8.1.0 - Arabuusimiehet)
XCom Long War EW Mod version Beta 15f (HKLM-x32\...\{860C3266-65B9-4BF2-937A-1778483046B5}_is1) (Version: Beta 15f - JohnnyLump)
XCom Long War Mod version 2.12 (HKLM-x32\...\{9F2A2F03-5F43-4BD1-860E-F61284EE7AC5}_is1) (Version: 2.12 - JohnnyLump)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XMedia Recode Version 3.2.5.2 (HKLM-x32\...\{DDA3C325-47B2-4730-9672-BF3771C08799}_is1) (Version: 3.2.5.2 - XMedia Recode)
XperiaLinkx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {03AC4671-5DD9-47DA-9F1D-C724E1047A13} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {3E591A77-E1F3-4548-B264-ADA8DF066A76} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {4C618C49-B48B-4623-8EF8-4EDE5E68C476} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {562E8010-14D1-46ED-9287-533DC2385537} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2012-11-01] (Sony Corporation)
Task: {643281B4-2AE7-4029-897C-01B43AD670B8} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {66DA3013-B927-4691-AB21-CCFBEB2DBF9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {6E460240-F5FB-4D35-9119-96B460418498} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2012-08-14] (Sony Corporation)
Task: {7B42D922-09D9-4795-A7D7-A77822D14037} - System32\Tasks\Sony Corporation\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2012-11-08] (Sony Corporation)
Task: {85C81B8E-99E7-490B-AC6D-A732A321EFF9} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2012-09-06] (Sony Corporation)
Task: {89EC4393-C94C-4283-993E-09FDC38E71A6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {8E3B3EDD-840C-4006-A4D6-A09E8DB8A626} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2012-10-31] (Sony Corporation)
Task: {8FA64066-72B2-439C-A342-0A66D8491813} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2012-10-22] (Sony Corporation)
Task: {955EAB01-029D-4B0B-8196-2082D05F42FC} - System32\Tasks\Sony Corporation\VAIO Care\VCSelfHeal => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {97BDD3E0-CE79-4DD9-8246-E850AE9AC04A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {A73F45A2-C85F-44AA-9C55-2984FE33590D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-12] (Microsoft Corporation)
Task: {A99AC5AC-5B12-4FC2-A063-26F0C4CA14A4} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2012-10-23] (Sony Corporation)
Task: {AC94E708-E1AD-4166-A2A0-28D0B1AB322D} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2012-10-23] (Sony Corporation)
Task: {B50003B6-293C-4A5F-9E58-F3B3F852CE03} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {C882C882-59D5-4B8E-83A5-95E13E9070AC} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {CD3D944B-5E53-4219-A69D-7F90BD35A1A1} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {DB63DE73-1402-458C-9A88-BBDF2AF279A3} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-10-12] (Sony Corporation)
Task: {DDBB8D55-E9B5-40FA-B74D-66265DD7535B} - System32\Tasks\CLVDLauncher => C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe [2012-07-24] (CyberLink Corp.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2013-09-11 01:12 - 2011-11-18 14:51 - 03673944 _____ () c:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00156672 _____ () C:\Program Files\Sony\VAIO Care\VCPerfService.exe
2012-08-06 14:27 - 2012-08-06 14:27 - 00062464 _____ () C:\Program Files\Sony\VAIO Care\listener.exe
2013-02-21 04:31 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Temp:373E1720 [144]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2012-07-26 07:26 - 2014-02-12 19:59 - 00000920 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 prod.xcom.firaxis.com
127.0.0.1 prod.xcom-ew.firaxis.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3394880751-743081515-1311326184-500\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 11 img5 Wallpaper 1600x900.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run: => "BtvStack"
HKLM\...\StartupApproved\Run: => "BtTray"
HKLM\...\StartupApproved\Run: => "SynTPEnh"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "ISBMgr.exe"
