Anweisungen befolgt. Hallo,
Ich habe Revo Uninstaller ausgeführt, jedoch gab es ein Programm wie : Google Update Helper nicht.
Hier sind die Logfiles der anderen:
Mbam.txt: Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Error, 25.09.2015 11:06, SYSTEM, SANJOYA, Update, Bad md5 or size: akadomains, 11,
Error, 25.09.2015 11:06, SYSTEM, SANJOYA, Update, Bad md5 or size: akaips, 11,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, Rootkit Database, 2015.6.2.1, 2015.9.22.1,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, AKA Domain Database, 0.0.0.0, 2015.9.11.2,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, AKA IP Database, 0.0.0.0, 2015.9.11.2,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, Remediation Database, 2015.5.13.1, 2015.9.16.1,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, IP Database, 0.0.0.0, 2015.9.24.1,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, Domain Database, 0.0.0.0, 2015.9.25.3,
Update, 25.09.2015 11:06, SYSTEM, SANJOYA, Manual, Malware Database, 2015.6.3.3, 2015.9.25.1,
Error, 25.09.2015 11:57, SYSTEM, SANJOYA, Protection, IsLicensed, 13,
Protection, 25.09.2015 11:57, SYSTEM, SANJOYA, Protection, Malware Protection, Stopping,
Protection, 25.09.2015 11:57, SYSTEM, SANJOYA, Protection, Malware Protection, Stopped,
(end)
adwCleaner.txt Code:
# AdwCleaner v5.008 - Bericht erstellt am 25/09/2015 um 12:06:56
# Aktualisiert am 18/09/2015 von Xplode
# Datenbank : 2015-09-23.1 [Server]
# Betriebssystem : Windows 8.1 (x64)
# Benutzername : cigdem - SANJOYA
# Gestartet von : C:\Users\cigdem\Downloads\AdwCleaner_5.008.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [729 Bytes] ##########
JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.3 (09.21.2015:1)
OS: Windows 8.1 x64
Ran by cigdem on 25.09.2015 at 12:14:22,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
Successfully deleted: [Service] Update Framed Display [Reboot required]
~~~ Tasks
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{6B141AE7-C977-435F-ABF9-8250FDE82931}
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search\\SearchAssistant
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Framed Display
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Mega Browse
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update Primary Color
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util Primary Color
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\WINDOWS\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\cigdem\Appdata\Local\54252454-6EF7-477D-AE3A-58E2743985E8
~~~ FireFox
Successfully deleted the following from C:\Users\cigdem\AppData\Roaming\mozilla\firefox\profiles\g805ivgg.default\prefs.js
user_pref(browser.search.searchengine.alias, istartsurf);
user_pref(browser.search.searchengine.desc, this is my first firefox searchEngine);
user_pref(browser.search.searchengine.iconURL, hxxp://www.istartsurf.com/favicon.ico);
user_pref(browser.search.searchengine.name, istartsurf);
user_pref(browser.search.searchengine.ptid, cornl);
user_pref(browser.search.searchengine.uid, ST500LT012-1DG142_W3P0D10GXXXXW3P0D10G);
user_pref(browser.search.searchengine.url, hxxp://www.istartsurf.com/web/?type=ds&ts=1440197096&z=a198b7ba3e71a65154468b5gezfz9ecg8t2qetct7e&from=cornl&uid=ST500LT012-1DG14
Emptied folder: C:\Users\cigdem\AppData\Roaming\mozilla\firefox\profiles\g805ivgg.default\minidumps [30 files]
~~~ Chrome
[C:\Users\cigdem\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\cigdem\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\cigdem\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\cigdem\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.09.2015 at 12:33:38,44
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ FRST.txt Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:23-09-2015
durchgeführt von cigdem (Administrator) auf SANJOYA (25-09-2015 12:35:24)
Gestartet von C:\Users\cigdem\Downloads
Geladene Profile: cigdem (Verfügbare Profile: cigdem & Gast)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2891592 2013-06-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [IgfxTray] => C:\WINDOWS\system32\igfxtray.exe [457616 2014-10-03] ()
HKLM\...\Run: [HotKeysCmds] => "C:\WINDOWS\system32\hkcmd.exe"
HKLM\...\Run: [Persistence] => "C:\WINDOWS\system32\igfxpers.exe"
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-09-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-09-07] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-06-24] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [mcui_exe] => "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111824 2015-08-26] (AVAST Software)
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-19] (CyberLink Corp.)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\Run: [Akamai NetSession Interface] => "C:\Users\cigdem\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [784904 2014-10-14] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\Run: [Spotify Web Helper] => C:\Users\cigdem\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1894968 2015-01-24] (Spotify Ltd)
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\MountPoints2: {74e2fa7b-041c-11e4-bea5-1c3e84df8fba} - "E:\INSTALL.EXE"
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [176904 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\windows\syswow64\nvinit.dll => c:\windows\syswow64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
AppInit_DLLs-x32: ,C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [155280 2015-06-17] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-25] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll Keine Datei
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-09-07]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8CB98320-6A47-4189-A9D9-5D726EA12544}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{A71166FA-46D6-48A7-8E85-3556C89F0E59}: [DhcpNameServer] 128.16.1.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com?fr=hp-avast&type=prc265
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com?fr=hp-avast&type=prc265
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://de.yahoo.com?fr=hp-avast&type=prc265
SearchScopes: HKU\.DEFAULT -> DefaultScope {3447FBCF-DBA7-40D1-8FCB-9DFBD18198F2} URL =
SearchScopes: HKU\S-1-5-21-2477127505-3032556214-3083899549-1002 -> {3447FBCF-DBA7-40D1-8FCB-9DFBD18198F2} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2015-08-04] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-25] (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2015-09-11] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-23] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-25] (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-23] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - Keine Datei
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - Keine Datei
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2015-02-03] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\cigdem\AppData\Roaming\Mozilla\Firefox\Profiles\g805ivgg.default
FF SearchEngineOrder.1: Yahoo! (Avast)
FF Homepage: hxxps://translate.google.de/translate?hl=de&sl=en&u=hxxp://www.spyware-techie.com/piesearch-com-removal-guide&prev=search
chrome://speeddial/content/speeddial.xul
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_185.dll [2015-09-22] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll [2015-09-22] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2013-11-16] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [Keine Datei]
FF Plugin HKU\S-1-5-21-2477127505-3032556214-3083899549-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2015-06-27] ()
FF Extension: YouTube Unblocker - C:\Users\cigdem\AppData\Roaming\Mozilla\Firefox\Profiles\g805ivgg.default\Extensions\youtubeunblocker@unblocker.yt [2015-06-09]
FF Extension: Speed Dial - C:\Users\cigdem\AppData\Roaming\Mozilla\Firefox\Profiles\g805ivgg.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-04-16]
FF Extension: Adblock Plus - C:\Users\cigdem\AppData\Roaming\Mozilla\Firefox\Profiles\g805ivgg.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-16]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-13]
StartMenuInternet: FIREFOX.EXE - C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.piesearch.com/?type=llsc&uid=4e07144c-362d-424f-8118-0c7ad4afcefd&pid=etc&ts=1112591156
Chrome:
=======
CHR Profile: C:\Users\cigdem\AppData\Local\Google\Chrome\User Data\Default
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-25] (AVAST Software)
S3 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
S4 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2774104 2015-09-11] (Microsoft Corporation)
S2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-06-24] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [329104 2014-10-03] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1868432 2015-06-24] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23007376 2015-06-24] (NVIDIA Corporation)
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174600 2014-10-14] (Sandboxie Holdings, LLC)
S2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [333824 2013-05-15] (IDT, Inc.) [Datei ist nicht signiert]
S2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-09-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-25] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1048344 2015-08-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [447944 2015-08-25] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-25] (AVAST Software)
R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-05-13] (LogMeIn Inc.)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-06-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46768 2015-05-19] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-10-14] (Sandboxie Holdings, LLC)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-25 12:35 - 2015-09-25 12:36 - 00018254 _____ C:\Users\cigdem\Downloads\FRST.txt
2015-09-25 12:33 - 2015-09-25 12:33 - 00002963 _____ C:\Users\cigdem\Desktop\JRT.txt
2015-09-25 12:14 - 2015-09-22 19:06 - 01800512 _____ (Malwarebytes) C:\Users\cigdem\Desktop\JRT.exe
2015-09-25 12:02 - 2015-09-25 12:02 - 00001140 _____ C:\Users\cigdem\Desktop\mbam.txt
2015-09-25 11:13 - 2015-09-25 11:13 - 00000000 _____ C:\Users\cigdem\Desktop\FRST.txt.txt
2015-09-25 11:04 - 2015-09-25 11:59 - 00113880 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-09-25 11:04 - 2015-09-25 11:04 - 00001129 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-09-25 11:04 - 2015-09-25 11:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-09-25 11:04 - 2015-09-25 11:04 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-09-25 11:04 - 2015-09-25 11:04 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-09-25 11:04 - 2015-06-18 08:42 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2015-09-25 11:04 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-09-25 11:04 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-09-25 10:58 - 2015-09-25 10:58 - 00001295 _____ C:\Users\cigdem\Desktop\Revo Uninstaller.lnk
2015-09-25 10:58 - 2015-09-25 10:58 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-09-25 10:57 - 2015-09-25 10:57 - 01798976 _____ (Malwarebytes) C:\Users\cigdem\Downloads\JRT.exe
2015-09-25 10:56 - 2015-09-25 10:57 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\cigdem\Downloads\mbam-setup-2.1.8.1057.exe
2015-09-25 10:56 - 2015-09-25 10:56 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\cigdem\Downloads\revosetup95.exe
2015-09-25 01:47 - 2015-09-25 01:48 - 00420432 _____ C:\WINDOWS\Minidump\092515-32093-01.dmp
2015-09-25 01:01 - 2015-09-25 12:12 - 00000807 _____ C:\Users\cigdem\Desktop\adwcleaner.txt.txt
2015-09-25 00:46 - 2015-09-25 12:35 - 00000000 ____D C:\FRST
2015-09-25 00:43 - 2015-09-25 00:43 - 00000000 _____ C:\Users\cigdem\defogger_reenable
2015-09-25 00:40 - 2015-09-25 00:40 - 02192384 _____ (Farbar) C:\Users\cigdem\Downloads\FRST64.exe
2015-09-25 00:40 - 2015-09-25 00:40 - 00380416 _____ C:\Users\cigdem\Downloads\Gmer-19357.exe
2015-09-25 00:40 - 2015-09-25 00:40 - 00050477 _____ C:\Users\cigdem\Downloads\Defogger.exe
2015-09-24 22:55 - 2015-09-25 12:06 - 00000000 ____D C:\AdwCleaner
2015-09-24 22:53 - 2015-09-24 22:53 - 01662976 _____ C:\Users\cigdem\Downloads\AdwCleaner_5.008.exe
2015-09-22 20:44 - 2015-09-22 21:04 - 00000000 ____D C:\Users\cigdem\Desktop\xperiA wichtiges
2015-09-22 20:41 - 2015-09-22 21:20 - 00000000 ____D C:\Users\cigdem\Desktop\snes emu