HKLM\...\StartupApproved\Run32: => "PMBVolumeWatcher"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "SDTray"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKU\S-1-5-21-3394880751-743081515-1311326184-500\...\StartupApproved\StartupFolder: => "OpenOffice.org 3.4.1.lnk"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{7C599AE9-0F87-46BC-B7D4-27EF15FF4AE5}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{70837CD6-F6C6-46AD-809C-B64A6CA79790}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA_BE.exe
FirewallRules: [{52D30DC9-E3FC-463D-9633-A93366CE55D5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9EFE4D59-A69F-4B6C-928F-C9D5CA0915C7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{2EA8EB72-046E-4730-8ED4-9644107A2C8A}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [TCP Query User{522377EF-DE7C-4B07-B0DF-075369B5B941}C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\dishonored\binaries\win32\dishonored.exe
FirewallRules: [{C0F0C53C-6466-4370-83D8-1938AC897169}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{A0631F33-DA6F-4621-9009-305887359D93}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{ABA1F6F8-6116-428F-A486-5F08F74D09B6}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{2B6C632B-8A1A-42DD-956D-74D31369DFDB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Dishonored\Binaries\Win32\Dishonored.exe
FirewallRules: [{610DB338-1202-46CD-90A8-23F4821C323E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{E8C5ED36-85B8-4790-9631-5CFE2335F5A1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base\hl2.exe
FirewallRules: [{35443487-3A81-4AF8-8285-7874B4D8F7D1}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [{79FF6C50-D980-43B6-8A22-B13285D6784C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Source SDK Base 2007\hl2.exe
FirewallRules: [UDP Query User{73112990-C398-4DE1-8662-5912B6149002}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [TCP Query User{159FC26D-35AE-42DE-AA09-D3476E71C6CF}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [UDP Query User{C82AC975-497B-4673-9050-EC790095689D}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [TCP Query User{6C87ED9C-F666-4661-9F63-3447618A994F}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\binaries\win32\xcomgame1.exe
FirewallRules: [UDP Query User{1BD904A7-606C-4630-A0B2-21D79322FDBE}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [TCP Query User{D1E960B5-FBE4-4E61-A4FA-ABBEC0F208A0}C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe
FirewallRules: [{9FA48802-593E-4CBA-BFBF-4F196D96D657}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{8BF464F8-8A4D-404E-B095-837B9A7F4C5E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2 Operation Arrowhead\ArmA2OA.exe
FirewallRules: [{90379DB8-2168-4566-A343-F706AE78DB48}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{DBD7BF95-5ACA-470C-B687-2FCF24389C1C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Arma 2\arma2.exe
FirewallRules: [{25228787-EA01-4318-A6EB-B7FE8E6C063F}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{DBCFFB29-B802-47BB-8855-80C347135659}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV Episodes from Liberty City\EFLC\LaunchEFLC.exe
FirewallRules: [{CC32B806-4339-4C65-8FE1-7F2DA7BA31E5}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{794123D8-264F-4078-BF17-8A9FB2FDFEBC}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{4DDDA8D2-FAA7-495F-98E9-68603189315C}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{473F1D73-E2CC-40BB-9B91-F41FCB36EDC9}] => (Allow) C:\Downloads\RadioRecorder\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [UDP Query User{8BA5AA4E-F1A8-4871-ADC5-A63D0499612D}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [TCP Query User{086FFC33-B758-4332-A26E-CC30CAB50CE6}C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{596FB744-99A5-481B-A22A-89372DB7C9B2}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{74859B18-1F86-4F57-B1D0-2B3E1FB633DB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [UDP Query User{47EA8F7B-93DE-472B-B268-1083DF4C57BE}C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [TCP Query User{A3DC21A1-C574-4607-84F5-56C26A63B029}C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe] => (Allow) C:\program files (x86)\games\rockstar games\grand theft auto iv\gtaiv.exe
FirewallRules: [{BC0B025F-6B0E-4A69-BF6A-6BBB330EBC22}] => (Allow) C:\Program Files (x86)\Games\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{6B6183D7-7F79-42F4-A3EA-C7FAC1CD5994}] => (Allow) C:\Program Files (x86)\Games\Rockstar Games\Grand Theft Auto IV\LaunchGTAIV.exe