2015-09-08 22:57 - 2015-08-27 04:48 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-09-08 22:57 - 2015-08-26 20:00 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-09-08 22:57 - 2015-08-26 20:00 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-09-08 22:57 - 2015-08-26 20:00 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-09-08 22:57 - 2015-08-26 20:00 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-09-08 22:57 - 2015-08-26 16:46 - 03705344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-09-08 22:57 - 2015-08-26 16:29 - 02240512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-09-08 22:57 - 2015-08-26 16:27 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-09-08 22:57 - 2015-08-26 16:27 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-09-08 22:57 - 2015-08-26 16:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-09-08 22:57 - 2015-08-26 16:26 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-09-08 22:57 - 2015-08-26 16:26 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-09-08 22:56 - 2015-09-03 04:18 - 02531400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2015-09-08 22:56 - 2015-09-03 04:17 - 01903848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2015-09-08 22:56 - 2015-09-02 20:48 - 02345472 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2015-09-08 22:56 - 2015-09-02 19:09 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2015-09-08 22:56 - 2015-08-22 20:19 - 25188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-09-08 22:56 - 2015-08-22 19:35 - 02886144 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-09-08 22:56 - 2015-08-22 19:22 - 19856384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-09-08 22:56 - 2015-08-22 19:20 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-09-08 22:56 - 2015-08-22 18:50 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-09-08 22:56 - 2015-08-22 18:45 - 00665600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-09-08 22:56 - 2015-08-22 18:41 - 14451712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-09-08 22:56 - 2015-08-22 18:28 - 04520448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-09-08 22:56 - 2015-08-22 18:26 - 02427392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-09-08 22:56 - 2015-08-22 18:22 - 12857344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-09-08 22:56 - 2015-08-22 18:14 - 01545728 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-09-08 22:56 - 2015-08-22 18:00 - 01951232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-09-08 22:56 - 2015-07-30 19:18 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2015-09-08 22:56 - 2015-07-30 18:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2015-09-08 22:56 - 2015-07-22 16:19 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UtcResources.dll
2015-09-08 22:56 - 2015-07-22 15:52 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2015-09-08 22:56 - 2015-07-17 16:15 - 00951296 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2015-09-08 22:56 - 2015-07-17 16:10 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2015-09-08 22:56 - 2015-06-27 13:47 - 00118616 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2015-09-08 22:55 - 2015-09-02 04:56 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-09-08 22:55 - 2015-09-02 04:55 - 00358912 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2015-09-08 22:55 - 2015-09-02 04:50 - 00044032 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2015-09-08 22:55 - 2015-09-02 04:17 - 00301568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2015-09-08 22:55 - 2015-09-02 04:13 - 00035840 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2015-09-08 22:55 - 2015-08-22 19:34 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-09-08 22:55 - 2015-08-22 19:21 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-09-08 22:55 - 2015-08-22 18:55 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-09-08 22:55 - 2015-08-22 18:50 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-09-08 22:55 - 2015-08-22 18:44 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-09-08 22:55 - 2015-08-22 18:41 - 00801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-09-08 22:55 - 2015-08-22 18:41 - 00720384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-09-08 22:55 - 2015-08-22 18:41 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-09-08 22:55 - 2015-08-22 18:39 - 02126336 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-09-08 22:55 - 2015-08-22 18:23 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-09-08 22:55 - 2015-08-22 18:20 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-09-08 22:55 - 2015-08-22 18:18 - 02052608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-09-08 22:55 - 2015-08-22 18:18 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-09-08 22:55 - 2015-08-22 18:18 - 00327168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-09-08 22:55 - 2015-08-22 18:01 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-09-08 22:55 - 2015-08-22 17:56 - 01310720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-09-08 22:55 - 2015-08-22 17:55 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-09-08 22:55 - 2015-08-03 23:15 - 00074928 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2015-09-08 22:55 - 2015-08-03 23:15 - 00065600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2015-09-08 22:55 - 2015-08-01 16:22 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2015-09-08 22:55 - 2015-08-01 05:47 - 00229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2015-09-08 22:55 - 2015-08-01 05:45 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2015-09-08 22:55 - 2015-08-01 05:38 - 01265152 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2015-09-08 22:55 - 2015-08-01 05:37 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2015-09-08 22:55 - 2015-08-01 05:37 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2015-09-08 22:55 - 2015-07-22 16:34 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-09-08 22:55 - 2015-07-22 16:33 - 01728000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2015-09-08 22:55 - 2015-07-22 16:25 - 02461184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-09-08 22:55 - 2015-07-22 16:25 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2015-09-08 22:55 - 2015-07-18 20:31 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2015-09-08 22:55 - 2015-07-18 20:29 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2015-09-08 22:55 - 2015-07-18 20:29 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2015-09-08 22:55 - 2015-07-18 20:27 - 00520192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2015-09-08 22:55 - 2015-07-14 05:27 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzsync.exe
2015-09-08 22:55 - 2015-07-13 21:10 - 00411455 _____ C:\WINDOWS\system32\ApnDatabase.xml
2015-09-08 22:55 - 2015-07-09 18:14 - 00228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-09-08 22:55 - 2015-07-03 23:51 - 01380056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2015-09-08 22:55 - 2015-07-03 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2015-09-08 22:55 - 2015-06-19 19:07 - 02819072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2015-09-08 22:54 - 2015-07-10 21:06 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2015-08-26 15:51 - 2015-08-26 15:51 - 00000000 ____D C:\Users\cigdem\AppData\Local\Blizzard
2015-08-26 15:06 - 2015-08-26 15:51 - 00000000 ____D C:\Program Files (x86)\Hearthstone
2015-08-26 15:06 - 2015-08-26 15:06 - 00001182 _____ C:\Users\Public\Desktop\Hearthstone.lnk
2015-08-26 15:06 - 2015-08-26 15:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2015-08-26 15:05 - 2015-08-26 15:05 - 03056696 _____ (Blizzard Entertainment) C:\Users\cigdem\Downloads\Hearthstone-Setup-deDE.exe
2015-08-26 15:02 - 2015-09-24 18:35 - 00000000 ____D C:\Users\cigdem\AppData\Local\Battle.net
2015-08-26 15:02 - 2015-09-23 16:52 - 00000000 ____D C:\Program Files (x86)\Battle.net
2015-08-26 15:02 - 2015-09-19 21:38 - 00000000 ____D C:\Users\cigdem\AppData\Roaming\Battle.net
2015-08-26 15:02 - 2015-08-26 15:02 - 00001145 _____ C:\Users\Public\Desktop\Battle.net.lnk
2015-08-26 15:02 - 2015-08-26 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-09-25 12:26 - 2014-05-25 21:57 - 00000000 __RDO C:\Users\cigdem\OneDrive
2015-09-25 12:26 - 2013-11-04 19:54 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2477127505-3032556214-3083899549-1002
2015-09-25 12:22 - 2013-09-07 01:18 - 00012800 _____ C:\WINDOWS\system32\VfService.trf
2015-09-25 12:20 - 2014-05-25 21:24 - 01527916 _____ C:\WINDOWS\WindowsUpdate.log
2015-09-25 12:09 - 2013-11-05 01:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-09-25 12:08 - 2013-08-22 16:46 - 00437046 _____ C:\WINDOWS\setupact.log
2015-09-25 12:08 - 2013-08-22 16:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-09-25 12:04 - 2015-01-10 01:32 - 00003930 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D8D19516-5468-48D1-A0A4-886A44B3FF68}
2015-09-25 12:00 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\sru
2015-09-25 11:59 - 2015-03-13 20:05 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-09-25 11:56 - 2014-03-18 03:50 - 01418366 _____ C:\WINDOWS\PFRO.log
2015-09-25 11:56 - 2013-08-22 15:25 - 01048576 ___SH C:\WINDOWS\system32\config\BBI
2015-09-25 01:47 - 2014-09-14 17:09 - 00000000 ____D C:\WINDOWS\Minidump
2015-09-25 01:47 - 2014-01-31 22:12 - 585524297 _____ C:\WINDOWS\MEMORY.DMP
2015-09-25 00:43 - 2014-05-25 21:32 - 00000000 ____D C:\Users\cigdem
2015-09-24 22:13 - 2015-06-26 00:36 - 00000000 ____D C:\WINDOWS\SysWOW64\NV
2015-09-24 22:13 - 2015-06-26 00:36 - 00000000 ____D C:\WINDOWS\system32\NV
2015-09-22 21:45 - 2015-08-22 00:46 - 00000000 ____D C:\ProgramData\update
2015-09-22 17:25 - 2014-05-25 21:54 - 00001663 _____ C:\Users\cigdem\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-09-22 17:09 - 2013-11-05 01:06 - 00003772 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-09-22 16:55 - 2012-07-26 09:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-09-22 11:37 - 2013-11-13 16:14 - 00000000 ____D C:\Program Files\Microsoft Office 15
2015-09-20 14:23 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-09-20 14:21 - 2014-11-03 07:13 - 00000000 ____D C:\Users\cigdem\AppData\Roaming\Audacity
2015-09-15 23:38 - 2014-03-31 18:00 - 00000000 ____D C:\Users\cigdem\AppData\Roaming\Skype
2015-09-15 22:53 - 2014-03-18 12:03 - 01780340 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-09-15 22:53 - 2014-03-18 11:25 - 00766620 _____ C:\WINDOWS\system32\perfh007.dat
2015-09-15 22:53 - 2014-03-18 11:25 - 00159902 _____ C:\WINDOWS\system32\perfc007.dat
2015-09-15 03:18 - 2015-03-13 19:28 - 00812008 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-09-15 03:18 - 2015-03-13 19:28 - 00178152 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-11 18:42 - 2014-02-03 18:11 - 00000000 ____D C:\Users\cigdem\Desktop\Cigo
2015-09-11 00:27 - 2013-11-11 18:41 - 07870976 ___SH C:\Users\cigdem\Desktop\Thumbs.db
2015-09-09 20:59 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\rescache
2015-09-09 20:24 - 2013-08-22 16:44 - 00508280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-09-09 20:20 - 2014-03-18 11:40 - 00000000 ____D C:\Program Files\Windows Journal
2015-09-09 20:20 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-09-09 16:48 - 2013-11-06 14:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-09-06 20:56 - 2014-07-24 13:33 - 00000000 ____D C:\Users\cigdem\Desktop\Spiele
2015-09-06 14:36 - 2014-07-29 22:12 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-27 17:15 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-08-26 18:37 - 2013-11-06 14:30 - 134753440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2013-12-19 01:20 - 2014-04-02 00:54 - 0000101 _____ () C:\Users\cigdem\AppData\Roaming\WB.CFG
2014-01-07 01:15 - 2015-06-10 20:53 - 0006144 _____ () C:\Users\cigdem\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2013-09-07 00:57 - 2013-09-07 00:57 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\cigdem\AppData\Local\Temp\1526.exe
C:\Users\cigdem\AppData\Local\Temp\17734a4a72da99eaafeba4ab7f2bb983.dll
C:\Users\cigdem\AppData\Local\Temp\2610.exe
C:\Users\cigdem\AppData\Local\Temp\bad3602926eaae0bde44f2ecabadca61.dll
C:\Users\cigdem\AppData\Local\Temp\Cube.exe
C:\Users\cigdem\AppData\Local\Temp\DseShExt-x64.dll
C:\Users\cigdem\AppData\Local\Temp\DseShExt-x86.dll
C:\Users\cigdem\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\cigdem\AppData\Local\Temp\FreeImage.dll
C:\Users\cigdem\AppData\Local\Temp\ICReinstall_CR_Downloader_fuer_digimon-world.exe
C:\Users\cigdem\AppData\Local\Temp\java-installer.exe
C:\Users\cigdem\AppData\Local\Temp\msvcp110.dll
C:\Users\cigdem\AppData\Local\Temp\msvcr110.dll
C:\Users\cigdem\AppData\Local\Temp\SDShelEx-win32.dll
C:\Users\cigdem\AppData\Local\Temp\SDShelEx-x64.dll
C:\Users\cigdem\AppData\Local\Temp\SkypeSetup.exe
C:\Users\cigdem\AppData\Local\Temp\sqlite3.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite17280.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite18351.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite19715.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite20237.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite20457.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite23710.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite32373.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite33777.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite36247.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite43540.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite47896.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite51888.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite53745.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite58503.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite66649.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite66768.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite74770.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite77140.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite82904.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite86902.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite88607.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite91930.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite92496.dll