FirewallRules: [{E397FD05-BC09-4F58-83F7-C067A86A3B09}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{E60CEA97-40A1-4A43-B486-7662DED204BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3474A9DE-3F54-4769-BC9E-45398EC2695F}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{92DA9A8F-B176-4A62-967E-354F25873B3A}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [TCP Query User{F0B08F9B-9305-45D5-8CDC-B50A135A6FF6}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{891862A5-ACE2-42B1-9E17-B9C8D99F56F9}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{D065C8D2-BE48-48CD-8DE0-717114FA3B88}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{46E5C46E-4414-4E83-81C0-6230C5A3740F}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{2192CB1C-BB11-4E0D-ACB2-733BB33B3E9B}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{AA916F0B-226E-4150-92DA-48D6878058E2}C:\program files\rockstar games\grand theft auto v\gta5.exe] => (Allow) C:\program files\rockstar games\grand theft auto v\gta5.exe
FirewallRules: [{97EBCC7E-8BFE-4B91-B580-9EEFDEFFDA2E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{64CED78D-979A-493C-A456-92033C8AE668}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\XCom-Enemy-Unknown\Binaries\Win32\XComGame.exe
FirewallRules: [{2840930D-B493-4451-B158-844E169AEE7E}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{0CBABA5B-5F24-459E-9227-8F8B7577B3D3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{33958FE7-B7EC-4E84-9780-CA41BED602D3}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{A41EBAEB-AFEB-488F-84D3-6F87637FB51B}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{9DD82F5C-64D2-43EF-B867-230C5F36023D}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{491D30AC-6BDB-4AE0-A39B-DA80AEAC05A7}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{4D567E91-F819-4187-85DE-B668463507DC}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{B0B2E5C4-03CF-4B25-B7D2-9602DA07A201}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [TCP Query User{8BE44492-2CFB-432A-B747-95185F6D9DE0}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [UDP Query User{E53B4074-454B-4282-8D0C-2CC0772CFA00}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew.exe
FirewallRules: [TCP Query User{883547CF-FB7A-420D-863B-853AB484BD31}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe
FirewallRules: [UDP Query User{CC49DC17-42A5-45F3-A6DB-7E4676BCE71B}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe
FirewallRules: [{8A0116A9-BEBB-48E0-AC94-E8C4AA5B03E8}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{AF2E7F88-4B4E-49B8-BD5F-B347A797C1C7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\JABIA\JaggedAllianceBIA.exe
FirewallRules: [{A9DE3386-7BD5-4EE9-B5FA-EA103E4D33CF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [{FF23CA88-D588-445B-8673-4BE3CBB292C0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\SatelliteReign\SatelliteReignWindows.exe
FirewallRules: [TCP Query User{F4D79965-71E5-4559-A1D2-BC4EEE49E731}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [UDP Query User{18CC9501-381B-40AA-8FEA-91503DA573BA}C:\program files\cloud imperium games\patcher\cigpatcher.exe] => (Allow) C:\program files\cloud imperium games\patcher\cigpatcher.exe
FirewallRules: [TCP Query User{2504AAE6-395A-4A27-9506-57E11300DBA9}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [UDP Query User{5F3A7946-E584-40A2-AFFC-3EF4DEBF5D4C}C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe] => (Allow) C:\program files\cloud imperium games\starcitizen\public\bin64\starcitizen.exe
FirewallRules: [{44AC461A-048B-4F36-88CD-4749369E34D0}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{DF0C661C-85DC-4CB5-A7D5-013214899F75}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\STASIS\Stasis.exe
FirewallRules: [{A6C610D5-17A2-4402-8960-1F343DCE45CC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{DB08FB87-89FF-4CB7-B462-CFD8FF7A1735}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{36B4AB8C-3A80-4F03-AB27-9DBF851D24FA}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe
FirewallRules: [UDP Query User{680FC9F6-0D28-4AA9-928E-79A897F7DF1F}C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown\xew\binaries\win32\xcomew1.exe