C:\Users\cigdem\AppData\Local\Temp\System.Data.SQLite94551.dll
C:\Users\cigdem\AppData\Local\Temp\tmd_34019380.exe
C:\Users\cigdem\AppData\Local\Temp\tmp330C.exe
C:\Users\cigdem\AppData\Local\Temp\tmp5AC5.exe
C:\Users\cigdem\AppData\Local\Temp\ubi22A6.tmp.exe
C:\Users\cigdem\AppData\Local\Temp\vccorlib110.dll
C:\Users\cigdem\AppData\Local\Temp\vcredist_x64.exe
C:\Users\cigdem\AppData\Local\Temp\XAudio2_8.dll
C:\Users\cigdem\AppData\Local\Temp\zlib1.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-09-25 12:26
==================== Ende von FRST.txt ============================
FRST Additions.txt Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:23-09-2015
durchgeführt von cigdem (2015-09-25 12:37:38)
Gestartet von C:\Users\cigdem\Downloads
Windows 8.1 (X64) (2014-05-25 19:53:40)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2477127505-3032556214-3083899549-500 - Administrator - Disabled)
cigdem (S-1-5-21-2477127505-3032556214-3083899549-1002 - Administrator - Enabled) => C:\Users\cigdem
Gast (S-1-5-21-2477127505-3032556214-3083899549-501 - Limited - Enabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-2477127505-3032556214-3083899549-1006 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 17.0.0.172 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.185 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden
Assassin's Creed Revelations (HKLM-x32\...\Steam App 201870) (Version: - Ubisoft Montreal)
Assassin's Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Audacity 2.0.6 (HKLM-x32\...\Audacity_is1) (Version: 2.0.6 - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Benutzerhandbuch (x32 Version: 1.0.0.9 - Lenovo) Hidden
Cube World version 0.0.1 (HKLM-x32\...\{D692A0E0-1BBB-4E9C-826E-4254EE330830}_is1) (Version: 0.0.1 - Picroma)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Advanced Audio v2 (HKLM-x32\...\{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Dolphin (HKLM-x32\...\Dolphin) (Version: 4.0.2 - Dolphin Development Team)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.27 - Lenovo)
Energy Manager (x32 Version: 1.0.0.27 - Lenovo) Hidden
EPSON WF-2510 Series Printer Uninstall (HKLM\...\EPSON WF-2510 Series) (Version: - SEIKO EPSON Corporation)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Free Audio Converter version 5.0.48.923 (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.48.923 - DVDVideoSoft Ltd.)
Free Audio Editor version 1.0.7.1022 (HKLM-x32\...\Free Audio Editor_is1) (Version: 1.0.7.1022 - DVDVideoSoft Ltd.)
Free MP4 Video Converter version 5.0.47.906 (HKLM-x32\...\Free MP4 Video Converter_is1) (Version: 5.0.47.906 - DVDVideoSoft Ltd.)
Free Studio version 6.4.0.1111 (HKLM-x32\...\Free Studio_is1) (Version: 6.4.0.1111 - DVDVideoSoft Ltd.)
Free YouTube Download version 3.2.44.908 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.2.44.908 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.46.923 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.46.923 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.8 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.8 - Gameforge)
Google Update Helper (x32 Version: 1.3.23.0 - SaveSense) Hidden <==== ACHTUNG
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6431.0 - IDT)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1010 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3960 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Lego Harry Potter (HKLM-x32\...\Steam App 21130) (Version: - TT Games)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.531.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.21.1 - ELAN Microelectronic Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo Solution Center (HKLM\...\{F02F4A8B-1A5F-45B8-9B74-AAF21A2B1BCC}) (Version: 2.1.002.00 - Lenovo Group Limited)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.75 - Lenovo)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4753.1003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 38.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 38.0.1 (x86 de)) (Version: 38.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nero CoverDesigner (HKLM-x32\...\{6F4B3CA0-8872-4F68-B972-E9D5306DCDD3}) (Version: 12.0.02900 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 16.0.1007 - Nero AG)
Nostale(DE) (HKLM-x32\...\NosTale(DE)_is1) (Version: - Gameforge 4D GmbH)
NVIDIA GeForce Experience 2.4.5.57 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.5.57 - NVIDIA Corporation)
NVIDIA Grafiktreiber 353.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.30 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4753.1003 - Microsoft Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Prerequisite installer (x32 Version: 12.0.0010 - Nero AG) Hidden
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Sandboxie 4.14 (64-bit) (HKLM\...\Sandboxie) (Version: 4.14 - Sandboxie Holdings, LLC)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 4.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.5.57 - NVIDIA Corporation) Hidden
Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\Spotify) (Version: 1.0.1.894.g1113c0de - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Sweet Home 3D version 4.6 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
TeamSpeak 3 Client (HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.9 - Lenovo)
VideoPad Video Editor (HKLM-x32\...\VideoPad) (Version: 4.00 - NCH Software)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.00 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2477127505-3032556214-3083899549-1002_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation)
==================== Wiederherstellungspunkte =========================
06-09-2015 01:48:52 Geplanter Prüfpunkt
09-09-2015 16:42:09 Windows Update
22-09-2015 16:54:02 Windows Update
25-09-2015 12:14:44 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0B86824B-B454-40C2-88E4-9CEEB4BD5F12} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-08-26] (Microsoft Corporation)
Task: {0BB26B4B-C426-46F9-9939-E5A7ECE439A7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-09-22] (Adobe Systems Incorporated)
Task: {1C3C2810-9334-4C00-8B23-F0C5710A7C2C} - System32\Tasks\brbrw_4605 => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\Crossbrowse.exe
Task: {336DE528-309A-49AF-90EE-933AA367EABE} - System32\Tasks\Lenovo\LSC\Time72Task => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-15] (Lenovo)
Task: {3FE1DCAD-4BB4-456E-9EDE-4A1926750963} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2013-05-15] (Lenovo)
Task: {6E2C30AA-F17D-4E42-8958-FB9409F666BA} - System32\Tasks\{B0817B64-295C-4BF0-BC54-72ACC36150B4} => pcalua.exe -a "C:\Program Files (x86)\CD-Labelscan\unins000.exe"
Task: {70E4C564-471E-4C42-9B61-78592FEF7BA3} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2013-05-15] ()
Task: {71D2B8E6-F31C-4749-86BC-4B525E3461AB} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2013-05-15] (Lenovo)
Task: {720C1218-C508-4012-B7A2-002ECF5231F5} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {810ECBF6-AF33-4467-A8D5-36BC45A84B62} - System32\Tasks\Nero\Nero Info => C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe [2015-03-04] (Nero AG)
Task: {875AD0E7-BC96-4CE3-815F-833F15390A37} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2015-09-12] (Microsoft Corporation)
Task: {9230C049-7D30-4F1E-B1C0-991B0B66D58C} - System32\Tasks\Lenovo\LSC\RebootCountTask => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCService.exe [2013-05-15] (Lenovo)
Task: {CE885C81-33B2-455C-A268-94BEBCB33B55} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {E97CF072-61B4-4DDA-9344-E7AE8D5269DF} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2015-09-11] (Microsoft Corporation)
Task: {F66C1742-FD05-4A5F-85C4-AB285EFE28BC} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {FC131A0C-23C2-4498-BCD7-4C0809EBB0FB} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-25] (AVAST Software)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2014-03-20 17:25 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-08-25 13:58 - 2015-08-25 13:58 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-25 13:58 - 2015-08-25 13:58 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-09-25 12:00 - 2015-09-25 12:00 - 02966016 _____ () C:\Program Files\AVAST Software\Avast\defs\15092500\algo.dll
2015-03-13 20:04 - 2015-03-13 20:04 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-09-07 00:55 - 2013-05-17 01:06 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\Users\cigdem\OneDrive:ms-properties
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
IE trusted site: HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\aeriagames.com -> hxxps://aeriagames.com
IE trusted site: HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\aeriagames.com -> hxxp://aeriagames.com
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\cigdem\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKLM\...\StartupApproved\StartupFolder: => "Bluetooth.lnk"
HKLM\...\StartupApproved\Run: => "Energy Manager"
HKLM\...\StartupApproved\Run: => "Lenovo Utility"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run32: => "YouCam Tray"
HKLM\...\StartupApproved\Run32: => "WebInternetSecurity"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\StartupApproved\StartupFolder: => "crossbrowse.lnk"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\StartupApproved\Run: => "SandboxieControl"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-2477127505-3032556214-3083899549-1002\...\StartupApproved\Run: => "GarminExpressTrayApp"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{F06EB545-73F5-4E93-A415-9EFADE50C262}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [TCP Query User{E92C1E3D-9D4A-42CC-971C-D432BD8912A2}C:\program files (x86)\dragon's prophet\dp_x64.exe] => (Allow) C:\program files (x86)\dragon's prophet\dp_x64.exe
FirewallRules: [UDP Query User{418D0497-6CDC-4F4D-ACE0-7CDA0C63F620}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [TCP Query User{AA7455BB-4E8A-49AD-B2B6-3348E07C4674}C:\program files (x86)\dragon's prophet\launcher.exe] => (Allow) C:\program files (x86)\dragon's prophet\launcher.exe
FirewallRules: [{FC3C5CA5-10F3-4745-9B85-FBF1ABFFF59C}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{304B0BCC-C759-48DB-9B61-D3ED5A0997F4}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe
FirewallRules: [{CC6BA759-DE7E-43D3-8C89-DA70DC30F2F3}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{32D217A9-0E73-4CC9-9768-FEF4918F561F}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe
FirewallRules: [{09D13CBF-515F-4426-B286-5598C7D4DA61}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{94925CDB-16E5-40AC-9330-325655E6EF99}] => (Allow) C:\Program Files (x86)\Ubisoft\Assassin's Creed Brotherhood\ACBMP.exe
FirewallRules: [{E582BA08-293D-40F2-B919-127000AE7BD4}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{06840508-F1C4-4669-8556-EE6F492071AD}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.2717\Agent.exe
FirewallRules: [{D829A8FA-BE62-4E58-8134-35DD1FE49FE1}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [UDP Query User{CAF75D88-F0E7-4E53-BE63-983A4B8A33FB}C:\program files (x86)\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{CEE945BB-7630-40DA-A472-38235DC433C7}C:\program files (x86)\outlast\binaries\win64\olgame.exe] => (Allow) C:\program files (x86)\outlast\binaries\win64\olgame.exe
FirewallRules: [UDP Query User{54054EE1-8AE9-403D-B16E-D94A8F503098}C:\program files (x86)\outlast\binaries\win64\olgame.exe] => (Block) C:\program files (x86)\outlast\binaries\win64\olgame.exe
FirewallRules: [TCP Query User{26278C97-FCA0-4DF0-AD48-40C00C3C72D7}C:\program files (x86)\outlast\binaries\win64\olgame.exe] => (Block) C:\program files (x86)\outlast\binaries\win64\olgame.exe
FirewallRules: [{4F83A8B6-7CB5-4BE8-BEEB-05BC0AEFD12C}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{0F22FA1D-74A5-44B1-9313-4244E6FCCF16}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe
FirewallRules: [{0943CA99-098B-4D72-9410-AC4E325F48D3}] => (Allow) C:\Users\cigdem\AppData\Local\TNT2\2.0.0.1702\TNT2User.exe
FirewallRules: [UDP Query User{51109CD3-3848-405C-8F16-46C1DBC5ECEF}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe] => (Block) C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe
FirewallRules: [TCP Query User{FB6F1995-A37B-4225-9FFF-F6D878B524D6}C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe] => (Block) C:\program files (x86)\ubisoft\assassin's creed ii\assassinscreediigame.exe
FirewallRules: [{E177CEBB-3859-422D-8441-1F64EBB047C6}] => (Allow) C:\Users\cigdem\AppData\Local\Temp\nsb66C5.tmp\BundleSweetIMSetup.exe
FirewallRules: [{70712BB1-4CFE-4675-B903-DB2A5EAE5754}] => (Allow) C:\Users\cigdem\AppData\Local\Temp\nsb66C5.tmp\BundleSweetIMSetup.exe