==================== Wiederherstellungspunkte =========================


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/17/2016 12:41:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x1344
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/10/2016 02:15:27 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x7a0
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/10/2016 02:09:39 AM) (Source: Winlogon) (EventID: 4005) (User: )
Description: Der Windows-Anmeldeprozess wurde unerwartet beendet.

Error: (07/09/2016 05:23:04 AM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.

Error: (07/04/2016 10:57:16 AM) (Source: SampleCollector) (EventID: 259) (User: )
Description: CreateFile:SState: Failed with error 0x20: Der Prozess kann nicht auf die Datei zugreifen, da sie von einem anderen Prozess verwendet wird.

Error: (07/03/2016 05:11:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x1604
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (07/02/2016 06:49:48 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm Explorer.EXE, Version 6.3.9600.18231 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 11b4

Startzeit: 01d1d41c21f54ca9

Endzeit: 4294967295

Anwendungspfad: C:\WINDOWS\Explorer.EXE

Berichts-ID: 6259bda7-4010-11e6-bfd9-5453ed382337

Vollständiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (07/01/2016 11:39:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x5dc
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/27/2016 05:23:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0xa50
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5

Error: (06/21/2016 06:48:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.3.9600.18231, Zeitstempel: 0x56b8c9f1
Name des fehlerhaften Moduls: DEVRTL.dll, Version: 6.3.9600.17415, Zeitstempel: 0x5450429b
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000001475
ID des fehlerhaften Prozesses: 0x149c
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Vollständiger Name des fehlerhaften Pakets: Explorer.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Explorer.EXE5


Systemfehler:
=============
Error: (07/16/2016 11:09:00 PM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/16/2016 11:04:17 PM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/16/2016 11:03:47 PM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/16/2016 11:17:57 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/16/2016 11:17:15 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/16/2016 11:12:43 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/16/2016 11:12:02 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/16/2016 10:41:02 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

Error: (07/16/2016 10:40:19 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

Error: (07/16/2016 10:30:03 AM) (Source: DCOM) (EventID: 10010) (User: Ralf)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}


CodeIntegrity:
===================================
  Date: 2016-07-14 19:53:31.596
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-10 02:09:35.446
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-07 09:56:15.484
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-06 06:38:54.554
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2016-07-06 06:31:01.501
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 27%
Installierter physikalischer RAM: 4043.28 MB
Verfügbarer physikalischer RAM: 2919.14 MB
Summe virtueller Speicher: 5259.28 MB
Verfügbarer virtueller Speicher: 4059.94 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:428.61 GB) (Free:9.56 GB) NTFS
Drive e: (TOSHIBA EXT) (Fixed) (Total:1862.92 GB) (Free:252.45 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B62B837B)

Partition: GPT.

========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: E4943E2C)
Partition 1: (Active) - (Size=1862.9 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 17.07.2016, 13:27   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 19.07.2016, 04:57   #15
CINC
 
Meldung Scriptfehler - Avira - Standard

Meldung Scriptfehler - Avira



Guten Morgen..,

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Update, 18.07.2016 19:57, SYSTEM, RALF, Manual, Remediation Database, 2016.6.29.1, 2016.7.18.2, 
Update, 18.07.2016 19:57, SYSTEM, RALF, Manual, Domain Database, 2016.6.30.6, 2016.7.18.8, 
Update, 18.07.2016 19:57, SYSTEM, RALF, Manual, IP Database, 2016.6.30.2, 2016.7.18.1, 
Update, 18.07.2016 19:57, SYSTEM, RALF, Manual, Malware Database, 2016.6.30.9, 2016.7.18.9, 
Scan, 18.07.2016 20:30, SYSTEM, RALF, Manual, Start: 18.07.2016 19:58, Dauer: 31 Min. 28 Sek., Bedrohungssuchlauf, Abgeschlossen, 0 Malware-Erkennung, 0 Nicht-Malware-Erkennungen, 

(end)
         