FirewallRules: [UDP Query User{A69C8538-EFE7-4B99-BD0E-6B262AA1DC3E}C:\users\cigdem\desktop\tera\tera-launcher.exe] => (Allow) C:\users\cigdem\desktop\tera\tera-launcher.exe
FirewallRules: [TCP Query User{0617FB76-56D3-41DC-A091-B9815BB7F2A6}C:\users\cigdem\desktop\tera\tera-launcher.exe] => (Allow) C:\users\cigdem\desktop\tera\tera-launcher.exe
FirewallRules: [{B86EE2E4-E57B-474B-9E7E-3C36DB0656D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{C9925637-5713-40A2-AD38-543817B80A14}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{A0230AD9-7EEC-457F-A17E-AA39C6537F8B}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{1F7B0EEE-18D8-4C8E-97EF-A1F1C9F12258}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{0C618CC4-8E63-4FF7-BBB7-59D205DBA628}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{C0950C0A-1DF4-47A1-AF3A-40C9FC73FCDC}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{08AFC94A-2ACA-417E-B81D-443C68B8EACB}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{A6252302-80A5-4BA4-AC1D-809A5C78ABE9}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{48B41829-9FE2-4774-94FE-3D9B7AE42D3C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{0C20D05F-D81F-4560-B162-AA8E742F8627}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{A28030F1-2308-4D20-91FC-C67CA74CA7B8}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [UDP Query User{2A58BD17-7B74-4B93-BF5C-84EFE2493E1D}C:\program files (x86)\cube world\server.exe] => (Allow) C:\program files (x86)\cube world\server.exe
FirewallRules: [{3DDF44B1-778B-411C-A44F-E06F9F902060}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{15C5E9B1-B65C-4039-9451-952B028BBB4B}] => (Block) C:\program files (x86)\cube world\server.exe
FirewallRules: [{02FB6CD4-9F85-49CE-8E42-5C179F8805DE}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{6AF3A9FB-5B81-41F4-9352-07F0F8DBF238}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{1A471DCE-90DF-4548-902F-FD4127481089}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{55C2A8A2-4B1E-43EC-9476-D48FC7E00F98}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{F87521B4-8060-4F05-BE89-FFDDC73A1E4C}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [{63FBA5AC-233C-41AE-8D73-F4E600FAE0C6}] => (Allow) C:\Program Files (x86)\Origin Games\Battlefield 3\bf3.exe
FirewallRules: [TCP Query User{13F957D1-AFFF-4A0F-BABC-852FCFB8FBA9}C:\users\cigdem\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\cigdem\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{29DEF959-91BE-41D0-BA97-730E11D149A4}C:\users\cigdem\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\cigdem\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{02614BF9-2463-477A-9D93-735EC8BC5617}E:\tera\tera-launcher.exe] => (Allow) E:\tera\tera-launcher.exe
FirewallRules: [UDP Query User{B72B3002-14B8-42B7-9DEA-6295D2FFD9A7}E:\tera\tera-launcher.exe] => (Allow) E:\tera\tera-launcher.exe
FirewallRules: [{4F53309F-E3D8-43DE-8650-F47979F1DBB6}] => (Allow) C:\AeriaGames\AuraKingdom-DE\game.bin
FirewallRules: [{C3BEF6F8-FA54-4222-AD7D-379EEB2B9136}] => (Allow) C:\AeriaGames\AuraKingdom-DE\game.bin
FirewallRules: [{A3025D61-0F57-4017-A516-58FC5E4B6AB6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{3F813F1E-13C6-40D8-91F3-9D66C1792D4C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C5207C9F-71F2-4626-9BEA-815AA7A0341B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [{4A91F6BB-C21A-4552-B30B-989EE8282A57}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\theHunter\launcher\launcher.exe
FirewallRules: [TCP Query User{995FA6CA-6621-4BCA-8DC4-47BBF6621566}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [UDP Query User{B2306753-13CA-4EDD-B11A-B7557411461D}C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe] => (Block) C:\program files (x86)\steam\steamapps\common\thehunter\game\thehunter.exe
FirewallRules: [TCP Query User{27112D14-24AC-4363-B362-B44A0608949E}C:\users\cigdem\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\cigdem\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{43E8413B-9D7F-4DFD-8DAB-F136915EEC69}C:\users\cigdem\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\cigdem\appdata\local\akamai\netsession_win.exe
FirewallRules: [{100F37E8-FD1B-46F3-A984-8B3EE2AFBDA7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{EC49C1D7-34D7-4CD6-B108-FD2640EAC7C4}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\raceroom racing experience\Game\RRRE.exe
FirewallRules: [{12CDBA05-721A-4C41-B549-00209D3DF442}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{94EB970D-519B-45CC-8DEF-ED1258B3F815}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\APB.exe
FirewallRules: [{98755A16-6170-4D5B-AF9B-8BFD55912712}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{8F92665F-9E0C-4A2D-9082-52185857DCBE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\APB Reloaded\Binaries\VivoxVoiceService.exe
FirewallRules: [{0B176C4B-6E92-439C-B6E2-BB75AA21A8EB}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{2C1B64CF-168F-4DE5-A17F-ED0F8DC3D6D2}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{CB3DF3A6-3236-4B69-8131-9DAF5794E4D6}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{CF0C56F7-4456-4A01-AAA9-8D9E716333A3}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [TCP Query User{29E7647D-1F93-45F9-BD19-DCC5B88CA701}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{563428AE-A764-42D2-AD89-F5CAAA307813}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{23AD199E-7674-4478-A559-352CB4B179D5}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{4BB82071-B9BB-46AF-8AF6-9D63FFFA3DD9}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{4DDB576F-5A8E-4418-81F5-A1F512292F23}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{D49E7995-5744-4697-A0A8-6DC9F605BD2B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed 3\AC3SP.exe
FirewallRules: [{43D67A5B-FCFB-46AE-A6CC-F1B91125D94A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{618B85CC-A99F-40BD-BA97-94B1FB361F19}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{28C8CB2C-D2B8-4EC7-8192-32CE2AB3AF94}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed 3\AC3MP.exe
FirewallRules: [{644F5802-B18D-4794-81E0-29DF25015284}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{5A0B6BE1-9350-4879-85EB-C74C26D9EBBD}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed Revelations\ACRSP.exe
FirewallRules: [{6FCE5A99-FC0F-4CA9-8CFE-497FD92F2575}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{5FEA61BB-5A13-4DA8-999E-A707CC61B42B}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Assassin's Creed Revelations\ACRMP.exe
FirewallRules: [{C95D3F21-0B3B-47AF-BAC0-7D81D4C75663}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{4C245D8A-77A7-43E2-9E6E-26521EB597D7}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A39CE15C-2C9B-455A-B151-D6CC0E0F8964}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6B62ABA0-D578-4645-967D-416D3720B0C1}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{514FE4EB-DD71-4849-8239-7164F5138C1B}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{FC9A9E1E-0163-4A77-B7BF-73579307B491}] => (Allow) C:\Program Files (x86)\GameforgeLive\Games\DEU_deu\S.K.I.L.L\Binaries\Win32\sf2.exe
FirewallRules: [{960F62A7-2022-4E27-B6C8-E0801BB22346}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{1021FF1E-329F-4387-BDDA-3A33075D784C}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\LEGO Harry Potter\LEGOHarryPotter.exe
FirewallRules: [{89FDAE3D-DEDB-41E7-BCC8-02D973235009}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A590AA67-259D-4530-8464-F8176DEE8EC0}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{891C1D8B-908C-4B1E-A85D-6828EA796AD2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{A5C24709-1C27-44B9-81C3-804E2F9504C8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E5CA0915-8431-4E6A-9E44-4E7524A6F7EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{7B281FD6-76A3-4591-93B6-30018FA434DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{AFA2B7E6-225F-47DF-A34E-16D9245E90F2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{76FF1335-B36F-40F5-9EB2-A70816D3CC02}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{EF16A481-86BA-4687-94FD-F2A845069CCC}C:\users\cigdem\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cigdem\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{3F32467A-C647-4EA6-9879-B4F02F5B3C31}C:\users\cigdem\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\cigdem\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{1693C48C-1C9C-429D-B875-49C33C080EEB}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [UDP Query User{91B58370-27C9-457B-8F75-F26CD3F02090}C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe] => (Allow) C:\program files (x86)\steam\steamapps\common\cryptic studios\neverwinter\live\gameclient.exe
FirewallRules: [TCP Query User{2F5A132B-AD78-4B22-B9DF-A543DB7B1E73}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{58F8A1CF-55E9-4595-8C97-0E825DB71E95}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{F0BEAD74-4E7B-4996-ACE1-087037E505C5}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [UDP Query User{F4294A08-67A8-4B94-B9A0-E571ECE4BA6C}C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe] => (Allow) C:\program files (x86)\gameforgelive\games\deu_deu\aion\nclauncher.exe
FirewallRules: [{3AB5E77D-026A-4137-8E22-39AE0FC7A447}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{E44F9575-EBE6-4CAC-8CAA-FA1F01B17A1A}] => (Allow) LPort=2869
FirewallRules: [{6FD4683F-6674-4A35-AF6D-CB1D3BD3E838}] => (Allow) LPort=1900
FirewallRules: [{E05C0547-E399-41FF-82FE-66F6EB70AC5B}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
FirewallRules: [{AA9B2D5F-F3A4-47FF-9117-479445684B49}] => (Allow) C:\Program Files (x86)\GameforgeLive\gfl_client.exe
FirewallRules: [{C1C28A9F-7DAB-4067-B9E9-52DA2F183C18}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{54B44D20-30C0-4F97-A4C3-C14A64CCE202}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C1EFA09F-0C5E-4E5A-992B-3349173EC233}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{20A22AC0-FD5E-47DE-B7CA-294FE92CCD8B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (09/25/2015 12:03:11 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm LiveComm.exe, Version 17.5.9600.20911 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1024
Startzeit: 01d0f778a37a6f14
Endzeit: 4294967295
Anwendungspfad: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe
Berichts-ID: 96d60a11-636c-11e5-bede-54bef74d2bf0
Vollständiger Name des fehlerhaften Pakets: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1
Error: (09/25/2015 11:03:34 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073422302
Error: (09/24/2015 10:36:24 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT-AUTORITÄT)
Description: There was an error with the Windows Location Provider database
Error: (09/24/2015 10:13:09 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/24/2015 10:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/24/2015 10:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/24/2015 10:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/24/2015 10:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/24/2015 10:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (09/24/2015 10:13:04 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: SANJOYA)
Description: Bei der Aktivierung der App „microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (09/25/2015 12:22:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 12:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 12:22:12 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 12:22:07 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 12:22:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "VeriFaceSrv" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 12:22:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Streamer Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 12:22:05 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 12:22:05 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Intel(R) Capability Licensing Service Interface" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error: (09/25/2015 12:22:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA GeForce Experience Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (09/25/2015 12:22:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
CodeIntegrity:
===================================
Date: 2015-06-24 21:01:57.272
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200M CPU @ 2.50GHz
Prozentuale Nutzung des RAM: 46%
Installierter physikalischer RAM: 3848.27 MB
Verfügbarer physikalischer RAM: 2063.62 MB
Summe virtueller Speicher: 7816.27 MB
Verfügbarer virtueller Speicher: 5954.91 MB
==================== Laufwerke ================================
Drive c: (Windows8_OS) (Fixed) (Total:425.59 GB) (Free:292.9 GB) NTFS ==>[System mit Startkomponenten (eingeholt von lesen Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:23.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 96246472)
Partition: GPT.
==================== Ende von Addition.txt ============================
Danke schonmal.
Gruß Zindeya |