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e0b325a307295f44a7c7ccf42e6ce188
# engine=23025
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-22 07:32:31
# local_time=2015-03-22 08:32:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 665939 18460129 0 0
# scanned=459326
# found=0
# cleaned=0
# scan_time=8930
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e0b325a307295f44a7c7ccf42e6ce188
# end=init
# utc_time=2016-07-18 07:02:04
# local_time=2016-07-18 09:02:04 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 30147
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=e0b325a307295f44a7c7ccf42e6ce188
# end=updated
# utc_time=2016-07-18 07:07:29
# local_time=2016-07-18 09:07:29 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=e0b325a307295f44a7c7ccf42e6ce188
# engine=30147
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-07-18 11:15:32
# local_time=2016-07-19 01:15:32 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 29356155 60291110 0 0
# scanned=552772
# found=0
# cleaned=0
# scan_time=14882
         

Code:
ATTFilter
 Results of screen317's Security Check version 1.009  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Windows Defender   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Secunia PSI (3.0.0.10004)   
 Java 7 Update 45  
 Java 8 Update 40  
 Java version 32-bit out of Date! 
 Adobe Flash Player 	22.0.0.192  
 Mozilla Firefox (47.0) 
 Mozilla Thunderbird 31.5.0 Thunderbird out of Date!  
````````Process Check: objlist.exe by Laurent````````  
 WinPatrol winpatrol.exe 
 Ruiware WinPatrol WinPatrol.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````
         

Thema geschlossen

Themen zu Meldung Scriptfehler - Avira
abend, anhang, avira, fehler, fehlermeldung, guten, heute, hochfahren, meldung, screenshot, scriptfehler, sorge, sorgen, taucht



Ähnliche Themen: Meldung Scriptfehler - Avira


  1. Abstürzen einige Minuten nach Start, Bildschirm schwarz, kurzer Surrton, Avira Meldung: avira.systray.exe ungültiges Bild
    Plagegeister aller Art und deren Bekämpfung - 26.09.2015 (5)
  2. Scriptfehler beim Installieren von Dropbox
    Alles rund um Windows - 10.12.2014 (1)
  3. Malewarefund nach Meldung von Avira
    Plagegeister aller Art und deren Bekämpfung - 06.12.2014 (20)
  4. Windows 7 Avira Meldung Bitguard
    Plagegeister aller Art und deren Bekämpfung - 26.01.2014 (16)
  5. Pdf scriptfehler
    Alles rund um Windows - 27.12.2013 (7)
  6. Avira-Meldung TR/Fakeadb.A
    Log-Analyse und Auswertung - 11.09.2013 (13)
  7. TR/Dropper.gen Meldung über Avira
    Plagegeister aller Art und deren Bekämpfung - 24.08.2013 (15)
  8. avira meldung EXP/08-5353.AJ
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (32)
  9. Meldung von Avira über TR/ATRAPS.Gen
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (25)
  10. Avira Trojaner Meldung TR/PSW Z Bot.Y379
    Log-Analyse und Auswertung - 03.05.2012 (7)
  11. Avira Trojaner Meldung TR/PSW Z Bot.Y379
    Mülltonne - 01.05.2012 (1)
  12. Verwirrende Avira-Meldung -_-"?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2012 (1)
  13. Internetexplorer Scriptfehler automatisches starten von Audiodateien
    Plagegeister aller Art und deren Bekämpfung - 14.05.2011 (18)
  14. Avira Meldung cryptnet32.dll
    Plagegeister aller Art und deren Bekämpfung - 25.03.2011 (28)
  15. Avira Meldung
    Log-Analyse und Auswertung - 13.03.2009 (2)
  16. Trojaner-Meldung von Avira
    Log-Analyse und Auswertung - 20.11.2007 (1)
  17. Internet explorer Scriptfehler
    Alles rund um Windows - 26.10.2007 (1)

Zum Thema Meldung Scriptfehler - Avira - Guten Abend, ich habe den betreffenden Screenshot im Anhang angefügt. Die Fehlermeldung taucht seit heute früh, nach dem Hochfahren des PC's auf und immer mal zwischendurch. Muss ich mir Sorgen - Meldung Scriptfehler - Avira...
Archiv
Du betrachtest: Meldung Scriptfehler - Avira auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.